Products & Solutions
Demo

Product Privacy Notice

Last Updated: 05 Feb 2026

1. Introduction

This Privacy Notice explains how QCC TECH PTE. LTD. ("we", "us", "our") collects, uses, and shares personal data related to businesses within our Data Products. We aggregate and normalize public records from various countries to provide global compliance and risk intelligence services.

2. Contact Information

(Data Controller) If you have questions about this notice or your personal data, please contact us: Company Name: QCC TECH PTE. LTD. Address: 55 Ayer Rajah Crescent #01-26, Singapore 139949 Email: kyc@qcc.com

3. What Data Do We Collect and Where Does It Come From?

We process data related to individuals in their professional capacity (e.g., shareholders, directors, officers, and beneficial owners) sourced from official public records globally.

Types of Data We Process:

  • Identity Data: Name, ID Number (where publicly available), Residential Address and Date of Birth (typically month/year or as published).
  • Role and Ownership Data: Current and past positions (Director, Secretary, etc.), Shareholding percentages, and nature of control.
  • Contact Data: Business correspondence addresses, email addresses, phone numbers as filed in public records.

Our data originates from publicly accessible government and commercial registers in the jurisdictions where we provide coverage. These sources include, but are not limited to: Official Company Registries, Government Gazettes, Data Providers and Insolvency Registers.

As our data is collected indirectly from official public registries and involves a vast number of data subjects globally, providing individual notice to every person would be impossible or involve a disproportionate effort. Therefore, in accordance with GDPR / UK GDPR, we are exempted from the obligation to notify each data subject individually. Instead, we make the information required by Article 14 publicly available through this Privacy Notice and maintain appropriate measures to protect your rights, legitimate interests, and freedoms.

4. How and Why We Use This Data

We process this data to provide legitimate business intelligence services. Our clients (such as financial institutions, law firms, and multinational enterprises) use this data for:

  • Global Compliance: Performing Know Your Customer (KYC) and Anti-Money Laundering (AML) checks across borders.
  • Third-Party Risk Management: Verifying the identity and background of international business partners.
  • Ultimate Beneficial Owner (UBO) Identification: Tracing corporate ownership structures across multiple jurisdictions.
  • Fraud Prevention: Detecting inconsistencies and preventing financial crime in global trade.

5. Legal Basis for Processing

  • For data subjects within the EEA and UK, and generally for our global operations, we rely on Legitimate Interests to promote transparency in international business and support the prevention of fraud and money laundering. We process data relating to an individual’s public professional capacity. The processing is necessary to ensure trust in the global financial system and does not disproportionately impact private rights.
  • For data subjects within Singapore: We adhere to the Publicly Available Data exception. As strictly defined in the PDPA, the personal data we process is sourced from publicly available sources (e.g., ACRA) to which the public has access with few or no restrictions. Therefore, the collection, use, and disclosure of such data are conducted without the need for consent, in accordance with the Second, Third, and Fourth Schedules of the PDPA.

6. Who We Share Data With

We share data with verified business clients who have a legitimate regulatory need. These recipients typically include:

  • Financial Institutions: Banks and other financial entities.
  • Professional Services: Law Firms, Accounting and Audit Firms, Corporate Service Providers, etc..
  • Corporates

These clients use the data to fulfill their own mandatory regulatory checks.

7. International Data Transfers

We are based in Singapore and strictly comply with both the GDPR / UK GDPR and the Personal Data Protection Act 2012 (PDPA) of Singapore. We ensure our data handling policies meet the stringent standards of both jurisdictions regarding data security.

8. Data Retention and Accuracy

  • Source Synchronisation: We strive to keep our data up-to-date by regularly synchronising with official registries or fetching data in real-time via APIs where available.
  • Data Integrity: If a public registry updates a record (e.g., a director resigns), we aim to reflect this change in our products promptly.
  • Retention: We retain data only for as long as it remains relevant for the purposes of historical corporate analysis and compliance auditing, or as required by law.

9. Your Rights

Regardless of your location, we respect your privacy rights. Under the GDPR and similar laws, you have the right to:

  • Object: You can object to the processing of your data. We will review objections case-by-case. If you can demonstrate that the processing causes you unjustified harm that overrides our legitimate interest (and the public interest in transparency), we will remove or suppress your data.
  • Access and Correction: You may request a copy of the data we hold. As we aggregate data from official public sources, incorrect data often originates from the government registry itself. We generally recommend correcting the data at the source (the official registry) to ensure it is updated permanently across the ecosystem.

10. Complaints

Please direct any complaints to our contact team listed in Section 2. You also have the right to lodge a complaint with the data protection supervisory authority in your country of residence.

Terms and conditions | Privacy Policy | Copyright © 2026 QCC Services PTE LTD. All rights reserved.