PERSONAL DATA PROTECTION NOTICE
1. This Personal Data Protection Notice (“Notice”) sets out the basis which Activate Interactive Pte Ltd may collect, use, disclose or otherwise process personal data of persons in accordance with the applicable personal data protection laws and regulations.
2. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data which you provide to us, in compliance with the Singapore Personal Data Protection Act (“PDPA”).
3. We have developed this Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.
4. By providing us with your personal data, you consent to our collection, use and disclosure (including transfer) of your personal data in accordance with this Notice. Please DO NOT provide any personal data to us if you do not accept and agree to abide by the terms of this Notice.
5. In the course of our business, we may be collecting, using, disclosing and processing personal data on behalf of third parties. In such situations, we are obligated to abide by their instructions in relation to such personal data and to the extent that such instructions conflict with the terms of this Notice, this Notice may not be applicable.
6. Personal data refers to any information that can uniquely identify an individual person (a) on its own, or (b) when combined with other information. Under the PDPA, business contact information (e.g. full name, business address, business telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.
7. Examples of personal data include name, address, contact details, identification numbers, fingerprint or other biometric identifier, telephone numbers, passport information, email address, bank account information, CCTV footages and photographs.
8. Voluntary provision of personal data. Your provision of personal data to us is voluntary. However, if you choose not to provide us with the personal data we require, it may not be possible for us to contact you or provide you with the products or services that you require from us.
9. Providing personal data belonging to others. If you provide the personal data of anyone other than yourself (including your family members), you warrant that you have informed him/her of the purposes for which we are collecting his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes.
10. Accuracy and completeness of personal data. You must ensure that all personal data that you provide to us is true, accurate and complete. You must inform us as soon as practicable once you become aware that any personal data provided to us is not true, accurate or complete in any respect.
Collection of Personal Data
We collect your personal data in the following situations:
11. When you visit or connect with us through our websites and through social media platforms;
12. When you are referred to us for our products or services by one of our vendors, employees or clients;
13. When you enter into an agreement or contract with us to provide you with our services;
14. When you submit your CV and job application form to us (via email, in response to our recruitment advertisements, through employment agents or via our corporate job portal);
15. When you sign a contract to join our company as an employee on a permanent or contractual basis;
16. When you submit your visa and employment pass application forms through us to apply to the relevant government agencies on your behalf;
17. When you access or request for access to our premises (via CCTV footages of camera installed in our company premises and user log book, when checking in and out of our company’s premises);
18. When you contact us whether through email, fax, telephone, or by posting on our corporate websites and social media platforms;
19. When you submit your personal data to us for any other reason;
Protection of Personal Data
We have put in place reasonable and appropriate administrative, physical and technical measures to ensure your personal data in our possession or control from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks with implementation which is not limited to the following:
20. Up-to-date antivirus protection.
21. Data encryption, firewalls and secured network protocols to protect against loss. These are governed by our internal data protection and information security policy.
22. User Access management of your personal data to share only with authorised persons on a ‘need to know’ basis.
23. When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.
24. However, no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your personal data and are constantly reviewing and enhancing our information security measures.
Use of your Personal Data
Generally, we collect, use or disclose your personal data for the following purposes:
25. Service related purposes:
a) To manage your business or employment relationship with us;
b) To provide you with the products and services that you have requested, including services from third party service providers;
c) To respond to your inquiries and feedback in order to improve our quality of service;
d) To contact you for feedback after the provision of our products and services; and
e) To keep you updated on our products and services.
26. Business purposes. We may also use your personal data for purposes connected or relevant to our business, such as:
a) Complying with our legal obligations and regulatory requirements;
b) Enforcing obligations owed to us;
c) Research into the development of new products and services or improvement of our existing products and services;
d) Accounting, risk management and record keeping;
e) Carrying out research, planning and statistical analysis;
f) Staff training;
g) Analysing your visits to our websites and social media platforms;
h) Processing account payables/receivables;
i) Processing work and employment passes of our employees with the relevant government agencies;
j) Enrolling our employees in government funded programmes;
k) Processing job applications, recruitment and selection of employees;
l) Carrying out our obligations arising from any contracts entered into between you and us;
m) Monitoring and security purposes
(for example, your image may be captured by security camera on our premises or your identification documents retained to monitor your access to and exit from our premises.);
n) Processing purposes - we may collect, use or disclose personal data as a data intermediary on behalf of another organisation. In such cases, we will merely be processing the personal data collected from you on behalf of that organisation;
o) Sharing with potential clients for business related purposes, including security screening and clearance;
p) Contacting you for any of the above purposes. We may contact you via post, fax, e-mail, SMS, WhatsApp, telephone or any other means;
27. We may disclose some of the personal data you provide us, to the following entities or organisations outside Activate Interactive in order to provide our services to you:
a) Our existing and potential Clients;
b) Certification or regulatory authorities where required;
c) Our existing and potential vendors we work with;
d) Government agencies – including Ministry of Manpower, CPF Board, IRAS, IMDA;
28. Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
29. We will not trade in or sell your personal data to third parties.
30. Disclosure to service providers. You agree that we may disclose your personal data to third parties whom we engage to provide the necessary products or services, including but not limited to:
a) Service providers and data processors working on our behalf and providing services such as human resource management, debt collecting, hosting and maintenance services, delivery services, handling of payment transactions, marketing etc;
b) Consultants and professional advisers (such as accountants, lawyers, auditors, managing agents);
c) Cloud Service Providers such as AWS and Azure;
d) Regulatory authorities, statutory bodies or public agencies for the purposes of complying with their respective requirements, policies, directives and guidelines;
Disclosure of Information
Managing the Collection, Use and Disclosure of Your Personal Data
31. Obtaining Consent
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so and we will obtain consent from you, if we have not already done so. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data to us for the stated purpose, e.g. when you apply for a job with us using our job application forms. We may rely on exceptions to the need for consent under the PDPA for the collection, use or disclosure of your personal data under the following circumstances:
a) The personal data is publicly available;
b) The personal data is disclosed by a public agency or disclosed to a public agency;
c) The personal data is necessary for any investigation or proceedings;
d) The personal data is necessary for evaluative purposes (e.g. determining the suitability of a job applicant for the job applied for);
e) The personal data is necessary for the purpose of managing or terminating an employment relationship;
32. Withdrawal of Consent
You may withdraw your consent given for any or all purposes set out in this Notice by contacting our Data Protection Officer (see “How to contact us” section below). If you wish to withdraw your consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information, we may not be able to inform you of future products and services offered by us or further process your job application.
We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.
Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session. You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web applications.
34. Third-Party Consent
We do not obtain consent on behalf of another individual. We only obtain consent from the individual who will be providing personal data and dealing directly with us.
Accuracy of Your Personal Data
35. We take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date. If we are in an ongoing business or employment relationship with you, it is important that you update us of any changes to your personal data (such as a change in your telephone number, email address or mailing address).
Access to and Correction of personal data
36. If you find that the personal data in our possession is inaccurate, incomplete, misleading or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within 30 days, we will let you know the estimated time required for us to respond to your request.
37. We may be prevented by law from complying with your request. We may also decline your request if the law permits us to do so or if your records have already been deleted from our database in accordance with our internal data retention policies.
Amendments and Updates
38. We may amend this Notice from time to time and will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to be updated of any changes.
39. Changes to this Notice take effect as and when they are posted on our website.
41. You may write in to us to find out how we have been using or disclosing your personal data over the past one year. Before we accede to your request, we may need to verify your identity by sighting your NRIC or other legal identification document.
42. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know the estimated time required for us to respond to your request.
43. We may also charge you a reasonable fee for the cost involved in processing your access request. If so, we will inform you of the fee before processing your request.
Retention of Personal Data
44. We may retain your personal data for as long as it is necessary to fulfil the purposes for which they were collected, or as required or permitted by applicable laws.
45. We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data were collected and are no longer necessary for legal or business purposes.
Transfer of Personal Data Outside of Singapore
46. We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
If you have any query or feedback regarding this Notice, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) in the following manner:
Email Address : firstname.lastname@example.org
Address : #13-08 SINGPOST CENTRE, 10 EUNOS ROAD 8, SINGAPORE 408600
Any query or complaint should include, at least, the following details:
Your full name and contact information
Brief description of your query or complaint
We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.
Last Updated: 20/02/2023