We recognise the importance of your personal data and your privacy and we are committed to protecting
them. This Personal Data Protection and Privacy Policy (the “Policy”) is therefore designed to assist you
in understanding how we collect and handle the personal data you may entrust and/or have entrusted to
us and comply with the requirements of the Personal Data Protection Act 2012 (the “PDPA”).

1. Types Of Personal Data

In this Policy, the term “Personal Data” shall have the meaning ascribed to it in the PDPA. Common
examples of the Personal Data include names, identification numbers, contact information, medical
records, transactional data, photographs, video images and other information relating to any individuals in
any forms.

2. Collection of Personal Data

2.1 Generally, we collect Personal Data in the following ways:

(1) when you submit any form, including but not limited to application forms or other forms relating to any
of our products or services provided by us;

(2) when you enter into any agreement or provide other documentation or information in respect of your
interactions with us, or when you use our services;

(3) when you interact with our staff, including relationship managers and their assistants via telephone
calls (which may be recorded), letters, fax, face-to-face meetings, emails and other methods of

(4) when your images are captured by us via closed-circuit television cameras while you are within our
premises, or via photographs or videos taken by us or our representatives when you attend events hosted
by us;

(5) when you use some of our services provided through online and other technology platforms, such as
websites and apps, including when you establish any online accounts with us;

(6) when you request that we contact you, or include you in an email or other mailing list; or when you
respond to our request for additional Personal Data, our promotions and other initiatives;

(7) when you are contacted by, and respond to, our marketing representatives, agents and other service

(8) when we seek information about you and receive your Personal Data from third parties in connection
with your relationship with us, for example, from referrers, business partners, external or independent
asset managers, public agencies or the relevant authorities;

(9) through physical access, internet and information technology monitoring processes;

(10) in connection with any investigation, litigation, registration or professional disciplinary matter, criminal
prosecution, inquest or inquiry which may relate to you or any Connected Person; and/or

(11) when you submit your Personal Data to us for any other reason.

2.2 When you browse our website, you generally do so anonymously but please see below section on the
use cookies. We do not, at our website, automatically collect Personal Data, including your email address
unless you provide such information or login with your account credentials.

3. Purpose For Collection, Use, Disclosure And Processing Of Personal Data

We may collect, use, disclose and/or process your Personal Data for any of the following purposes:

(1) responding to, processing and handling your enquiries and application for account opening/closing,
services and products by us;

(2) providing and updating our services, products and facilities to you, as well as services, products and
facilities by other external providers provided through the us from time to time;

(3) administering and/or managing the relationship between us and/or your account;

(4) carrying out your instructions or responding to any enquiries by you;

(5) carrying out due diligence or other screening activities (including background checks) in accordance
with legal or regulatory obligations or risk management procedures (including but not limited to those
designed to combat financial crime, “know-your customer”, anti-money laundering, counter-terrorist
financing or anti-bribery), that may be required by law or that may have been put in place by us;

(6) providing you with marketing, advertising and promotional information, materials and/or documents
relating to banking, investment, credit and/or financial products and/or services that we may be selling,
marketing, offering or promoting, whether such products or services exist now or are created in the future;

(7) preventing, detecting and investigating fraud, misconduct, any unlawful action or omission, whether
relating to your application or any other matter relating to your account(s), and whether or not there is any
suspicion of the aforementioned;

(8) managing the administrative and business operations of the Companies and complying with internal
policies and procedures (including but not limited to those relating to auditing, finance, accounting and
business continuity planning);

(9) managing the safety and security of our premises and services (including but not limited to carrying
out CCTV surveillance and conducting security clearances);

(10) complying with the requirement of any applicable law or regulatory authority;

(11) enforcing our legal and / or contractual rights against you; and

(12) any other purposes which we notify you of at the time of obtaining your consent.

4. Disclosure of Personal Data

We will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to
the provisions of any applicable law, your Personal Data may be provided, for one or more of the
purposes stated above, to the following entities or parties, whether they are located overseas or in

(1) our associated group companies and successor-in-interest to our business or assets;

(2) our third party service providers, agents, contractors, or professional advisers;

(3) relevant government regulators, government ministries, exchange, statutory boards or authorities or
law enforcement agencies who have jurisdiction over us or our associated group companies or over any
transaction entered into by you;

(4) any liquidator, receiver, administrator, judicial manager, trustees-in-bankruptcy, custodian or other
similar official who has been so appointed, pursuant to bankruptcy, winding-up or insolvency proceedings
instituted in Singapore or elsewhere, in respect of you or your assets;

(5) financial institutions, brokerage houses, clearing houses, depository, depository agents, managers,
administrators, fund houses, registrars, custodians, external banks, nominee banks and investment
vehicles in relation to investment product settlement processing; and

(6) any other party to whom you authorise us to disclose your Personal Data to.

5. Access To And Correction Of Personal Data

5.1 Upon request, we will provide you with access to your Personal Data or other appropriate information
on your Personal Data in accordance with the requirements of the PDPA. We may charge you a
reasonable fee for the handling and processing of your requests to access to your Personal Data.

5.2 Upon request, we will correct an error or omission in your Personal Data that is in our possession or
control in accordance with the requirements of the PDPA.

6. Withdrawal of Consent

You may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our
possession or under our control by submitting your request. We will process your request from such a
request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your
personal data in the manner stated in your request. However, your withdrawal of consent could result in
certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your
withdrawal of consent for us to process your Personal Data, it may mean that we will not be able to
continue with your existing relationship with us.

7. Retention

Your Personal Data will be held for as long as it is necessary to fulfil the purpose for which it was
collected, or as required or permitted by applicable laws. We shall cease to retain the Personal Data, or
remove the means by which the Personal Data can be associated with particular individuals, as soon as it
is reasonable to assume that the purpose for which that Personal Data was collected is no longer being
served by retention of the Personal Data and retention is no longer necessary for legal or business

8. Security And Protection

We have put in place relevant security procedures and technical and organisational measures to
safeguard the Personal Data in our possession or under our control and to we will use all reasonable
efforts to prevent unauthorised access, collection, use, disclosure, copying, modification , disposal or
similar risks. However, we cannot completely guarantee the security of any Personal Data we may have
collected from or about you, or that for example no harmful code will enter our website (for example
viruses, bugs, Trojan horses, spyware or adware). You should be aware of the risks associated with using
websites and take any necessary precautions.

9. Use of Cookies

9.1. Cookies are small text files placed stored in your computing or other electronic devices which allow
us to remember you or other data about you. The cookies placed by our server can only be read by us,
and cookies cannot access, read or modify any other data on an electronic device. All web-browsers offer
the option to refuse any cookie, and in the event, if you were to refuse our cookie then we do not gather
any information on that visitor.

9.2. When you interact with us on our websites, we automatically receive and record information on our
server logs from your browser. We may employ cookies in order for our server to recognise a return
visitor as a unique user including, without limitation, monitoring information relating to how a visitor arrives
at the website, what kind of browser a visitor is on, what operating system a visitor is using, a visitor's IP
address, and a visitor's click stream information and time stamp (for example, which pages they have
viewed, the time the pages were accessed and the time spent per web page).

9.3. Should you wish to disable the cookies associated with these technologies, you may do so by
changing the setting on your browser. However, you may not be able to enter certain part(s) of our

10. Contact Us

If you:

(1) have any questions or feedback relating to your Personal Data or this Policy;

(2) would like to withdraw your consent to any use of your Personal Data as set out in this Protection
Policy; or

(3) would like to obtain access and make corrections to your Personal Data records,

please contact us as follows:

KGI Securities (Singapore) Pte. Ltd.

Email: [email protected]

11. Policy Updates

We keep this Policy under regular review and we reserve the right to amend the terms of this Policy at our
absolute discretion and at any time. Any amended Policy will be posted on our website. You are
encouraged to visit our website from time to time to ensure that you are well informed of our latest
policies in relation to personal data protection.

12. Governing Law

Note that as we are a Singapore registered company, this Policy has been drafted solely in accordance
with the laws of Singapore. We do not represent or warrant that this Policy complies with the privacy laws
of any other jurisdiction and accordingly, you shall not construe this Policy as such.