We disclose some of the personal data we have collected about you to the following parties or organisations outside SGTech:
- External advisors e.g. auditors, lawyers, consultants
- Insurance companies
- IT/technical support, IT service providers
- Web-hosting companies, cloud service providers
- Banks, payment card processing companies
- Recruitment Agencies / Head hunters / Prospective employers
- Commercial service and training providers
- Other government agencies (e.g. Ministry of Manpower, Ministry of Health, Infocomm Media Development Authority etc)
How We Manage the Collection, Use and Disclosure of Your Personal Data
- Obtaining Consent
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We next obtain written confirmation from you on your expressed consent.
We will not collect more personal data than necessary for the stated purpose.
Under certain circumstances, we will rely on deemed consent when you voluntarily provide your personal data for the stated purpose and it is reasonably appropriate to do so, e.g. when you submit a membership application to us.
Please note that SGTech will be exempted from obtaining consent for collection, use or disclosure based on the conditions and circumstances specified under the 2nd, 3rd, and 4th Schedules of the PDPA.
- Third-Party Consent
If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his/her personal data.
- Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. You have to be aware, though, of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us or our clients.
Your request for withdrawal of consent can take the form of an email or letter to us, or through the “UNSUB” feature in an online service.
How You Can Access and Make Correction to Your Personal Data
You may write in to us, based on reasonable grounds, to find out how we have been using or disclosing your personal data. We are obligated under the PDPA to allow you access to your personal data of the past one year, and to make any correction if there is any error or omission. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document.
We will endeavor to fulfill your request within 30 days, with an estimate of the fee for processing the request (if applicable). If we are not able to do so within 30 days, we will notify you of the additional time required.
How We Ensure the Accuracy of Your Personal Data
We will take reasonable precautions and verification checks to ensure that the personal data we have collected from you is reasonably accurate, complete and up-to-date. From time to time, we may do a verification exercise with you to update us on any changes to your personal data.
How We Protect Your Personal Data
We will take the reasonable security arrangements to protect your personal data that is in our possession to prevent unauthorised access, use, disclosure, or similar risks. We will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.
External Data Intermediaries who process and maintain your personal data on our behalf will be bound by contractual information security arrangements we have with them.
How We Retain Your Personal Data
We will not retain any of your personal data under our charge when the original purpose has been fulfilled or it is no longer necessary for any business or legal purposes. Based on our Document Retention Policy, we will ensure that your personal data that are no longer needed by us will be destroyed or disposed of in a secure manner.
How We Transfer Your Personal Data
If there is a need for us to transfer your personal data to another country, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.
Tracking of User Activity
Where we track user activity, we will document this in our data inventory, and disclose such activity in our External Privacy Notice.
We use Tracking Tools such as Google Analytics
- Use of Cookies
We use "cookies" to collect information about your activity on our web site. Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive. You can instruct your browser to refuse all cookies or to indicate them when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our web site.
- Behavioural Re-marketing
Where we use re-marketing services to advertise on third party web sites to you after you have visited our website, we, and our third party vendors, use cookies to inform, optimize and serve ads based on your past visits to our website.
The following is used for re-marketing services for purposes of advertising:
- Re-marketing and behavioural targeting - Google Analytics for display advertising
You can opt out of these re-marketing services by visiting the web site of the relevant third party vendor(s).
Compliance with Laws
Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.
Links to Other Sites
Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party's website. It is important that you review the Privacy Policy of every site you visit. We have no control over, and are unable to assume any responsibility for, the content, privacy policies or practices of any third party sites or services.
Changes to this Data Protection Policy
We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page.
Contacting Us
If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Policy, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may
contact our Data Protection Officer(s) by submitting this form here.
We treat such queries and complaints seriously and will deal with them confidentially and within reasonable time.
Our Processing Activities