PERSONAL DATA PROTECTION POLICY
This Data Protection Policy (“Data Protection Policy”) is to inform you how Kingsmen Creatives Ltd (including its related corporations and business units) (collectively, “we”, “us”, or “our”) may collect, use, disclose or otherwise process your personal data in accordance with the Personal Data Protection Act (No. 26 of 2012) (“PDPA”). This Data Protection Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
- As used in this Data Protection Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. This includes personal data of any clients, customers, business partners, guests, exhibitors, organizers, contractors, suppliers, vendors, and any government agencies and boards.
- Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name and identification information such as your NRIC number, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, photographs and other audio-visual information, employment information and financial information such as credit card numbers, debit card numbers or bank account information.
In general, we do not collect, use or disclose an individual’s NRIC number or a copy of the NRIC, except in the following circumstances:
- Collection, use or disclosure of the NRIC number or copy of the NRIC is required under the law; or
- Collection, use or disclosure of the NRIC number or copy of the NRIC is necessary to accurately establish and verify the identity of the individual to a high degree of fidelity.
- In situations where we have to collect, use or disclose an individual’s NRIC number or a copy of the NRIC, we will notify the individual of the purpose for doing so. We will also ensure that there are adequate security arrangements to prevent any unintended disclosure of the NRIC and the information contained therein. Where applicable, we may also collect a portion of your partial NRIC number.
Other capitalised terms used in this Data Protection Policy shall have the meanings given to them in the PDPA (where the context so permits).
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
- We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law). If you provide us with any personal data relating to a third party, by submitting such information to us, you represent that you have obtained the consent of the third party to provide us with their personal data for the respective purposes.
We may collect your personal data in any or all of the following ways:
- When you submit your personal data to us for the provision of our products or services;
- When you interact with our staff (including any face-to-face meetings or telephone calls);
- When you respond to our promotions, or subscribe to our mailing lists;
- When you enter into an agreement with us (this includes options to purchase, sale and purchase agreements, tenancy agreements, lease agreements, licensing agreements, or any other agreements); and
- When you submit your personal data to us for any other reason.
- We may collect, use and disclose your personal data for any or all of the following purposes:
- Performing obligations in the course of or in connection with our provision of the goods and/or services requested by you or pursuant to any agreement;
- To help us review, manage and develop our goods and services by analysing customer needs;
- Verifying your identity;
- Responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
- Managing your relationship with us;
- To protect and enforce our contractual and legal rights and obligations;
- To handle any disputes and conduct any necessary investigations;
- Processing payment or credit transactions;
- Sending you marketing information about our goods or services;
- Subscribing you to our mailing list;
- To facilitate any of our proposed or actual business transactions (including any merger, acquisition or asset sale);
- Complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
- Any other purposes for which you have provided the information;
- Transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
- Any other incidental business purposes that are reasonably related to or in connection with the above.
In addition, we may collect, use and disclose your personal data for any or all of the following specific purposes if you submit an application to us as a candidate for employment:
- To process your job application;
- To provide or to obtain references for background screening;
- To collect information about your suitability for the position;
- To assess your performance;
- To administer benefits and payroll processing;
- To provide you with the necessary tools that are required for you to do your job;
- To develop training and staff development programs;
- To communicate with you as required to ensure compliance with our policies and processes; and
- Any other purpose in relation to any of the above.
For the purposes listed above, we may disclose your personal data:
- Where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you;
- To our affiliated or related corporations or business units;
- To our professional advisors (including our auditors and lawyers);
- To anyone to whom we transfer or may transfer our rights and duties;
- To banks, credit card companies and their respective service providers;
- Where such disclosure is required by any government, statutory or regulatory authority or law enforcement agency to comply with any laws or rules and regulations;
- To third party service providers, agents and other organisations we have engaged to perform any of the functions listed in Clauses 2.3 and 2.4 above for us; or
- To any other party to whom you authorise us to disclose your personal data.
- The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
- We may also have specifically notified you of other purposes for which we collect, use or disclose your personal data in relation to certain goods or services that we provide. If so, we will then collect, use and disclose your personal data for these additional purposes as well, unless we have specifically notified you otherwise.
WITHDRAWING YOUR CONSENT
- The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided at Clause 12 below.
- Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
- Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in Clause 3.1 above.
- Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
ACCESS TO AND CORRECTION OF PERSONAL DATA
- If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided at Clause 12 below.
- Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request
- Please note that if your personal data has been provided to us by a third party, you should request the relevant third party to make the access or correction request on your behalf.
- We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
PROTECTION OF PERSONAL DATA
- To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
- You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
ACCURACY OF PERSONAL DATA
- We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided at Clause 12 below.
- For all the purposes mentioned at Clause 2 above, you should ensure that all personal data that you provide to us is accurate and true. Failure to do so may result in us being unable to provide the goods and services you have requested.
- We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
- We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
TRANSFERS OF PERSONAL DATA
- Your personal data may be transferred out of Singapore for the purposes described at Clause 2.3 and Clause 2.4 above. In particular, your personal data may be stored in external servers that are located out of Singapore, or may be transferred out of Singapore where it is necessary to share your personal data with and between our related corporations and business units, and third party service providers.
- We are committed to protecting your personal data when it is transferred out of Singapore. Where your personal data is transferred out of Singapore, we will take reasonable steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. For example, we may enter into contracts or impose binding corporate rules with the recipients of your personal data to protect your personal data in a manner that is compliant with all applicable laws. You may obtain further information in this regard by contacting our Data Protection Officer in writing or via email at the contact details provided at Clause 12 below.
- You may refuse to accept cookies on your browser by modifying the settings in your browser or internet security software. However, you should be aware that if you do so, you may not be able to use certain functions that are available on our website.
- If you would like to contact us with any queries or comments please contact our Data Protection Officer at the details provided at Clause 12 below.
- An IP address is a number that is automatically assigned to your computer when you sign up with an Internet Service Provider.
- When you visit our website, your IP address is automatically logged in our server. We use your IP address to administer the website and track the movements of internet users. Generally, we do not link your IP address to anything that can enable us to identify you unless it is required by the applicable laws or regulations.
THIRD PARTY SITES
Our websites may contain links to other websites that are operated by third parties. As we have no control over and are not responsible for the privacy practices of websites operated by these third parties, we encourage you to check the privacy policies of such third party websites.
DATA PROTECTION OFFICER
You may contact our Data Protection Officer at firstname.lastname@example.org, if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request.
If you have provided us with your Singapore telephone number(s) and have indicated that you consent to receiving our marketing or other promotional information by way of your Singapore telephone number(s), then from time to time, we may contact you using such Singapore telephone number(s) even if these telephone number(s) are registered with the “Do Not Call” Registry. You may however let us know in writing if you do not wish to be contacted by us at your telephone number(s) for such purposes.
This Data Protection Policy shall be governed by and shall be construed in accordance with the laws of Singapore. You hereby submit to the non-exclusive jurisdiction of the Singapore courts.
EFFECT OF DATA PROTECTION POLICY AND CHANGES TO DATA PROTECTION POLICY
- This Data Protection Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
- For the avoidance of doubt, this Data Protection Policy forms a part of the terms and conditions governing your relationship with us and should be read in conjunction with those terms and conditions.
- We may revise this Data Protection Policy from time to time without any prior notice to reflect any changes in the applicable laws or the way in which we collect, use and disclose your personal data. You are encouraged to re-visit our Data Protection Policy from time to time to keep yourself updated on these changes. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.