In connection with the Personal Data Protection Act (No. 26 of 2012) (“the Act”), this Statement sets out how we, Symbyoz PTE. LTD. and its affiliates (together “SYMBYOZ”), manage personal data which is subject to the Act.
The security of your personal data is important to us. This Statement describes how we collect, use, disclose, process and protect your personal data.
When you visit our websites or request a service from any entity within SYMBYOZ, your use or continued use of our services shall be deemed as your acceptance and agreement to be bound by the provisions of this Statement.
This Statement supplements but does not supersede nor replace any other consent you may have previously provided to us in respect of your personal data.
For the purposes of the Act, we are a data intermediary when we process personal data on behalf of and for the purposes of another organisation. At the same time, we also collect use and disclose personal data for purposes that are reasonable and appropriate.
This Statement forms part of the terms and conditions, if any, governing your specific relationship with any entity within SYMBYOZ and should be read in conjunction with such terms of engagement. In the event of any conflict or inconsistency between the provisions of this Statement and the terms of engagement, the terms of engagement shall prevail to the fullest extent permissible by law.
1. COLLECTION AND USE
1.1 We may collect personally identifiable information from you which we require in order for us to provide our services to you, for a purpose authorised by you or for purposes that are reasonably appropriate:
a) your firstname, lastname, email, nationality, phone number, passport ID or other identification number.
b) photos, film, and/or video recordings of you;
c) information about your use of our websites, including cookies, IP addresses, etc.
d) any other information relating to you which you have provided us in any forms you may have submitted to us, or in other forms of interaction with you.
1.2 Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with the terms of this Statement. Failure on your part to do so or to ensure that the personal data for another person is complete, accurate, true and correct may result in us being unable to provide you with the services you have requested or require.
1.3 Your credit card informations are stored in a secure way only with the payment solution partner Stripe (https://www.stripe.com)
2. DISCLOSURE TO THIRD PARTIES
2.1 We will not:
(a) disclose your personal information except to those to whom disclosure is necessary to provide our services to you or in the management, operation and administration of our business and who are similarly bound to hold your data in confidence; or
(b) disclose your personal information unless required to do so by law or in the good faith belief that such disclosure is reasonably necessary: (i) for our professional advisers such as our lawyers (ii) comply with legal process such as if required by any court, tribunal, regulator, government department, agency, ministry, statutory board or relevant authority; (iii) respond to claims that any of personal data provided to us violates the rights of third parties; or (iv) protect our rights, property, or personal safety and that of our clients or the public.
3.1 To safeguard your personal information, all electronic storage, hosting, processing, transmission and backup (for disaster recovery or otherwise) of personal and other information are secured with appropriate administrative, physical and technical security measures. You acknowledge and consent that we may make use of Amazon AWS cloud services within or outside Singapore (which may be managed by a third party service provider). While we take reasonable efforts to maintain the confidentiality and security of your personal data, we cannot guarantee that any information that is transmitted or stored electronically is completely secure.
4.1 We will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required for legal or business purposes. Any personal data which are no longer needed for legal or business purposes will be destroyed or anonymised according to our document retention policy.
5. INTERNATIONAL TRANSFER
5.1 Your information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this Statement. We will take reasonable steps to ensure that such personal data transferred receives a standard of protection comparable to the protection required under the Act.
5.2 If you use our services while you are outside Singapore, your personal data may be transferred outside Singapore in order for us to provide you with those services. Where you have engaged us to carry out any work in any jurisdictions outside Singapore, the transfer of your personal data to these jurisdictions may be necessary to give effect to your instructions.
6.2 We use Google Analytics to analyse the use of our website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users' computers. The information generated relating to our website is used to create reports about the use of our website. Google will store this information.
6.3 We may also include third party links on our website for your convenience and information. These linked sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites and we encourage you to consult the privacy notices of those sites.
7. REVIEW AND CORRECTION
7.1 We may, upon written request, allow you to view stored personal information subject to legal requirements. We reserve the right to charge a reasonable administrative fee for this service. We will respond to such request within 30 days of receipt of your written request.
Kindly inform us in writing if any personal information which we hold about you needs to be corrected or updated.
8.1 You may, subject to applicable law, regulations and professional standards, at any time, give us reasonable written notice of your withdrawal of consent to collect, use or disclose the personal information. If you choose to withdraw your consent to any or all or the disclosure of your personal data, please note that we may not be in a position to continue providing our services to you Withdrawal may also result in the termination of any agreement you may have with us.
9. DATA INTERMEDIARY
9.1 If we process personal data on your behalf and for your purposes as a data intermediary, we shall:
(a) observe the relevant obligations under the Act in the performance of our services;
(b) process the personal data we receive from you only to the extent necessary for the purposes specified in the engagement and in accordance with your instructions from time to time given in writing and shall not process the personal data for any other purpose;
(c) ensure that access to the personal data is limited to employees who need to access to meet our obligations to you;
(d) in order to perform the services, share the personal data with our subsidiaries and affiliates , whether in Singapore or elsewhere. When doing so, we will require them to ensure that the personal data are kept secure and confidential;
(e) use reasonable degree of professional care to prevent unauthorised use, dissemination or disclosure of personal data, and shall implement any generally applicable physical, technical and administrative measures to protect the personal data from accidental or unauthorized disclosure, alteration, loss or destruction;
(f) notify you promptly in writing if we become aware of any accidental or unauthorized disclosure, alteration, destruction or loss of personal data unless prohibited from doing so by law;
(g) take reasonable action within reasonable time, and investigate the security incident, and use its best efforts to mitigate the impact and scope of any security incident, and to carry out such recovery or other action we determine necessary in the circumstance to remedy the security incident; and
(h) not hold personal data any longer than required by law for the purpose of performing or having performed the services or for legal or business purposes.
9.2 In the same regard, if we process personal data on your behalf and for your purposes, you:
(a) will provide us with specific written instructions with regard to the processing of personal data. Oral instructions given by your authorised representatives will be accepted by us in case of emergency only and subject to immediate written confirmation;
(b) undertake and warrant that you have lawfully obtained personal data of your employees and have sufficient legal grounds, including all necessary authorizations, consents or permissions to provide us with the personal data, and that the same are accurate and provided in any form, to us in a secured way;
(c) will inform us immediately in writing of any change, including any error or omission, with regard to the lawful processing and use of any of the personal data; and
(d) will inform us as soon as reasonably possible of any access request, request for correction or blocking or deletion of personal data or any objection made by the employees related to the processing of their personal data.
10. CHANGES TO PRIVACY STATEMENT
10.1 We will amend this Statement from time to time and the updated versions will be posted on our website and date stamped so that you are aware of when the Statement was last updated. We encourage all users to periodically review our website for the latest information on our privacy practices. Continued use of our services and website following the posting of changes to this Statement shall constitute your consent to such changes.
If you require more information relating to this Statement or require or access to correct or update your personal data or to withdraw your consent, please contact us at:
Data Protection Officer
Symbyoz PTE. LTD.
541 Orchard road, #09-01 Liat Towers
If your personal data was provided to us by a third party, kindly contact that organisation to make such a request or query on your behalf.