Privacy Policy

Wecome Pte Ltd ("Wecome", "we", "us", or "our") is committed to protecting your personal data in accordance with Singapore's Personal Data Protection Act 2012 ("PDPA").

This Privacy Policy describes how we collect, use, disclose, and protect your personal data when you use our platform, including our websites, mobile applications, and related services (collectively, the "Platform").

We collect personal data that you voluntarily provide to us when you register for an account, place orders, or interact with our Platform. This may include:

If you choose not to provide certain personal data, we may not be able to provide you with certain services or features of the Platform.

Our Palm Recognition system uses biometric technology to provide convenient identity verification. This section explains how your biometric data is collected and processed.

How Palm Recognition Works

Palm Recognition is powered by a trusted third-party biometric technology provider based in Singapore. When you enroll:

• Your palm vein pattern is scanned and converted into an encrypted template
• The biometric template is processed and stored by our technology partner
• Wecome receives only verification results (e.g., identity confirmed) — not raw biometric data

Our technology partner is a Singapore-registered company subject to the Personal Data Protection Act (PDPA).

What Is Collected

• Palm Vein Patterns: Unique vein patterns beneath the skin surface
• Mathematical Template: An encrypted representation derived from your palm scan

Important: Raw palm images are never stored. Only encrypted mathematical templates are retained.

How We Use Biometric Data

• Identity Verification: Recognizing you at kiosks and service points
• Membership Recognition: Instant member identification without cards
• Loyalty Integration: Automatic points accrual and tier recognition
• Locker Access: Cardless Food Locker pickup
• Payment Processing: Facilitating palm-based payments (where available)

Security Features

The Palm Recognition system includes the following security features:

Your Rights for Biometric Data

• Withdraw Consent: You may unenroll from Palm Recognition at any time
• Data Deletion: Upon withdrawal, we will coordinate with our technology partner to permanently delete your biometric template
• Access Information: Request details about how your biometric data is used

To unenroll or request deletion of your biometric data, contact our Data Protection Officer. Wecome serves as your single point of contact for all biometric data requests.

We use your personal data for the following purposes:

• Service Delivery: Processing orders, facilitating payments, arranging delivery
• Account Management: Creating and managing your account, authenticating your identity
• Customer Support: Responding to inquiries, resolving issues, providing assistance
• Communications: Sending order updates, receipts, and service notifications
• Marketing: With your consent, sending promotional offers and updates
• Analytics: Improving our services, understanding user behavior, optimizing the Platform
• Legal Compliance: Complying with legal obligations and protecting our rights

We may share your personal data with:

• Service Providers: Third-party vendors who assist with payment processing, delivery, hosting, and other services
• Merchants: Food vendors and restaurants on our Platform to fulfill your orders
• Related Companies: Our subsidiaries and affiliates for operational purposes
• Business Partners: Partners who provide complementary services

We require all third parties to respect the security of your personal data and to treat it in accordance with applicable laws.

International Transfers: If your personal data is transferred outside Singapore, we will ensure that comparable standards of protection are applied.

We may disclose your personal data to legal, regulatory, governmental, tax, or law enforcement authorities if we have reasonable grounds to believe that such disclosure is necessary:

• To comply with applicable laws, regulations, or legal processes
• To protect our rights, privacy, safety, or property
• To enforce our Terms of Use or other agreements
• To prevent fraud or other illegal activities

We use cookies, web beacons, and similar tracking technologies to collect information about your browsing activities on our Platform. This includes:

• IP address and device information
• Pages visited and time spent on each page
• Links clicked and features used
• Referring websites and search terms

We use this information to analyze trends, administer the Platform, track user movements, and gather demographic information for aggregate use.

You can control cookies through your browser settings. However, disabling cookies may affect your ability to use certain features of the Platform.

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Access controls to limit who can access your data
• Regular security assessments and audits
• Secure destruction protocols for data no longer needed

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

Under the PDPA, you have the following rights regarding your personal data:

If you have an account, you can access and update most of your personal data by logging into your account. For other requests, please contact our Data Protection Officer.

Note: Withdrawing consent for certain data processing may affect our ability to provide you with our services.

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations.

When your personal data is no longer required, we will securely destroy or anonymize it.

Our Platform is not intended for children under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe we have collected data from a child under 13, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our Platform and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

We will respond to your request within a reasonable timeframe, and in any case within the time limits prescribed by the PDPA.