Products
Wonder App
Wonder Terminal
Wonder Dashboard
Wonder Card
Wonder SoftPOS
Wonder Transit X
Industries
Restaurant
Healthcare
Retail
Taxi
Insurance
Pricing
Resources
Press Release
Media
Blog
Developers
About
About Us
Career
Contact Us
Hong Kong (English)
香港 (繁體中文)
Singapore (English)
Get Started
Log In
Products
Wonder App
Wonder Terminal
Wonder Dashboard
Wonder Card
Wonder SoftPOS
Wonder Transit X
Back
Industries
Restaurant
Healthcare
Retail
Taxi
Insurance
Back
Resources
Press Release
Media
Blog
Developers
Back
About
About Us
Career
Contact Us
Back
Language
Hong Kong (English)
香港 (繁體中文)
Singapore (English)
Back
Products
Industries
Pricing
Resources
About
Log In
Language
Get Started
Download Wonder Now!

Privacy Policy

This Privacy Statement (“Statement”) describes the personal information we collect through our website, wonder.app (the “Site”), and how we collect and use it. The terms “we”, “us”, and “Wonder” refer to Wonder Ventures Limited, a Delaware corporation. By visiting this Site, or providing your information to us, you agree to accept the practices described in this privacy policy.We collect and store information that you enter into this Site such as when you create an account or place an order. For example, when you open an account or place an order, we collect and store some or all of the following information that you provide: name, signup location, billing address, e-mail address, telephone number, credit card number and expiration date (Please note credit card information is temporarily stored for authorization purposes only). You can also link your account to third party accounts to share your Wonder activities. We use your signup location to help target the Site to the city you live in. We use your email address to send you updates and provide products and services that you have ordered or requested, to process and arrange delivery and to provide customer service. We may also use your information to contact you about sales, special offers and new site features, unless you have opted not to receive promotional communications in connection with this Web site. Wonder uses Google Adwords Conversion Tracking for keeping tabs on actions such as form submissions. By visiting this website, you implicitly allow Wonder to use your browsing data for tracking visits and conversions.
We do not sell or rent personally identifiable information to third parties. Other than as set forth below we do not license, transfer or share any personal information without your consent:
We may share information about you with third parties involved in the completion of your transaction, the delivery of your order, and in order to improve your consumer experience. These third parties may contact you about your transaction.
We may disclose personally identifiable information to trusted third parties whom we engage to process your personally identifiable information for us.
Your information may be transferred in connection with the sale, merger or business acquisition of Wonder.
When we believe that disclosure is necessary to protect the rights, property and safety of Wonder, its users or the public.
We may disclose personally identifiable information with other companies and organizations for fraud and credit risk purposes.
As required by law, to comply with a judicial proceeding or court order, to exercise our rights, or to defend against any claims.
We also collect and store certain other information automatically whenever you interact with this Site. For example, we collect your IP address, browser information every time you visit this Site. We also collect information regarding customer traffic patterns and site usage. This information is used to analyze and improve this Site and to provide our customers with a fulfilling shopping experience.
You can contribute to the Site in a number of different ways, including writing product reviews and feedback for stores after purchase. We may store these contributions (your “Public Content”), display them to other users, and use them for promotional purposes. Note that if you include personally identifiable information in your Public Content, it can be used and viewed by others. We are not responsible for the information you choose to include in your Public Content. You can invite your friends to join the Site by providing their contact information, or by entering your log-in credentials to import your address book from other sites. We may store and use your friends’ contact information to invite them to join and connect with you on the Site. Your friends will always have the opportunity to opt-out of receiving further emails from us.
We allow you to access third party services, such as Facebook and Twitter, to share your selected Public Content with those services, and import information about who you are connected with on those other services so you can connect with them on the Site. You can always opt out on your Wonder account page. Some of those third party services may also provide us with information from your accounts there to enhance and personalize your use of this Site. For example, you can allow Facebook to tell us who your Facebook friends are so you can follow their activity on Wonder. You can adjust your Wonder privacy settings to block this feature, in which case we will delete the information that we receive from your accounts with those other services.
We automatically store information related to your use of the Site, such as the pages you view on the Site, your browser type, IP address, requested URL, referring URL, and the date and time of your visit. We use this type of information to administer the Site and provide the highest possible level of service to you. We also use this information in the aggregate to perform statistical analyses of user behavior and characteristics in order to measure interest in and use of the various areas of the Site.
We send cookies to your computer in order to uniquely identify your browser and improve the quality of our service. Cookies are files stored on your computer’s hard drive by your browser. Cookies help us to identify account holders and to optimize their shopping experience. Cookies also allow us to hold selections in a shopping cart when a user leaves this Site without checking out. Most browsers accept cookies automatically but allow you to disable them. We recommend that you leave cookies “turned on” so that we can offer you a better shopping experience on this Site. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them). Persistent cookies can be removed by following your browser help file directions. If you choose to disable cookies, some areas of the Site may not work properly or at all. Our cookies are linked to your information, such as your name, email address and password.
You should feel free to give us feedback, register a complaint, or ask questions about the Site. We may store your communications, including any personal information you include in them, so that we can effectively respond to you. We may use the information described above for routine administrative purposes, such as investigating abuses on the Site, responding to user inquiries and enforcing and applying our Terms of Service and Statement.
When you enter sensitive information (such as a credit card number) on our registration or order forms, we encrypt that information using 128-bit secure socket layer technology (SSL). However, please be aware that no security measures are perfect or impenetrable. Therefore, while we strive to protect your personal information, we cannot guarantee the absolute security of such information. We cannot control the actions of other users with whom you share your information. We cannot ensure that information you share on the Site will not become publicly available. We are not responsible for third party circumvention of any privacy settings or security measures on the Site. You can reduce these risks by using common sense security practices such as choosing a strong password, using different passwords for different services, and using up to date antivirus software.
Report Violations. You should report any security violations to us.

Wonder Singapore
Data Privacy Notice

Effective Date: 17 March 2026

Who We Are

This Privacy Notice applies to the following Singapore-incorporated entities operating under the Wonder brand:

Entity

UEN / Registration

Wonder Tech Singapore Pte. Ltd.

202515097W

Wonder Tech Capital Pte. Ltd.

202548289Z

Bindo Pte. Ltd.

202217737E

References to “Wonder SG”, “we”, “us” or “our” in this Notice refer to the specific entity responsible for collecting and handling your personal data in connection with the services you use.
Wonder Tech Singapore Pte. Ltd. and Wonder Tech Capital Pte. Ltd. are wholly-owned subsidiaries of Wonder Group Holdings Limited (BVI), which is in turn majority-owned by Universal Intelligence Holdings Limited (BVI). Bindo Pte. Ltd. is a wholly-owned subsidiary of Bindo Labs Group Limited (Cayman Islands). All three entities operate under the Wonder brand in Singapore.

1.  About This Notice

This Data Privacy Notice ("Notice") explains how Wonder SG collects, uses, discloses, and protects personal data relating to our merchants, customers, cardholders, website visitors, job applicants, and other individuals who interact with us (collectively "you" or "individuals").
This Notice applies to personal data collected through:
(a) our websites, including wonder.app/en-sg and related sub-domains;
(b) our mobile applications;
(c) our payment processing and financial technology platforms;
(d) our customer service channels; and
(e) any other interaction between you and Wonder SG.
By accessing our website, submitting your personal data, or using our products and services, you acknowledge that you have read this Notice and understood how we handle your personal data as described in this Notice.
This Notice should be read together with any product-specific notices or terms and conditions that may be provided to you at the point of collection of your personal data. In the event of any conflict, the more specific notice shall prevail.

2.  Definitions

In this Notice, unless the context otherwise requires:
  • "Personal Data" has the meaning given to it under the Personal Data Protection Act 2012 ("PDPA"), and refers to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access.
  • "PDPA" means the Personal Data Protection Act 2012 of Singapore (No. 26 of 2012), as amended or re-enacted from time to time, including all subsidiary legislation made thereunder.
  • "PDPC" means the Personal Data Protection Commission of Singapore, the regulatory authority responsible for administering and enforcing the PDPA.
  • "DPO" means Data Protection Officer, the designated individual responsible for overseeing data protection compliance within Wonder SG.
  • "Platform" means Wonder SG's payment processing, e-wallet, financial technology services, merchant dashboard, and all related services."Services" means all products and services provided by Wonder SG, including but not limited to the Wonder App, Wonder Terminal, Wonder Card, Wonder Dashboard, Wonder SoftPOS, and Wonder Transit X.
  • "Services" means all products and services provided by Wonder SG, including but not limited to the Wonder App, Wonder Terminal, Wonder Card, Wonder Dashboard, Wonder SoftPOS, and Wonder Transit X.
3.  Personal Data We Collect
The categories of personal data we collect will depend on your relationship with us and the services you use. We collect only the minimum personal data necessary for the relevant purpose.

Category of Personal Data

Examples

Identity Information

Full name, aliases, NRIC/FIN/Passport number, date of birth, nationality, gender, photographs.

Contact Information

Residential or business address, email address, telephone number(s), preferred communication method.

Financial Information

Bank account details, credit/debit card information, billing address, transaction history, account balances.

Payment & Transaction Data

Transaction amounts, dates and times, merchant names and identifiers, payment references, payment method details.

eKYC & Verification Data

Identity document scans, selfie/liveness check images, proof of address, business registration documents, beneficial ownership information.

Account & Login Information

Username, encrypted password, account preferences, login timestamps, device identifiers.

Usage & Technical Information

IP address, browser type and version, operating system, device identifiers, geolocation data, pages accessed, referring URLs, session duration.

Communications Data

Enquiries, complaints, feedback, live chat logs, call recordings (where applicable), emails, and other correspondence with us.

Marketing Preferences

Subscription status, communication preferences, survey responses, promotional campaign interactions.

Employment Information

CV/resume, employment history, qualifications, references (for job applicants only).

Special Categories of Personal Data
We do not intentionally collect special categories of personal data (such as race, religion, health, sexual orientation, or biometric data) unless strictly required by applicable law or regulation (e.g., mandatory anti-money laundering checks). Where required, we will seek your explicit consent and process such data in accordance with the PDPA.
4.  How We Collect Personal Data
4.1  Directly from You
We collect personal data directly from you when you:
  • Create an account or register for our Services;
  • Complete eKYC (Know Your Customer) or onboarding processes;
  • Make or receive a payment through our Platform;
  • Scan a QR code or use any Wonder payment product;
  • Contact us via email, telephone, live chat, or in person;
  • Submit a form, survey, or application on our website or app;
  • Subscribe to our marketing communications or promotional campaigns;
  • Apply for a position at Wonder SG;
  • Provide feedback or file a complaint.
4.2  Automatically
We collect certain technical and usage data automatically when you interact with our website or Platform, including through cookies, web beacons, and similar tracking technologies (see Section 9 on Cookies).
4.3  From Third Parties
We may also receive personal data from third parties, including:
  • Merchants and business partners who refer you to our Services;
  • Financial institutions, payment networks (e.g., Visa, Mastercard), and acquiring banks involved in processing your transactions;
  • Credit bureaus and identity verification service providers (for eKYC and fraud prevention purposes);
  • Government databases and publicly available sources, to the extent permitted by law;
  • Other entities within the Wonder and Bindo corporate group, where data sharing is necessary to provide you with integrated services.
5.  Purposes for Collection, Use & Disclosure
We collect, use, and disclose your personal data only for purposes that are made known to you at the time of collection or that are reasonably expected given the nature of our services. The purposes for which we process your personal data include:
5.1  Account Management & Service Delivery
  • Creating and managing your Wonder account;
  • Providing and maintaining our payment processing services Verifying your identity and processing eKYC checks;
  • Processing payments, transfers, refunds and chargebacks;
  • Issuing Wonder Cards to eligible users;
  • Maintaining and updating our records.
5.2  Regulatory Compliance & Legal Obligations
  • Complying with the PDPA and other applicable Singapore laws;
  • Meeting requirements under the Payment Services Act 2019 ("PSA");
  • Complying with anti-money laundering ("AML"), counter-financing of terrorism ("CFT")g;
  • Responding to requests from MAS, PDPC, law enforcement or other regulatory authorities;
  • Maintaining records and audit trails as required by law.
5.3  Risk Management, Fraud Prevention & Security
  • Detecting, investigating, and preventing fraud, and other illicit activities;
  • Conducting transaction monitoring and  sanctions screening;
  • Protecting the security and integrity of our systems;
  • Enforcing our Terms and Conditions.
  • Maintaining records and audit trails as required by law.
5.4  Customer Support & Relationship Management
  • Responding to your enquiries,and complaints;
  • Notifying you of changes to our services, terms, or policies;
  • Providing technical support.
5.5  Marketing & Communications
  • Sending you information about our products, services and  promotions (only where we have obtained your consent);
  • Personalising content and communications based on your preferences;
  • Conducting market research and satisfaction surveys.
You may withdraw consent for marketing communications at any time by clicking the unsubscribe link in our emails, or by contacting our DPO at sg_dpo@bindo.com.
5.6  Analytics & Service Improvement
  • Analysing usage trends to improve our website and services;
  • Developing new features and enhancing the user experience;
  • Conducting internal research and business planning.
5.7  Corporate Transactions
  • In connection with a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the relevant counterparty, subject to equivalent data protection obligations.
6.  Disclosure of Personal Data
We do not sell or rent your personal data to third parties. We may disclose your personal data to the following categories of recipients, only to the extent necessary for the purposes described in Section 5:
6.1  Within the Wonder / Bindo Group
We may share your personal data with related corporations and affiliates within the Wonder and Bindo corporate group for the purposes of group-level reporting, audit, IT infrastructure, and providing integrated services, subject to equivalent data protection standards.
6.2  Payment Network Partners
We share relevant personal data with payment networks (e.g., Visa, Mastercard), acquiring banks, issuing banks, and other financial intermediaries as necessary to process payment transactions.
6.3  Service Providers & Vendors
We engage third-party service providers who process personal data on our behalf, including technology providers, cloud hosting services, eKYC/AML verification platforms, analytics providers, and customer support systems. We require all such providers to implement appropriate contractual and technical safeguards.
6.4  Regulatory & Law Enforcement Authorities
We may disclose personal data to MAS, PDPC, Singapore Police Force, IRAS or other government or regulatory bodies where required or permitted by law.
6.5  Professional Advisers
We may share personal data with our lawyers, auditors, and other professional advisers, subject to obligations of confidentiality.
6.6  Business Transfers
In connection with a merger, acquisition, restructuring, or transfer of all or part of our business or assets, personal data may be disclosed to prospective buyers or transferees.
7.  Cross-Border Transfers of Personal Data
In providing our services, we may transfer your personal data to countries outside Singapore. Where we do so, we comply with the requirements of the PDPA in relation to cross-border data transfers.
Countries to which we may transfer personal data include, without limitation: Hong Kong Transfers to these jurisdictions are conducted in accordance with the PDPA's and are subject to appropriate contractual safeguards
8.  Retention of Personal Data
We retain personal data for as long as is necessary to fulfil the purposes for which it was collected, or as required or permitted by applicable law. In determining the appropriate retention period, we consider:
  • Legal and regulatory obligations (e.g., AML/CFT records will  be retained for at least seven  years);
  • Contractual obligations and applicable limitation periods for legal claims;
  • Audit, accounting, and tax requirements;
  • The nature of the data and any risk associated with unauthorised use or disclosure.
When personal data is no longer required, we will take reasonable steps to destroy or anonymise it in a secure manner.
9.  Cookies & Similar Technologies
Our website and Platform use cookies and similar tracking technologies to provide a better user experience, for analytics, and for security purposes.

Category of Cookies

Purpose

Strictly necessary cookies

Essential for the website and platform to function correctly. These cannot be disabled.

Performance & analytics cookies

Help us understand how visitors use our website so we can improve functionality and content.

Functional cookies

Enable personalisation of your experience, such as remembering your language preference or log-in status.

Targeting/Marketing cookies

Used to deliver advertisements relevant to your interest. You may disable these cookies through your browser settings without affecting your use of core services.

You can manage your cookie preferences through your browser settings. For more information on how to disable or delete cookies, please refer to your browser's help documentation. Disabling certain cookies may affect the functionality of some features of our website or Platform.
10.  Security of Personal Data
We take the security of your personal data seriously. We have implemented appropriate administrative, physical, and technical measures to protect your personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks.
These measures include, but are not limited to: encryption of data in transit and at rest (including SSL/TLS protocols), access controls and role-based permissions, regular security assessments and adherence to Payment Card Industry Data Security Standard (PCI DSS) requirements where applicable.
We have also established procedures to manage personal data breaches. In the event of a notifiable data breach under the PDPA, we will notify the PDPC within three (3) calendar days of becoming aware of the breach, and affected individuals will be informed in accordance with the PDPA's breach notification obligations.
Notwithstanding the above, no security system is completely impenetrable. We cannot guarantee the absolute security of personal data transmitted to us over the internet or stored in our systems. You are encouraged to use strong, unique passwords and to exercise care when accessing our Services on public or shared networks.
11.  Your Rights Under the PDPA
Subject to the exceptions and qualifications set out in the PDPA, you have the following rights with respect to your personal data held by Wonder SG:
11.1  Right of Access
You have the right to request access to the personal data we hold about you, and to information about how such personal data has been or may have been used or disclosed by us in the year preceding your request.
11.2  Right of Correction
You have the right to request that we correct any errors or omissions in the personal data we hold about you. We will correct the data as soon as reasonably practicable, unless there are legitimate grounds under the PDPA for not doing so.
11.3  Right of Withdrawal of Consent
Where we process your personal data on the basis of consent, you may withdraw that consent at any time by written notice to our DPO. Please note that withdrawal of consent may affect our ability to continue providing certain services to you
11.4  Right to Lodge a Complaint
If you are dissatisfied with how we handle your personal data or your access/correction request, you have the right to lodge a complaint with the PDPC at www.pdpc.gov.sg.
To exercise any of the above rights, please submit a written request to our Data Protection Officer at sg_dpo@bindo.com. We will respond to your request within thirty (30) calendar days from receipt, or notify you if additional time is required. We may charge a reasonable administrative fee for access requests in accordance with the PDPA.
Please note that we may not be required to comply with access or correction requests in certain circumstances as specified in the PDPA (e.g., where complying would be contrary to national interest, threaten the safety of another individual, or relate to evaluative purposes).
12.  Minors
Our Services are not intended for persons under the age of 18 years. We do not knowingly collect personal data from minors without verified parental or guardian consent. If we become aware that we have inadvertently collected personal data from a minor without appropriate consent, we will take prompt steps to delete such information.
If you believe that we may have collected personal data from a minor, please contact our DPO immediately at sg_dpo@bindo.com.
13.  Links to Third-Party Websites
Our website and Platform may contain links to third-party websites and services. This Notice does not apply to such third-party websites, and we are not responsible for their data protection practices. We encourage you to review the privacy notices of any third-party sites you visit.
14.  Changes to This Notice
We may update this Notice from time to time to reflect changes in our business practices, the services we provide, or applicable laws and regulations. We will publish the updated Notice on our website at wonder.app/en-sg/privacy-policy and update the effective date accordingly.
For material changes that may significantly affect your rights or the way we process your personal data, we will endeavour to provide you with prior notice through our usual communication channels (e.g., email or in-app notification).
Your continued use of our Services following any changes to this Notice will constitute your acknowledgement of, and where applicable, consent to, such changes.
15.  How to Contact Us
If you have any questions, concerns, or requests relating to this Notice or the processing of your personal data, you may contact us at sg_dpo@bindo.com.

Experience The Magic,
Just One More Step!

Download Wonder Now!
Get Started
Products
Wonder AppWonder TerminalWonder DashboardWonder CardWonder SoftPOSWonder Transit X
Industries
Restaurant
Healthcare
Retail
Taxi
Insurance
Resources
PricingPress ReleaseMediaBlogDevelopers
About
About UsCareerContact Us
Privacy PolicyTerms & Conditions
Copyright © Wonder 2026