Personal Data Protection Policy
In the course of the conduct of our business and in order to operate effectively, Intervino Singapore (hereinafter referred to as “INV”) might collect, use and disclose personal information about individuals, including but not limited to personal information of current, past and prospective employees and personal information of individuals related to or provided by our individual or institutional clients and suppliers.
The purpose of this policy is to detail our approach to protection of Personal Data (as defined below) and to ensure the consistent handling of Personal Data and compliance with the regulations of the Singapore Personal Data Protection Act 2012 (“PDPA”).
Further information : www.pdpc.gov.sg
“Personal Data” is defined by the PDPA as data, whether true or not, about an individual who can be identified from that data or from that data and other information to which an organisation has or is likely to have access. Personal Data collected, used and disclosed by INV will include a variety of information such as the full name, personal contact details, NRIC/Passport number, information about income, bank account information, education, work experience, date and place of birth, marital status, religion and such other information as may be required for the purposes as stated below.
Purposes of collection, use and disclosure of Personal Data
INV may collect, use and disclose Personal Data for the purposes of:
- providing services in the ordinary course of work;
- client relationship management (including sending updates, information relating to our services and business, services offered by third parties, events invitation, newsletters or publications and marketing material);
- regulatory compliance and internal record keeping;
- managing or terminating employment relationships and for evaluative purposes with respect to employees;
- evaluating and processing employment applications;
- all other purposes necessary and/or incidental to our business and all purposes necessary for or related to any of the above purposes.
Should Personal Data be required to be used for a new purpose, the data subject’s approval will be obtained prior to using his/her Personal Data for the new purpose or the data subject will be notified respectively, provided that no exemption to the consent or notification obligation applies according to the PDPA.
Disclosure and Transfer of Personal Data
Personal Data may be disclosed within INV, to any of its existing or future related or associated companies or to any other third party/ies such as auditors, professional consultants or advisors (including law firms), accountants, agents, insurers, governmental bodies and authorities or any other third party in order to satisfy the purposes for which the Personal Data has been collected.
Personal Data may also be transferred outside Singapore in accordance with the requirements of the PDPA.
Appropriate technical, organisational and administrative security measures are in place to protect Personal Data against unauthorised access, collection, use, disclosure, copying, alteration, accidental loss or theft, destruction, damage or similar risks.
Employees of INV handling Personal Data are made aware of the importance of maintaining confidentiality of the Personal Data collected. The access of employees to Personal Data is on a need to know basis only.
INV will keep Personal Data not longer than is necessary for the purpose it was collected for or for any business or legal purposes (“Purposes”). INV will take all reasonable steps to ensure that all Personal Data is destroyed, permanently deleted or anonymised if it is no longer required for those Purposes.
Personal Data held by INV is usually provided either by the data subject himself/herself and INV is therefore not responsible for its accuracy in the first instance. However, if there is a complaint about the inaccuracy of Personal Data kept by INV, that complaint can be referred to the Data Protection Officer.
Rights of Data Subject
Under the PDPA the data subject has the right to withdraw his/her consent to the collection, use and disclosure of his/her Personal Data. In the event that a data subject has withdrawn his/her consent, INV will advise the data subject on the consequences of the withdrawal and will cease to use or disclose the Personal Data in case the data subject’s consent is legally required.
According to the PDPA, the data subject has the right to access information held about him/her by INV and, if the details are inaccurate, the data subject may request that the data be amended. The right of access and correction can be exercised in accordance with the PDPA. Any access request may be subject to a fee to meet the cost for providing the data subject with details of the information INV holds about the data subject. Such request shall be made in writing to the Data Protection Officer at the address below.
Data Protection Officer
INV has appointed Mr Nicholas Leong as their Data Protection Officer. Any requests and complaints shall be addressed to the Data Protection Officer. The Data Protection Officer can be contacted via the email address : firstname.lastname@example.org
Amend of Policy
INV reserves the right to change or amend this Personal Data Protection Policy from time to time at its sole discretion. The revised Policy will be available from the Data Protection Officer.
Updated 1 Dec 2015