Definitions

This Definitions section applies to all legal documents of Kantoku Pte. Ltd. (the "Company"), including the Terms of Service, Privacy Policy, and Data Processing Agreement ("DPA"). Defined terms shall have the same meaning across all documents unless explicitly stated otherwise.

1. Core Entities

  • "Kantoku" means Kantoku Pte. Ltd., a company incorporated in Singapore.
  • "Services" means the software, platforms, APIs, and related services provided by Kantoku, including Superviso and any associated features, modules, or integrations.
  • "Platform" means the Kantoku-hosted environment through which the Services are made available.
  • "Superviso" means the governance, risk, and compliance (GRC) product offered as part of the Services.

2. Users and Roles

  • "Customer" means any individual, legal entity, or organization that subscribes to or uses the Services.
  • "User" means an individual authorized by a Customer to access and use the Services on its behalf.
  • "Authorized User" means a User who has been granted valid access credentials or permissions by the Customer.
  • "End-User" means an individual whose data is processed through the Services, but who does not have a direct contractual relationship with Kantoku.

3. Data Definitions

  • "Customer Data" means any data, content, or information submitted, uploaded, or otherwise made available by or on behalf of a Customer through the Services.
  • "Service Data" means data collected, generated, or derived by Kantoku in connection with the operation, security, support, or improvement of the Services, including Usage Data, logs, metrics, and diagnostic information, but excluding Customer Data.
  • "Personal Data" means any information relating to an identified or identifiable individual, as defined under the Personal Data Protection Act 2012 (PDPA) of Singapore.
  • "Usage Data" means data collected automatically through the operation and use of the Services, including technical logs, metadata, interaction data, and system performance data.

4. Legal Roles

  • "Controller" means the entity that determines the purposes and means of processing Personal Data.
  • "Processor" means the entity that processes Personal Data on behalf of the Controller.
  • "Documented Instructions" means the instructions for processing Personal Data given by the Customer to Kantoku as set out in the Agreement, the DPA, and the Customer's configuration and use of the Services.

5. Technical and Access Concepts

  • "API" means any application programming interface made available by Kantoku as part of the Services.
  • "Account" means a registered account required to access and use the Services.
  • "Credentials" means any usernames, passwords, API keys, tokens, or other authentication mechanisms used to access the Services.
  • "Subprocessor" means any third party engaged by Kantoku to process Personal Data on behalf of a Customer in connection with the provision of the Services.

6. Commercial Terms

  • "Subscription" means the Customer's right to access and use the Services in accordance with the Agreement for a specified period.
  • "Fees" means all amounts payable by the Customer to Kantoku for access to or use of the Services, as specified in the applicable order, pricing plan, or agreement.

7. Agreements

  • "Terms of Service" means the agreement governing access to and use of the Services.
  • "Privacy Policy" means the document describing how Personal Data is collected, used, and protected by Kantoku.
  • "Cookie Policy" means the document describing Kantoku's use of cookies and similar technologies.
  • "Data Processing Agreement" or "DPA" means the agreement governing the processing of Personal Data by Kantoku on behalf of Customers.
  • "Subprocessor List" means the document or page maintained by Kantoku that identifies Subprocessors engaged in connection with the Services.
  • "Agreement" means the Terms of Service together with any applicable supplemental terms, including the Privacy Policy and the DPA.

8. Security and Incident Definitions

  • "Security Incident" means any actual or reasonably suspected unauthorized access to, use of, disclosure of, alteration of, or destruction of data, or any event that compromises the security, confidentiality, integrity, or availability of the Services.
  • "Data Breach" means a Security Incident that results in the unauthorized access, disclosure, or loss of Personal Data.
  • "Personal Data Breach" means a Data Breach involving Personal Data, as defined under the Personal Data Protection Act 2012 (PDPA) of Singapore.
  • "Incident Response" means the processes and procedures implemented by Kantoku to detect, investigate, respond to, and mitigate Security Incidents.

9. Miscellaneous

  • "Applicable Law" means all laws and regulations applicable to the parties, including the laws of Singapore.
  • "Effective Date" means the date on which the Agreement becomes legally binding between the parties.