Privacy policy

BEAMS-Singapore

Privacy Policy

Last Updated: April 21, 2026

1. Introduction

BEAMS-Singapore operates this store and website, including all related information, content, features, tools, products and services, in order to provide you, the customer, with a curated shopping experience (the “Services”). BEAMS-Singapore is powered by Shopify, which enables us to provide the Services to you.

This Privacy Policy describes how we collect, use, disclose, and otherwise process your personal data when you visit, use, or make a purchase or other transaction using the Services, or otherwise communicate with us. This Privacy Policy has been prepared in compliance with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and its amendments.

If there is a conflict between our Terms of Service and this Privacy Policy, this Privacy Policy controls with respect to the collection, processing, and disclosure of your personal data.

By using and accessing any of the Services, you acknowledge that you have read this Privacy Policy and understand the collection, use, and disclosure of your personal data as described herein. Where required under the PDPA, we will obtain your consent before collecting, using, or disclosing your personal data.

2. Data Protection Officer

In accordance with the PDPA, BEAMS-Singapore has appointed a Data Protection Officer (“DPO”) to oversee our compliance with data protection obligations. If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our DPO:

Data Protection Officer: Kok Seng Chew

Email: philip@itsea.my

Address: 9 Raffles Place, #06-01 Republic Plaza, Singapore 048619

3. Personal Data We Collect

When we use the term “personal data,” we are referring to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access. We may collect the following categories of personal data depending on how you interact with the Services:

(a) Contact Details: your name, address, billing address, shipping address, phone number, and email address.

(b) Financial Information: credit card, debit card, and financial account numbers, payment card information, transaction details, form of payment, payment confirmation and other payment details.

(c) Account Information: your username, password, security questions, preferences and settings.

(d) Transaction Information: the items you view, put in your cart, add to your wishlist, or purchase, return, exchange or cancel, and your past transactions.

(e) Communications: the information you include in communications with us, for example, when sending a customer support inquiry.

(f) Device Information: information about your device, browser, or network connection, your IP address, and other unique identifiers.

(g) Usage Information: information regarding your interaction with the Services, including how and when you interact with or navigate the Services.

4. Sources of Personal Data

We may collect personal data from the following sources:

  • Directly from you, including when you create an account, visit or use the Services, communicate with us, or otherwise provide us with your personal data.

  • Automatically through the Services, including from your device when you use our products or services or visit our websites, through the use of cookies and similar technologies.

  • From our service providers, including when they collect or process your personal data on our behalf.

  • From our partners or other third parties, where permitted by applicable law.

5. Purposes for Collection, Use, and Disclosure of Personal Data

We collect, use, and disclose your personal data for the following purposes. We will notify you of any new purposes and, where required under the PDPA, obtain your consent before processing your personal data for such new purposes.

5.1 Providing, Tailoring, and Improving the Services

We use your personal data to provide you with the Services, including to process your payments, fulfil your orders, remember your preferences, send notifications related to your account, process returns and exchanges, arrange for shipping, enable you to post reviews, and create a customised shopping experience for you.

5.2 Marketing and Advertising

With your consent (where required), we use your personal data for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message (including SMS and WhatsApp), or postal mail, and to show you online advertisements. You may opt out of receiving marketing communications at any time (see Section 10 below).

We comply with Singapore’s Do Not Call (“DNC”) Registry provisions. We will not send marketing messages to Singapore telephone numbers registered on the DNC Registry unless we have obtained your clear and unambiguous consent, or unless an applicable exception under the PDPA applies.

5.3 Security and Fraud Prevention

We use your personal data to authenticate your account, provide a secure payment and shopping experience, detect, investigate, or take action regarding possible fraudulent, illegal, unsafe, or malicious activity, and to secure our Services.

5.4 Communicating with You

We use your personal data to provide you with customer support, to respond to your queries, and to maintain our business relationship with you.

5.5 Legal and Compliance Purposes

We use your personal data to comply with applicable law, respond to valid legal process (including requests from law enforcement or government agencies), investigate or participate in civil discovery, litigation, or other adversarial legal proceedings, and to enforce or investigate potential violations of our terms or policies.

6. Disclosure of Personal Data

We may disclose your personal data to third parties in the following circumstances:

  • To Shopify and other vendors and third parties who perform services on our behalf (e.g., IT management, payment processing, data analytics, customer support, cloud storage, fulfilment, and shipping).

  • To business and marketing partners, with your consent where required, to provide marketing services and advertise to you. These partners will use your information in accordance with their own privacy policies.

  • When you direct, request, or otherwise consent to disclosure to third parties, such as to ship you products or through your use of social media integrations.

  • To our affiliates or otherwise within our corporate group, for internal administrative and business purposes.

  • In connection with a business transaction such as a merger, acquisition, or reorganisation.

  • To comply with applicable legal obligations, respond to lawful requests from authorities, enforce our terms, or protect our rights and the rights of our users.

We require third parties to whom we disclose your personal data to protect it to a standard comparable to the protection under the PDPA, including through contractual arrangements.

7. Relationship with Shopify

The Services are hosted by Shopify, which collects and processes personal data about your access to and use of the Services. Information you submit to the Services will be transmitted to and shared with Shopify, as well as third parties that may be located in countries other than Singapore. In addition, to improve our business, we use certain Shopify enhanced features that incorporate data obtained from your interactions with our Store and with Shopify.

Where Shopify processes your personal data as a data intermediary (processor) on our behalf, BEAMS-Singapore remains responsible for ensuring compliance with the PDPA. Where Shopify processes your personal data for its own purposes, Shopify is independently responsible for such processing. To learn more about how Shopify uses your personal data, please visit the Shopify Consumer Privacy Policy at https://privacy.shopify.com/en.

8. Cross-Border Transfers of Personal Data

Your personal data may be transferred, stored, and processed outside of Singapore, including in Japan (where BEAMS Co., Ltd. headquarters is located) and other countries where our service providers operate.

In accordance with Section 26 of the PDPA, we will ensure that the recipient of your personal data outside Singapore is bound by legally enforceable obligations to provide a standard of protection to the personal data that is comparable to the protection under the PDPA. This may be achieved through contractual arrangements, compliance with comparable data protection laws, or obtaining your consent for the transfer.

9. Cookies and Similar Technologies

We use cookies and similar tracking technologies (such as pixels, tags, and scripts) to collect and use information about your interactions with the Services. Cookies help us recognise you, remember your preferences, analyse site traffic, and personalise your experience.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the Services.

10. Your Rights and Choices

Under the PDPA, you have the following rights in relation to your personal data:

10.1 Right of Access

You may request access to your personal data that is in our possession or under our control, as well as information about the ways in which your personal data has been or may have been used or disclosed by us within the past year.

10.2 Right of Correction

You may request that we correct any error or omission in your personal data that is in our possession or under our control.

10.3 Right to Withdraw Consent

You may withdraw your consent for the collection, use, or disclosure of your personal data at any time by contacting our DPO. Upon receiving your request, we will inform you of the likely consequences of withdrawing your consent. Please note that withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, and we may continue to process your personal data where permitted or required by law.

10.4 Right to Data Portability

Where applicable and subject to conditions under the PDPA, you may request that we transmit a copy of your personal data to another organisation in a commonly used machine-readable format.

10.5 Managing Communication Preferences

We may send you promotional communications, and you may opt out of receiving these at any time by using the unsubscribe option in our emails or by contacting our DPO. If you opt out, we may still send you non-promotional communications such as those about your account or orders.

10.6 How to Exercise Your Rights

To exercise any of these rights, please contact our DPO using the contact details in Section 2 above. We will respond to your request within thirty (30) days of receiving it. We may need to verify your identity before processing your request. If we are unable to respond within 30 days, we will notify you of the extended timeframe.

We will not charge you a fee for processing your access or correction request unless the request is manifestly unfounded or excessive.

11. Retention of Personal Data

We will retain your personal data only for as long as it is necessary to fulfil the purposes for which it was collected, or as required by applicable law. When your personal data is no longer needed for any business or legal purpose, we will cease to retain it and will either delete or anonymise it.

Specific retention periods may vary depending on the nature of the data and the purposes for which it was collected. For example, transaction records may be retained for a period required by tax or financial regulations.

12. Protection of Personal Data

We implement reasonable security arrangements to protect your personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. These measures include, where appropriate, physical, technical, and organisational safeguards.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security. We recommend that you do not use unsecure channels to communicate sensitive or confidential information to us, and that you keep your account credentials safe.

13. Data Breach Notification

In the event of a data breach that is likely to result in significant harm to affected individuals, or involves personal data of a significant number of individuals, we will notify the Personal Data Protection Commission (“PDPC”) within three (3) calendar days of our assessment that the breach is notifiable. We will also notify affected individuals as soon as practicable where required under the PDPA.

14. Third-Party Websites and Links

The Services may provide links to websites or other online platforms operated by third parties. We are not responsible for the privacy or security practices of such third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

15. Children’s Data

The Services are not intended to be used by children, and we do not knowingly collect personal data from individuals under the age of 18. If you are a parent or guardian and believe that your child has provided us with personal data, please contact our DPO using the contact details in Section 2, and we will take steps to delete such data.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal, regulatory, or operational reasons. We will post the revised Privacy Policy on this website and update the “Last Updated” date. Where required under the PDPA, we will notify you of material changes and obtain your consent where necessary.

17. Complaints

If you have any complaints about how we handle your personal data, please contact our DPO using the contact details in Section 2. We will investigate your complaint and respond in a timely manner.

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC). Information about filing a complaint with the PDPC is available at https://www.pdpc.gov.sg.

18. Contact

Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please contact our Data Protection Officer:

Name: Kok Seng Chew

Email: philip@itsea.my

Address: 9 Raffles Place, #06-01 Republic Plaza, Singapore 048619