CATBIRD’S PRIVACY POLICY

This website (the "Website") is operated by Catbird Pte. Ltd. ("CATBIRD", "we", "our" or "us"), a company registered in Singapore with Registration Number 202555258Z. Our registered office is at 82 Telok Ayer Street, #02-07/08, Singapore 048467.

Your Privacy

We recognise that when you choose to provide us with information about yourself, you trust us to act in a responsible manner. This Privacy Policy explains who we are, how we collect, share, and use personal information about you, and how you can exercise your privacy rights.

This applies to personal information that we collect though the Website or when engaging in our relationship or potential relationship with you (or your organisation) as a supplier, customer or business partner.

What We Do

CATBIRD is a boutique real estate advisory and agency firm helping occupiers and investors optimise the value of their real estate. CATBIRD provides core services of agency leasing, asset services, capital markets, facility services, occupier services, investment & asset management, project & development services, tenant representation, and valuation & advisory (the “Services”). For more information about us, please see the About Us section of our Website.

Information We Receive

We receive “Personal Information” in order to provide you with our Services. Personal Information is data that includes a personal identifier, or is any data that identifies, relates to, describes, could be associated with, or could reasonably be linked, directly or indirectly, back to you or a household. Personal Information includes information that you provide to us, that we collect automatically, and that we obtain from third parties. Depending on your relationship with us, we may receive:

Personal Identifiers

We have collected and may continue to collect personal identifiers including name, mailing address, online identifier, Internet Protocol address, email address, telephone number and other similar identifiers.

In some situations, we may ask you to voluntarily provide us with some personal identifiers. For example, we may ask you for this type of information when you visit our website. This might be if you are interested in signing up to receive emails from us, or reading some research, or attending an event, or participating in any online forum provided by us from time to time, or if you register for any online account made available by us, or contact us via the Website (in which cases we will collect information such as name, email address, organisation, country, zip code/postal code, job title, telephone number(s), details of your comment or query and username/password).

When you visit our Website, we may collect personal identifiers associated with your device including your IP address, device type, and cookie ID, and other usage information.

Internet and Network Activity Information

We have and may continue to automatically collect information about how user devices interact with our Website, including the pages accessed and links clicked. We may also collect browser-type information.

CCTV Images/Building Access Control

We have and may continue to deploy CCTV and/or building access control procedures at CATBIRD’s premises (which involve CCTV images of visitors and/or collecting Personal Information at entry such as name, organisation represented and time of access) for security and law enforcement purposes, to exercise, establish or defend our legal rights or to protect the vital interests of any person.

Professional or Employment-Related Information

We have and may continue to collect information users may elect to provide about their employment status or employer.

Information About Job Candidates

When you contact us in relation to employment opportunities at CATBIRD, we collect certain information as part of the recruitment process (and if successful, your employment).

Information We Receive When You, or Your Business, Do Business With Us

We may collect and process information relating to you as an individual when you conduct business with CATBIRD as a customer or prospective customer (including when CATBIRD serves as a managing agent on behalf of a building owner), or as a representative of a vendor, supplier, consultant, professional adviser or other third party ("Customer, Vendor or Business Partner Data"). Examples of Customer, Vendor or Business Partner Data include:

• contact details of a point of contact for CATBIRD’s Customer, Vendor or Business Partners (such as name, business phone numbers, business address, email address, photograph) including for the purposes of attendance at or participation in any promotional or other CATBIRD event or competition;
• role-related information about Customer, Vendor or Business Partners or their representatives (such as job title, responsibilities, department, work history, qualifications and experience);
• financial information (such as financial account information about individuals connected to a particular business) or property ownership information relating to such individuals if needed to take payment or fulfil contractual obligations or for due diligence or related purposes.

Information We Obtain From Third-Party Sources

In order to comply with various regulations, or to conduct background checks in accordance with our internal requirements (where permissible and in accordance with applicable law), sometimes we may receive Personal Information about you from third-party sources such as credit check databases, politically exposed persons databases, government denied parties, sanctions and watch lists, your employer, other parties in the real estate sector such as real estate agents, purchasers, vendors, borrowers, lenders, architects, engineers, surveyors, developers, landlords, tenants and financial institutions, as well as online sources databases and public registries.

We will only obtain this information where we have checked that these third-parties either have your consent or are otherwise legally permitted or required to disclose your Personal Information to us. The types of information we collect from third-parties include, for example, information about whether you have been subject to any regulatory action or legal proceedings. We use the information we receive to maintain and improve the accuracy of the records we hold about you and assess any risks arising from any relationship or prospective relationship with you and/or your organisation.

Information We Receive as a Service Provider

We may receive and process information relating to you as an individual when we perform services on behalf of our Customers (including when CATBIRD serves as a managing agent on behalf of a building owner).  In this context, we process (e.g., collect, use, and share) your personal information only as a service provider, including as that term is defined under applicable law, and only for purposes of our business relationship with our Customer.  Examples of this information include:  

• contact details (such as name, phone number, address, email address, photograph);
• CCTV images, and related monitoring information for security purposes;
• employment information (such as job title, department, payslips);
• financial information (such as related to processing rent and renter qualifications);
• information we obtain from third-party sources (including as described above).

We encourage you to review the privacy policy of the building owners / our customers in these contexts for more information on their processing of your information.

Inferences Drawn from the Above Information

We may draw inferences from the information above, including personal identifiers, network information, professional or employment-related information, and general location; creating promotional content; offering Services; and business development.

Information You Provide About Others

If you provide us with information about another person, you confirm that they have appointed you to act for them, that you have informed them of our identity and the purposes (as set out in this Privacy Policy) for which their information will be processed and that you have obtained any necessary consents to the processing of their Personal Information. When we first contact them, we may tell them where we got the information from.

How Do We Use Your Personal Information?

We receive, collect, use, process and store Personal Information to provide our Services. This includes:

• to create and administer records about your online account (if any);
• to provide online services to you, including facilitating your participation in any discussion forum, and for Website and system administration; to improve our Website(s) and our products and Services;
• for due diligence purposes, in accordance with applicable law, to assess financial, reputational, credit or insurance risks arising from any relationship or prospective relationship with you/your organisation and/or to carry out any necessary anti-money laundering checks;
• to provide you/your organisation with information or products and Services that you have requested and deal with invoicing and payment;
• to send you service-related communications, to deal with communications you send us and request feedback; to facilitate your participation in events or competitions for which you have registered/which you have entered;
• to contact you directly or via our agents by mail, telephone, fax, email, SMS, or other electronic messaging service with offers of goods and services or information that may be of interest to you (including information about other organisations' goods and services). As required by applicable law, you may opt in/opt out of marketing at any time;
• to perform analyses on Personal Information we have collected;
• to verify your identity when you contact us, make a request, or access your online account;
• to prevent fraudulent, prohibited, or illegal activities, and to enforce our Terms of Service; and
• to comply with legal requirements, or to exercise, establish or defend our legal rights or to protect the vital interests of any person.  

Some of this information may be collected using cookies and similar tracking technology, including web beacons. For further information about the types of Cookies we use, why, and how you can control Cookies, please see our Cookie Policy.

How Do We Share Your Personal Information?

We make available Personal Information only with your consent or to the following categories of recipients (subject to your prior consent where required under applicable law):

• to our group companies or affiliated entities and third-party services providers
• who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our Website or other IT infrastructure, to assist us with carrying out due diligence checks, to carry out marketing, analytics, or research on our behalf or to support the delivery of services to our clients in general or pursuant to a particular engagement);
• with whom we arrange joint promotional events (for the purposes of ensuring that you do not receive direct marketing information about the event from multiple sources); or
• in the case of group companies or affiliated entities, who otherwise process Personal Information for purposes that are described in this Privacy Policy or notified to you when we collect your Personal Information. Further information about our group companies, affiliated entities and the third party
• service providers that may process your Personal Information (including their location) can be provided on request by contacting us using the details in the How to Contact Us heading below.
• to our clients and bid participants, in relation to bids and transactions with which you are involved;
• to our third-party advertising, marketing and analytics partners, for purposes of providing targeted advertising and analytics through the use of third-party cookies or other online trackers.  Sharing of this information with third parties may constitute a sale or sharing for targeted advertising, as defined under applicable law.  
• to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person; and
• to an actual or potential buyer (and its agents and advisers), potential investors, or providers of professional services in connection with any actual or proposed purchase, merger, or acquisition of any part of our business, or reorganisation of our business, provided that we inform the buyer it must use your Personal Information only for the purposes disclosed in this Privacy Policy.

Legal Basis for Processing Personal Information

Under applicable data protection law, and based on your jurisdiction, our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it. The details of which data are processed and how they are used, possibly also using artificial intelligence (AI), depends largely on the services requested or agreed in each case.

However, we will normally collect Personal Information from you only (i) where we need the Personal Information to perform a contract with you, (ii) where the processing is in our legitimate commercial interests and not overridden by your rights, or (iii) where we have your consent to do so. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person.

Where we process your Sensitive Personal Information, we do so: (i) in the context of know-your-counterparty checks as required by applicable law; (ii) on the basis that the processing is necessary for reasons of substantial public interest; (iii) on the basis of your explicit consent; or (iv) to establish, exercise or defend legal claims.

You can choose not to provide Personal Information to us. However, unless otherwise indicated, the information that we request is necessary for the purposes of entering into and performing a contract with you or your organisation and/or providing Services to you or your organisation and failure to provide it will impede the contracting process and/or the provision of the relevant Services.

If we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), these interests will normally be: to provide our Services to you, respond to your queries, improve our Website(s), undertake marketing,  for the purposes of detecting or preventing illegal activities or for the purposes of the training and (further) development of AI applications.

Given the business-to-business context in which we undertake the processing of your Personal Information, and the safeguards that we take to protect your Personal Information (including as outlined under the How do we protect your information heading below), our legitimate interests are not outweighed by any prejudice to your individual rights and freedoms. We may have other legitimate interests and, if appropriate, we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us using the contact details provided under the How to contact us heading below.

How We Protect Your Personal Information

We use reasonable technical, administrative, and physical controls to protect the Personal Information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information. We take care to allow access to Personal Information only to those who require such access to perform their tasks and duties, and to third parties who provide services to us or otherwise have a legitimate purpose for accessing it (see under the How Do We Share Your Personal Information? heading above). Whenever we permit a third party to access Personal Information, we will implement appropriate measures to ensure the information is used in a manner consistent with this Privacy Policy and that the security and confidentiality of the information is maintained.

International Data Transfers

Your Personal Information may be transferred to, and processed in, countries other than the country in which you are a resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our Website servers are located in Singapore, and our group companies, affiliated companies and third-party service providers operate around the world. This means that when we collect your Personal Information, we may process it in any of these countries.

However, we take steps to safeguard your Personal Information in accordance with this Privacy Policy. Further details about the protection given to your Personal Information can be provided upon request by contacting us using the details in the How to Contact Us heading below.

Data Retention

We retain Personal Information we collect from you to fulfil the purposes described above. We use the following criteria to determine how long to retain Personal Information:

• Our relationship with you, and the Services we provide to you;
• Your requests to us regarding your information, or our Services;
• Any applicable legal, contractual, tax or accounting requirements;
• Any legal obligations to retain the data, or for the establishment, exercise, or defence of legal claims (such as enforcing our agreements or litigation); and
• Technical considerations and feasibility, and the level of protections in place for your Personal Information.
• When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymise it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.

CATBIRD may use suppliers/sub-processors to provide it with integral IT, administration and business infrastructure support.

Your Data Protection and Privacy Rights

Depending on the country/region you live in, you may be able to exercise certain rights with respect to your Personal Information:

• you may have the right to request access/disclosure, correct, update or request deletion of your Personal Information;
• you may be able to object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information;
• you may have the right to opt-out of marketing communications we send you. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you or email us at connect@catbird.com.sg;
• you may have the right to withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent;
• you may have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority;
• You may have the right to request disclosure of your Personal Information that we have sold within the past 12 months; and
• You may have the right not to be discriminated against for exercising any of your rights.

How We Respond to Your Data Protection Rights and Privacy Rights Requests

We respond to all requests we receive from individuals wishing to exercise their data protection and privacy rights in accordance with applicable data protection and privacy laws.

We will do our best to respond to your request as quickly as possible, in accordance with applicable law. We confirm receipt of every request we receive. If we require more time (up to 90 days or the permitted timeframe), we will inform you of the reason and extension period in writing. We may require you to provide us with additional information to complete our verification process or to respond to your request. Depending on the request, we may need you to provide at least two pieces of Personal Information we already have in our possession, such as your email address and proof of home address. We will use this information only for purposes of verifying your identity and responding to your request, where we are required to do so. We will delete information that you provide us to verify your identity after we process your request, unless we are required by law to maintain a record of it. Any information that we maintain will be securely protected consistent with our general information security practices. There may be requests that we are unable to fulfil. For instance, we may deny requests

• when required by law,
• when we are unable to verify your identity,
• when complying with your request would interfere with the rights of others, or when necessary to exercise or defend legal claims.

This is not a comprehensive list, and we reserve the right to refuse your request in other circumstances. If we refuse your request, we will explain our reasons for the refusal.

Links to Other Websites

We may provide links to websites that may not be owned, operated, or otherwise associated with CATBIRD. We do not control and are not responsible or liable for what outside entities do in connection with their websites or online services, or how they handle your Personal Information. In particular, unless expressly stated, we are not agents for these websites or advertisers, nor are we authorised to make representations on their behalf. Please review the privacy practices of these other websites and online services for further information.

Passwords

In order to bring you more personalised services, we may ask you to establish one or more passwords to gain access to certain services or sections on our Website. You are solely responsible for the control and use of each password you create, and we recommend not reusing an old password and creating a strong one.

Updates to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments, or to comply with our legal requirements. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will provide notice of any modifications to the Privacy Policy that materially change your rights if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the date displayed at the top of this Privacy Policy.  

How to Contact Us

If you have received an e-mail or e-mails from CATBIRD that you no longer wish to receive, please contact us at connect@catbird.com.sg.

If you otherwise have any questions or concerns about our use of your Personal Information, you may contact us at connect@catbird.com.sg and mark it for the attention of the Data Protection Officer.

‍