The policy applies to Galmon (S) Pte Ltd and its associated/affiliated businesses, and outlines our obligations and practices in the handling of the Personal Data we collect and hold. If you have any questions on this policy or in relation to how we manages, protects and/or processes your personal data, please contact our Data Protection Officer (DPO) via email: firstname.lastname@example.org.
DEFINITION OF PERSONAL DATA
Personal data (“Personal Data”) refers to all and any information relating to you obtained by us in the course of and as a result of the provision of any products and services by us to you. Personal Data includes, but is not limited to, your name, NRIC / Passport / FIN number, contact numbers, address, email, payment details and vehicle details, which you have provided to Galmon and photographs or video images taken at contests, activities, or events in which you have been captured.
PURPOSE FOR PERSONAL DATA COLLECTION
Generally, we collect Personal Data from customers and prospective customers, for purposes relating the products and services we offer. These purposes include, but are not limited to:
- Responding to your enquiries regarding products and services that we offer.
- Processing and managing feedback.
- Processing requests, orders and administering accounts.
- Providing customer support including account servicing
- Communicating with you in relation to products and services we provide, which are relevant to your existing relationship with us.
- Offering you updated marketing and promotional packages which you may benefit from, including products and services offered by our selected partners.
- Administering and managing your relationship with us as our customers.
- Meeting regulatory and legal obligations.
- Conducting surveys, research and analysis.
- Using photographs or video images taken at events in which you have been captured, for publishing in Galmon and its subsidiaries and relevant business partners’ collaterals.
- Safety and Security of Premises.
- Collecting certain standard internet and website log information and details of patterns about how you use our website for the purposes of better understanding our website (including which portions of our website are the most visited and how you got to our website) and to improve our website for better user experience.
We may for these purposes, contact you via mail (including electronic mail), telephone, SMS or other communication (text or image) applications for mobile devices.
Where possible, we will collect your Personal Data directly from you and secure the relevant consent from you. This may take place in a number of ways, such as when you contact us to enquire on a product or service over the telephone, internet or email or physically visit us at our premises or Exhibition Booths to provide us a written registration/order.
Our website may also offer interactive facilities, such as enquiry and comment forms, where Personal Data may be collected. In addition, we may also obtain Personal Data from third parties such as our partners, contractors and regulatory authorities.
DISCLOSURE OF PERSONAL DATA
In providing you with a product or service, we may sometimes need to disclose your Personal Data to others. It is generally not our policy to disclose your Personal Data to external organisations unless we have your consent and/or are required to disclose your Personal Data as required in the normal course and scope of our business in the provision of our services to you, and/or for contractual, legal and regulatory requirements.
Some examples of the types of external organisations we may need to disclose information to in the course of providing a product or service are:
- Regulatory bodies and agencies
- (e.g. Ministry of Manpower, SkillsFuture Singapore, Land Transport Authority etc)
- Insurers and financial institutions
- Galmon’s data intermediaries, programme partners, other companies or individuals, including legal counsel and information technology service providers, who assist us in providing services
Some of our information technology service providers may be located overseas (if any) and, as a result, Personal Data collected and held by us may be transferred overseas.
Unless otherwise required or permitted by law, we will only disclose your Personal Data with your consent (implied or expressed), and we will also take reasonable steps to ensure the external organisation to whom we have disclosed your information are also legally bound to protect the privacy of your Personal Data.
However, please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:
- the disclosure is required by law; or is necessary for any investigation or proceedings.
- the purpose of such disclosure is clearly in your interests and consent cannot be obtained in a timely way.
- the disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual.
For the full list of exemptions, please refer to the Act which is publicly available at https://sso.agc.gov.sg/Act/PDPA2012.
ACCURACY & PROTECTION OF PERSONAL DATA
We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data.
Security of Personal Data is important to us and we take all reasonable precautions to safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. We have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of Personal Data by us, and disclosing Personal Data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
Some of the ways we protect Personal Data include:
- External and internal premises security;
- Restricting access to Personal Data only to staff who need it to perform their day to day functions;
- Maintaining technology products to prevent unauthorized computer access or damage to electronically stored information, such as requiring identifiers and passwords, firewalls and anti-virus software; and
- Maintaining physical security over paper records.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
ACCESS TO YOUR PERSONAL DATA
At your request, we will provide access to your Personal Data. Please send us a formal written request to our Data Protection Officer (email: email@example.com ). Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
If we are unable to provide you with any Personal Data to you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
WITHDRAWAL OF CONSENT
Should you wish to withdraw your consent to us to send you sales and marketing information via a specific mode or all modes of communications, please notify us in writing to firstname.lastname@example.org. In general, we shall seek to process and effect your request within 4 weeks of receiving it.
RETENTION OF PERSONAL DATA
We may retain your Personal Data for as long as it is necessary to fulfil the purposes for which they were collected, or as required or permitted by applicable laws.
We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the Personal Data were collected, and are no longer necessary for legal or business purposes.
EFFECT OF POLICY AND CHANGES TO POLICY
This Policy applies in conjunction with any other policies, notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your Personal Data by us.
We may revise this Policy from time to time without any prior notice. This is part of our continuous efforts to ensure that we properly manage, protect and process your Personal Data. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated.
Effective Date: 1st September 2019
Last Updated 1st September 2019