Log In Get Started

Privacy

GENERAL PRIVACY POLICY

Table of Contents

  1. Introduction
  2. Personal Data
  3. Non-Personal Data
  4. Information Collection
  5. Use of Information
  6. Data Processing (Controller)
  7. Sharing Your Information
  8. Data Security and Precautions
  9. Privacy Options
  10. Cross-Border Data Transfers
  11. Children Privacy
  12. Privacy Polices for Attendees and Organisers
  13. Third-Party Links
  14. Visiting Our Site from Outside Singapore
  15. Updates to This Privacy Policy
  16. Governing Law
  17. Contact Information

Welcome to the oui.com.sg website, owned and operated by Design & Marketing Pte Ltd (“OUI,” “we,” “us,” orour”). OUI is committed to respecting and protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you interact with our website (the “Site”), our services, and other communications with us. This Policy applies to all users, including potential event attendees, event organisers (“Organisers”), and any third-party service providers authorised by Event Affiliates.

A. Introduction

  1. OUI primarily acts as a Data Processor on behalf of Organisers (our customers), who are the Data Controllers. In certain instances, OUI may also act as a Data Controller for our own business purposes, such as account administration, billing, produce analytics, site cookies, or our own marketing, or as an employer.

  2. This Privacy Policy applies to data we collect in connection with:

    2.1 Your access to and use of the OUI website located at www.oui.com.sg (the “Website”), our cloud-based event management platform (the “Platform”), our social media pages, mobile applications (the “App”), and any other products and services offered by OUI (collectively, the “Services”).

    2.2 Email or other electronic communications with you (e.g., customer support, marketing activities, surveys).

    2.3 The data we process is in accordance with our obligations related to our engagement with you.

  3. By using the Site and/ or Services, you agree to the terms of this Privacy Policy.

B. Personal Data

  1.  Personal Data refers to any information that can be used to identify you or another individual, either directly or indirectly. This includes:


    4.1 Contact Information: Name, job title, company name, email address, billing address, phone number, or any such information that will lead to the disclosure of your identity.

    4.2 Financial Information: The Company does not collect, process, or retain any credit or debit card numbers, bank account details, or other financial data. Such information is collected, processed, and stored exclusively by third-party payment service providers (including but not limited to PayPal and Stripe). The Company disclaims all liability arising from or in connection with the collection, use, storage, or disclosure of such financial information by these third-party providers, and users are encouraged to review the applicable terms and privacy policies of the relevant payment service provider.

    4.3 Technical Information: Browser and device information (including IP address and any other information relating to the identification of the device used), usage data, and other identifying information.

    4.4 Account & Support Data: Account details, preferences, support tickets, and communications.

    4.5 Event Data: When acting as a Processor, attendee details and responses are determined by the Organisers.

    4.6 While you are not required to provide OUI with any Personal Data, certain Services and functionalities may not be available to you unless some Personal Data is provided. In the event that you do not wish to provide such information, use of the Platform may be restricted or unavailable.

C. Non-Personal Data

  1. Non-Personal Data includes any information that is anonymised, aggregated, or not directly associated with an identifiable person.

D. Information Collection

  1. We collect information from various interactions you have with us, both online and offline, including through:


    6.1 Voluntary Information:

    1. Site Interactions: When you use the services provided on our Site, we collect Personal Data to fulfil these requests and provide services accordingly.
    2. Communications: When you contact us via email, phone calls, or other electronic means, we collect and store relevant information, including your contact number, email address, and the content of your communication, and/ or other relevant information, to respond to your inquiries, provide customer support, or improve our Services.
    3. Surveys: Participation in surveys may require you to provide additional information, which we use to gather insights and enhance our Services.

    6.2 Information Collected Automatically:

    1. Platform Usage: Information collected via the Platform, including Event Attendee data, is controlled by the Organisers and processed by OUI on their behalf. This may include data collected when Event Attendees interact with the Platform.
    2. App and Smart Devices: We collect app usage data, including location data (if you have given your consent), to provide location-based Services and personalised content.
    3. Cookies and Trackers: Cookies are small text files that are placed on your device when you visit a website. They help websites remember your device and preferences, making your browsing experience smoother and more personalised. We may collect information, including details such as your IP address, browser type, operating system, access times, and the pages you viewed before and after using the Site. You can manage or disable Cookies at any time by adjusting your browser settings. Most browsers allow you to refuse Cookies or alert you when a Cookie is placed on your device. However, please note that disabling certain Cookies may affect the functionality and features of the Site. We use the following Cookies:

      1. Strictly Necessary Cookies: These are essential for the operation of the Site and enable you to use core features such as secure log-in.
      2. Performance and Analytics Cookies: These collect information about how visitors use the Site (e.g., pages visited, error messages). This helps us improve the way the Site works.
      3. Functionality Cookies: These allow the Site to remember your preferences (such as language or region) to provide a more customised experience.
      4. Targeting or Advertising Cookies: These may be used to deliver relevant advertisements to you and to track the effectiveness of our marketing campaigns.

    6.3 Information Collected from Third-Party Sources:

      1. Third-Party Tools and Databases: We may collect information about you from third-party tools, public databases, marketing partners, social media platforms, and other external sources that are public or otherwise accessible. This includes customer information such as your name, job title, company name, and contact details, which we may use to tailor our communications, develop leads, or enhance our Services. This data is used in compliance with relevant privacy laws and any agreements in place with these third parties pursuant to the laws of the Republic of Singapore.
      2. Research and Analytics: We may use third-party tools to gather insights and analyse trends and activities related to our customer base. This may involve collecting and processing data that helps us better understand our market, improve our products and services, and develop more effective marketing strategies.

E. Use of Information

    1. OUI uses your Personal Data responsibly and transparently to deliver our Services, enhance user experience, and ensure compliance with legal requirements. The key purposes for which we use your information include:


      7.1 Service Delivery and Account Management:

        1. Transaction Processing: We use your personal information to process payments, deliver products and services, and facilitate your participation in promotions, discounts, or similar programs. (Financial information itself is handled by third-party payment providers as stated above.)
        2. Customer Support: Your data enables us to deliver a more personalised user experience for you. This may relate to various data points that we manage on your behalf, enabling us to resolve technical issues efficiently and provide seamless services.
        3. Communications: We communicate with you about essential account-related matters, such as booking confirmations, event updates, and other relevant information necessary for your engagement with our Platform.

      7.2 Marketing and Promotional Communications:

      1. Marketing: With your consent, we may send you marketing communications, such as offers, exclusive promotions, newsletters, and event updates that align with your interests.
      2. Personalised Advertising: Your data may be used for targeted advertisements and content tailored to your preferences and requirements across our Site and other platforms to provide a better user experience.
      3. Feedback: We may ask for your feedback through surveys to help us improve our services and products.

      7.3 Personalisation and User Experience Enhancement:

      1. Customised Content: Your data helps us deliver content and services that align with your preferences, ensuring your experience with our Platform is relevant and engaging.
      2. Usage Analysis: We analyse how you interact with our Services to improve and personalise the offerings you receive from us continuously.

      7.4 Legal Compliance and Security:

      1. Compliance: We may use your information to comply with applicable laws, regulations, and legal processes, as well as to cooperate with law enforcement and regulatory inquiries when necessary.
      2. Security and Fraud Prevention: We implement security measures to protect your data and our Services from unauthorised access, fraud, hacking, and other security threats. Your data may be used to detect, investigate, and prevent these risks in line with our legal obligations.

      7.5 Protection of Rights and Enforcement of Policies:

      1. Terms of Service Enforcement: We use your data to enforce our Terms of Service and other agreements, ensuring that our rights, as well as the rights of our users and third parties, are protected.
      2. Legal Defence: In the event of disputes, claims, or regulatory investigations, your data may be used to defend our legal rights and comply with judicial or regulatory requests.

      7.6 Research and Development:

      Service Improvement: We may use aggregated and anonymised data to conduct research and analysis aimed at improving our Services, developing new features, and enhancing the overall user experience.

      7.7 Retention:

      We retain Personal Data only as long as necessary for the purposes described in this Policy and to meet legal, accounting, or reporting requirements. When acting as a Processor, we retain and delete data according to the Organiser’s instructions. When acting as a Controller, we apply internal retention schedules and securely delete or anonymise data when it is no longer needed.

F. Data Processing (Controller)

  1. We process Personal Data based on one or more of the following: contractual necessity; our legitimate interests (including product improvement, security, and B2B communications), balanced against your rights; your consent (e.g., specific marketing, cookies, location services); and compliance with legal obligations. Where processing relies on consent, you may withdraw it at any time.

G. Sharing Your Information

  1. We share your Personal Data with third parties only as described below:


    9.1 Event Affiliates: When you register for an event, your data may be shared with the Organisers, venue, and other relevant parties to facilitate the event.

    9.2 Service Providers: We engage trusted third-party service providers to perform functions on our behalf, such as payment processing, data storage, hosting, marketing, and analytics. These providers have access to your data only to the extent necessary to perform their functions and are bound by confidentiality agreements and appropriate data-protection obligations.

    9.3 Legal Requirements: We may disclose your information if required by law, to enforce our Terms of Service, or to protect the rights, property, or safety of OUI, our users, or others.

    9.4 Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. In such an event, the terms of this Policy will be in place unless expressly varied.

H. Data Security and Precautions

  1. At OUI, we take the security of your personal data very seriously. We have implemented comprehensive organisational, technical, and administrative measures designed to protect your data from unauthorised access, disclosure, misuse, alteration, or loss. Our commitment to data security is reflected in the following key practices:


    10.1 Encryption: We utilise secure server software (SSL) for transactions conducted on our Site. Your personally identifiable information (PII) is encrypted both during transmission and at rest.

    10.2 Access Controls: We restrict access to your data based on job roles, ensuring that only authorised personnel can access your information (principle of least privilege).

    10.3 Security Audits: We conduct regular security audits and assessments to identify and mitigate potential vulnerabilities within our systems.

    10.4 Incident Response: We maintain an incident response plan to address any security breaches or data incidents swiftly and effectively.

    10.5 Third-Party Data Centres: We partner with reputable third-party data centres and service providers, who are carefully selected to uphold high security standards and are bound by strict confidentiality obligations.

    10.6 Confidentiality Obligations: All employees, contractors, service providers, and agents with access to your PII are required to adhere to confidentiality agreements. Any breach may result in disciplinary action, including termination and legal prosecution.

  2. Despite OUI’s rigorous security measures, no system can be entirely infallible. While we strive to ensure a high level of protection, absolute security cannot be guaranteed. You are encouraged to exercise caution when handling and disclosing your personal information. To the fullest extent permitted by law, OUI shall not be liable for any direct, indirect, incidental, or consequential damages arising from or related to system errors, interruptions, or security breaches, except as expressly provided in this Agreement.

  3. If you become aware of any potential security breaches or have concerns about the safety of your data, please contact us immediately at dpo@oui.com.sg. We are committed to addressing issues promptly and maintaining the security of your information.

I. Privacy Options

  1. You have the following rights regarding your Personal Data:


    13.1 Access and Correction: You may request access to or correction of your data by contacting us.

    13.2 Withdrawal of Consent: You may withdraw your consent to our collection, use, or disclosure of your Personal Data at any time by contacting us. However, this may affect our ability to provide certain Services.

    13.3 Marketing Opt-Out: You may opt out of receiving marketing communications by following the instructions provided in our emails or by contacting us directly.

    13.4 Cookie Management: You can control the use of cookies through your browser settings.

J. Cross-Border Data Transfers

  1. OUI is incorporated in Singapore, and your personal data may be transferred to and processed in Singapore or other jurisdictions in which our service providers or business partners are located. Any such transfer will be conducted in compliance with the Personal Data Protection Act 2012 of Singapore (the “PDPA”), including the requirement that the recipient outside Singapore is bound by legally enforceable obligations to provide a standard of protection comparable to that under the PDPA.

K. Children Privacy

  1. Our Site and Services are not designed or intended for children under the age of 13. We do not knowingly collect personal data from children under the age of 13. However, as a platform that operates as a data processor for events organised by third-party Organisers, there may be instances where our Services are used for events involving children, such as school events, family activities, or other similar gatherings. In such cases, the responsibility for obtaining proper consent and ensuring the privacy of children’s data lies with the Organisers, who act as data controllers.
  2. If we become aware that personal data has been inadvertently collected from a child under the age of 13 without the necessary consent, OUI reserves the right to delete such information from our systems, subject to applicable law and regulations. We encourage Organisers to implement appropriate safeguards to protect the privacy of children, including obtaining verifiable parental consent where required by law.
  3. Parents or guardians who believe that their child’s personal data may have been collected through our Platform without proper consent should contact the Organisers directly. If further assistance is needed, please reach out to us, and we will work with the Organisers to address and resolve the issue.

L. Privacy Polices for Attendees and Organisers

  1. For detailed information on how we handle personal data in specific contexts, please refer to our dedicated privacy policies:


    18.1 Privacy Policy for Attendees

    18.2 Privacy Policy for Organisers

M. Third-Party Links

  1. Our Site may contain links to websites owned and operated by third parties. This Privacy Policy applies only to our Site. We are not responsible for the privacy practices of other sites, and we encourage you to review the privacy policies of any third-party websites you visit.

N. Visiting Our Site from Outside Singapore

  1. This Site is operated and hosted in Singapore, where our servers are located and our database is managed. If you are accessing the Site from outside Singapore, please be aware that your information may be transferred to, stored, and processed in Singapore. The data protection and privacy laws in Singapore may differ from those in your home country and may not offer the same level of security. In any event, the duty to comply with domestic legislation shall reside with you.

  2. By using the Site and the Services provided through the Site, you consent to the transfer, storage, and processing of your information in Singapore as outlined in this Privacy Policy. Additionally, you acknowledge that all transactions related to the Site and our Services are considered to have taken place in Singapore, regardless of your location. The applicable laws shall be that of Singapore to govern any transaction or use of our Platform.

O. Updates to This Privacy Policy

  1. We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws and regulations. When we make changes, we will update the “Last Updated” date and post the revised Policy on our Site. If there are material changes, we will notify you by prominently posting a notice on our Site or by contacting you directly.

P. Governing Law

  1. This Privacy Policy is governed by and construed in accordance with the laws of Singapore. By accessing our Site and providing your information, you agree to be bound by and submit to the non-exclusive jurisdiction of the Singapore courts.

Q. Contact Information

  1. If you have any questions or concerns about this Privacy Policy or our privacy practices, please contact us at:


    Design & Marketing Pte Ltd
    Email: dpo@oui.com.sg
    Address: 1 Scotts Road, #24-10 Shaw Centre, Singapore 228208

PRIVACY POLICY FOR EVENT ORGANISERS

Table of Contents

  1. Introduction
  2. Platform Role and Data Collection
  3. Your Responsibilities as a Data Controller
  4. Event Partners and Data Collection
  5. Sharing Attendee Data with Suppliers and Event Coordinators
  6. Data Export and Transfer
  7. Cross-Border Data Transfers
  8. Data Management and Purging
  9. Communication and Consent Management
  10. OUI’s Use of Attendee Data
  11. Data Security on OUI
  12. Third-Party Integrations
  13. Compliance with Privacy Laws
  14. Indemnity
  15. Account Termination
  16. Limitation of Liability
  17. Governing Law and Jurisdiction
  18. Changes to This Privacy Policy

Welcome to OUI, a cloud-based event management platform operated by DESIGN & MARKETING PTE LTD (“we,” “our,” or “us“). This Privacy Policy governs your use of the platform and outlines the manner in which your personal data is processed.

A. Introduction

  1. For the purposes of applicable data protection laws:

    1.1. You, the Organiser, are designated as the Data Controller, responsible for determining the purposes and means of processing personal data.

    1.2. We, OUI, act solely as the Data Processor, processing personal data only in accordance with your documented instructions and for the limited purpose of providing the platform and related services.

  2. By using the OUI platform, you agree to comply with this Privacy Policy and all applicable privacy and data protection laws, including, but not limited to, Singapore’s Personal Data Protection Act 2012 (PDPA), the General Data Protection Regulation (GDPR) (where applicable), and any other relevant laws.

B. Platform Role and Data Collection

  1. Data Categories:
    The personal data processed through the platform may include, without limitation, attendee names, contact details, identification numbers, payment information, event-specific preferences, technical log data (eg, IP addresses, device identifiers), and communications.
  2. Purpose:

    Such data is processed solely for event management purposes, including registration, ticketing, payment processing, communication, attendee engagement, analytics, and fraud prevention.

  3. Retention:
    Data is retained on the OUI platform in accordance with your documented instructions. OUI will not keep personal data longer than necessary to provide the services, unless required by law. You remain responsible for setting retention schedules and purging data as appropriate.

C. Your Responsibilities as a Data Controller

  1. As the Data Controller, you expressly acknowledge and agree that you are responsible for:

    6.1. Legal Basis & Consent: Obtaining all necessary consents from attendees for the collection, use, and disclosure of personal data, and ensuring that such consents are valid, informed, and properly documented.

    6.2. Transparency: Providing attendees with clear and accessible privacy notices that describe how their personal data will be collected, used, stored, and shared.

    6.3. Purpose Limitation: Using personal data strictly for legitimate event management purposes and not for unrelated, unlawful, or excessive activities.

    6.4. Data Accuracy: Ensuring that the personal data collected is accurate, complete, and up-to-date.

    6.5. Security Safeguards: Implementing reasonable technical and organisational measures to protect data, including encryption, access controls, monitoring, incident reporting, and staff training.

    6.6. Data Subject Rights: Responding promptly and lawfully to requests from attendees to access, correct, delete, or withdraw consent in relation to their personal data.

    6.7. International Laws: Ensuring that your event operations comply with any additional requirements imposed by international data protection laws, including GDPR, CCPA, or equivalent frameworks.

D. Event Partners and Data Collection

  1. Third-Party Collection:


    7.1. If the exhibitors, sponsors, or other event partners are permitted to collect data (e.g., via the OUI Events App or lead retrieval tools). In that case, you are solely responsible for ensuring that attendees have provided consent for such collection and are informed of how their data will be used.

  2. Disclaimer:

    8.1. OUI disclaims all responsibility and liability for how event partners process such data once collected. You shall indemnify OUI against any claims arising from your partners’ data handling practices.

E. Sharing Attendee Data with Suppliers and Event Coordinators

  1. When granting access to attendee data to suppliers, contractors, or team members, you must:

    9.1. Access Restriction: Ensure that access is strictly role-based and limited to individuals who require it.


    9.2. Security Controls: Require all users to maintain strong passwords, unique login credentials, and enable Two-Factor Authentication (2FA).

    9.3. Confidentiality Obligations: Ensure that suppliers and contractors are contractually bound by confidentiality and data protection obligations no less strict than those set out herein.

    9.4. Audit & Monitoring: Keep logs of access and periodically review whether access is appropriate.

F. Data Export and Transfer

  1. You may export or transfer attendee data to external systems (such as CRM tools, analytics providers, or marketing platforms).
  2. Once exported, OUI no longer has control over such data. You bear full legal and contractual responsibility for ensuring the secure handling and compliance with the PDPA, GDPR, and other applicable laws.
  3. OUI does not provide legal advice regarding cross-border transfers, adequacy decisions, or contractual clauses, and you are responsible for obtaining such advice.

G. Cross-Border Data Transfers

  1. Where you transfer data of EU residents (or residents of jurisdictions with equivalent restrictions) outside the EU/EEA, you must comply with GDPR requirements, including implementing Standard Contractual Clauses (SCCs) or equivalent safeguards. You bear full responsibility for ensuring such compliance and documenting the lawful basis for transfer.

H. Data Management and Purging

  1. You may update, delete, or purge attendee information using the platform tools. OUI provides the necessary technical capabilities, but you remain solely responsible for executing and verifying such actions. You should also implement data retention schedules and ensure the timely deletion of outdated records.

I. Communication and Consent Management

  1. You may send event-related communications (invitations, confirmations, reminders, updates, post-event follow-ups) through the platform.
  2. You are responsible for:

    16.1. Obtaining proper marketing consent from attendees where required.

    16.2. Providing clear opt-out mechanisms in every marketing communication.

    16.3. Honouring withdrawal of consent promptly.

    16.4. Ensuring compliance with “Do Not Call” registries, anti-spam regulations, and any applicable advertising laws.

J. OUI's Use of Attendee Data

  1. OUI will only access attendee data for:

    17.1. Providing technical support and customer service.

    17.2. Troubleshooting issues.

    17.3. Subscription billing and payment matters.

    17.4. Internal analysis to improve platform performance.

    17.5. Compliance with legal and regulatory obligations.

    17.6. OUI does not sell, license, or use attendee data for its own marketing purposes.

K. Data Security on OUI

  1. We implement industry-standard security measures, including:

    18.1. Encryption: All data is encrypted in transit and at rest.

    18.2. Access Controls: Restricted on a need-to-know basis to authorised personnel.

    18.3. Audits: Regular internal and independent audits, vulnerability assessments, and penetration testing.

    18.4. Incident Response: Documented and tested incident response plan.

    18.5. Mandatory 2FA: A one-time passcode will be required for logins from new devices or after two (2) weeks of inactivity.

    18.6. Individual Login Credentials: Each authorised user is required to create and use their own individual login credentials rather than sharing a single login access. This ensures accountability and provides additional protection against unauthorised access to sensitive data.
  2. In the event of a breach affecting attendee data, OUI will notify you promptly and without undue delay. You are responsible for complying with all legal obligations to notify attendees and regulators.

L. Third-Party Integrations

  1. Where you integrate OUI with third-party services, you must ensure that such services comply with data protection laws and provide equivalent safeguards. OUI is not responsible for the processing activities of third-party platforms once data leaves OUI.

M. Compliance with Privacy Laws

  1. OUI complies with PDPA and will provide reasonable assistance to you in meeting your compliance obligations (eg, providing audit logs or technical information). However:

    21.1. You remain solely responsible for compliance with all applicable laws.

    21.2. Nothing in this Policy constitutes legal advice.

    21.3. You should consult your own legal counsel for international compliance matters.

N. Indemnity

  1. You agree to fully indemnify and hold harmless DESIGN & MARKETING PTE LTD, its affiliates, officers, agents, and employees against any claims, actions, damages, losses, costs, or expenses (including legal fees) arising from:

    22.1. Your use or misuse of the platform.


    22.2. Your breach of this Privacy Policy.

    22.3. Any violation of applicable laws.

    22.4. Any failure to obtain valid consent from attendees.

    22.5. Any improper or unauthorised sharing of attendee data.

    22.6. Any involvement in spam-related activities or the distribution of inappropriate, offensive, or unlawful content.

  2. OUI retains the right to use your organisation’s name, trade name, trademarks, or logos solely to identify you as a customer factually and to reference your use of the Services for legitimate marketing, promotional, and portfolio purposes, provided that such use does not suggest sponsorship or endorsement and you have not raised any reasonable written objection.

O. Account Termination

  1. We reserve the right to terminate your account immediately and without notice if you:

    24.1. Engage in illegal activity.

    24.2. Misuse attendee data.

    24.3. Distribute spam or unsolicited content.

    24.4. Infringe intellectual property rights.

    24.5. Promote violence, discrimination, or hate speech.

    24.6. Misrepresent your identity or affiliation, or engage in any fraudulent or deceptive practices.

    24.7. Engage in any conduct that, in OUI’s reasonable opinion, harms or threatens the integrity, security, or reputation of the platform.

    24.8. Termination shall be without liability to OUI.

P. Limitation of Liability

  1. To the fullest extent permitted by law:

    25.1. OUI shall not be liable for indirect, incidental, special, or consequential damages, including loss of profits, revenue, goodwill, or data.

    25.2. OUI’s total aggregate liability shall not exceed the total service fees paid by you in the twelve (12) months preceding the event giving rise to the claim.

    25.3. Nothing in this Policy excludes liability that cannot be limited under law, including liability for fraud or wilful misconduct.

Q. Governing Law and Jurisdiction

  1. This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore. Any disputes shall be subject to the exclusive jurisdiction of the courts of Singapore.

R. Changes to This Privacy Policy

  1. We reserve the right to amend this Policy from time to time. Changes will be posted on our website, and where required by law, we will obtain your consent for any material changes.

Contact Us

If you have questions about this Privacy Policy or how your data is handled, please contact our Data Protection Officer at: dpo@oui.com.sg

PRIVACY POLICY FOR EVENT ATTENDEES

Table of Contents

  1. Introduction
  2. Our Role as a Data Intermediary
  3. Collection of Personal Data
  4. Payment Information
  5. Customisation of Data Collection and Communication by Organisers
  6. Use of Personal Data by Organisers
  7. OUI’s Use of Personal Data
  8. Data Management and Third-Party Sharing by Organisers
  9. Data Security
  10. Your Rights
  11. Indemnity
  12. Limitation of Liability
  13. Changes to This Privacy Policy
  14. Governing Law and Jurisdiction

Welcome to OUI, an online event management platform operated by DESIGN & MARKETING PTE LTD (“we,” “our,” or “us“). Our platform enables event organisers (“Organisers“) to manage event registrations, sell tickets online, check in attendees, collect lead information, and more.

A. Introduction

  1. This Privacy Policy applies specifically to event attendees (“you” or “your“) and explains how we handle your personal data. It also clarifies the respective roles of OUI and the Organisers in the collection, use, and disclosure of such data. Please note that this Policy is separate from the Privacy Policy for Organisers.

B. Our Role as a Data Intermediary

  1. Capacity:
    OUI acts solely as a data intermediary. We provide Organisers with tools to collect, manage, and process attendees’ personal data on their behalf.
  2. Limited Use:

    While we may access your personal data for purposes such as technical support, customer service, troubleshooting, or legal compliance, we do not use this data for our own marketing purposes without your explicit consent.

  3. Controller Responsibility:
    Organisers are the primary Data Controllers and are solely responsible for ensuring that their collection, use, and disclosure of your personal data complies with applicable data protection laws. OUI does not determine what data is collected, how long it is retained, or how Organisers share it.

C. Collection of Personal Data

  1. Direct Registration. You may provide personal data when registering for an event through a form hosted on the OUI platform. Such data may include:


    5.1. Full name;

    5.2. Contact details (email, phone number);

    5.3. Payment details (processed by third-party payment providers);

    5.4. Organisation or company affiliation;

    5.5. Identification details (e.g., NRIC, passport number); and

    5.6. Any additional information requested by the Organiser

  2. Organiser-Provided Data:
    Organisers may upload or manually enter your personal data for event purposes, such as check-in, badging, or invitations.
  3. Automatic Data:
    When you use the platform, we may automatically collect certain technical data, such as your IP address, device type, browser, and cookies, for the purposes of security, fraud prevention, and platform improvement.
  4. Scope:
    The Organiser determines the categories and extent of data collected. OUI facilitates the collection but does not control or decide the scope of requested information.

D. Payment Information

  1. Third-Party Processing:
    Payments for ticket sales are processed through trusted third-party providers (e.g., Stripe, PayPal).
  2. Data Handling:

    OUI may collect limited payment information to facilitate transactions, but does not store sensitive details such as full credit card information.

  3. Responsibility:
    The privacy policies of the relevant payment providers govern the handling of your payment data. We strongly encourage you to review those policies. OUI adheres to industry standards for secure payment processing where applicable.

E. Customisation of Data Collection and Communication by Organisers

  1. Customised Forms:

    Organisers may customise registration forms and request additional information, including sensitive personal data. OUI does not verify the appropriateness of such requests.

  2. Communications:

    Organisers determine the content, frequency, and purposes of communications, which may include:

    13.1. Invitations.

    13.2. Order confirmations and receipts.

    13.3. Event reminders and updates.

    13.4. Pre-event engagement.

    13.5. Post-event follow-ups and marketing.

  3. Disclaimer:
    OUI is not responsible for how Organisers customise their forms or manage communications. Please review the Organiser’s privacy policy for details.

F. Use of Personal Data by Organisers

  1. Organisers determine how your personal data will be used, which may include:


    15.1. Event management and administration.

    15.2. Sending event-related communications.

    15.3. Marketing and promotional activities related to the event or their businesses.

    15.4. Analytics, reporting, and audience insights.

    15.5. Integrations with third-party platforms (e.g., CRM or marketing automation tools).

    15.6. Other purposes expressly disclosed by the Organiser.

  2. Organisers may also transfer your personal data to third parties, including recipients located overseas. Attendees should review the Organiser’s privacy practices to understand such transfers.

  3. OUI is not liable for any use or misuse of your personal data by the Organiser.

G. OUI's Use of Personal Data

  1. OUI processes your personal data only for the limited purposes of:

    18.1. Providing technical support and customer service.


    18.2. Troubleshooting and resolving platform issues.

    18.3. Maintaining the security and integrity of the platform.

    18.4. Complying with legal and regulatory obligations.

    18.5. Retaining log data (eg, IP addresses, login timestamps) for audit and security purposes.

  2. We do not use your personal data for marketing purposes unless we have obtained your express consent.

H. Data Management and Third-Party Sharing by Organisers

  1. Organiser Tools:

    OUI provides Organisers with tools to update, delete, and export attendee information.

  2. Third-Party Sharing: Organisers may share your data with:

    21.1. Their internal event teams.

    21.2. Event partners, including exhibitors, sponsors, and marketing collaborators.

    21.3. Third-party vendors or platforms (e.g., CRM, analytics, or marketing tools).

    21.4. Service providers who may be located overseas.

  3. Disclaimer:
    Once your personal data has been exported, transferred, or otherwise removed from the OUI platform, OUI has no control over its handling. Organisers bear sole responsibility for its secure and lawful use.

I. Data Security

  1. OUI is committed to protecting your personal data through measures including:

    23.1. Encryption: All data is encrypted in transit and at rest.


    23.2. Access Controls: Restricted to authorised OUI staff on a need-to-know basis

    23.3. Security Assessments: Regular reviews and penetration testing are conducted.

    23.4. Incident Response: A plan to promptly address breaches or data incidents.

  2. While we follow recognised industry standards, no method of transmission or storage is 100% secure.

  3. Once data is exported or transferred by an Organiser, OUI cannot control how it is handled. We strongly recommend reviewing the Organiser’s and any third party’s privacy and security practices.

J. Your Rights

  1. Data Subject Rights:
    You may request access to, correction of, or deletion of your personal data, or withdraw consent for its use.
  2. Contact Point:

    Requests must be made directly to the Organiser, who is the Data Controller.

  3. OUI Assistance:
    If you have concerns about how your data is processed through the OUI platform, you may contact us at dpo@oui.com.sg. Please note that your rights may vary depending on your jurisdiction, and Organisers remain responsible for compliance with such local laws.

K. Indemnity

  1. By registering for an event through OUI, you agree to indemnify and hold harmless DESIGN & MARKETING PTE LTD, its affiliates, officers, agents, and employees from and against any and all claims, actions, demands, liabilities, damages, losses, or expenses (including, without limitation, reasonable legal and accounting fees) arising out of or in connection with:

    29.1. Your participation in an event organised through our platform


    29.2. Your breach of this Privacy Policy

    29.3. Your violation of applicable laws or third-party rights

  2. This indemnity protects OUI against losses resulting from your actions or omissions.

L. Limitation of Liability

  1. Exclusion of Damages:
    To the fullest extent permitted by law, OUI shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, revenue, goodwill, or data.
  2. Scope of Liability:

    OUI shall not be liable for any acts, omissions, or policies of Organisers, exhibitors, sponsors, or other third parties with whom your data is shared.

  3. Aggregate Cap:
    OUI’s total aggregate liability to you for any claims arising from or relating to this Privacy Policy or your use of the OUI platform shall not exceed the amount of service fees (if any) paid by you directly to OUI for use of the platform. For clarity, if you register through an Organiser, you acknowledge that OUI may not receive any fees from you directly. In such cases, OUI shall have no liability to you whatsoever.

  4. Jurisdictional Limits:
    Nothing in this clause limits liability that cannot be excluded under applicable law, including liability for fraud or wilful misconduct.

M. Changes to This Privacy Policy

  1. We reserve the right to amend this Privacy Policy from time to time to reflect changes in our practices or for operational, legal, or regulatory reasons. Any material changes will be posted on our website, and where required, we will seek your consent.

N. Governing Law and Jurisdiction

  1. This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore. Any disputes shall be subject to the exclusive jurisdiction of the Courts of Singapore.

Contact Us

If you have questions about this Privacy Policy or how your data is handled, please contact our Data Protection Officer at: dpo@oui.com.sg