This Data Protection Policy outlines how your Personal Data will be managed in accordance with the Personal Data Protection Act (“PDPA”) which strives to protect personal data of individuals. Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we may collect, use and/or disclose your Personal Data.
What is the Personal Data Protection Act?
The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognizes both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organizations to collect, use or disclose personal data for legitimate and reasonable purposes.
Objectives of the Personal Data Protection Act
Today, vast amounts of personal data are collected, used and even transferred to third party organizations for a variety of reasons. This trend is expected to grow exponentially as the processing and analysis of large amounts of personal data becomes possible with increasingly sophisticated technology.
With such a trend comes growing concerns from individuals about how their personal data is being used. Hence, a data protection regime to govern the collection, use and disclosure of personal data is necessary to address these concerns and to maintain individuals’ trust in organizations that manage data.
How does the Personal Data Protection Act Work?
The PDPA will ensure a baseline standard of protection for personal data across the economy by complementing sector-specific legislative and regulatory frameworks. This means that organizations will have to comply with the PDPA as well as the common law and other relevant laws that are applied to the specific industry that they belong to, when handling personal data in their possession.
The PDPA takes into account the following concepts:
Consent – Organizations may collect, use or disclose personal data only with the individual’s knowledge and consent (with some exceptions);
Purpose – Organizations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure;
Reasonableness – Organizations may collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.
1. Personal Data
In this Data Protection Policy, “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Examples of such Personal Data include:
Name, date of birth, and sex;
Nationality, NRIC number / FIN number / passport number;
Telephone and mobile phone number;
Personal and/or professional email address;
Personal data of your spouse and children
Photograph(s), video image, and CCTV footage;
Any other information that might be shared whilst you participate in our activities and events, contests, surveys and/or other
2. Collection of Personal Data.
We collect these personal data when necessary to meet the purposes for which the referred data were submitted.
3. Purposes for the Collection, Use and Disclosure of Personal Data.
We will only collect, hold, process, use, communicate and/or disclose such personal data, in accordance with this policy for the following purposes:
To respond to a particular request or for the purposes for which it was provided to us as stated at the time of the collection;
Inform you about our related updates, policies and other notices
Provide offers, invitations to events and deliver advertising messages via email or your mailing address with your prior consent or if otherwise permitted under local laws and regulations
Publish photos, in which you might appear, on our website or in our newsletter.
We will not use, disclose or process your Personal Data for purposes which are not stated above or for which we have not obtained your consent. If we wish to use, disclose or process your Personal Data for another purpose we will seek your prior written consent.
4. Disclosure of Personal Data
We do not disclose personal data to third parties except when required by law or when we have your consent or deemed consent to do it.
5. Withdrawal of Consent
If you wish to withdraw your consent to any use or disclosure of your Personal Data as set out in this Data Protection Policy, you may contact us via email at email@example.com
Please note that if you withdraw your consent to any or all use or disclosure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to administer any relationship in place.
6. Access and Correction of your Personal Data
You may request access to or make corrections to your Personal Data records.
Please submit your request to our Data Protection Officer via email: firstname.lastname@example.org
7. Accuracy of Personal Data
We will make a reasonable effort to ensure that personal data collected by us or on our behalf is accurate and completed.
8. Security and Protection of Personal Data
We have implemented generally accepted standards of technology and operational security to protect the personal data in our possession or under our control and to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks.
9. Retention of Personal Data
We shall retain your personal data for as long as is necessary for the above mentioned purposes and take reasonable measures to destroy any personal data that is no longer necessary to meet those purposes.