JioME Group ('we', 'our', or 'us') operates the JioME application, including business card registration and sharing ('Network'), and purchasing, sharing, and using Gifticon ('Gifticon'). We are committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore and other applicable laws.
This Privacy & Security Policy explains what personal data we collect, how we use it, and your rights. By using our app or services, you consent to the practices described in this policy.
By using the JioME app or services, you agree to this policy. If you do not agree, or if you have questions, please contact support@jiomegroup.com.
2.1 Information You Provide
- Account information: name, email address, mobile number, and password.
- Business card details: job title, company name, work email, phone numbers, website, birthday, and social media handles.
- Added Business card details: None of the details are collected.
- Payment information: credit/debit card details or other payment method details for Gifticon purchases (processed securely via third-party payment providers).
- Communications: messages or feedback sent to support@jiomegroup.com.
2.2 Information Collected Automatically
- Device & app information: device type, operating system, app version, and unique device identifiers.
- Usage data: features accessed, pages viewed, and activity timestamps in the app.
- Transaction data: Gifticon purchase history, sharing activity, and redemption records.
- Location data: general city-level location
- IP address: to automatically detect your country for phone number formatting. Your IP address is sent to ipapi.co and reallyfreegeoip.org solely for this purpose. These services do not receive any other personal information.
2.3 Information from Third Parties
- If you connect third-party URLs (for example, LinkedIn), we receive only data you authorize.
- Payment processors may share transaction confirmation details with us.
- Create and manage your JioME account.
- Enable business card registration, storage, and sharing through Network.
- Process Gifticon purchases, transfers, and QR code redemptions.
- Verify identity and prevent fraudulent transactions.
- Send transactional notifications (purchase confirmations, redemption alerts, and card share notifications).
- Improve the app using usage analytics and user feedback.
- Maintain app compatibility and notify you about important or required app updates.
- Comply with applicable Singapore laws and regulations.
- Respond to support requests and communications.
We do not sell your personal data. We may share information with:
- Other users: only when you explicitly choose to share business card information.
- Merchant partners: only QR redemption data needed to validate Gifticon at participating shops.
- Payment processors: to securely handle Gifticon purchases (for example, Stripe, PayNow, or equivalent providers).
- Service providers: vendors supporting cloud hosting, analytics, push notifications, and customer support under confidentiality obligations.
- Legal authorities: where required by Singapore law, court order, or to protect user/public safety and rights.
- Account and business card data: retained while account is active and up to 3 years after deletion unless earlier deletion is requested.
- Gifticon transaction records: retained for 7 years for Singapore financial recordkeeping compliance.
- You may request data deletion at any time, subject to legal retention requirements.
6.1 Data Encryption
- Data in transit is protected using TLS.
- Sensitive data, including passwords, is stored using strong one-way hashing (bcrypt or equivalent).
- Payment data is handled by PCI-DSS compliant payment processors and is not stored directly on our servers.
6.2 QR Code Security
- Each Gifticon QR code is single-use and invalidated immediately after redemption.
- QR codes are cryptographically signed to prevent forgery.
- Redemptions are logged in real time with timestamp and merchant data.
6.3 Access Controls
- Access to personal data is restricted to authorized personnel on a need-to-know basis.
- Internal systems are protected by multi-factor authentication.
- We perform regular security reviews and vulnerability assessments.
6.4 Incident Response
- In the event of a data breach, we notify affected users and the PDPC of Singapore within legally required timeframes.
The app may use cookies and similar technologies to maintain sessions, remember preferences, and analyze usage patterns. You can manage related preferences through device settings. Disabling some tracking mechanisms may affect app functionality.
- Access: request a copy of your personal data.
- Correction: request corrections to inaccurate or incomplete data.
- Withdrawal of consent: withdraw consent for collection, use, or disclosure (subject to legal/contractual limits).
- Deletion: request account and associated data deletion (subject to legal retention requirements).
- Data portability: request a structured, machine-readable copy where technically feasible.
To exercise rights, contact support@jiomegroup.com. We respond within 30 days.
JioME is not intended for persons under 18. We do not knowingly collect personal data from minors. If a minor has provided personal data, contact us and we will delete it promptly.
We may update this Privacy & Security Policy. For material changes, we will notify users in-app or by email at least 14 days before changes take effect. Continued use after the effective date means acceptance of the updated policy.
For questions, concerns, or requests related to this policy or personal data:
support@jiomegroup.com