Data Privacy Notice

Introduction

We at the Data Protection Excellence Network[1] (DPEX) (registration no 53367565X) respect the privacy and confidentiality of personal data in our possession or under our control. We have implemented policies and practices to safeguard the collection, use, disclosure, storage and other processing of personal data provided to us.

How We Collect Your Personal Data About You

We collect personal data from the following sources:

Internal Collection Channels

  • Social Media – Corporate Admin
  • Website – Corporate (via submission forms, emails, chatbots)
  • International / Overseas Collection Points
  • Associate
  • Department – Sales
  • Telemarketing
  • Seminar / Event / Exhibition Customer Service / Support

External collection channels

  • Outsourced Services – Marketing / Events
  • Outsourced Services – Payroll Educational Institutions
  • External Sales Associates Associate
  • Public Sources (Professional and Trade Associations) Others Outsourced Providers
  • Third-party collection agents Public Agencies
  • Referrals Financial Advisors

Data Collectors

  • Payroll
  • Agents / Associates / Affiliates Marketing
  • Business Development Support Services Operations
  • Training Logistics Administration
  • Accounts
  • Sales

Types of Personal Data About You that We Process

The types of personal data we collect about you and process (or have a service provider process on our behalf) may include:

  • Authentication
  • Communication and Correspondence Computer Device
  • Criminal Background / Past Offences Demographic
  • Education Qualifications
  • Financial Information
  • Personal Contact Information Personal Details
  • Photos & Video Footage Professional Profile

Our Purpose(s) for Processing Personal Data About You

We use and otherwise process the personal data we have collected about you for one or more of the following purposes:

Accounting/Finance

  • Account payables/receivables Claims & disbursements Income tax returns
  • Sales commissions

Banking & Financial services

  • Process and administer financial records Provide updates on changes / notifications

Education

  • Process applications, registrations or enquiries

General

  • Billing and other credit-related activities Billing and payment processing
  • Carry out our obligations arising from any contracts entered into between you and us Create, develop, operate, deliver and improve our products and services
  • Delivery of products and services Develop new products and services Fulfil legal requirements
  • Fulfil orders and services
  • Fulfil requests for products and services
  • Internal purposes for accounting, auditing and booking Investigate complaints, claims and disputes
  • Obtain opinions, comments about products and services
  • Pass information about you to our agents and associates to carry out services
  • Process applications and registration Process contract renewals and upgrades Process payment for products and services
  • Process payment for purchases and transactions
  • Provide information to partners that perform services for the company
  • Provide security-related services
  • Respond to queries and feedback Send information and updates
  • Submit orders for products and services Update records in our database
  • Verify your identity, and process orders and applications for services

Marketing

  • Analyse sales and marketing data Conduct direct marketing activities
  • Conduct joint marketing with other companies and service providers Conduct lead generation activities
  • For purpose of marketing, promotions, and customer relationship management Provide information about products and services
  • Provide information on events, conferences, seminars or workshops
  • Send latest product announcements, software updates and upcoming events

Who We Disclose Personal Data About You To

We disclose some of the personal data we have collected about you to the following parties or organisations outside DPEX:

Banks & Financial Institutions

  • Banks

Business Associates & Professional Advisors

  • Partners
  • Sales Associates

Data Processing and Hosting Companies

  • Cloud Service Providers Database Companies IT/Technical Support Webhosting Companies

Education and Training Establishments, and Examining Bodies

  • Certification Authorities Commercial Training Providers Examination Bodies

Providers of Professional Services

  • Accounting Services
  • Information Technology Service Providers Legal Services
  • Other Professional Services

Suppliers and Providers of Goods or Services

  • Application Service Providers Call / Contact Centres Freight / Courier Services Mailing Houses
  • Payroll Processing Services

The Media

  • Digital Media Newspapers
  • Other Media Organisations

Trade & Industry Associations, and Professional Bodies

  • Banking Association (e.g. ABS)
  • Insurance Association (e.g. General Insurance Association) Real Estate Association (e.g. CEA for real estate companies)

How We Manage the Collection, Use, Disclosure and Storage of Your Personal Data

Obtaining Consent

If we collect personal data directly from you, we will ordinarily notify you of the purposes for which we are collecting it and obtain your express consent to us collecting, using and disclosing it for those purposes.

However, when you voluntarily provide personal data to us for a purpose and it is reasonable that you do so we may rely on you being deemed to have consented to us collecting, using and disclosing your personal data for that purpose.

Under certain circumstances, we may collect, use and/or disclose personal data about you without your consent for example, so that we can comply with our statutory obligations or where personal data is publicly available.

Third-Party Consent

If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must obtain consent from that individual in order for us to collect, use or disclose his/her personal data.

How You Can Limit Processing of Personal Data About You

Withdrawal of Consent

If you have given us consent to collect, use, disclose and otherwise process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of your withdrawal of consent. We will notify you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future updates or that the quality of our service may be impacted.

Your request for withdrawal of consent can take the form of an email or letter to us, or through the UNSUB feature in an online service.

Accessing and Making Corrections to Personal Data About You

You may ask us in writing to tell you what personal data we hold about you and how we have, or may have, used or disclosed it within a year before the date of your request. We will respond to your request as soon as reasonably possible and, in any event, we will respond to you within 30 days after receiving your request. We may charge a fee for processing your request, but we will let you know the amount of the fee before you incur it.

You may also ask us to correct an error or omission in the personal data we hold about you. Unless we are satisfied on reasonable grounds that a correction should not be made, we will correct the personal data as soon as practicable.

When you make any such request, we may need to verify your identity – for example, by checking your identity card number or other legal identification document.

Accuracy of Your Personal Data

We will take reasonable precautions and make reasonable verification checks to ensure that the personal data we hold is reasonably accurate, complete and up-to-date.

From time to time, we may do a verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us if there are any changes in the personal data we hold about you (such as a change in your home address).

Protection of Personal Data

We have implemented an Information Security Policy that governs how we protect personal data. We make reasonable security arrangements to protect personal data about you that is in our possession or under our control to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All our employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.

Entities that provide services to us to process personal data on our behalf will be bound by contracts with us that that require them to provide sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out and to take reasonable steps ensure compliance with those measures.

Retention of Personal Data

We will not retain any documents containing personal data about you as soon as it is reasonable to assume that the purpose for which we collected that personal data is no longer being served by retention of it and retention is no longer necessary for legal or business purposes.

We have a Document Retention Policy that spells out when we must cease to retain personal data and that requires documents and personal data to be destroyed (paper documents) or deleted (electronic documents and data stored in databases) securely. Certain retention periods are based on statutory or regulatory requirements.

Transfer of Personal Data

If there is a need for us to transfer personal data about you to a country or territory outside Singapore, we will ensure that the recipient organisation will be obliged to provide a standard of protection to such transferred data that is comparable to the protection it receives under Singapore law.

Location Information

Note that if you give us the permission to do so via your mobile device, we may use and store information about your location. We use this information to provide features of our Service in order to improve and customize our Service. You can enable or disable location services when you use our Service at anytime, through your mobile device settings.

Tracking of User Activity

Where we track user activity, we will document this in our Data Inventory, and disclose such activity in our Privacy Notice.

Compliance With Laws

Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.

Links To Other Sites

Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party’s website. It is important that you review the Privacy Policy of every site you visit. We have no control over, and are unable to assume any responsibility for, the content, privacy policies or practices of any third party sites or services.

Changes To This Data Protection Policy

We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page.

Contacting Us

If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Policy, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may contact our Data Protection Officer(s).

Any query or complaint should include, at least, the following details:

  • Your full name and contact information
  • A brief description of your query or complaint

[1]           Data Protection Excellence Network is a business name of Straits Interactive Pte Ltd (reg’n number 201314437K).