DATA PROTECTION & PRIVACY STATEMENT
This statement (“Data Protection & Privacy Statement”) outlines how we may collect, use, disclose, and manage your personal data in accordance with The Personal Data Protection Act (“PDPA”). Please visit the Personal Data Protection Commission (“PDPC”) website for general information on personal data protection.
This Data Protection & Privacy Statement seeks to explain how APacTrust Consulting Group (“APT”) collects and uses personal data and the rights you have regarding your personal data. In this statement, APT refers to companies within the APacTrust Consulting Group.
Please read our statement carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.
Introduction
At APacTrust Consulting Group (collectively the “Group”) we respect the privacy and confidentiality of the personal data of our Clients, Associates, and others with whom we interact within the course of providing our services. We are committed to implementing policies, practices, and processes to safeguard the collection, use, and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012, the relevant laws, and sectoral and international guidelines.
We have developed this statement to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.
Collection Of Information
Personal data refers to any information that can uniquely identify an individual person (a) on its own, or (b) when combined with other information. Under the PDPA, business contact information (e.g. full name, business address, business telephone number) is not considered personal data so long as it is used strictly for business-to-customer (B2C) transactions.
We collect your personal data when you:
- Enter into business-to-customer transactions with us such as engaging our corporate secretarial, tax, or outsourced accounting services; and
- Enter into an employment contract or apply for a job position with us.
- APacTrust Consulting Group may also collect Personal Data from you in one or more of the following ways or circumstances:
- Information provided directly: You may be asked to provide Personal Data when you visit or use some parts of our websites and/or services. You do not have to provide us with your Personal Data; however, it could mean that you are not able to access some parts of our website or use our services.
- Information collected automatically: Some information is collected automatically, such as an IP address and device type, when you visit our websites or use our services. This information is useful to us as it provides us with a better understanding of how you are interacting with our websites and services so that we can continue to provide you with the best experience possible.
- Information from third parties: The majority of information that we collect is collected directly from you. Some data may be collected from other sources, such as information that is available in the public domain. We use this information to supplement the Personal Data that we have collected from you.
Types Of Personal Data We Collect
The types of personal data we collect about you include:
- Your contact information (Name, Address, Phone No., Email Address);
- Your personal details (Name, Gender, Date of Birth, Country of Birth, Country of Residence, Citizenship, Nationality, Race/Ethnicity);
- Your billing and payment information such as credit card numbers, debit card numbers, or bank account information;
- Your personal and professional details in your curriculum vitae when you apply to us for a job;
- Your scanned copies of National Registration Identity Card (NRIC), passport, photograph, proof of residential address, audio-visual information, bankers, and professional references.
Purposes For Collection And Usage Of Personal Data
APacTrust Consulting Group will only collect and use your Personal Data from/or related to an individual that is reasonably considered necessary for the relevant purposes underlying such collection, use, or disclosure, which may include but is not limited to the following:
Facilitating APacTrust Consulting Group’s provision of products and services which are used by you and from time to time with newsletters, marketing or promotional materials, and any other information that may be relevant to you;
- Performing obligations in the course of or in connection with our provision of the services requested by you;
- Verifying your identity for the purpose of due diligence check in accordance with the sectoral laws;
- Communicating with you to assist you with your inquiries;
- Dealing with administrative matters relating to the product and/or services purchased and/or subscribed to by you;
- Handling and processing queries, requests, applications, complaints, and feedback from you;
- Conducting market research and customer satisfaction surveys;
- Sending information about our services including notifying you of our events and initiatives;
- Complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any government and/or regulatory authority;
- Any other purposes that we notify you of at the time of obtaining consent (collectively known as the “Purposes”).
- The Purposes for which we may/will collect, use, or disclose your Personal Data depend upon the circumstances at hand. We will notify you of the purpose at the time of obtaining your consent to collect the data.
Disclosure Of Personal Data
There may be occasions where we may need to share your Personal Data with third parties. APacTrust Consulting Group will disclose your Personal Data only in the following circumstances:
- to APacTrust Consulting Group’s third-party service providers or agents;
- to APacTrust Consulting Group’s auditors and professional advisors;
- to regulators, law enforcement bodies, government agencies, courts or any other third party to whom disclosure is permitted or required by any applicable law or regulation;
- to other parties where we have your consent.
Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
Ensuring The Accuracy Of Your Personal Data
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading, and kept up-to-date.
From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us on any changes to your personal data (such as a change in your mailing address).
Storage And Protection Of Personal Data
Security of your personal data is important to us. We take appropriate action to protect personal data from loss, misuse, unauthorized access or disclosure, alteration, or destruction using the same safeguards as we use for our own proprietary information. We have also put in place reasonable and appropriate organizational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorized persons on a need-to-know basis.
When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organizational and technical security measures, and have taken reasonable steps to comply with these measures.
Retaining Your Personal Data
The length of time that we keep your Personal Data depends on what it is and whether we have an ongoing business need to retain it. We will only retain your data for as long as we have a business relationship with you and for a period of time afterward where we have an ongoing business need to retain it, or where we are required by law to retain it.
Upon the expiry of time relating to any business needs or legal requirements to retain your Personal Data, we will ensure that your Personal Data is deleted or anonymized. We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.
Accuracy Of Personal Data
Information voluntarily provided by you to APacTrust Consulting Group shall be deemed complete and accurate. We will take reasonable steps to verify the accuracy of Personal Data received at the point of collection, but you will remain primarily responsible and liable to ensure that all Personal Data submitted by you to APacTrust Consulting Group is complete and accurate.
We will also take reasonable steps to periodically verify the Personal Data in its possession, taking into account the scope of its operations. However, you remain responsible for notifying APacTrust Consulting Group from time to time, of any applicable changes to your Personal Data. You can amend your Personal Data on the APacTrust Consulting Group Platform or you may notify our customer success team of any changes to your Personal Data by email at dpo@apactrust.com anytime.
APacTrust Consulting Group shall not be held liable for any inability on its part to provide services to you if you fail to ensure that your Personal Data submitted to us is complete and accurate.
Accessing And Correcting Of Personal Data
You may request (i) access to any Personal Data that is currently in our possession or control; and/or (ii) correction of any data that is currently in our possession or control by contacting us by email
When you request access to your Personal Data within our possession or control, we will seek to provide you with the relevant information within 30 days.
If you find that the personal data we hold about you is inaccurate, incomplete, misleading, or not up-to-date you may ask us to correct the data. Upon your written request, we will correct any inaccurate Personal Data that is within our possession or control within 30 days.
Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date, we receive your request.
With your consent, once we have corrected your Personal Data, we will send the corrected Personal Data to all organizations to which your Personal Data was disclosed by APacTrust Consulting Group within a year before the correction was made unless that organization does not require the corrected Personal Data for any legal or business purpose.
Transferring Of Personal Data & Data Portability
We generally do not transfer your personal data to countries outside of Singapore. However, if there is a need to transfer your personal data to another country, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as those in Singapore.
Withdrawal Of Consent
The consent that you provide for the collection, use, and disclosure of your personal data will remain valid until such time it is withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at dpo@apactrust.com
Your withdrawal of consent could affect the services that we are able to provide to you. Depending on the extent of your withdrawal of consent for us to process your Personal Data, it may mean that we are not able to continue with our existing business relationship. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use, and disclosure without consent is permitted or required under applicable laws.
Third-party Consent
If you do a transaction with us on behalf of another individual that will require you to provide that individual’s personal data to us, you must ensure that this individual has given his/her expressed consent to provide his/her personal data to us through you. We will require you to get a written confirmation from this individual that he/she has indeed given his/her expressed consent to you for us to collect, use or disclose his/her personal data.
Link To Other Websites
Our websites may contain links to other websites operated by third-party companies with different privacy practices. You should remain alert and read the privacy statements of other sites. We have no control over the personal data that you submit to or receive from these third parties.
Changes To This Data Protection & Privacy Statement
We may update this Data Protection & Privacy Statement from time to time. We will notify you of any changes by posting the latest Statement on our website. Please visit our website periodically to note any changes. Changes to this Statement take effect when they are posted on our website.
Contacting Us
If you have any queries or feedback regarding this Statement or any complaints you have relating to how we manage your personal data, you may write to our Data Protection Officer (DPO).
For unsolicited personal data that you may receive, you may contact our DPO and delete it accordingly.
Any query or complaint should include, at least, the following details:
- Your full name and contact information
- Brief description of your query or complaint
We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.