PRIVACY POLICY
Last revised on 26 Nov 2018
WHETU DIGITAL PTE. LTD., (the “Company”) realizes the importance of protecting your personal data.
This document contains the personal data protection and privacy policy adopted by the Company to manage your personal data in accordance with the Personal Data Protection Act 2012 of Singapore (the “Act” or “PDPA”). Please take a moment to read this policy to understand the purposes for which we collect, use and/or disclose your personal data.
1. Concerning the observance of laws and standards
1.1 The Company respects the privacy of individuals and recognises the need to treat personal data in an appropriate and lawful manner and is committed to comply with its obligations in this regard, in respect of all personal data it handles.
1.2 The Company may change some parts or all of the contents of this policy from time to time to ensure that this policy is in line with the legal and regulatory requirements, as well as the regulations and constitutive documents of the Company. Hence, we advise you to check back regularly for updated information on the handling of your personal data.
1.3 If you consider that this policy has not been followed in respect of the personal data about you or others, please raise the matter with the Data Protection Officer as soon as possible.
2. Concerning the collection, use and/or disclosure of personal data
2.1 In general, we collect your personal data in several ways, including but not limited to the following:
2.1.1. when you submit any documents including consultancy agreement for using our services;
2.1.2. when you contact us via your Facebook, email, business App, phone call or other communication tools;
2.1.3. when you contact us for enquiries, via your selected mode of communication;
2.1.4. when you contact us for technical support;
2.1.5. when you request us to contact you;
2.1.6. when you submit your personal data to us for employment purposes; and
2.1.7. when the Company accesses your Facebook page through the advertisement system on the Facebook.
2.2 As the definition of “personal data” under PDPA is data, whether true or not, about an individual who can be identified (i) from that data or (ii) from that data and other information to which the organization has or is likely to have access, personal data that is collected by the Company may include some or all of the following personal information:
2.2.1. Name;
2.2.2. Nationality;
2.2.3. Date of birth;
2.2.4. Gender;
2.2.5. Occupation;
2.2.6. Age;
2.2.7. Contact information such as email addresses and telephone numbers;
2.2.8. Credit card number;
2.2.9. Bank account number; and
2.2.10. Demographic information such as address, postal code, preferences and interests.
For the avoidance of doubt, that any information provided by you as accounting information itself shall not be deemed a personal data if such information does not fall into the definition of “personal data” stated above.
2.3 Generally, the Company collects, uses and/or discloses your personal data for the following purposes:
2.3.1. examination of documents for using our services you submitted;
2.3.2. implementation and management of subject matters of the agreement for our services;
2.3.3. billing of the service fee for our services;
2.3.4. enhancing contents of our services;
2.3.5. responding to your queries and requests;
2.3.6. resolving complaints, and handling requests of and enquiries;
2.3.7. communication and marketing purposes; or
2.3.8. internal record keeping.
2.3.9. any other purposes required for the Company to provide the services.
2.4 Your personal data will be retained by the Company for as long as necessary for the fulfilment of the purposes stated above or is required to satisfy any legal, regulatory or accounting requirements.
2.5 The Company will disclose and transfer your personal data for business purposes to its parent company, subsidiaries or affiliates (including business partners, contractors and vendors), whether domestic or foreign.
2.6 The Company will take reasonable steps to protect your personal data against unauthorised collection, use and/or disclosure. Subject to the provisions of any applicable law or regulations, your personal data may be collected, used and/or disclosed for the purposes listed above (where applicable), to the following:
2.6.1. the Company’s staff;
2.6.2. agents, contractors or third-party service providers whom the company considers reasonable to provide services to the Company;
2.6.3. our professional advisers such as auditors and lawyers;
2.6.4. relevant government regulators, statutory boards or authorities, or law enforcement agencies to comply with any laws, rules, guidelines, regulations or schemes imposed by any governmental authority; and
2.6.5. any other party to whom you authorize us to disclose your personal data to.
2.7 In order to provide the best service possible, the Company may engage a data intermediary to process and handle personal data on its behalf. In these cases, we will only work with recognized personal data management firms and shall enter into contracts with these data intermediaries to include provisions that clearly set out the data intermediaries’ responsibilities and obligations to ensure compliance with the Act.
3. Concerning the consent for collection, use and/or disclosure of personal data
3.1 By submitting your personal data to the Company, you agree and consent to the collection, use and/or disclosure of your personal data by the Company for some or all of the purposes mentioned above.
3.2 If at any time we decide to collect, use or disclose your personal data in a different manner as to the purposes set out above, we will request your consent to the additional purpose(s) in writing, in which you may refuse to give at your discretion.
3.3 If you provide us with personal data relating to a third party, including but not limited to your clients’ personal data, you represent to us that you have obtained the consent of that third party to provide us with their personal data for the relevant purposes.
3.4 You may at any time withdraw any consent given in respect of the collection, use or disclosure of your personal data by giving prior notice in the form of a formal written request addressed to the Data Protection Officer.
3.5 In the event that you withdraw your consent to the Company in relation to the purposes mentioned above, the Company shall cease to collect, use and/or disclose your personal data within 30 days upon receiving your withdrawal request. Please note that once consent is withdrawn, it may not be possible for us to accomplish the purposes as set out previously above, and hence, we may be unable to continue providing the requisite services to you.
4. Concerning personal data management and security measures
The Company will take reasonable measures to protect your personal data from unauthorised access or modification, improper collection, use or disclosure, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures.
5. Concerning access, correction and accuracy of personal data
5.1 You may apply for a copy of your personal data held by the Company, or request for your personal data to be updated or corrected, by sending a formal written request to our Data Protection Officer. Please be informed that we are entitled to charge a fee to recover the costs directly related to the access of the personal data for the time and effort spent by us in responding to the same, and will let you know the amount accordingly.
5.2 Within 30 days upon receiving your request, the Company shall:
5.2.1. Provide you with a copy of your personal data under our custody and/or other relevant information in accordance with the Act therein;
5.2.2. Correct your personal data as soon as practicable and inform you that the relevant correction has been made; or
5.2.3. Inform you that your request for access or correction of your personal data is rejected, if the request was made in circumstances predefined by the Act where such access or correction is prohibited or not required.
5.3 You should ensure that all personal data submitted to us is complete and accurate. Failure to do so may result in our inability to provide you with the information or services you requested.
5.4 The Company shall make a reasonable effort to ensure that the personal data collected by or on behalf of the Company is accurate.
6. Concerning the establishment and continual improvement of a management system for personal data protection
In order to appropriately manage personal data, the Company shall continually work towards improving the development of our data management system and internal company regulations.
7. Contact information
Should you have a complaint or require more information about how we manage your personal data, please contact our Data Protection Officer at:
Email: info@whetudigital.com