Privacy Policy

Effective Date: 1st November 2025

Intrepid Group.

This Privacy Policy sets out the basis which [Intrepid Digital Commerce Pte. Ltd] and our subsidiaries, affiliates, and related companies (“Intrepid”, “we”, “us” or “our”) may collect, use, disclose, or otherwise process your personal information when you use our website (“Site”) and related services across Southeast Asia. Our data practices align with the Singapore Personal Data Protection Act 2012 (PDPA) and reflect principles commonly adopted across the region including Malaysia, Indonesia, Thailand, Vietnam, and the Philippines. This Privacy Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.

1. Definition

As used in this Policy:

“personal data” means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which Intrepid has or is likely to have access.

“you” means the individual whose personal data is collected or processed by Intrepid.
Other terms used in this Privacy Policy shall have the meanings given to them in the PDPA (where the context so permits).

2. Personal Identification Information

We generally do not collect your personal data unless:
a. it is voluntarily provided by you directly or via a third party duly authorised by you to disclose your personal data to us; after (i) you have been notified of the purposes for which the data is collected, and (ii) you have provided your consent to the collection and usage of your personal data for those purposes; or
b. that is automatically collected through (i) your use of the Site, including but not limited to, web forms, registrations, and inquiries, and (ii) the creation of an account with us, thereby becoming a portal or platform user (“Usage”). Such personal information may include, as applicable:

  • full name;
  • email address;
  • company information;
  • contact number;
  • role/title;
  • country;
  • payment details (processed by our third-party provider);
  • account creation dates and usage logs; and
  • login frequency

3. Non-Personal Identification Information

We may collect data generated through your Usage, which consists of technical, behavioural, analytical or diagnostic data. Such data may include, but is not limited to:

  • browser type and version;
  • browsing behaviour;
  • device type;
  • operating system;
  • Internet Protocol (IP) address and approximate geolocation;
  • pages visited and session duration;
  • referral URLs; and
  • click interactions.

This information helps us analyse trends, administer and improve the Site’s performance and enhance user experience.

4. Cookies and Tracking Technologies

Our Site may place and access certain cookies on your computer or other electronic devices. We may use cookies and similar tracking technologies that track your activity on the Site and store certain information to improve your experience and the effectiveness of our services. Such technologies may be used to:

  • enable Site functionality;
  • analyze Site usage;
  • personalize content; or
  • support security.

You may choose to disable or delete cookies through your browser settings; however, doing so may affect or limit certain functions or features of the Site.

5. How We Use Collected Information

Intrepid may use the collected personal data to:

  • operate our Site and/or its sub-domains, such as improving Site functionality, service efficiency, ensuring security, or enhancing user experience;
  • perform our contractual obligations and provide the services you have requested;
  • provide support and respond to your inquiries;
  • personalize digital experiences;
  • measure engagement and optimize content;
  • communicate with you regarding product updates, newsletters, and insights (you may opt-out such communications at any time by following the instructions provided in the emails);
  • detect, investigate, and prevent fraud, misuse and/or illegal activities;
  • conduct internal analytics and reporting;
  • deliver region-specific marketing initiatives;
  • process payments and send e-receipts to you via email upon successful payment;
  • understand and analyse user behaviour through your Usage;
  • develop new products, services, features and functionality;
  • comply with our legal and regulatory duties and obligations and protect our rights, property and the safety of users or the public; or
  • carry out any other purposes incidental to, or associated with, any of the above.

Intrepid processes your personal data only when necessary to: (i) deliver requested services; (ii) fulfill contractual obligations; (iii) comply with applicable laws or regulations; (iv) support legitimate business interests; (v) where you have provided consent; or (vi) pursue Intrepid’s legitimate interests.

We shall take reasonable steps to ensure personal data collected by us or on our behalf is accurate and complete if it is likely to be used to make a decision that affects you; or it is likely to be disclosed to another organisation. Where you provide your personal data directly to us, we shall be entitled to assume that it is accurate and complete.

Intrepid’s use of your personal data is limited to the purposes described in this Privacy Policy, or as otherwise consented to by you. We do not sell, trade, barter, exchange, or disclose for consideration any of your personal data.

6. Cross-Border Data Transfers in Southeast Asia

Given our regional operations, your personal data may be transferred, stored in, and processed outside of Singapore (our regional headquarters), in countries such as:

  • Malaysia;
  • Indonesia;
  • Thailand;
  • Vietnam;
  • the Philippines; or
  • other countries where we or our service providers operate.

When we transfer your personal data across borders, we take reasonable steps to ensure that such data remains protected in accordance with the PDPA principles and any other applicable local requirements.

7. Sharing Your Information

Subject to compliance with legal and regulatory obligations, we may share limited information with:

  • authorized service providers, including but not limited to: (i) hosting platforms; (ii) analytics providers; (iii) customer support tools; or (iv) security monitoring and error-tracking software;
  • law enforcement agencies, regulatory authorities, or other competent authorities where Intrepid is required to so under applicable laws or regulations;
  • our officers, directors, employees, consultants, agents, advisers, contractors, affiliates, subsidiaries and/or representatives;
  • third parties where necessary to protect your interests and where obtaining your prior consent is not practicable;
  • third parties engaged to provide or receive certain services, provided that such parties observe privacy standards and guidelines consistent with those of Intrepid; and
  • other parties where your consent has been obtained.

We do not sell or rent personal information to third parties.

8. Data Protection Across Local Regulations

Our privacy framework adopts the core regulatory principles applicable across Southeast Asia, including, where applicable:

  • Singapore: PDPA;
  • Malaysia: Personal Data Protection Act 2010;
  • Philippines: Data Privacy Act 2012;
  • Indonesia: Personal Data Protection Law 2022;
  • Thailand: Personal Data Protection Act 2022; and
  • Vietnam: Law on Cyberinformation Security.

We seek to align practices, policies, and controls within these frameworks where feasible, while maintaining the Singapore PDPA as our baseline governance standard.

9. Your Rights

Depending on your local jurisdiction, you may request to:

  • access, correct or update inaccuracies of, your personal data which is in our possession or under our control in accordance with (and subject to) the PDPA and the relevant regulations made thereunder;
  • withdraw your consent (where consent is required);
  • request deletion, subject to legal or regulatory retention requirements;
  • restrict the processing of your personal data;
  • object to certain uses of your personal data; or
  • request information on how your data is stored and processed.

To submit a request, please contact hello@intrepid.asia.

We may request additional verification details to ensure that your personal data is not disclosed to unauthorized parties.

10. Consent and Withdrawal of Consent

By providing your personal data to Intrepid, using our Site, or engaging our services, you consent to our collection, use, and disclosure of your personal data in accordance with this Privacy Policy.

You may withdraw your consent at any time by contacting our Data Protection Officer at hello@intrepid.asia. Please note that the withdrawal of consent does not affect the lawfulness of any processing carried out before such withdrawal. Depending on the nature and extent of your withdrawal, Intrepid may be unable to continue providing certain products or services to you, and such withdrawal may be treated as a termination of any ongoing agreements or arrangements.

Upon receipt of your withdrawal request, Intrepid will inform you of the likely consequences and process your request within a reasonable timeframe, in accordance with the PDPA.

11. Data Retention

We retain your personal information and data only as long as is reasonably necessary to:

  • deliver and fulfill the services you requested;
  • satisfy legal, regulatory, tax, accounting, or reporting obligations;
  • support legitimate business operations;
  • fulfill the purposes set out in this Privacy Policy; or
  • otherwise comply with applicable laws and regulations.

Once your personal information is no longer required for these purposes, they will be securely deleted, anonymized, or de-identified it in accordance with applicable legal and regulatory requirements.

12. Security Measures

Intrepid maintains reasonable administrative, technical, and physical safeguards to protect your personal information against:

  • unauthorized access;
  • alteration;
  • disclosure; or
  • destruction.

Transmission of sensitive information occurs over encrypted channels where appropriate. However, please take note that no method of digital transmission or electronic storage is completely secure. Accordingly, while Intrepid implements reasonable measures to protect your data, we cannot guarantee absolute security and disclaim liability for unauthorised access, hacking, data loss, or other breaches that occur despite such measures. You are encouraged to safeguard your passwords, credentials, and devices when accessing our Site.

For details of our Information Security Management System (ISMS) certification, please refer here [ISMS Policy link here]

13. Third-Party Websites and Social Plugins

Our Site may contain links to external sites operated by other parties, including our business affiliates, merchants or payment gateways. We are not responsible for the privacy practices or content of these external sites.

Please note that even if a third party is affiliated with us, we have no control over their websites, each of which may have its own separate privacy and data collection practices independent of us. Accordingly, we are not responsible or liable for the content, security arrangements (or lack thereof), or activities of such linked sites. These links are provided solely for your convenience, and you access them at your own risk.

Social sharing buttons (e.g., LinkedIn) may transmit information to those platforms when clicked. Your use of such features is subject to the respective social platforms’ own privacy policies.

14. Children’s Data

Our Site and services are not directed toward individuals under 18 years old. We do not knowingly collect personal data from minors. If Intrepid becomes aware that personal data from a minor has been inadvertently collected, appropriate steps will be taken to delete such data promptly. If you are under 18, you must not use the Site without the consent of a parent or legal guardian.

15. Personal Information of Other Individuals

In some circumstances, you may provide personal data relating to other individuals (such as your spouse, family members, or friends). In doing so, you represent and warrant that you are authorised to disclose their personal data to Intrepid and that you have obtained their consent for their personal data to be processed and used in the manner set out in this Privacy Policy.

16. Updates to the Policy

Intrepid may update this Privacy Policy periodically. The “Effective Date” above will be revised accordingly. Your continued use of the Site following the posting of any updates signifies acceptance of the updated and revised Privacy Policy.

17. Job Applicant Privacy Notice

When you apply for a role at Intrepid, we may collect and process personal information such as your name, contact details, employment history, qualifications, assessments, interview notes, and background verification results (where permitted by applicable laws). This information is used for recruitment evaluation, compliance with employment regulations, and internal reporting purposes.

Your personal information will only be accessed by authorized HR personnel, hiring managers, or approved third-party assessment providers engaged by Intrepid. We will retain your application data for 2 years,  in accordance with applicable laws and regulations in Singapore, Malaysia, Indonesia, Thailand, Vietnam, and the Philippines (where Intrepid operates). After this period, your data will be securely deleted unless you consent to remain in our talent pipeline.

To update, withdraw, or request deletion of your applicant information, please contact recruitment@intrepid.asia

18. Governing Law and Dispute Resolution

This Privacy Policy shall be governed and construed in accordance to the laws of Singapore.

Any dispute, controversy, claim, or difference of any kind arising out of or relating to this Privacy Policy shall be referred to and finally resolved by arbitration in Singapore in accordance with the Arbitration Rules of the Singapore International Arbitration Centre (SIAC) for the time being in force, which rules are deemed incorporated by reference.

The arbitral tribunal shall consist of one (1) arbitrator, appointed by the President of the SIAC Court of Arbitration. The language of the arbitration shall be English, and the arbitral award shall be final and binding on all parties.

19. Contact Details

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request via our email: hello@intrepid.asia.