Privacy Policy for Svalbard Scrolls

Svalbard Scrolls ("we", "our", or "us") operates an online platform for book sales, rare book sourcing, event hosting, and other related services. This Privacy Policy describes how we collect, use, process, and disclose your information, including personal data, in connection with your access to and use of our online services and interactions.

We are committed to protecting your privacy and handling your personal data in an open and transparent manner, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws in Singapore.

1. Information We Collect

We collect personal data that you voluntarily provide to us when you interact with our online platform or avail of our services. This may include:

• Contact Information: Name, shipping address, email address, and telephone number, collected when you register an account, place an order, or subscribe to our newsletter.
• Transaction Information: Details about purchases and other transactions, including services availed such as rare book sourcing requests or event registrations.
• Account Information: Profile preferences, book club memberships, and reading recommendations.
• Communications: Records of your communications with us, such as customer service inquiries or feedback submitted regarding our services or products.
• Event Participation Data: Information provided when registering for or participating in literary events or local author showcases.

We also automatically collect certain information when you access and use our online platform, including:

• Usage Data: Information about how you interact with our site, such as pages viewed, search queries, and duration of visits.
• Technical Data: IP address, browser type, operating system, and device identifiers.
• Cookies and Tracking Technologies: Data collected through cookies and similar technologies to enhance user experience, analyze site usage, and support marketing efforts.

2. How We Use Your Information (Purpose and Legal Basis)

We use your personal data for various purposes based on the following legal bases:

• For the performance of a contract: To process and fulfill your orders for books and stationery, manage your account, provide rare book sourcing services, and facilitate your participation in book clubs or events.
• For our legitimate interests:
  • To improve our services and online platform, develop new offerings, and personalize your experience (e.g., providing reading recommendations).
  • To ensure the security and integrity of our online services.
  • For internal analytics, research, and business reporting.
  • To handle customer inquiries and provide support.
• With your consent: For sending marketing communications about new arrivals, promotions, and upcoming events, where required by law. You can withdraw your consent at any time.
• To comply with legal obligations: To meet our legal and regulatory requirements, including accounting and tax obligations.

3. How We Share Your Information

We may disclose your personal data to the following categories of recipients:

• Service Providers: Third-party companies that perform services on our behalf, such as payment processing, shipping, IT infrastructure, customer service, and analytics. These providers are bound by contractual obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them.
• Legal and Regulatory Authorities: If required by law, court order, or when we believe disclosure is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
• Business Transfers: In connection with a merger, acquisition, sale of assets, or other business transaction involving all or a portion of our business.

4. International Data Transfers

Your personal data may be transferred to, and processed in, countries other than Singapore where data protection laws may differ from those in Singapore. When we transfer your personal data to other countries, we ensure that appropriate safeguards are in place to protect your data as required by applicable law, such as using standard contractual clauses approved by the European Commission or relying on the recipient's Privacy Shield certification where applicable.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

6. Your Data Protection Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

• Right to Access: You have the right to request copies of your personal data.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.
• Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
• Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us using the details provided below. We may need to verify your identity before responding to your request.

7. Security of Your Information

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Links to Other Websites

Our online platform may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

9. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Svalbard Scrolls
7 Rhu Cross, #01-08, Sentosa Cove
Singapore, Central Region, 098850
Singapore