Privacy Policy of ToCa.Gg

Last Updated: 1st Sept 2025

ToCa.Gg (“Company,” “we,” “our,” or “us”) values your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website, applications, and related services (collectively, the “Service”). By accessing or using the Service, you agree to this Policy. If you do not agree, please discontinue use of the Service.

1. Eligibility

The Service is intended for users 18 years of age or older. We do not knowingly collect data from children under 18. If such information is discovered, we will delete it promptly.

2. Information We Collect

Information You Provide

We may collect the following categories of information you provide directly to us:

Contact Data: name, email, phone number, mailing/billing address.
Demographic Data: age, city, state, country of residence.
Account Data: username, wallet address, passwords, profile information, linked social accounts.
Financial Data: payment details, bank or wallet information, transaction history.
Credit System Data: top-up history, withdrawal requests, balances, and usage of Credits on the Platform.
User-Generated Content: profile pictures, comments, uploads, NFTs, cards, and other content you submit.
Communications: messages or interactions with customer support.

Information From Third Parties

We may receive information about you from:

Public sources (blockchain data, government records, social media).
Marketplaces & Partners (NFT/card platforms, affiliates, or payment processors).
Data providers or marketing partners.
Linked third-party services (when you log in through another platform).

Information Collected Automatically

We, and our service providers, may automatically collect:

Token Activity Data: blockchain wallet interactions, purchase history, transfers, and other on-chain activity linked to your use of the Service.
Credit System Logs: automated records of credit-related transactions, including confirmations, balances, and system-generated withdrawal or error reports.
Device Data: operating system, device model, browser, IP address, identifiers.
Usage Data: pages visited, time on site, navigation, clicks, access times, and interactions.
Location Data: approximate geographic location (if enabled).
Cookies & Tracking Technologies: cookies, pixel tags, local storage, and SDKs for functionality, analytics, personalization, and advertising.

3. How We Use Information

We may use personal information to:

Provide, operate, and improve the Service.
Establish and maintain your account or profile.
Facilitate card/NFT transactions, token trades, credit top-ups, withdrawals, and related activities.
Personalize your experience and communications.
Communicate with you about updates, security, promotions, and support.
Detect and prevent fraud, unauthorized use, and illegal activities.
Analyze token- and credit-related activity to verify accounts, prevent abuse, and recognize participation for promotional benefits.
Comply with legal and regulatory obligations.
Conduct research, analytics, and service improvements.
With your consent, send marketing or promotional communications in compliance with Singapore’s Spam Control Act.
Create aggregated, anonymized, or de-identified data for business purposes.

4. How We Share Information

We do not sell your personal information. We may share information as follows:

Service Providers: vendors providing hosting, payment processing, analytics, support, or security.
Marketplace, Payment, and Credit Platforms: to facilitate digital purchases, sales, credit top-ups, or withdrawals.
Affiliates & Partners: within our corporate group or trusted marketing relationships.
Professional Advisors: lawyers, auditors, or consultants under confidentiality.
Authorities: law enforcement or regulators when required under Singapore law or applicable regulations.
Business Transfers: in case of merger, acquisition, or sale of assets.
Other Users & the Public: if you choose to share content publicly (e.g., profiles, comments, NFTs).
With Consent: when you explicitly authorize.

5. Your Choices & Rights

Access & Correction

You may request access to, or correction of, the personal data we hold about you, as permitted under the Personal Data Protection Act (PDPA). We may charge a reasonable administrative fee for such requests.

Withdrawal of Consent

You may withdraw consent to our collection, use, or disclosure of your personal data at any time, subject to legal or contractual restrictions. Upon withdrawal, we will cease to use or disclose your personal data unless required by law.

Marketing Consent

You may withdraw consent or unsubscribe from marketing communications at any time by using the opt-out mechanisms provided in our messages or contacting us directly.

Cookies

You can manage cookies through your browser settings, but some features may not function properly without them.

Third-Party Accounts

If you connect a third-party account, you may adjust sharing settings through that service.

6. Data Transfers

ToCa.Gg operates in Singapore but may transfer personal data internationally. Where data is transferred outside Singapore, ToCa.Gg ensures that such recipients are bound by legally enforceable obligations to provide a standard of protection comparable to that under Singapore’s PDPA, including contractual clauses or certifications.

7. Data Security

We take measures to protect personal information, including encryption, restricted access, and monitoring. However, no system is completely secure, and we cannot guarantee absolute security.

8. Data Breach Notification

In the event of a data breach that is likely to result in significant harm or impact to individuals, ToCa.Gg will notify affected individuals and the Personal Data Protection Commission (PDPC) in accordance with the PDPA.

9. Data Retention

We keep personal information only as long as necessary to:

Provide the Service,
Comply with legal obligations,
Resolve disputes, and
Enforce agreements.

When personal data is no longer required, we will securely delete or anonymize it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be effective when posted. Your continued use of the Service after updates means you accept the revised Policy.

11. Contact Us

For any privacy-related inquiries or requests, please open a support ticket via our official Discord at discord.gg/tcg You may also reach us through the official communication channels listed on our website.