Effective Date: December 12, 2025 | Last Updated: December 12, 2025
1. INTRODUCTION
Lions Agentix Pte. Ltd. ("Company," "we," "us," or "our"), operating the mark8place.com platform (the "Platform"), is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.
We are incorporated in Singapore and maintain our principal place of business at 10 Marina Boulevard, Singapore 018983. As a global marketplace, we comply with applicable data protection laws including:
Singapore Personal Data Protection Act 2012 (PDPA)
European Union General Data Protection Regulation (GDPR)
United Kingdom General Data Protection Regulation (UK GDPR)
California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
Australian Privacy Act 1988
Brazilian General Data Protection Law (LGPD)
EU Digital Services Act (DSA) transparency requirements
This Privacy Policy explains the legal bases for our data processing activities in Section 4. We process your personal data based on different legal grounds depending on the purpose, including contract performance, legal obligations, legitimate interests, and where applicable, your consent for specific activities. Throughout this Privacy Policy, we use the term "personal data" (as used in GDPR and UK GDPR), which also encompasses "personal information" as defined under the California Consumer Privacy Act (CCPA/CPRA) and similar terms used in other jurisdictions.
1A. DEFINITIONS
The following terms have the meanings set forth below. Capitalized terms not defined here have the meanings given in our Terms of Service (available at mark8place.com/terms).
"Affiliate" means any User who participates in the Mark8place Affiliate Program to earn commissions by referring new Buyers or Vendors to the Platform.
"Buyer" means any User who purchases Products or Services through the Platform.
"Personal Data" means any information relating to an identified or identifiable natural person. This includes "personal information" under CCPA, "personal data" under GDPR/UK GDPR/LGPD, and equivalent terms under other privacy laws.
"Platform" means mark8place.com, including all related websites, subdomains, Vendor Individual Storefront Websites, mobile applications, and APIs operated by the Company.
"Processing" means any operation performed on personal data, including collection, storage, use, disclosure, transfer, and deletion.
"Transaction" means any purchase, booking, rental, service engagement, or other commercial exchange facilitated through the Platform.
"User" means any individual who accesses or uses the Platform, including Buyers, Vendors, and Affiliates.
"Vendor" means any User who offers Products or Services for sale through the Platform, including merchants, sellers, and service providers.
2. DATA CONTROLLER INFORMATION
For the purposes of applicable data protection laws, Lions Agentix Pte. Ltd. is the data controller responsible for your personal data. Our Data Protection Officer can be contacted at:
Data Protection Officer
Lions Agentix Pte. Ltd.
10 Marina Boulevard, Singapore 018983
Email: privacy@mark8place.com
2.1 EU Representative (GDPR Article 27)
We are established in Singapore and are currently focused on serving users in the Asia-Pacific region. As of the effective date of this Privacy Policy, we have not yet appointed an EU Representative under Article 27 of the General Data Protection Regulation.
Commitment to Comply: Within 30 days of our first user (whether Buyer or Vendor) from the European Union registering on the Platform, we will appoint an EU Representative and update this section with their name, address, and contact details. The representative will be established in an EU Member State and authorised to act on our behalf regarding GDPR compliance matters, including receiving communications from EU supervisory authorities and data subjects exercising their rights.
In the interim, EU residents with data protection inquiries may contact our Data Protection Officer at privacy@mark8place.com.
2.2 UK Representative (UK GDPR Article 27)
We are established in Singapore and are currently focused on serving users in the Asia-Pacific region. As of the effective date of this Privacy Policy, we have not yet appointed a UK Representative under Article 27 of the UK GDPR.
Commitment to Comply: Within 30 days of our first user (whether Buyer or Vendor) from the United Kingdom registering on the Platform, we will appoint a UK Representative and update this section with their name, address, and contact details. The representative will be established in the United Kingdom and authorised to act on our behalf regarding UK GDPR compliance matters, including receiving communications from the Information Commissioner's Office (ICO) and UK data subjects exercising their rights.
In the interim, UK residents with data protection inquiries may contact our Data Protection Officer at privacy@mark8place.com.
3. INFORMATION WE COLLECT
3.1 Information You Provide Directly
Account Registration Information:
Full name and contact details (email address, phone number)
Username and password
Physical address (for shipping and verification purposes)
Date of birth (for age verification)
Profile photo (optional)
Vendor/Seller Verification Information (for KYC/KYBC compliance):
Government-issued identification documents
Business registration details and documentation
Tax identification numbers
Bank account and financial information
Proof of address documentation
Trader/non-trader status declaration (for DSA compliance)
Transaction Information:
Purchase history and order details
Payment method information (processed securely via Stripe, PayPal, Razorpay, Xendit, PayMongo, or other approved payment gateways as specified in our Terms of Service)
Shipping addresses and preferences
Communication with other Users
User-Generated Content:
Product listings and descriptions
Reviews, ratings, and feedback
Messages and communications
Profile information and biographical details
3.2 Information Collected Automatically
Device and Technical Information:
IP address and geolocation data
Device type, operating system, and browser information
Unique device identifiers
Mobile network information
Usage Information:
Pages visited and time spent on the Platform
Search queries and browsing patterns
Clickstream data and navigation paths
Referral sources and exit pages
3.3 Information from Third Parties
Payment Processors (Stripe, PayPal, Razorpay, Xendit, PayMongo, and other approved gateways): Transaction status, verification results, fraud indicators, KYC verification outcomes
Delivery Service Providers: Delivery status, tracking information, proof of delivery
Identity Verification Services: Verification results and risk assessments
Product Safety Databases: Information from EU Safety Gate and recall databases
Analytics Providers: Aggregated usage statistics and performance metrics
3.4 Social Login Data
If you register or sign in using a social login provider, we receive the following data:
Google Sign-In: Email address, name, profile picture, Google account ID
Apple Sign-In: Email address (or Apple's private relay email), name, Apple user ID. Apple may hide your real email address.
Facebook Login: Email address, name, profile picture, Facebook user ID
To disconnect a social login:
Go to Account Settings → Connected Accounts → Disconnect
Set a password for your account before disconnecting to maintain access
Revoke access in your social platform's settings (Google Account, Apple ID, or Facebook Settings)
We do not receive your social media password or post to your social accounts without explicit permission.
3.5 Biometric Data (Identity Verification)
For Vendor identity verification (KYC) and certain high-value Buyer transactions, our identity verification partners may process biometric data:
Facial Recognition: Comparing a selfie photo to your identity document to verify you are the document holder
Liveness Detection: Verifying that the person is physically present (not a photo or video replay)
Document Authenticity: Analyzing security features of identity documents
Important disclosures:
Consent Required: We obtain your explicit consent before collecting biometric data
Purpose Limitation: Biometric data is used solely for identity verification, not for surveillance or tracking
Retention: Biometric identifiers are deleted within 3 years or upon account deletion, whichever is earlier (in compliance with BIPA and GDPR requirements)
Third-Party Processing: Biometric verification is performed by Stripe Identity or similar certified providers under strict data processing agreements
Your Rights: You may request deletion of biometric data at any time by contacting privacy@mark8place.com
Illinois Residents (BIPA Notice): Under the Illinois Biometric Information Privacy Act, you have specific rights regarding biometric data. We will not sell, lease, trade, or profit from your biometric data. Contact privacy@mark8place.com for a written copy of our biometric data retention and destruction policy.
3.6 Affiliate Program Data
If you participate in the Mark8place Affiliate Program, we collect and process the following additional information:
Affiliate Account Information:
Affiliate application details and marketing channels (website, social media, etc.)
Tax identification information (where required for commission payments)
Payout preferences and bank account or payment provider details for commission disbursement
Referral Tracking and Performance Data:
Unique affiliate referral codes and tracking links
Click-through data, conversion rates, and referral sources
Commission earnings, payment history, and payout records
Referral cookies (typically 30-90 days duration) to attribute conversions to your affiliate account
Data Shared with Affiliates: To protect user privacy, affiliates receive only limited information about their referrals: (a) whether a referral resulted in a successful registration or purchase (conversion status); (b) the commission amount earned; and (c) aggregated performance statistics. Affiliates do not receive personal details of referred users such as names, email addresses, or specific purchase information.
Retention: Affiliate performance data and commission records are retained for 7 years after the affiliate relationship ends for tax and audit purposes. Referral tracking cookies expire according to their specified duration (displayed in Section 9).
4. HOW WE USE YOUR INFORMATION
4.1 Legal Bases for Processing
Purpose
Legal Basis (GDPR/PDPA)
Account creation and management
Contract performance; Consent
Processing transactions
Contract performance
Identity verification (KYC/KYBC)
Legal obligation; Contract performance
DSA/INFORM Act compliance
Legal obligation
Product safety (GPSR compliance)
Legal obligation; Legitimate interest
Customer support
Contract performance; Legitimate interest
Fraud prevention and security
Legitimate interest; Legal obligation
Marketing communications
Consent; Legitimate interest
Platform improvement and analytics
Legitimate interest
Transparency reporting (DSA)
Legal obligation
4.2 Specific Uses
Facilitating transactions between Buyers and Vendors
Processing payments and managing payouts
Verifying Vendor identity and trader status (DSA KYBC requirements)
Notifying consumers of product recalls and safety warnings (EU General Product Safety Regulation). For product safety inquiries, contact: productsafety@mark8place.com
Personalizing your Platform experience
Analyzing usage patterns to improve our services
Publishing transparency reports as required by DSA
Ensuring Platform security and preventing abuse
Complying with legal and regulatory requirements
5. HOW WE SHARE YOUR INFORMATION
5.1 With Other Platform Users
To facilitate Transactions, we share certain information between Buyers and Vendors, including name, contact details (as necessary for delivery), and relevant Transaction details.
5.1a Vendors as Independent Data Controllers
When you purchase from a Vendor on our Platform, that Vendor receives your personal data (name, delivery address, contact information, order details) and becomes an independent data controller for that data. This means:
Vendors independently determine how to use your data for order fulfillment, shipping, and customer service
Vendors are responsible for their own compliance with applicable data protection laws
Vendors may have their own privacy policies governing their use of your data
We are not responsible for Vendor data practices once data is transferred to them
We require Vendors to agree to data protection obligations in our Terms of Service, but we cannot guarantee Vendor compliance. If you have concerns about a Vendor's data practices, contact the Vendor directly or report the issue to support@mark8place.com.
5.1b Joint Controller Arrangements
For certain processing activities, we and Vendors act as joint controllers under GDPR Article 26. These include:
Reviews and Ratings: Both parties have legitimate interests in review content — we for platform trust, Vendors for reputation management
In-Platform Messaging: Messages between Buyers and Vendors are accessible to both parties for transaction coordination
Dispute Resolution: Transaction data is used by both parties to resolve disputes
For joint controller activities, we serve as the primary contact point for data subject requests. Contact privacy@mark8place.com to exercise your rights regarding jointly controlled data.
5.2 Public Disclosure of Seller Information
In compliance with regulatory requirements (EU DSA and US INFORM Consumers Act), we publicly display certain Vendor information:
Trader status (professional trader or non-professional/private seller)
Business name and contact details for professional traders
For US High-Volume Sellers ($20,000+ annual revenue): name/business name, address (or state/country), and contact information
Trade register information where applicable
5.3 With Service Providers (Subprocessors)
We share information with trusted third-party service providers who process data on our behalf under Data Processing Agreements:
Payment Processing (Regional Alternatives): PayPal Holdings, Inc. (USA); Razorpay Software Pvt. Ltd. (India); Xendit (Southeast Asia); PayMongo (Philippines); and other approved marketplace-enabled payment gateways as listed in our Terms of Service Section 4.3. Regional providers apply based on Vendor location and transaction currency.
Cloud Infrastructure: Vercel, Inc. (USA) — Application hosting and content delivery. Privacy: vercel.com/legal/privacy-policy
Database & Storage: Supabase, Inc. (USA) — Database hosting and authentication services. Privacy: supabase.com/privacy
Analytics: Google LLC (USA) — Google Analytics for platform usage analysis. Privacy: policies.google.com/privacy. You can opt out at tools.google.com/dlpage/gaoptout
Customer Support: Intercom, Inc. (USA) — Help desk and live chat support. Privacy: intercom.com/legal/privacy
Delivery Partners: Various regional delivery service providers — Shipping coordination. Specific providers vary by region.
All subprocessors are bound by Data Processing Agreements that require them to process data only as instructed, implement appropriate security measures, and comply with applicable data protection laws. A complete list of current subprocessors is available upon request at privacy@mark8place.com.
5.4 With Regulatory Authorities
We may share information with regulatory authorities as required by law, including:
EU Digital Services Coordinators (for DSA compliance)
US Federal Trade Commission (for INFORM Act compliance)
Tax authorities (for tax reporting obligations)
Law enforcement (in response to lawful requests)
EU Safety Gate Portal (for product recall notifications)
5.5 DSA Transparency Database
Under the EU Digital Services Act, we submit statements of reasons for content moderation decisions to the DSA Transparency Database. These statements do not include personal data that would directly identify individual users but may include information about the type of content removed or actions taken.
5.6 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will provide notice of any such transfer.
5.7 What We Do Not Share
We do not sell your personal data to third parties. We do not share your information with third parties for their direct marketing purposes without your explicit consent.
6. INTERNATIONAL DATA TRANSFERS
As a global marketplace headquartered in Singapore, your personal data may be transferred to, stored, and processed in countries other than your country of residence, including Singapore, the United States, the European Union, and other countries where our service providers operate.
6.1 Transfer Mechanisms by Jurisdiction
EU/EEA Transfers:
Standard Contractual Clauses (SCCs): We use the European Commission's approved SCCs (2021/914) for transfers to non-adequate countries
Adequacy Decisions: Transfers to countries with EU adequacy recognition (e.g., UK, Japan, South Korea, Canada) require no additional safeguards
EU-US Data Privacy Framework: For US transfers, we prioritize providers certified under the EU-US DPF
UK Transfers:
UK International Data Transfer Agreement (IDTA): We use the UK IDTA or UK Addendum to EU SCCs for transfers from the UK to non-adequate countries
UK Extension to EU-US DPF: For US transfers, we prioritize providers covered by the UK Extension
Singapore Transfers:
PDPA Transfer Requirements: Under Singapore's PDPA, we ensure recipients provide comparable protection through contractual arrangements
ASEAN Model Contractual Clauses: We use ASEAN MCCs where appropriate for regional transfers
6.2 Supplementary Measures (Post-Schrems II)
Following the CJEU Schrems II decision, we implement supplementary technical and organizational measures for transfers to countries without adequacy decisions:
Technical Measures: Encryption in transit and at rest, pseudonymization where feasible, access controls limiting data exposure
Organizational Measures: Data minimization, strict access policies, contractual commitments to challenge government access requests
Transfer Impact Assessments: We conduct TIAs to evaluate the legal framework of destination countries and determine if supplementary measures are adequate
You may request a copy of the transfer mechanisms used for your data by contacting privacy@mark8place.com.
7. DATA RETENTION
We retain your personal data only as long as necessary for the purposes described in this Privacy Policy:
Data Type
Retention Period
Account information
Duration of account + 5 years
Transaction records
7 years from transaction date
KYC/KYBC verification documents
5 years after relationship ends
DSA/INFORM Act seller verification
6 months after account termination
Product safety records (GPSR)
10 years from product supply
Communication records
3 years from communication
Content moderation decisions
3 years from decision
Usage analytics
26 months (anonymized after)
Marketing preferences
Until consent withdrawn
7.1 Retention Period Legal Justifications
Our retention periods are based on the longest applicable legal requirement across jurisdictions where we operate:
Transaction Records (7 years): UK Limitation Act 1980 (6 years for contract claims); Singapore Income Tax Act (5 years); US IRS requirements (7 years for certain records); EU VAT Directive (minimum 6 years). We apply 7 years as the longest applicable period.
KYC Documents (5 years): EU 5th Anti-Money Laundering Directive (5 years after relationship ends); Singapore MAS Notice on AML/CFT (5 years); Financial Action Task Force recommendations.
DSA Seller Verification (6 months): EU Digital Services Act Article 30(2) requires retention for 6 months after account termination.
Product Safety Records (10 years): EU General Product Safety Regulation Article 9 (10 years from product placement); UK Consumer Protection Act product liability period.
Content Moderation (3 years): No specific legal requirement; retained for dispute resolution and internal audit purposes based on statute of limitations for related claims.
Usage Analytics (26 months): Aligned with Google Analytics default retention; CNIL (French DPA) recommendation for cookie-related data. Anonymized after this period.
Upon account deletion request, we will delete or anonymize your personal data within 30 days, except where retention is required for legal compliance, dispute resolution, or fraud prevention.
8. YOUR PRIVACY RIGHTS
8.1 Rights Under GDPR (EU/EEA Residents)
Right of Access: Obtain confirmation of processing and a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete personal data
Right to Erasure: Request deletion of your personal data under certain circumstances
Right to Restriction: Restrict processing under certain circumstances
Right to Data Portability: Receive your data in a structured, machine-readable format
Right to Object: Object to processing based on legitimate interests or for direct marketing
Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
8.2 Rights Under UK GDPR (United Kingdom Residents)
UK residents have the same rights as EU residents listed above under the UK GDPR and Data Protection Act 2018. The Information Commissioner's Office (ICO) is the supervisory authority for data protection in the UK.
8.3 Rights Under CCPA/CPRA (California Residents)
Right to Know: Know what personal information is collected, used, and shared
Right to Delete: Request deletion of personal information
Right to Correct: Request correction of inaccurate personal information
Right to Opt-Out: Opt-out of the sale or sharing of personal information (we do not sell personal data)
Right to Limit Use of Sensitive Personal Information
Right to Non-Discrimination: Not be discriminated against for exercising privacy rights
8.4 Rights Under PDPA (Singapore)
Under the Singapore Personal Data Protection Act 2012, you have the following rights:
Right of Access (Section 21): Access your personal data held by us and by any data intermediaries processing data on our behalf
Right to Correction (Section 22): Correct errors or omissions in your personal data
Right to Information on Collection (Section 14): If we collected your personal data from a source other than yourself, you may request information about how the data was collected and the source of collection
Right to Withdraw Consent (Section 16): Withdraw consent for collection, use, or disclosure of your personal data (with reasonable notice)
Right to Usage/Disclosure Information (Section 21): Request information about how your data has been used or disclosed within the past year
Right to Data Portability (Section 26H): Request your data in a commonly used machine-readable format for transmission to another organisation
To exercise these rights, contact our Data Protection Officer at privacy@mark8place.com. We will respond within 30 days of receiving your request with sufficient information to verify your identity. You may lodge a complaint with the Personal Data Protection Commission (PDPC) if you believe we have not complied with the PDPA.
8.5 Rights Under Australian Privacy Act
Access to personal information held about you
Correction of inaccurate personal information
Complaint to the Office of the Australian Information Commissioner (OAIC)
Opt-out of direct marketing communications
8.6 Rights Under LGPD (Brazilian Residents)
Confirmation of the existence of processing
Access to your personal data
Correction of incomplete, inaccurate, or outdated data
Anonymization, blocking, or deletion of unnecessary data
Data portability
Information about sharing with third parties
Revocation of consent
8.7 Exercising Your Rights
To exercise any of these rights, please contact us at privacy@mark8place.com. Response timelines:
Data Subject Requests (access, deletion, portability): Within 30 days (GDPR), 45 days (CCPA), or as required by applicable law
Acknowledgment of Receipt: Within 3 business days
Complex Requests: May be extended by an additional 60 days with notification
We may need to verify your identity before processing your request. For transaction disputes or refund requests, please refer to the dispute resolution process in our Terms of Service.
9. COOKIES AND TRACKING TECHNOLOGIES
We use cookies and similar technologies to operate our Platform, analyze usage, and provide personalized experiences. This section explains what cookies we use and how you can control them.
9.1 Cookie Categories
Category
Cookie Name
Duration
Purpose
Essential
sb-*-auth-token
Session
Supabase authentication - maintains your login session
__stripe_mid
1 year
Stripe fraud prevention and payment security
__stripe_sid
30 min
Stripe session identifier for checkout process
cookie_consent
1 year
Stores your cookie preferences
Analytics
_ga
2 years
Google Analytics - distinguishes unique users
_ga_*
2 years
Google Analytics 4 - maintains session state
_gid
24 hours
Google Analytics - distinguishes users for daily analysis
Functionality
locale
1 year
Remembers your language preference
currency_pref
1 year
Remembers your currency preference
Marketing*
intercom-*
9 months
Intercom - customer messaging and support widget
_fbp
3 months
Meta Pixel - advertising attribution (if enabled)
* Marketing cookies are only set with your explicit consent.
9.2 Third-Party Cookie Providers
Google LLC (USA): Analytics cookies. Privacy: policies.google.com/privacy. Opt-out: tools.google.com/dlpage/gaoptout
Stripe, Inc. (USA): Payment security cookies. Privacy: stripe.com/privacy
Intercom, Inc. (USA): Customer support cookies. Privacy: intercom.com/legal/privacy
Meta Platforms, Inc. (USA): Marketing cookies (consent required). Privacy: facebook.com/privacy
9.3 Managing Your Cookie Preferences
You can manage cookies through:
Cookie Consent Banner: Customize your preferences when you first visit, or update anytime via the cookie settings link in the footer
Browser Settings: Most browsers allow you to block or delete cookies. See your browser's help documentation.
Industry Opt-Outs: youronlinechoices.eu (EU), aboutads.info/choices (US), youradchoices.ca (Canada)
Note: Disabling essential cookies may prevent you from using core Platform features like checkout and account access. Analytics and marketing cookies can be disabled without affecting functionality.
10. DATA SECURITY
We implement comprehensive security measures to protect your personal data:
Encryption of data in transit (TLS/SSL) and at rest
Secure payment processing through PCI DSS-compliant providers
Multi-factor authentication options
Regular security audits and penetration testing
Access controls and employee training
Incident response and breach notification procedures
10.1 Data Breach Notification
In the event of a data breach affecting your personal data, we will notify you and relevant supervisory authorities according to applicable law:
GDPR (EU/EEA): Supervisory authority within 72 hours; affected individuals without undue delay if high risk
UK GDPR: ICO within 72 hours; affected individuals without undue delay if high risk
CCPA (California): In the most expedient time possible and without unreasonable delay
PDPA (Singapore): PDPC within 3 calendar days if significant harm is likely
Other Jurisdictions: As required by applicable local law
Breach notifications will include:
Description of the nature of the breach
Categories and approximate number of individuals affected
Categories of personal data involved
Likely consequences of the breach
Measures taken or proposed to address the breach
Contact point for more information (privacy@mark8place.com)
We maintain a breach response team and incident management procedures to ensure rapid detection, containment, and notification.
11. AUTOMATED DECISION MAKING, PROFILING, AND AI
We may use automated decision-making and profiling in the following contexts:
Fraud Detection: Automated systems analyze transaction patterns to identify and prevent fraudulent activity
Risk Assessment: Automated risk scoring in conjunction with KYC verification
Personalization: Automated analysis to personalize your Platform experience
Search and Ranking: Algorithms determine search results and listing visibility
11.1 AI Foundry and Machine Learning Features
Our Platform includes AI-powered features ("AI Foundry") that process personal data:
AI Customer Support: Chatbots and automated responses process your messages to provide support. Conversations may be reviewed by humans for quality assurance.
Product Recommendations: Machine learning analyzes browsing and purchase history to suggest relevant products
Content Moderation: AI systems scan listings and content for policy violations, with human review for enforcement decisions
Vendor Tools: AI assists Vendors with listing optimization, pricing suggestions, and demand forecasting
Translation Services: AI-powered translation for cross-border communication between users
AI Processing Principles:
Your data is not used to train general-purpose AI models without consent
AI decisions with significant impact are subject to human review upon request
You can opt out of personalized AI features in Account Settings → Privacy Preferences
11.2 Your Rights Regarding Automated Decisions
You have the right not to be subject to decisions based solely on automated processing that significantly affect you. Where such decisions are made, you have the right to: obtain human intervention; express your point of view; receive an explanation of the decision; and contest the decision. Contact privacy@mark8place.com to exercise these rights.
12. CHILDREN'S PRIVACY
Our Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information. We do not present targeted advertising to users we know to be minors.
13. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our Platform and, where required, by email at least 30 days before changes take effect. The "Last Updated" date at the top of this policy indicates when it was last revised.
14. COMPLAINTS AND SUPERVISORY AUTHORITIES
If you have concerns about our processing of your personal data, please contact us first at privacy@mark8place.com. If you are not satisfied with our response, you have the right to lodge a complaint with a supervisory authority:
Singapore: Personal Data Protection Commission (PDPC)
EU: Your local Data Protection Authority
UK: Information Commissioner's Office (ICO)
California: California Attorney General
Australia: Office of the Australian Information Commissioner (OAIC)
Brazil: Autoridade Nacional de Proteção de Dados (ANPD)
15. CONTACT US
For privacy-related inquiries or to exercise your rights, please contact us: