Circles Global Privacy Policy

Effective Date: 11 February 2025

This Circles Global Data Protection Policy (“Policy”) is designed to explain to you how we collect, use, disclose and/or process the Personal Data we collected directly or indirectly, and it applies to all the products, services, offers and promotions offered or provided by the Circles group of companies, including Liberty Wireless Pte Ltd, Circles Australia Pty Limited and their respective Affiliates (“Group” or “we”/“us”/“our”). This Policy further provides information on your rights under Applicable Laws.

I. Categories of Personal Data

Depending on our relationship and interactions with you, we may collect the following categories of Personal Data:

  • Account information, including name, user ID, address, telephone number, e-mail address, location, language, communication, and other account profile settings;
  • Billing and payment information, including payment details, credit history, credit card number, bank account, payment method, payment recipient details, national registration identification card (NRIC), foreign identification number (FIN), tax ID, passport or other equivalent identification number;
  • Subscription and order information, including subscription services, device ordering details, order IDs and all the historical records of those services and orders;
  • Equipment or technology information, including equipment ID, IP address, session information, equipment configuration settings, operating system, platform interactions, cookies, pixels and other equipment or technical information about your usage of our network, products, services or websites; and
  • Customer support information, including content of the customer support request, notes or a record of any contact you have with us.

II. Collection of Personal Data

Generally, we may collect Personal Data from you in the following ways:By providing Personal Data of any other individual to us, you hereby warrant and represent that you are authorized to disclose the other individual’s Personal Data to us in accordance with this Policy and Applicable Laws. When providing Personal Data, you warrant and represent that Personal Data disclosed by you, whether about yourself or another individual, is accurate and complete.

  • When submitting an application, registration or other form relating to any of our products and services;
  • When making a purchase or subscribing or applying for our products and services, entering into any agreement or provide other documentation or information respect of your usage of our products or services;
  • When making an enquiry about our products or services, or other information voluntarily provided to us in any way;
  • When visiting or using our website, applications, or software/platform owned or managed by us, using technologies, such as cookies, IP packets or DNS etc;
  • When communicating with us or our representatives via phone calls, emails, messages (for example, via our customer service contact points), social media platforms or face-to-face meetings which may be filed or recorded for training, quality control, business and/or other lawful purposes;
  • When visiting our outlets and our premises;
  • When facilitating interconnection and inter-operability between telecommunications licensees;
  • When obtaining information from third parties about you in connection with the products and services you applied, such as your employers, billing agencies, credit agencies, law enforcement agencies and/or other public agencies;
  • When filling up surveys, participating competition, lucky draw or responding to our promotions, initiatives, to any request for additional Personal Data; and/or
  • When submitting your Personal Data for any other reason.

By providing Personal Data of any other individual to us, you hereby warrant and represent that you are authorized to disclose the other individual’s Personal Data to us in accordance with this Policy and Applicable Laws. When providing Personal Data, you warrant and represent that Personal Data disclosed by you, whether about yourself or another individual, is accurate and complete.

III. Purposes for Collection, Use and Disclosure of Personal Data

You hereby agree that such Personal Data may be collected, used disclosed and/or processed for the following purposes (collectively, “Purposes”):As the Purposes for which we may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. In such instances, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your Personal Data without your consent is permitted by Applicable Laws.

  • To verify your identity, and to process orders and/or applications for products and services;
  • To provide the services and/or to facilitate interconnection and inter-operability between service providers including telecommunications licensees in providing the services;
  • To respond and/or deal with enquiries or complaints and for other customer-care activities;
  • To generate bills, facilitate the payment of bills, manage accounts and for debt-recovery functions;
  • To carry out credit checks and for the evaluation of creditworthiness;
  • To manage, develop and improve our business and operations to serve you better, which may include the aggregation of such data (including location-based data) from numerous customers and analysis of the same;
  • To provide delivery and directory assistance services;
  • To provide complementary or value added services;
  • To administer customer loyalty benefits, reward benefits, contests and lucky draws;
  • For marketing and advertising purposes, such as the provision of offers or exclusive offers to targeted individuals;
  • To carry out market research and customer surveys;
  • To conduct investigations or take action in relation to bad debts, crime and fraud prevention, detection or prosecution, risk management, or to prevent you or us from harm, illegal or unlawful activities;
  • To conduct investigations or take action in relation to any violation of any of our terms and conditions or our applicable acceptable use policies;
  • To third parties (including service providers, partners, agents and/or our or third parties’ affiliates or related corporations) who provide the products, perform services or assist our business operations on our behalf as necessary;
  • To protect and maintain Personal Data, and to have access to it including for making corrections to the Personal Data;
  • To comply with legal and regulatory requirements imposed by any government body, and otherwise with applicable laws and regulations;
  • For any other purpose necessary, ancillary or consequential to the above-specified purposes.

As the Purposes for which we may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. In such instances, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your Personal Data without your consent is permitted by Applicable Laws.

IV. Consent and Deemed Consent

By clicking or checking “I agree”, “Accept” or similar statements on our websites or applications, you acknowledge that you have read and understood this Policy, and hereby agree and consent to our collection, use, disclosure and/or processing of your Personal Data as described in this Policy. If you do not agree with any terms of this Policy, please do not access or use our products or services. You are deemed to have given your consent for the collection, use and disclosure of Personal Data in the following circumstances:This Policy does not supersede or replace any earlier consent(s) or deemed consent(s) you provide to us, and supplements all such pre-existing consents concerning the collection, disclosure and/or use of your Personal Data.

  • When you voluntarily provide your Personal Data to us;
  • When you are aware of the Purposes for which you are providing your Personal Data to us;
  • It is reasonable for you to have provided the Personal Data to us in the circumstances;
  • In any other circumstances where consent is deemed under the Applicable Laws.

This Policy does not supersede or replace any earlier consent(s) or deemed consent(s) you provide to us, and supplements all such pre-existing consents concerning the collection, disclosure and/or use of your Personal Data.

V. Limiting Collection, Use and Disclosure of Personal Data

We collect Personal Data primarily from our customers (including prospective customers). The collection of Personal Data is limited to that which is necessary for the identified Purposes. Unless permitted under Applicable Laws, we will not disclose Personal Data to other persons or entities for the advertising, promotion or marketing of such other party’s products and services, and we will not sell for payment the Personal Data to anyone for any unauthorised purpose(s).

VI. Third Party Products and Services

Our products and Services may include third parties’ products and/or services and links to third parties’ products or services with their data privacy policies. When you use such third parties’ products or services, they may collect your Personal Data too. For this reason, we strongly suggest that you read the privacy policies of such third party service providers. We are not responsible for and cannot control how third parties use Personal Data that they collect from you. This Policy does not apply to products and/or services offered by a third party even those are linked from our services. To the fullest extent permitted under Applicable Laws, we cannot be responsible for such third party’s acts, omissions, data policies or their use of cookies, nor the content or security of any third party websites, and any such liability is expressly disclaimed and excluded.

VII. Specific Issues for Disclosure of Personal Data to Third Parties

We respect the confidentiality of the Personal Data you have provided to us. In that regard, we will not disclose your Personal Data to third parties without first obtaining your consent permitting us to do so, except for the following:

  • Cases in which the disclosure is required or authorized based on the applicable laws and/or regulations;
  • Cases in which the purpose of such disclosure is clearly in your interests, and if consent cannot be obtained within a reasonable period of time;
  • Cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual;
  • Cases in which the disclosure is necessary for any investigation or proceedings;
  • Cases in which the Personal Data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation by that law enforcement agency or a person of a similar rank, certifying that the Personal Data is necessary for the purposes of the functions or duties of the officer;
  • Cases in which the disclosure is to the government body and such disclosure is necessary in the public interest; and/or
  • Where such disclosure without your consent is permitted by Applicable Laws.

VIII. Request to Withdraw Consent

You may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession or under our control by submitting your request to the Data Protection Officer. We will process your request within a reasonable time from such a request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your Personal Data in the manner stated in your request.

However, our withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your Personal Data, it may mean that we may not be able to provide you with the products or services, or a part thereof.

Notwithstanding any withdrawal of consent, (a) unless otherwise agreed by us, you will still be bound by your contract(s) for the products or services with our relevant entity, and should you choose to terminate the relevant contract(s), early termination charges and other charges, penalties or contractual consequences may apply in accordance with the contract(s) or under applicable laws and we reserve the rights thereof, and (b) we have the right to terminate the contracts in its discretion, without liability to you.

IX. Request for Access and/or Correction of Personal Data

You may request to access and/or correct the Personal Data currently in our possession or control by submitting a written request to us. We will need enough information from you in order to ascertain your identity as well as the nature of your request, so as to be able to deal with your request. Hence, please submit your written request to our Data Protection Officer.

For a request to access Personal Data, once we have sufficient information from you, we will seek to provide you with the relevant Personal Data within 30 days or other duration subject to Applicable Laws. Where we are unable to respond to you within the said duration, we will notify you of the soonest possible time within which we can provide you with the information requested. Note that the Applicable Laws may exempt certain types of Personal Data from being subject to your access request. For example, we may not provide access to Personal Data if such provision could reveal Personal Data about another person, if such information is subject to legal privilege or if such provision will be contrary to national interest. If access to Personal Data cannot be provided, the reasons for denying access will be provided upon request, to the extent permitted under Applicable Laws. We will also be charging you a reasonable fee for the handling and processing of your requests to access your Personal Data. Subject to Applicable Laws, we will provide you with a written estimate of the fee we will be charging. Please note that, where applicable, we are not required to respond to or deal with your access request unless you have agreed to pay the fee.

For a request to correct Personal Data, once we have sufficient information from you to act on the request, we will correct your Personal Data within 30 days or other duration subject to Applicable Laws. Where we are unable to do so within the said duration, we will notify you of the soonest practicable time within which we can make the correction. Note that the Applicable Laws may exempt certain types of Personal Data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request; and we may send the corrected Personal Data to applicable other organisations to which the Personal Data was disclosed by us within a year before the date the correction was made, unless that other organisations do not need the corrected Personal Data for any legal or business purpose.

X. Administration and Management of Personal Data

We will take reasonable efforts to ensure that your Personal Data is accurate and complete, if your Personal Data is likely to be used by us to make a decision that affects you, or disclosed to another organisation. However, this means that you must also update us of any changes in your Personal Data that you had initially provided us with.

We will not be responsible for relying on inaccurate or incomplete Personal Data arising from your failure to update of any changes in your Personal Data that you had initially provided us with.

We will also put in place reasonable security arrangements to ensure that your Personal Data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your Personal Data. However, we cannot assume responsibility for any unauthorized use of your Personal Data by third parties that are wholly attributable to factors beyond our control.

XI. Retention of Personal Data

We will keep your Personal Data as long as it is necessary for the Purposes described above or as required by Applicable Laws.

We will also put in place measures such that the Personal Data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that the Purposes for which that Personal Data was collected is no longer being served by the retention of such Personal Data and (b) retention is no longer necessary for any other legal or business purposes.

XII. Transfer of Personal Data Overseas

Our head office is based in Singapore, while our Affiliates and service providers are located around the world. We may transfer the Personal Data to our offices, appoint agents, service partners or vendors in Singapore and around the world for the Purposes. This means Personal Data will be transferred outside of your country where we or our agents, partners or vendors have data centers. Where your Personal Data is to be transferred overseas, we will comply with the Applicable Laws in doing so. In this regard, this includes us obtaining your consent (unless there is an exception under the Applicable Laws), and taking appropriate steps to ascertain that the foreign recipient organisation of the Personal Data is bound by legally enforceable obligations to provide to the transferred Personal Data a standard of protection. This may include us entering into an appropriate contract with the foreign recipient organisation dealing with the Personal Data transfer or permitting the Personal Data transfer without such a contract if the Applicable Laws permits us to.

XIII. Updates to this Policy

As part of our efforts to ensure that we properly manage, protect and process your Personal Data, we will be reviewing our policies, procedures and processes from time to time. We reserve the right to amend the terms of this Policy at our absolute discretion. You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to Personal Data protection.

XIV. Definitions

For the purposes of this Policy, the following capitalized terms, unless elsewhere defined in this Policy, shall have the following meanings:

“Affiliates” means with respect to any entity or person, all entities which are controlling controlled by or under common control with such entity or person (including any investment vehicle of such entity or person), and “control” shall mean the power to elect or appoint a majority of directors or to direct the management of the first-mentioned entity, or the ownership of more than 50% of the voting rights of the shares or other equity interests or registered capital of such entity.

“Applicable Laws” means any applicable data protection and privacy legislation and regulations, that may include without limitation, the Personal Data Protection Act of Singapore (PDPA), Privacy Act 1988 of Australia and Australian Privacy Principles (APPs), Regulation (EU) 2016/679 (General Data Protection Regulation) (GDPR).

“Personal Data” means the data whether true or not, about an individual who can be identified or identifiable from that data, or from that data and other information to which an organisation has or is likely to have access.

Supplement Notice for Singapore

Please note that in the event your number with us is terminated, we will update the terminated status to the Do-Not-Call Registry such that their database is up to date.

You acknowledge that in addition to the exceptions under the PDPA, we may collect, use and disclose your Personal Data without your consent in accordance with the Telecommunications Code of Practice in the following situations:

  • Collection or use of Personal Data for planning requirements in relation to network operations or network maintenance for any telecommunication service provided by the Group;
  • Collection, use or disclosure of Personal Data for facilitating interconnection and inter-operability between telecommunication licensees for the provision of telecommunication services; and
  • Collection, use or disclosure of Personal Data for the provision of mobile roaming-related information to in-bound mobile roaming customers in Singapore.

The instances listed in the paragraph above are not intended to be exhaustive. For more information on the exceptions, you are encouraged to peruse the Second, Third and Fourth Schedules of the PDPA that is publicly available at https://sso.agc.gov.sg/. Where we disclose your Personal Data to third parties with your consent, we will employ our best efforts to require such third parties to protect your Personal Data.

For this purpose of this Supplement to Singapore, “Telecommunications Code of Practice” means the Code of Practice for Competition in the Provision of Telecommunication Services 2012, as amended or supplemented from time to time.

Supplement Notice for Australia

You may make a complaint to us about a breach of the Australian Privacy Principles by using our DPO contact details. We will investigate your complaint and endeavour to resolve any issue. If we do not adequately answer your concerns, you will have the right to make a complaint in writing to the Office of the Australian Information Commissioner.

Contact Us

If you, at any time, have any queries on this Policy or any other related queries, please do not hesitate to contact our Data Protection Officer (the “DPO”) at:

Data Protection Officer

63 Alexandra Terrace #06-18, Singapore 119937

Email: dpo@circles.co