Privacy Policy | 3 Degrees

Last Updated : June 2026

1. Introduction

This Privacy Policy constitutes an agreement between you, the reader, and 3 Degrees App Pte Ltd (“3 Degrees,” “we,” “us,” or “our”), a company registered in Singapore with its principal office located at 1 Kim Seng Promenade #13-04, Great World City, Singapore 237994. By using our platform, you agree to the terms and conditions outlined in this Privacy Policy.

3 Degrees is committed to protecting your personal data and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data in compliance with the Personal Data Protection Act (PDPA) of Singapore. It explains our practices regarding the collection, use, disclosure, and protection of your personal data.

If you have any questions or concerns about this Privacy Policy or our data protection practices, please contact our Data Protection Officer (DPO) using the contact information provided in the Contact Information section below. By accessing and using our platform, you consent to the data practices described in this Privacy Policy. If you do not agree with any part of this Privacy Policy, please do not use our platform.

2. Scope of this Privacy Policy

This Privacy Policy applies to all personal data collected by 3 Degrees through our website, mobile applications, and any other services we provide. It covers information collected about our users, donors, charities, and other stakeholders. This policy explains our practices regarding the collection, use, disclosure, and protection of your personal data.

3. Collection of Personal Data

We collect personal data from you when you interact with our platform, including but not limited to the following situations:

Account Registration: When you create an account, we collect your name, email address, contact number, and other relevant information.
Campaign Creation and Donations: When you create a campaign or make a donation, we collect information related to the campaign and transaction, including payment details.
Communication: When you contact us for support or with inquiries, we collect information such as your name, email address, and the content of your communications.
Usage Data: We automatically collect information about your interactions with our platform, including IP addresses, browser types, operating systems, pages viewed, and the dates/times of your visits.
Cookies and Tracking Technologies

We use cookies and similar technologies to collect data on your usage patterns and preferences, including to improve functionality, enhance user experience, and analyze platform performance.

Types of Cookies:

Strictly Necessary Cookies: Required for the basic functioning of the platform (e.g., account login, donation processing).
Functional and Performance Cookies: Help us improve platform performance and remember your preferences.
Analytics and Marketing Cookies: Allow us to understand usage trends and provide personalized content or offers.

Managing Your Preferences:

You can manage or disable cookies through your browser settings at any time.
Where required, we will provide in-app or website cookie preference tools so that you can choose which types of cookies you allow, apart from those strictly necessary for the functioning of the platform.
Please note that disabling certain cookies may affect your ability to use some features of the platform.
Mobile App Tracking (iOS and Android): On our mobile apps, we may request your permission to track your activity across other companies’ apps and websites for advertising and measurement purposes. On Apple devices, this is done through Apple’s App Tracking Transparency (ATT) prompt. If you allow tracking, we and our partners may collect your device’s advertising identifier (such as Apple’s Identifier for Advertisers, or IDFA) and related usage data.
Advertising and Attribution Data: When you install or use our app after interacting with an online advertisement, or when you visit our website or app with certain URL parameters, we may collect advertising click identifiers (such as Google Ads, Meta/Facebook, Microsoft/Bing, TikTok, or LinkedIn click IDs) and campaign parameters (such as UTM tags). We use these identifiers, together with analytics tools such as Google Analytics, to measure the effectiveness of our marketing campaigns, attribute app installs and donations to advertising partners, and deliver more relevant content and offers.
Social Interactions: We collect data related to your social interactions on the platform, such as friend connections, in-app messages, and notifications.

We may also collect personal data from third parties or publicly available sources, where permissible under applicable laws.

4. Use of Personal Data

We use the personal data we collect for the following purposes:

Providing and Improving Services: To facilitate the creation and management of campaigns, process donations, and enhance the functionality of our platform.
Communications: To communicate with you regarding your account, respond to your inquiries, provide customer support, and send you updates about our services.
Personalization: To personalize your experience on our platform by remembering your preferences and customizing the content we provide.
Security and Compliance: To protect our platform, users, and stakeholders from fraud, abuse, and other illegal activities. This includes complying with legal obligations and regulatory requirements.
Analytics: To analyze usage patterns and trends to improve our platform's performance, user experience, and the services we offer.
Tracking and Advertising: Where permitted by you (including through Apple’s App Tracking Transparency on iOS), we use personal data and device identifiers to track your activity across third-party apps and websites for advertising, campaign measurement, and attribution. This may include sharing data with analytics and advertising partners such as Google and Meta so we can understand how users discover 3 Degrees, measure campaign performance, and improve our marketing.
Marketing: We may send you marketing communications about our services, offers, and events that may be of interest to you, but only if you have provided your explicit consent to receive such communications.

Separation of Communications:

Transactional or Service Communications (e.g., donation receipts, security alerts, account updates) are necessary for the use of our platform and will continue to be sent even if you opt out of marketing.

Marketing Communications (e.g., newsletters, promotional offers, event updates) will only be sent if you have opted in.

Unsubscribe Options:

You may withdraw your consent to receive marketing communications at any time by:
- Clicking the “unsubscribe” link included in each marketing email;
- Adjusting your communication preferences in-app under account settings; or
- Contacting our Data Protection Officer (DPO) directly.
Once you unsubscribe, we will stop sending you marketing communications within a reasonable period (typically within 7 business days).
Social Engagement & Profile Visibility:
- Your profile on 3 Degrees may display your donation history, which can be viewed by other users of the platform.
- You can manage your profile visibility through your privacy settings:
  - Public Profile: Your profile and donation history may be visible to all users of the platform.
  - Private Profile: Your profile and donation history will only be visible to your approved friends.
- Regardless of your profile setting, you may also choose to donate anonymously for individual donations, in which case those donations will not appear in your profile history.
- We may also send in-app or push notifications and display live activity streams to trigger engagement, such as notifying friends of your donation activities (unless you choose to donate anonymously) and allowing you to see your friends’ donation activities.

5. Automated Decision-Making & AI

Automated Decision-Making and Recommendations

Parts of our platform may use automated tools, algorithms, or artificial intelligence (AI) to personalize your experience, such as recommending content, suggesting connections, or ranking items in your feed.

No Solely Automated Decisions with Legal Impact: We do not make decisions that produce legal or similarly significant effects on you solely by automated means.
Transparency: If we introduce features that involve automated decision-making which could significantly affect you, we will notify you and explain how such processes work in clear terms.
Your Rights: You may contact our Data Protection Officer (DPO) if you wish to learn more about how these systems operate or to request human review where applicable.

6. Disclosure of Personal Data

We may disclose your personal data to third parties in the following circumstances:

Service Providers

We may share personal data with trusted third-party service providers who assist us in operating our platform, conducting our business, or providing services to you, such as payment processing, cloud hosting, analytics, and customer support. These service providers are bound by confidentiality and data protection obligations and are only permitted to use your data for the purposes specified by us.

Legal Requirements

We may disclose your personal data to comply with legal obligations, such as responding to subpoenas, court orders, or other legal processes, or to establish or exercise our legal rights or defend against legal claims.

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal data may be transferred as part of the transaction. We will notify you of any such change in ownership or control.

Protection of Rights

We may disclose your personal data when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or violations of our terms of service.

With Your Consent

We may share your personal data with third parties when you have provided your explicit consent.

Social Features

We may share your donation activities with your friends on the platform through notifications and live activity streams.

Anonymity Option: You may choose to donate anonymously at the time of making a donation, in which case your donation activity will not be visible to others.
Profile Settings: You can also manage your visibility preferences at any time through the privacy settings in your profile, allowing you to control whether your donation activities are shared by default.
Default Settings: By default, donation activity is shared only with your approved friends on the platform. You may change this default setting in your profile.

7. Consent

We obtain your consent before collecting, using, or disclosing your personal data, except where collection, use, or disclosure without consent is permitted or required by the PDPA or other laws. By providing your personal data to us, you consent to the collection, use, and disclosure of your personal data in accordance with this Privacy Policy.

Obtaining Consent:

Explicit Consent: We obtain explicit consent from you when you register on our platform, create or donate to a campaign, or otherwise provide us with your personal data.
Implied Consent: In certain situations, your consent may be implied through your actions, such as when you voluntarily provide personal data during communications with us, use social features, or when you use our platform.
Granular Consent: We distinguish between different types of communications:
- Service and Transactional Notifications (e.g., confirmations, donation receipts, security alerts): These are necessary for the functioning of your account and do not require separate consent.
- Marketing Communications (e.g., newsletters, promotional offers, updates about events): These will only be sent to you if you have separately opted in. You may withdraw this consent at any time.

Withdrawing Consent:

You may withdraw your consent for the collection, use, or disclosure of your personal data at any time by contacting our Data Protection Officer (DPO). Upon receiving your request, we will inform you of the likely consequences of withdrawing consent and will cease to collect, use, or disclose your personal data unless permitted or required by law.

Updating Consent:

If there are any changes to the purposes for which your personal data was collected, we will seek your consent for the new purposes before using your personal data in a manner consistent with the updated purposes.

8. Data Breach Notification

3 Degrees is committed to protecting your personal data and ensuring its security. In the event of a data breach that is likely to result in significant harm or impact to you, we will take the following steps:

1. Assessment and Containment: Immediately upon discovering a potential data breach, we will assess the situation, contain the breach to prevent further unauthorized access, and mitigate any potential harm.

2. Notification to PDPC: We will notify the Personal Data Protection Commission (PDPC) of the breach as soon as practicable, and in any case, no later than 72 hours after determining that a breach has occurred.

3. Notification to Affected Individuals: If the breach is likely to result in significant harm or impact, we will notify the affected individuals as soon as practicable. The notification will include:

A description of the data breach.
The type of personal data involved.
Steps taken to contain the breach and mitigate its impact.
Measures you can take to protect yourself from potential harm.
Contact information for further assistance.

4. Investigation and Remediation: We will conduct a thorough investigation to determine the cause of the breach and implement measures to prevent future occurrences. This may include enhancing security protocols, conducting staff training, and reviewing our data protection policies.

By adhering to these procedures, we ensure a prompt and effective response to any data breaches, minimizing the risk of harm to individuals and maintaining compliance with PDPA requirements.

9. Data Portability

Under the PDPA, you have the right to request the transfer of your personal data to another organization. This process is known as data portability. To facilitate this, 3 Degrees has established the following procedures:

1. Request Submission: To initiate a data portability request, please contact our Data Protection Officer (DPO) at the provided contact information. Your request should include sufficient details to identify the personal data you wish to be transferred and the organization to which the data should be sent.

2. Verification of Identity: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

3. Processing the Request: Once your identity is verified, we will process your request and prepare your personal data for transfer. We will ensure that the data is in a structured, commonly used, and machine-readable format.

4. Transfer of Data: We will transfer your personal data to the specified organization in a secure manner, using appropriate safeguards to protect the data during transit.

5. Notification: You will be notified once the transfer is complete. If there are any issues or delays in processing your request, we will inform you promptly.

Please note that data portability requests may be subject to certain exceptions under the PDPA, such as when the transfer of data would adversely affect the rights and freedoms of others or when it is not technically feasible.

10. Access to and Correction of Personal Data

You have the right to request access to and correction of the personal data that we hold about you. To exercise these rights, please follow the procedures outlined below:

Requesting Access to Personal Data:

1. Submission of Request: To request access to your personal data, contact our Data Protection Officer (DPO) at the provided contact information. Your request should include sufficient details to identify the personal data you are requesting access to.

2. Verification of Identity: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

3. Processing the Request: Once your identity is verified, we will process your request and provide you with a copy of your personal data. We will make reasonable efforts to respond to your request within 30 days. If additional time is needed, we will inform you of the reasons for the delay.

4. Fees: We may charge a reasonable fee for the processing of access requests to cover administrative costs. We will inform you of any fees before processing your request.

Requesting Correction of Personal Data:

1. Submission of Request: To request correction of your personal data, contact our DPO at the provided contact information. Your request should specify the data to be corrected and provide evidence to support the correction. Verification of Identity: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

2. Processing the Request: Once your identity is verified and the evidence for correction is reviewed, we will correct your personal data as requested. We will make reasonable efforts to respond to your request within 30 days. If additional time is needed, we will inform you of the reasons for the delay.

3. Notification of Changes: If we have shared your personal data with third parties, we will notify them of the correction, unless it is impractical or unlawful to do so.

Exceptions:

In certain situations, we may not be able to provide access to or correct your personal data as requested. For example, we may deny access if providing the data would reveal confidential commercial information or if it would infringe on the privacy of another individual. If we deny your request, we will provide you with the reasons for the denial.

11. Accountability and Governance

3 Degrees is committed to ensuring the accountability and governance of personal data protection within our organization. To achieve this, we have implemented the following measures:

Appointment of Data Protection Officer (DPO):

We have appointed a Data Protection Officer who is responsible for overseeing our data protection strategy and ensuring compliance with the PDPA. The DPO’s responsibilities include:

Developing and implementing data protection policies and practices.
Conducting regular audits and assessments to ensure compliance.
Providing training and guidance to employees on data protection matters.
Serving as the point of contact for data protection inquiries and requests.

Data Protection Policies and Practices:

We have established comprehensive data protection policies and practices to ensure the secure and lawful handling of personal data. These policies cover:

Data collection, use, and disclosure procedures.
Data storage and security measures.
Procedures for handling data breaches.
Guidelines for data retention and disposal.

Regular Audits and Assessments:

We conduct regular audits and assessments to evaluate our compliance with data protection laws and our internal policies. These audits help identify and mitigate potential risks to personal data.

Employee Training and Awareness:

We provide regular training and awareness programs for our employees to ensure they understand their responsibilities regarding data protection. This includes training on the PDPA, our internal policies, and best practices for data security.

Monitoring and Review:

We continuously monitor our data protection practices and review our policies to ensure they remain effective and up-to-date with changes in laws and technology. This proactive approach helps us maintain a high standard of data protection.

By implementing these measures, 3 Degrees demonstrates its commitment to accountability and governance in personal data protection, ensuring that your data is handled with the utmost care and compliance with the PDPA.

12. Protection of Personal Data

At 3 Degrees, we take the security of your personal data seriously and implement robust measures to protect it from unauthorized access, use, disclosure, alteration, or destruction. Our data protection measures include:

Technical Safeguards:

Encryption: We use industry-standard encryption technologies to protect your personal data during transmission and storage.
Access Controls: We implement strict access controls to ensure that only authorized personnel can access your personal data. This includes the use of unique user IDs and passwords, multi-factor authentication, and role-based access permissions.
Firewalls and Intrusion Detection Systems: Our systems are protected by firewalls and intrusion detection systems to prevent unauthorized access and monitor for suspicious activity.

Organizational Safeguards:

Data Protection Policies: We have established comprehensive data protection policies that outline our procedures for handling personal data securely.
Employee Training: We provide regular training to our employees on data protection best practices, ensuring they understand their responsibilities in safeguarding personal data.
Incident Response Plan: We have an incident response plan in place to address potential data breaches promptly and effectively. This includes procedures for containment, investigation, notification, and remediation.

Physical Safeguards:

Secure Facilities: Our data centers and offices are equipped with physical security measures, such as access controls, surveillance cameras, and alarm systems, to protect against unauthorized access.
Secure Disposal: We ensure that personal data is securely disposed of when it is no longer needed, using methods such as shredding, degaussing, or secure electronic deletion.

Social Features Protection:

Anonymity Options: Users can choose to donate anonymously, in which case their donation activity will not be published or sent to friends.
Privacy Controls: Users can manage their privacy settings to control what information is shared with friends and on the activity stream.

By implementing these technical, organizational, and physical safeguards, we strive to ensure the highest level of security for your personal data. However, please be aware that no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

13. Retention of Personal Data

3 Degrees retains your personal data only for as long as it is necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable laws. Our data retention practices include:

Purpose-Based Retention:

Service Provision: Personal data related to your account and transactions will be retained for as long as you maintain an active account with us and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.
Marketing and Communication: If you have consented to receive marketing communications from us, we will retain your contact information until you opt-out or withdraw your consent.

Legal and Regulatory Requirements:

We retain personal data as required by applicable laws and regulations, such as tax laws, financial reporting requirements, and other regulatory obligations.

Data Minimization and Disposal:

We regularly review the personal data we hold and ensure that it is relevant and necessary for our ongoing operations.
When personal data is no longer needed, we securely dispose of it using appropriate methods such as shredding, degaussing, or secure electronic deletion to prevent unauthorized access or use.

Record Keeping:

We maintain records of our data retention and disposal practices to demonstrate compliance with legal and regulatory requirements and our internal policies.

By adhering to these retention practices, 3 Degrees ensures that your personal data is kept only for as long as necessary and is securely disposed of when no longer needed.

14. Withdrawal of Consent

You have the right to withdraw your consent for the collection, use, or disclosure of your personal data at any time. The process for withdrawing consent is as follows:

Submitting a Request:

Contact: To withdraw your consent, please contact our Data Protection Officer (DPO) at the provided contact information. Your request should include sufficient details to identify your personal data and the specific consent you wish to withdraw.
Verification: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

Processing the Request:

Immediate Action: Upon receiving your request, we will cease the collection, use, or disclosure of your personal data for the specified purposes, unless the withdrawal of consent affects our ability to fulfill our obligations to you.
Notification: We will inform you of the likely consequences of withdrawing your consent, including how it may affect your ability to use certain features of our platform or receive certain services.
Record Updates: We will update our records to reflect your withdrawal of consent and ensure that your personal data is no longer used for the specified purposes.

Exceptions:

Legal and Contractual Obligations: Even after you withdraw your consent, we may retain your personal data if required or permitted by law. This includes retaining data necessary for legal or contractual obligations, such as financial records or data required for dispute resolution.
Processing Time: Please allow a reasonable period for us to process your withdrawal request and update our records. We will strive to complete this process as quickly as possible.

Continued Use of Services:

Impact on Services: Withdrawing consent may affect your ability to use certain features of our platform or receive certain services. We will inform you of any such impact and suggest alternative arrangements where possible.
On iOS, you can deny or revoke permission to track at any time via the App Tracking Transparency prompt when you first open the app, or later through Settings > Privacy & Security > Tracking on your device. Denying tracking limits our and our partners’ ability to link your activity across apps and websites for advertising purposes, but you can still use the core features of 3 Degrees.

By providing a clear process for withdrawing consent, 3 Degrees ensures that you have control over your personal data and can exercise your rights in accordance with the PDPA.

15. External Websites

Our platform may contain links to external websites that are not operated by 3 Degrees. This Privacy Policy applies solely to personal data collected by our platform, and we are not responsible for the privacy practices or content of these external websites.

External Website Policies:

Separate Privacy Policies: External websites may have their own privacy policies and practices, which may differ from those of 3 Degrees. We encourage you to review the privacy policies of any external websites you visit to understand their data protection practices.
No Endorsement: The inclusion of links to external websites on our platform does not imply endorsement of their content, products, or services by 3 Degrees.

Data Collection by External Websites:

Independent Data Collection: When you visit external websites through links provided on our platform, those websites may collect personal data from you independently of 3 Degrees. We do not control or monitor how your personal data is collected, used, or disclosed by these external websites.
Third-Party Responsibilities: Any personal data you provide to external websites is governed by their respective privacy policies. 3 Degrees is not responsible for any loss or damage arising from your interaction with these external websites.

Security and Privacy Concerns:

Potential Risks: Be aware that external websites may have different security measures in place, and accessing these websites may involve certain risks. Always exercise caution and use your discretion when sharing personal data with external websites.
Reporting Issues: If you encounter any issues or have concerns about the privacy practices of external websites linked from our platform, please let us know. We will consider your feedback in our ongoing efforts to provide a safe and secure user experience.

By informing you of our limited responsibility regarding external websites, we aim to help you make informed decisions about your online privacy and data security.

16. Children's Privacy

3 Degrees is committed to protecting the privacy of children. Our platform is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from children without verifiable parental or guardian consent.

Collection of Data from Children:

Parental Consent: If we become aware that we have inadvertently collected personal data from a child under the age of 18 without verifiable parental consent, we will take steps to delete such information from our records.
Parental Rights: When parental or guardian consent is required, we may request supporting documentation (e.g., signed consent form, copy of parent/guardian identification, or digital confirmation via email or app) to ensure consent is genuine.

Usage of Data:

In cases where parental or guardian consent is obtained, we will use the child’s data solely for the purposes for which it was collected and as agreed upon by the parent or guardian.
We will not use such data for marketing purposes without separate parental consent.

Protection Measures:

We implement appropriate security measures to protect children’s personal data, in accordance with this Privacy Policy and applicable laws.
Where possible, we will also provide simplified, plain-language explanations of how we use data, so that younger users can better understand our practices.

17. International Transfer of Personal Data

As part of our operations, 3 Degrees may transfer your personal data to countries outside of Singapore. When we do so, we ensure that your personal data remains protected in accordance with this Privacy Policy and applicable data protection laws.

Transfers to Third Parties:

Adequate Protection: We only transfer your personal data to third parties in countries that have been recognized to provide an adequate level of data protection, or where we have implemented appropriate safeguards to protect your data.
Standard Contractual Clauses: In the absence of an adequacy decision, we may use standard contractual clauses approved by relevant authorities to ensure that your personal data receives an adequate level of protection.

Data Storage and Processing:

Cloud Services: Your personal data may be stored and processed on servers located in different countries, including those outside of Singapore. We select reputable cloud service providers who comply with stringent data protection standards.
Data Centers: Our data centers are equipped with advanced security measures to protect your personal data from unauthorized access, use, or disclosure.

Your Rights and Protections:

Continuous Protection: Regardless of where your personal data is transferred, we ensure that it remains subject to the same high level of protection as required by Singapore's PDPA.
Informed Consent: By using our platform and providing your personal data, you consent to the international transfer, storage, and processing of your data as described in this Privacy Policy.

Monitoring and Compliance:

Regular Audits: We conduct regular audits of our international data transfer practices to ensure compliance with applicable laws and our internal policies.
Compliance with Regulations: We continuously monitor changes in data protection regulations to ensure that our practices remain compliant with legal requirements.

By implementing these measures, 3 Degrees ensures that your personal data is protected during international transfers, maintaining the highest standards of data security and privacy.

18. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Data Protection Officer (DPO) using the details provided below. We are committed to addressing your inquiries promptly and transparently.

Feedback and Complaints

Submitting Feedback: We value your feedback on our privacy practices and welcome any suggestions for improvement. Please send your feedback to our DPO using the contact information above.
Filing Complaints: If you believe that your privacy rights have been violated or if you have any complaints regarding our handling of your personal data, please contact our DPO.
Resolution Timeline: We aim to acknowledge all complaints within 7 business days and to provide a substantive response or resolution within 30 business days. If additional time is needed, we will inform you of the reasons and expected timeline.

19. Changes to this Privacy Policy

3 Degrees reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or other factors. When we make significant changes, we will notify you through appropriate channels, such as our platform or by email.

Notification of Changes:

Significant Changes: If we make significant changes to this Privacy Policy, we will provide a clear and conspicuous notice on our platform or notify you by email. The notice will include a summary of the changes and their effective date.
Minor Changes: For minor changes that do not materially affect your rights, we may not provide individual notifications but will update the Privacy Policy on our platform.

Effective Date:

Implementation: The updated Privacy Policy will become effective on the date specified in the notice. By continuing to use our platform after the effective date, you consent to the updated Privacy Policy.

Review and Acceptance:

Periodic Review: We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data. Your continued use of our platform constitutes your acceptance of any changes to this Privacy Policy.
Questions and Concerns: If you have any questions or concerns about changes to this Privacy Policy, please contact our Data Protection Officer (DPO) using the contact information provided in the Contact Information section.

By keeping you informed of any changes to this Privacy Policy, 3 Degrees ensures transparency and maintains your trust in our data protection practices.

About 3 Degrees

FAQ

Last Updated : June 2026

1. Introduction

2. Scope of this Privacy Policy

3. Collection of Personal Data

We collect personal data from you when you interact with our platform, including but not limited to the following situations:

Account Registration: When you create an account, we collect your name, email address, contact number, and other relevant information.
Campaign Creation and Donations: When you create a campaign or make a donation, we collect information related to the campaign and transaction, including payment details.
Communication: When you contact us for support or with inquiries, we collect information such as your name, email address, and the content of your communications.
Usage Data: We automatically collect information about your interactions with our platform, including IP addresses, browser types, operating systems, pages viewed, and the dates/times of your visits.
Cookies and Tracking Technologies

We use cookies and similar technologies to collect data on your usage patterns and preferences, including to improve functionality, enhance user experience, and analyze platform performance.

Types of Cookies:

Strictly Necessary Cookies: Required for the basic functioning of the platform (e.g., account login, donation processing).
Functional and Performance Cookies: Help us improve platform performance and remember your preferences.
Analytics and Marketing Cookies: Allow us to understand usage trends and provide personalized content or offers.

Managing Your Preferences:

You can manage or disable cookies through your browser settings at any time.
Where required, we will provide in-app or website cookie preference tools so that you can choose which types of cookies you allow, apart from those strictly necessary for the functioning of the platform.
Please note that disabling certain cookies may affect your ability to use some features of the platform.
Mobile App Tracking (iOS and Android): On our mobile apps, we may request your permission to track your activity across other companies’ apps and websites for advertising and measurement purposes. On Apple devices, this is done through Apple’s App Tracking Transparency (ATT) prompt. If you allow tracking, we and our partners may collect your device’s advertising identifier (such as Apple’s Identifier for Advertisers, or IDFA) and related usage data.
Advertising and Attribution Data: When you install or use our app after interacting with an online advertisement, or when you visit our website or app with certain URL parameters, we may collect advertising click identifiers (such as Google Ads, Meta/Facebook, Microsoft/Bing, TikTok, or LinkedIn click IDs) and campaign parameters (such as UTM tags). We use these identifiers, together with analytics tools such as Google Analytics, to measure the effectiveness of our marketing campaigns, attribute app installs and donations to advertising partners, and deliver more relevant content and offers.
Social Interactions: We collect data related to your social interactions on the platform, such as friend connections, in-app messages, and notifications.

We may also collect personal data from third parties or publicly available sources, where permissible under applicable laws.

4. Use of Personal Data

We use the personal data we collect for the following purposes:

Providing and Improving Services: To facilitate the creation and management of campaigns, process donations, and enhance the functionality of our platform.
Communications: To communicate with you regarding your account, respond to your inquiries, provide customer support, and send you updates about our services.
Personalization: To personalize your experience on our platform by remembering your preferences and customizing the content we provide.
Security and Compliance: To protect our platform, users, and stakeholders from fraud, abuse, and other illegal activities. This includes complying with legal obligations and regulatory requirements.
Analytics: To analyze usage patterns and trends to improve our platform's performance, user experience, and the services we offer.
Tracking and Advertising: Where permitted by you (including through Apple’s App Tracking Transparency on iOS), we use personal data and device identifiers to track your activity across third-party apps and websites for advertising, campaign measurement, and attribution. This may include sharing data with analytics and advertising partners such as Google and Meta so we can understand how users discover 3 Degrees, measure campaign performance, and improve our marketing.
Marketing: We may send you marketing communications about our services, offers, and events that may be of interest to you, but only if you have provided your explicit consent to receive such communications.

Separation of Communications:

Marketing Communications (e.g., newsletters, promotional offers, event updates) will only be sent if you have opted in.

Unsubscribe Options:

You may withdraw your consent to receive marketing communications at any time by:
- Clicking the “unsubscribe” link included in each marketing email;
- Adjusting your communication preferences in-app under account settings; or
- Contacting our Data Protection Officer (DPO) directly.
Once you unsubscribe, we will stop sending you marketing communications within a reasonable period (typically within 7 business days).
Social Engagement & Profile Visibility:
- Your profile on 3 Degrees may display your donation history, which can be viewed by other users of the platform.
- You can manage your profile visibility through your privacy settings:
  - Public Profile: Your profile and donation history may be visible to all users of the platform.
  - Private Profile: Your profile and donation history will only be visible to your approved friends.
- Regardless of your profile setting, you may also choose to donate anonymously for individual donations, in which case those donations will not appear in your profile history.
- We may also send in-app or push notifications and display live activity streams to trigger engagement, such as notifying friends of your donation activities (unless you choose to donate anonymously) and allowing you to see your friends’ donation activities.

5. Automated Decision-Making & AI

Automated Decision-Making and Recommendations

No Solely Automated Decisions with Legal Impact: We do not make decisions that produce legal or similarly significant effects on you solely by automated means.
Transparency: If we introduce features that involve automated decision-making which could significantly affect you, we will notify you and explain how such processes work in clear terms.
Your Rights: You may contact our Data Protection Officer (DPO) if you wish to learn more about how these systems operate or to request human review where applicable.

6. Disclosure of Personal Data

We may disclose your personal data to third parties in the following circumstances:

Service Providers

Legal Requirements

Business Transfers

Protection of Rights

With Your Consent

We may share your personal data with third parties when you have provided your explicit consent.

Social Features

We may share your donation activities with your friends on the platform through notifications and live activity streams.

Anonymity Option: You may choose to donate anonymously at the time of making a donation, in which case your donation activity will not be visible to others.
Profile Settings: You can also manage your visibility preferences at any time through the privacy settings in your profile, allowing you to control whether your donation activities are shared by default.
Default Settings: By default, donation activity is shared only with your approved friends on the platform. You may change this default setting in your profile.

7. Consent

Obtaining Consent:

Explicit Consent: We obtain explicit consent from you when you register on our platform, create or donate to a campaign, or otherwise provide us with your personal data.
Implied Consent: In certain situations, your consent may be implied through your actions, such as when you voluntarily provide personal data during communications with us, use social features, or when you use our platform.
Granular Consent: We distinguish between different types of communications:
- Service and Transactional Notifications (e.g., confirmations, donation receipts, security alerts): These are necessary for the functioning of your account and do not require separate consent.
- Marketing Communications (e.g., newsletters, promotional offers, updates about events): These will only be sent to you if you have separately opted in. You may withdraw this consent at any time.

Withdrawing Consent:

Updating Consent:

8. Data Breach Notification

A description of the data breach.
The type of personal data involved.
Steps taken to contain the breach and mitigate its impact.
Measures you can take to protect yourself from potential harm.
Contact information for further assistance.

By adhering to these procedures, we ensure a prompt and effective response to any data breaches, minimizing the risk of harm to individuals and maintaining compliance with PDPA requirements.

9. Data Portability

2. Verification of Identity: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

4. Transfer of Data: We will transfer your personal data to the specified organization in a secure manner, using appropriate safeguards to protect the data during transit.

5. Notification: You will be notified once the transfer is complete. If there are any issues or delays in processing your request, we will inform you promptly.

10. Access to and Correction of Personal Data

You have the right to request access to and correction of the personal data that we hold about you. To exercise these rights, please follow the procedures outlined below:

Requesting Access to Personal Data:

2. Verification of Identity: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

4. Fees: We may charge a reasonable fee for the processing of access requests to cover administrative costs. We will inform you of any fees before processing your request.

Requesting Correction of Personal Data:

3. Notification of Changes: If we have shared your personal data with third parties, we will notify them of the correction, unless it is impractical or unlawful to do so.

Exceptions:

11. Accountability and Governance

3 Degrees is committed to ensuring the accountability and governance of personal data protection within our organization. To achieve this, we have implemented the following measures:

Appointment of Data Protection Officer (DPO):

We have appointed a Data Protection Officer who is responsible for overseeing our data protection strategy and ensuring compliance with the PDPA. The DPO’s responsibilities include:

Developing and implementing data protection policies and practices.
Conducting regular audits and assessments to ensure compliance.
Providing training and guidance to employees on data protection matters.
Serving as the point of contact for data protection inquiries and requests.

Data Protection Policies and Practices:

We have established comprehensive data protection policies and practices to ensure the secure and lawful handling of personal data. These policies cover:

Data collection, use, and disclosure procedures.
Data storage and security measures.
Procedures for handling data breaches.
Guidelines for data retention and disposal.

Regular Audits and Assessments:

We conduct regular audits and assessments to evaluate our compliance with data protection laws and our internal policies. These audits help identify and mitigate potential risks to personal data.

Employee Training and Awareness:

Monitoring and Review:

12. Protection of Personal Data

Technical Safeguards:

Encryption: We use industry-standard encryption technologies to protect your personal data during transmission and storage.
Access Controls: We implement strict access controls to ensure that only authorized personnel can access your personal data. This includes the use of unique user IDs and passwords, multi-factor authentication, and role-based access permissions.
Firewalls and Intrusion Detection Systems: Our systems are protected by firewalls and intrusion detection systems to prevent unauthorized access and monitor for suspicious activity.

Organizational Safeguards:

Data Protection Policies: We have established comprehensive data protection policies that outline our procedures for handling personal data securely.
Employee Training: We provide regular training to our employees on data protection best practices, ensuring they understand their responsibilities in safeguarding personal data.
Incident Response Plan: We have an incident response plan in place to address potential data breaches promptly and effectively. This includes procedures for containment, investigation, notification, and remediation.

Physical Safeguards:

Secure Facilities: Our data centers and offices are equipped with physical security measures, such as access controls, surveillance cameras, and alarm systems, to protect against unauthorized access.
Secure Disposal: We ensure that personal data is securely disposed of when it is no longer needed, using methods such as shredding, degaussing, or secure electronic deletion.

Social Features Protection:

Anonymity Options: Users can choose to donate anonymously, in which case their donation activity will not be published or sent to friends.
Privacy Controls: Users can manage their privacy settings to control what information is shared with friends and on the activity stream.

13. Retention of Personal Data

Purpose-Based Retention:

Service Provision: Personal data related to your account and transactions will be retained for as long as you maintain an active account with us and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements.
Marketing and Communication: If you have consented to receive marketing communications from us, we will retain your contact information until you opt-out or withdraw your consent.

Legal and Regulatory Requirements:

We retain personal data as required by applicable laws and regulations, such as tax laws, financial reporting requirements, and other regulatory obligations.

Data Minimization and Disposal:

We regularly review the personal data we hold and ensure that it is relevant and necessary for our ongoing operations.
When personal data is no longer needed, we securely dispose of it using appropriate methods such as shredding, degaussing, or secure electronic deletion to prevent unauthorized access or use.

Record Keeping:

We maintain records of our data retention and disposal practices to demonstrate compliance with legal and regulatory requirements and our internal policies.

By adhering to these retention practices, 3 Degrees ensures that your personal data is kept only for as long as necessary and is securely disposed of when no longer needed.

14. Withdrawal of Consent

You have the right to withdraw your consent for the collection, use, or disclosure of your personal data at any time. The process for withdrawing consent is as follows:

Submitting a Request:

Contact: To withdraw your consent, please contact our Data Protection Officer (DPO) at the provided contact information. Your request should include sufficient details to identify your personal data and the specific consent you wish to withdraw.
Verification: We will verify your identity to ensure that the request is legitimate. This may involve requesting additional information or documentation from you.

Processing the Request:

Immediate Action: Upon receiving your request, we will cease the collection, use, or disclosure of your personal data for the specified purposes, unless the withdrawal of consent affects our ability to fulfill our obligations to you.
Notification: We will inform you of the likely consequences of withdrawing your consent, including how it may affect your ability to use certain features of our platform or receive certain services.
Record Updates: We will update our records to reflect your withdrawal of consent and ensure that your personal data is no longer used for the specified purposes.

Exceptions:

Legal and Contractual Obligations: Even after you withdraw your consent, we may retain your personal data if required or permitted by law. This includes retaining data necessary for legal or contractual obligations, such as financial records or data required for dispute resolution.
Processing Time: Please allow a reasonable period for us to process your withdrawal request and update our records. We will strive to complete this process as quickly as possible.

Continued Use of Services:

Impact on Services: Withdrawing consent may affect your ability to use certain features of our platform or receive certain services. We will inform you of any such impact and suggest alternative arrangements where possible.
On iOS, you can deny or revoke permission to track at any time via the App Tracking Transparency prompt when you first open the app, or later through Settings > Privacy & Security > Tracking on your device. Denying tracking limits our and our partners’ ability to link your activity across apps and websites for advertising purposes, but you can still use the core features of 3 Degrees.

By providing a clear process for withdrawing consent, 3 Degrees ensures that you have control over your personal data and can exercise your rights in accordance with the PDPA.

15. External Websites

External Website Policies:

Separate Privacy Policies: External websites may have their own privacy policies and practices, which may differ from those of 3 Degrees. We encourage you to review the privacy policies of any external websites you visit to understand their data protection practices.
No Endorsement: The inclusion of links to external websites on our platform does not imply endorsement of their content, products, or services by 3 Degrees.

Data Collection by External Websites:

Independent Data Collection: When you visit external websites through links provided on our platform, those websites may collect personal data from you independently of 3 Degrees. We do not control or monitor how your personal data is collected, used, or disclosed by these external websites.
Third-Party Responsibilities: Any personal data you provide to external websites is governed by their respective privacy policies. 3 Degrees is not responsible for any loss or damage arising from your interaction with these external websites.

Security and Privacy Concerns:

Potential Risks: Be aware that external websites may have different security measures in place, and accessing these websites may involve certain risks. Always exercise caution and use your discretion when sharing personal data with external websites.
Reporting Issues: If you encounter any issues or have concerns about the privacy practices of external websites linked from our platform, please let us know. We will consider your feedback in our ongoing efforts to provide a safe and secure user experience.

By informing you of our limited responsibility regarding external websites, we aim to help you make informed decisions about your online privacy and data security.

16. Children's Privacy

Collection of Data from Children:

Parental Consent: If we become aware that we have inadvertently collected personal data from a child under the age of 18 without verifiable parental consent, we will take steps to delete such information from our records.
Parental Rights: When parental or guardian consent is required, we may request supporting documentation (e.g., signed consent form, copy of parent/guardian identification, or digital confirmation via email or app) to ensure consent is genuine.

Usage of Data:

In cases where parental or guardian consent is obtained, we will use the child’s data solely for the purposes for which it was collected and as agreed upon by the parent or guardian.
We will not use such data for marketing purposes without separate parental consent.

Protection Measures:

We implement appropriate security measures to protect children’s personal data, in accordance with this Privacy Policy and applicable laws.
Where possible, we will also provide simplified, plain-language explanations of how we use data, so that younger users can better understand our practices.

17. International Transfer of Personal Data

Transfers to Third Parties:

Adequate Protection: We only transfer your personal data to third parties in countries that have been recognized to provide an adequate level of data protection, or where we have implemented appropriate safeguards to protect your data.
Standard Contractual Clauses: In the absence of an adequacy decision, we may use standard contractual clauses approved by relevant authorities to ensure that your personal data receives an adequate level of protection.

Data Storage and Processing:

Cloud Services: Your personal data may be stored and processed on servers located in different countries, including those outside of Singapore. We select reputable cloud service providers who comply with stringent data protection standards.
Data Centers: Our data centers are equipped with advanced security measures to protect your personal data from unauthorized access, use, or disclosure.

Your Rights and Protections:

Continuous Protection: Regardless of where your personal data is transferred, we ensure that it remains subject to the same high level of protection as required by Singapore's PDPA.
Informed Consent: By using our platform and providing your personal data, you consent to the international transfer, storage, and processing of your data as described in this Privacy Policy.

Monitoring and Compliance:

Regular Audits: We conduct regular audits of our international data transfer practices to ensure compliance with applicable laws and our internal policies.
Compliance with Regulations: We continuously monitor changes in data protection regulations to ensure that our practices remain compliant with legal requirements.

By implementing these measures, 3 Degrees ensures that your personal data is protected during international transfers, maintaining the highest standards of data security and privacy.

18. Contact Information

Feedback and Complaints

Submitting Feedback: We value your feedback on our privacy practices and welcome any suggestions for improvement. Please send your feedback to our DPO using the contact information above.
Filing Complaints: If you believe that your privacy rights have been violated or if you have any complaints regarding our handling of your personal data, please contact our DPO.
Resolution Timeline: We aim to acknowledge all complaints within 7 business days and to provide a substantive response or resolution within 30 business days. If additional time is needed, we will inform you of the reasons and expected timeline.

19. Changes to this Privacy Policy

Notification of Changes:

Significant Changes: If we make significant changes to this Privacy Policy, we will provide a clear and conspicuous notice on our platform or notify you by email. The notice will include a summary of the changes and their effective date.
Minor Changes: For minor changes that do not materially affect your rights, we may not provide individual notifications but will update the Privacy Policy on our platform.

Effective Date:

Implementation: The updated Privacy Policy will become effective on the date specified in the notice. By continuing to use our platform after the effective date, you consent to the updated Privacy Policy.

Review and Acceptance:

Periodic Review: We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data. Your continued use of our platform constitutes your acceptance of any changes to this Privacy Policy.
Questions and Concerns: If you have any questions or concerns about changes to this Privacy Policy, please contact our Data Protection Officer (DPO) using the contact information provided in the Contact Information section.

By keeping you informed of any changes to this Privacy Policy, 3 Degrees ensures transparency and maintains your trust in our data protection practices.

About 3 Degrees

FAQ