Our policy

Information you provide to us

To apply for or use WorldFirst SG services, you will be asked to provide identifying information about yourself (e.g. name, address, and email address), your company and documents to verify the information provided – such as, a copy or record of your identity cards, passport or other travel document information, your proof of address, occupation, nationality, country of birth, source of funding, source of wealth and/or other information from checks, credit cards, bank statements.

Through the course of our business relationship, we may ask for additional evidence in order for us to comply with our legal obligations, e.g. anti-money laundering regulations. These can include, but are not limited to, documents required to verify any information provided or evidence of source of funds.

WorldFirst SG will collect information required to provide instructions on your behalf to payment or account service providers, including but not limited to instructions for debiting and/or crediting your account to settle your liability on any Forward FX transaction you have concluded. 

Information we collect when you use our website or app

Our website uses cookies to provide you with a better experience on our website, for fraud prevention and to provide internet-based advertisements. For detailed information on the cookies we use and the purposes for which we use them, please see our full Cookie policy.

WorldFirst SG user community participants will have their sessions recorded to allow us to capture the feedback to improve our services and help with the development of new products. This will always be based on your consent, which you can withdraw at any time.

For the detection and prevention of fraud and cyber-crime, we may collect information, including session, device and IP address to help ascertain the legitimacy of the account login.

Public information

For non-registered users, we may contact you using publicly available information or information from third parties, which you have consented to being shared, to let you know about products that could be relevant for your business.

Transactional information

Once you use our products and services, we will collect, process and store your WorldFirst SG financial and transactional information. This information includes the amount, currency, type of transaction, source of funds, exchange rate, recipient name and bank details.

Information about you that we receive from third parties

To protect ourselves and our customers against fraud, we verify the information you provide with Anti-Fraud agencies and Electronic Identity Verification Services. In the course of verification, we receive and process information about you from such services. This may include the collection of biometric information (via facial recognition technologies) used for real identity verification and authentication purposes.

Information may be collected from credit reference agencies.   

Communications

All calls are recorded and correspondence retained for the purposes of quality control and training, verifying your instructions to us, as evidence of transactions and to fulfil regulation requirements. Any information you disclose to us will be held on these recordings. Generally, we will inform you that we are carrying out the recording of the calls.

Individuals who are not registered users of WorldFirst SG

Connected parties

WorldFirst SG will collect information about connected parties to a WorldFirst SG client during the course of the business relationship with the client to comply with our legal obligations, e.g. directors or shareholders of a company. Where customers provide this information, they are required to bring this Privacy Notice to the attention of the individuals concerned.

Beneficiaries

WorldFirst may collect information about beneficiaries or recipients of funds who may not be  WorldFirst clients to provide instructions on your behalf to payment or account service providers.

We will process your personal data:

As necessary to perform our contractual obligations. To ensure we process payments and fulfil our side of the contract we will process transaction information, verification information and phone recordings.

As necessary to comply with our legal obligations. As a financial services company we must collect and process certain information to comply with applicable laws and regulations. These include for:

• Completing due diligence to prevent money laundering and financial crime
• Financial and tax reporting and bookkeeping
• Establishment and defence of legal rights

For activities relating to the prevention, detection and investigation of crime. Information on connected parties and beneficiaries is used for the purpose it is collected to comply with regulations and to make payments on the Client’s behalf. We will not use this information to market to the non-registered individual unless they have specifically consented to receive these communications.

As necessary for our own legitimate interests. WorldFirst’s aim is to provide an excellent service. There is additional information we may collect that will help us:

• To be able to provide our customers with an excellent service, e.g. contact details, hours of availability and languages
• To notify our customers of market changes, products and WorldFirst event information that is relevant to them
• To provide service update notifications of any changes to our products and services that affect our customers

Based on your consent:

• To provide general product and market insight to make the most of your WorldFirst experience
• To perform market research through surveys to help improve our products
• To build a user community to provide feedback in the development and improvement of WorldFirst products
• To provide offers, competitions and incentives

WorldFirst SG Group Companies

WorldFirst SG Group Companies refers to any of WorldFirst SG’s subsidiary or holding companies or subsidiaries of its holding companies, successors and/or assignees. WorldFirst SG’s system is accessible to WorldFirst SG Group Companies to ensure that we are able to deliver our products and services to you, including:

• Alipay Merchant Services Pte Ltd (“Alipay MS”)
• World First UK Ltd (UK)
• World First Netherlands B.V. (EU)
• World First Pty Ltd (Australia)
• World First Japan K.K (Japan)
• World First Asia Ltd (Hong Kong)

We may also share information with other companies within WorldFirst SG Group Companies to assist in the provision of services to you, to assist with compliance and anti-money laundering activities and for internal audit purposes. We will only share information in accordance with data protection laws and subject to strict controls on security and accessibility. The way we access, process and transmit your information and our level of security remains consistent across WorldFirst SG Group Companies.

Banking partners

When you use WorldFirst SG’s products and services, we may need to share your information with payment providers or banking partners outside of Singapore, such as intermediary or beneficiary banks.

Trusted partners

If you were introduced to WorldFirst SG by one of our trusted partners, we may provide them with your information to fulfil our contractual obligations with the partner.

We may also cooperate with trusted partners to provide financial services to you. In order to provide such financial services that are suitable for you, we may share your data and information with trusted partners to determine whether you are suitable for such services and accordingly your credit worthiness and your credit. We require trusted partners to undertake a strict confidentiality obligation and not to use your data that we share with them for any other purposes. We would also require trusted partners to adopt sufficient technical security measures to protect your data.

Additionally, we may share your details with a trusted partner for marketing purposes if you have given your consent to do so.

Other parties

We may share your information with trusted companies providing services to us under confidentiality agreements or to companies that assist us in meeting our obligations to you and our regulators, e.g. the verification of documentation. These companies do not have any rights to market other services to you.

These trusted companies may be outside of Singapore. WorldFirst SG will ensure that the company is based in a country with adequate data protections under their law, or that we impose contractual obligations or require them to be certified with a framework of protection deemed suitable by WorldFirst SG. WorldFirst SG performs due diligence to ensure third parties are compliant with applicable legal and contractual requirements. Also, we may share your information with any person acting on your behalf provided that you have given us the permission to do so.

Regulators and law enforcement

We may need to pass necessary information on to Governmental departments, regulatory bodies, the police/law enforcement agencies or other third parties where we are legally compelled to do so, e.g. if we have reason to believe an individual is acting fraudulently and using our services for an illegal purpose.

We will never sell any personal data that we hold about you.

Some of the entities to whom your information may be shared with are located outside of Singapore. In the event your information is disclosed to an entity located outside of Singapore, WorldFirst SG will take all steps reasonably necessary to ensure that your Personal Data is transferred securely and in accordance with this Privacy Policy and applicable data protection laws, and that your Personal Data transferred will be provided a standard of protection that is comparable to that under Singapore’s data protection laws.

WorldFirst SG will only retain your information for as long as is necessary for providing our service to you and will not hold or process your information for any longer than we are legally required or permitted to. The criteria used to determine the appropriate retention includes:

• Regulatory requirements WorldFirst SG is subject to
• Whether a legal claim could be brought against WorldFirst SG
• Necessity of information to provide our service to our customers
• The legal basis for processing, e.g. consent

Information about connected parties and beneficiaries, which may not belong to a WorldFirst SG client, are stored for a period to comply with applicable legal requirements.

How often to we communicate with you?

We communicate with you on a regular basis via email and phone to provide customer service and fulfil requests.

Additionally, we use your email address, phone number and postal address to:

• Provide notification as part of the on-boarding and trading lifecycle
• Send you important changes to our products and services
• Send notices and disclosures required by law

Due to the nature of these communications, if you choose to opt out of receiving these, you may not be able to continue using WorldFirst SG’s services.

Marketing

WorldFirst SG would like to keep you up to date concerning our products and services.

Once you become a client of WorldFirst SG, we will request your consent for WorldFirst SG Group Companies to use your information to provide you with product information, rate and market updates that are relevant to you and/or your company.

For visitors to our website, we may also use your information  to keep you up to date on general products, market updates or rate movements provided you have given your consent to receive marketing materials from WorldFirst SG Group Companies.

If you change your mind on the types of marketing communications you would like to receive or how you would like to receive them or you decide that you do not wish to receive these types of communications, you can remove your consent at any time by:

• Emailing [email protected]
• Managing your preferences through the WFO trading platform, if you are a registered user
• By clicking the link at the bottom of any email that you receive

You will not miss out on any service we provide by not choosing to receive marketing communications from us and you can change your mind whenever you like and as often as you like.

We recognise and support the rights outlined below in relation to your Personal Data under applicable Data Protection Laws. If you would like to exercise any of the below rights then please contact the Data Protection Team ([email protected]) and we will respond to your request.

We will require you to provide proof of your identity and to provide sufficient information to allow us to locate your information and in order to verify that the person making the request is the account holder or acting with their permission. If we cannot verify your identity or authority to make the request and/or confirm the Personal Data belongs to you, we would not be able to respond to your request. We will notify you to explain the basis of the denial.

Non-registered users (e.g. website users and connected parties) can also contact WorldFirst SG to request these.

For more information about your rights, please visit your local data protection regulator’s website.

To ask for information that WorldFirst SG holds about you to be corrected

If you notice any of the information on your account is incorrect, you can contact us and we will make any necessary changes (and if necessary, reach out to Alipay MS), subject to verification of the information.

To ask for a copy of the information WorldFirst SG holds about you

You have the right to request details of the information we hold about you, a description of that data, the purposes for which it is being used and any parties with which we share your information. Where we are legally required or permitted to, we may decline your request or part of your request, but we will provide an explanation with the response. Please note that we may charge a reasonable fee for an access request to cover our administrative costs of providing the information in certain situations. If so, we will inform you of the fee before we proceed with your request.

To ask WorldFirst SG not to further process your information

If you make a request for us to stop processing your information, we will investigate to see if there is any compelling reason for processing to continue and will discuss the conclusion of the investigation with you.

We would not be able to accede to your request if we require your information to comply with our legal or regulatory obligations or if the processing of your information is necessary for us to comply with our contractual obligations under a contract to which you are a party.

Please also note that while you have a right to withdraw your consent to us processing your information at any time (where the processing is based on your consent) by contacting us using the details below, your withdrawal may prevent us from further providing all or part of our services to you.

However, you can withdraw your consent to us processing your information for marketing communications at any time. Please see the marketing section for more details.

To ask not to be subject to solely automated decision making and profiling

WorldFirst SG puts people first. There will not be any scenarios in which profiling or automated decision making will have a legal impact on you without a person reviewing or making a decision on the result. If you feel you may have been unfairly impacted, please contact us to discuss this further.

Security of personal information

We store all data electronically in a secure manner to protect its confidentiality, integrity and availability. Data is stored on servers which are protected by actively maintained firewalls. We make use of up-to-date anti-virus software and our servers have restricted access. We use world-leading cloud providers to store all data within the European Union.

If you provide paper-based documentation for the purpose of identity verification, these will be stored electronically and the original will be destroyed securely or returned to you.

Transmission of data on the internet can never be completely secure. We do not and cannot guarantee the security of information collected or transmitted electronically however, we take reasonable care to safeguard your Personal Data.

What if I am unhappy with how my personal information is used?

If you have any questions or concerns about our Privacy Policy or our practices with regards to your Personal Data, or if you would like to make any request, please contact our Data Protection Team ([email protected]).