Personal Data Protection Act 2010 (PDPA)

This Personal Data Protection Policy explains how 5sends along with its affiliates (referred to as “we”, “us”, “our” and “5sends”) collect, hold, process, transfer and use your personal data and what corresponding rights you have in relation to the processing of personal data. For the purpose of this Personal Data Protection Policy, 5sends means the particular entity providing Services for you on the date you receive this Personal data protection policy.


This Personal data protection policy concerns the following personal data that we collect about you when you use or access our web applications, mobile applications (jointly referred to as “Applications”) and our website at http://www.5sends.com


We operate Applications and websites to act as a platform to connect users of our platform to drivers, including individuals using other modes of transportation, and to help facilitate such drivers to provide on-demand delivery services and purchasing services (“Services”). Our Applications and Services are primarily designed for adults. We will not knowingly collect any personal data from minors (i.e. persons who have not attained the age of 18 years, or the equivalent minimum age for full legal capacity in relevant jurisdiction) unless such data has been provided with prior consent from a relevant person (i.e. a person who has parental responsibility for the minor). In the event that you as the relevant person disclose such personal data of a minor under your parental responsibility to us, you hereby consent to the collection and processing of such minor’s personal data and accept and agree to be bound by this Personal data protection policy. If we are informed of any collection of personal data from a minor without the consent of a person with parental responsibility over such minor, we will delete such personal data.


This Personal data protection policy applies to personal data of (jointly referred as “you” or “your”):


(A) Visitors: individuals who visit our website or download or access the Applications without being a User as defined below;


(B) Users: individuals who: (i) use, request or receive Services; (ii) contact us through our website, Applications or by phone or other means of communications; (iii) enter into our contests or competitions; or (iv) subscribe to our updates or blog;


(C) Merchants: representatives of our corporate customers or business partners such as owners, managers, leaders or other representatives of a fleet; and


(D) Drivers: individuals who provide or submit applications to us to provide Services through our Applications individually or through partner companies, whether or not subsequently successfully registered as a driver for 5sends.


Please read this Personal data protection policy and understand it before using our website, Services or Applications.



Sources of personal data

When you visit our website, access or use our Applications and Services, we are likely to ask you to provide your personal data. If you do not provide the relevant data, we may not be able to provide you with our products or services or respond to any queries you may have. For example, you may not be able to request delivery services through our website or Applications.


We will collect and process the personal data:


(A) provided by you directly to us, such as during account creation through our Applications or updates, or sending us correspondence through our website, Applications or by phone;


(B) generated during your use of our website, Services and Applications. For example, we may collect your IP address and device information when you visit our website.


(C) we obtained from third parties (such as third party merchants, other Users, our service providers and business partners). For example, our third party merchants may provide us with additional verification and background information of Drivers, other Users may provide us with your name and phone number when booking a vehicle for you.


We may also collect personal data through software development used in providing the Services.


We may also collect personal data from Drivers who participate in our Driver Referral Program to the extent relevant in processing Drivers’ request to enter or participate in the Drivers’ Referral Programs.


What personal data do we collect about you?


The personal data collected by us about you will include the following data:


from Visitors:


(1) IP address or other unique device identifiers; and

(2) usage of our website or the Applications.


from Users and Merchants:

(1) name;

(2) email address;

(3) company name;

(4) phone number;

(5) address;

(6) correspondence with us;

(7) IP address or other unique device identifiers;

(8) payment and banking information;

(9) geolocation;

(10) User/Merchant profile information, including login details and passwords, profile picture, saved routes, language preference, beloved drivers’ details, feedback, ratings, compliments, order details, type of service used and referrer and referee information of a referral program participated by the User/Merchant;

(11) Applications usage or other relevant data; and

(12) copy of ID card or national identification number and expiry date;


(B) for Drivers:

(1) records of profile information;

(2) records and reports of usage of our Services, including records of interaction with customer service, Driver operations, field merchants and third-party service providers;

(3) records of payment in respect of our Services;

(4) records and reports of usage of our Applications, including bug reports, competitions or contests and login sessions;

(5) reports of live chat history and feedback from Users and Merchants;

(6) records of your deliveries and performance; and

(7) records of your vehicles, driving permit, vehicle insurance and vehicle license.


We may process your personal data for the following purposes.


(A) Visitors, Users, Merchants and Drivers:

(1) to provide and maintain our Services such as to:

(a) create, update and maintain your account registered with us;

(b) enable transportation and deliveries;

(c) track deliveries; and

(d) offer, process or facilitate payment for deliveries or our Services.


(2) to monitor the use of our website, Services or Applications;

(3) to help maintain the safety, security and integrity of our Services and prevent crime and fraud;

(4) to personalize your experience on our Applications: identifying your preferences and behavior help us to better understand your individual needs and interests and provide you with more tailored Services.

(5) We may require your consent for some of this marketing activity. In such cases where consent is required, we will only conduct the marketing activity if we have obtained your consent. You may choose to unsubscribe at any time if you do not wish to receive such information;

(6) for customer service: your personal data helps us to more effectively respond to your customer service requests, receive feedback and support needs;

(7) for research and development: your personal data will help us test, research, analyze, assist with product development and to improve your experience;

(8) for non-marketing communications related to our Services such as notifications of changes to our Applications or our Services;

(9) to administer our business: we may use your personal data for the management and administration of our business (including administering and maintaining databases storing personal data);

(10) for legal proceedings or as required by regulators, government entities and official enquiries, or to comply with our legal obligations; and

(11) for direct marketing, subject to having obtained your consent in accordance with applicable laws and as contemplated in paragraph 14 of this Personal data protection policy.


If we want to use your personal data for other purposes not covered by this Personal data protection policy, we will notify you and obtain your prior consent where applicable, and ensure that the use of your personal data complies with the applicable laws.


We are allowed to use your personal data in these ways because of one or more of the following apply:


(A) we have obtained your consent;

(B) we need to do so in order to perform our contractual obligations with you;

(C) we have legal duties and regulatory obligations that we have to discharge;

(D) the use of your personal data as described is necessary for our legitimate interests;

(E) we need to do so in order to response to public health incidents or to protect the vital interests of nature persons; or

(F) we have other legal bases allowed by applicable laws to process your personal data.


Not all data protection laws are the same so not all of the legal bases listed apply in all jurisdictions (e.g. legitimate interests is not a legal basis allowed in some jurisdictions). We will process your personal data in accordance with the legal basis permitted by applicable laws in your jurisdiction.


Your personal data collected by us will not be sold, exchanged, shared, transferred or given to a third party for their own direct marketing purposes unless we have your prior consent or we are other legal bases allowed by applicable laws.


Personal data sharing and disclosure


Our Services require that we share your personal data with other users. This includes:


(A) sharing Users’ or Merchants’ full name, phone number, personal data contained in free text box voluntarily entered by a User, and pick up or drop off locations with Drivers after a delivery has been initiated for the purposes of completing a delivery;

(B) sharing the Driver’s name, phone number, driver profile information, vehicle information, vehicle picture and geolocation with Users or Merchants after a delivery has been initiated for the purposes of completing a delivery; and if you are a member of a fleet, your personal data (e.g. name, phone number, driver profile information, records and reports of usage of our Services and Applications, records of payment, vehicle information) will be shared with the owner or manager of the fleet.

You should take care when disclosing your personal data to Drivers, or to Users or Merchants. You understand and acknowledge that we cannot control the actions of other users with whom you may choose to share the personal data with. We do not monitor the use of such features in the normal course of business although we reserve the right to do so at our discretion. Therefore, you understand and acknowledge that we cannot and do not guarantee that the personal data you share with other users will not be reviewed by unauthorized persons. You also acknowledge that your personal data may still be accessed by the relevant users with whom you shared the personal data with after the delivery is completed. For example, the relevant user may view the transaction records which contains your personal data.


We may also share your personal data to provide our website, Services, Applications or for legal reasons with:


(A) our employees, officers or independent consultants;

(B) our auditors and external legal and financial advisors;

(C) our suppliers, business partners, data processors and sub-contractors including:

(1) IT service and software suppliers;

(2) payment processors and facilitators;

(3) cloud platform service providers;

(4) cloud storage providers;

(5) data analytics providers;

(6) research partners;

(7) marketing and advertising agencies who create our advertisements and promotions;

(8) background check and identity verification providers;

(9) vendors that assist us to enhance the safety and security of our website and Applications; and

(10) customer service providers;

(D) our insurers and bankers, and Drivers’ insurers;

(E) any regulator or government body to whom we are under an obligation or otherwise required to make disclosure under the requirements of any applicable laws;

(F) our affiliates: we share personal data with our subsidiaries and parent companies and other affiliates to help us provide our Services or conduct data processing on our behalf;(G) any applicable persons if we believe it is required by applicable laws, legal process, governmental request or where the disclosure is appropriate due to safety concerns. This includes exchanging your personal data with other companies or organizations for the purposes of crime / fraud protection and prevention; or

(H) another company with connection in or during negotiations of any merger, sale of company assets, consolidation or restructuring, financing or acquisition of all or a portion of our business by or into that other company.


We will ensure third parties are under confidentiality obligations before we share your personal data with the third parties set out in this Personal data protection policy.


We do not sell your personal data to any third parties and guarantee the legitimate and fair use of personal data only to the extent permitted by law.


For more information, please contact us using the details set out in “Contact us” section below.


Security of personal data


Once we receive your personal data, we will use all reasonably practicable steps and security measures as required under the applicable laws, to ensure that your personal data is stored securely and protected by us and our data processors against unauthorized or accidental access, processing, erasure, loss or use.


Your personal data will be kept confidential and secure except for the purposes and uses as set out in this Personal data protection policy and will only be disclosed on a “need-to-know” basis.


If we outsource and entrust your personal data with data processors, we will use contractual and other means to monitor the data processors’ compliance with this Personal data protection policy.


We have adopted organizational, physical and technical security measures that are in line with the industry standards to protect the personal data you provide.


You are responsible for keeping your Applications password confidential. You must not disclose or otherwise reveal your Applications password to any third parties. Please let us know immediately if you believe your password or record has been compromised.


The transmission of information through the internet is not completely secure. Although we use security measures to secure your personal data, we cannot guarantee the security of your personal data transmitted to the Applications and any transmission is at your own risk.


Retention of personal data


Personal data collected from you will not be kept longer than necessary for the carrying out of the purposes stated in this Personal data protection policy, unless otherwise required or permitted by applicable laws.


If your account registered with our Applications has not been accessed over a period of three years or we have closed your account upon your request (“End Date”), your personal data will be retained by us for as long as is necessary for the purposes stated in this Personal data protection policy, or for as long as is permitted by applicable laws. We may retain your personal data for a longer period if it is necessary for us to do so to comply with our contractual or legal obligations, or you have consented to our continued retention of it.


At the end of the retention period, we will ensure that your personal data, all app-related data and account-related information will be deleted. For any physical documents containing your personal data, the documents will be shredded or otherwise destroyed by means that ensure the confidential and secure destruction of the documents.


We will take appropriate technical measures to enable you to control how we use your personal data. In addition to exercising some of your rights through your Applications account, you can exercise all your rights by contacting us using the details set out in the “Contact us” section below.