The security of personal data is important to us. We comply with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (the “PDPA”) and other applicable laws and regulations.
1. PERSONAL DATA
“Personal data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. The personal data that we handle may include, but is not limited to, names, dates of birth, genders, identification numbers, contact information, contract details, payment status and voice recordings.
2. COMPLIANCE WITH THE PDPA
We may be required to collect, use or disclose personal data in the course of our business operations, where we will determine the purposes for which and the means by which such personal data is collected, used or disclosed. However, such personal data will only be collected, used or disclosed in accordance with the PDPA.
In general, before we collect, use or disclose any of your personal data, we will notify you of the purposes for which your personal data may be collected, used or disclosed, as well as obtain your consent for the collection, use or disclosure of your personal data for the intended purposes.
3. DATA INTERMEDIARY
We also act as a data intermediary, where we process personal data on behalf and for the purposes of another organisation, pursuant to a contract which is evidenced or made in writing. We process such personal data in accordance with the relevant provisions in the PDPA, and in particular, comply with the provisions of the PDPA that relate to the protection and retention of personal data.
4. PURPOSES FOR COLLECTION, USAGE AND DISCLOSURE
Personal data may be collected, used or disclosed for the following purposes:
(a) to correspond with suppliers and customers, to manage business relationships, and to handle claims and payments;
(b) to evaluate job applicants and employees;
(c) to correspond with employees and ex-employees and manage or terminate
(d) to respond to or process requests or enquiries;
(e) to improve our operations, develop new services, and conduct marketing and data analysis for research and development of new product or services;
(f) to prevent, detect and investigate illegal activities, analyze and manage commercial risks, conduct audit checks and due diligence, and generally for any other security purposes;
(g) to comply with local or foreign law, regulations, judgements, court orders, governmental sanctions, or any codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory enquiries, investigations or directives); and
(h) all purposes incidental to the foregoing and any other purposes specified from time to time by us in writing, (collectively, the “Purposes”).
5. DISCLOSURE OF PERSONAL DATA
For one or more Purposes, we may disclose the personal data to:
(a) a third party service providers or agents;
(b) our affiliates or related corporations; and
(c) any person to whom disclosure is allowed or required by local or foreign laws or
regulations, in each case, which may be sited outside of Singapore. Where personal data is transferred to a country or territory outside of Singapore, we will (a) take appropriate steps to ensure compliance with the provisions of the PDPA in respect of the transferred personal data while it remains in our possession or control; and (b) take appropriate steps to ascertain whether, and to ensure that, the recipient of the personal data in that country or territory outside Singapore (if any) is bound by legally enforceable obligations (in accordance with Regulation 10 of the Personal Data Protection Regulations 2014 (No. S 362)) to provide to the transferred personal data a standard of protection that is at least comparable to the protection under the PDPA.
Our affiliates or related corporations above include, but are not limited to, Sense Of Wonder Group, Inc. (200, Toyohara, Nago-shi, Okinawa, 905-2172 Japan), Logiquest Incorporated (2-2-1, Otemachi Shinotemachi Bldg. 4F. Chiyoda-Ku, Tokyo, 100-0004 Japan) and GI Inc. (4-4-2, Tozan Bldg. 12F. Nihonbashihoncho, Chuo City, Tokyo 103-0023, Japan).
6. REQUEST FOR ACCESS OR CORRECTION OF PERSONAL DATA
You may request to access or correct the personal data currently in our possession at any time by submitting your request. We may at our discretion charge a reasonable administrative fee for this. If you point out to us that any personal data held by us is inaccurate or incomplete, we will take appropriate action to amend the personal data as required and, if necessary, notify any third party of the correction. You acknowledge that there may be circumstances in which we may refuse access to some or all of your personal data, including where the information may contain references to other individuals or where it is trivial or frivolous and vexatious.
7. REQUEST TO WITHDRAW CONSENT
You may withdraw your consent for the collection, use or disclosure of your personal data in our possession or under our control at any time by giving us reasonable notice in writing. If you withdraw your consent to any or all collection, use or disclosure of your personal data, then depending on the nature and extent of the withdrawal, you acknowledge that we may be unable to initiate or continue to provide services to you, or administer any contractual relationship(s) in place upon the withdrawal of your consent. Such withdrawal may therefore result in the termination of any accounts, agreements and/or contractual relationship(s) you may have with us. Upon receipt of any notice to withdraw consent, we will inform you of the likely consequences of such withdrawal. All our legal rights and remedies are expressly reserved in such termination and any subsequent event.
8. ACCURACY AND COMPLETENESS
We will make reasonable efforts to ensure that your personal data is sufficiently accurate, complete and up-to-date to minimise the possibility that inappropriate information may be used to make a decision about you, or is likely to be disclosed by us to another organisation. We will not routinely update your personal data unless such a process is necessary to fulfil the purposes for which the personal data was collected or otherwise as required by law. In order to ensure that your personal data is current, complete and accurate, please notify us as soon as possible if any of the personal data you have provided to us has changed.
We have in place reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks and adequately protect the personal data in our possession or under our control (whether in physical or electronic form).
We cease to retain the personal data or remove the means by which the personal data can be associated with particular individuals (i.e. anonymisation) as soon as it is reasonable to assume that the personal data no longer serves the purpose(s) for which it was collected and is no longer required for business or legal purposes.
11 AMENDMENT AND UPDATES
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect or process your personal data, please do not hesitate to contact our Data Protection Officer at:
Office address : 6 Battery Road #18-04, Singapore 049909
Last Updated on 18 April 2020