A) GENERAL DATA PROTECTION POLICY
Enidma Pte Ltd (“Enidma”, “we”, “us” and/or “our”) takes our responsibilities under
– Singapore’s Personal Data Protection Act 2012 (the “PDPA”),
– and European Union’s General Data Protection Regulation (the “GDPR”)
(collectively known as the “Data Protection Acts”) seriously. We recognise the importance of safeguarding the personal data you have provided us and it is our responsibility to properly manage, protect and process your personal data.
This Data Protection Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.
We may modify this Policy at any time at our sole discretion, and such modification shall be effective immediately upon posting of the modified Policy. Your continued access to or use of the Site and/or Service shall be deemed your conclusive acceptance of the modified Policy.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Support Desk at firstname.lastname@example.org.
1. INTRODUCTION TO THE PDPA AND GDPR
1.1 “Personal Data” is defined under the Data Protection Acts to mean data, whether true or not, about an individual who can be identified from that data, or from that data another information to which an organization has or is likely to have access.
1.2 We will collect your personal data in accordance with the Data Protection Acts either directly from you or your authorised representatives, and/or through our third party service providers (e.g. partners, resellers). We will notify you of the purposes for which your personal data may be collected, used, disclosed and/or processed, as well as obtain your consent for the collection, use, disclosure and/or processing of your personal data for the intended purposes, unless an exception under the law permits us to collect and process your personal data without your consent.
2. PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA
3. PERSONAL DATA YOU PROVIDE VOLUNTARILY
3.1 User Accounts and Profiles. Our Service may give you the ability to register for a user account or to create and update a user profile on the applicable Site and/or Service. If we offer user account or profile functionality on the Service, we will collect Personal Information that you provide to us in the course of registering for an account or creating or updating a user profile. This information may include, for example, your name, e-mail address, postal address, phone number, demographics and other information you provide us on our Service.
3.2 User-Generated Information. Information generated when you use our Service to acquire, process, and store data, including text, photos, videos, and sounds, will be treated as Personal Information under this Policy.
3.3 Passive Information Collection. When you visit our Site or use our Service, some information is automatically collected. We use passively-collected information to administer, operate, and improve our Service and systems, and to provide other content that is tailored to you. For example, when you visit our Site your computer’s operating system, Internet Protocol (IP) address, access times, browser type and language, and the website you visited before our site are logged automatically. We may also collect your location information provided by your browser (most browsers are set by default to ask your permission first).
We also collect information about your usage and activity on our Service using technology such as cookies:
3.4 Information from Other Sources. We may also receive information about you, including Personal Information, from other sources and combine that with information we collect on our Service. If we do this, this Policy governs any combined information that we maintain in personally identifiable format.
4. SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
5. REQUEST FOR ACCESS AND/OR CORRECTION OF PERSONAL DATA
5.1 You may request to access and/or correct the personal data currently in our possession or control by submitting a written request to us. We will need enough information from you in order to ascertain your identity as well as the nature of your request, so as to be able to deal with your request. Hence, please submit your written request to email@example.com.
5.2 For a request to access personal data, once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant personal data within 30 days. Where we are unable to respond to you within the said 30 days, we will notify you of the soonest possible time within which we can provide you with the information requested. Note that each of the Data Protection Acts exempts certain types of personal data from being subject to your access request.
5.3 For a request to correct personal data, once we have sufficient information from you to deal with the request, we will:
(a) correct your personal data within 30 days. Where we are unable to do so within the said 30 days, we will notify you of the soonest practicable time within which we can make the correction. Note that the PDPA exempts certain types of personal data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request; and
(b) subject to paragraph [5.4], we will send the corrected personal data to every other organisation to which the personal data was disclosed by Enidma within a year before the date the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose.
5.4 Notwithstanding paragraph [5.3(b)], we may, if you so consent, send the corrected personal data only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made.
6. REQUEST TO WITHDRAW CONSENT
6.1 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by submitting your request to firstname.lastname@example.org.
6.2 We will process your request within a reasonable time from such a request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your personal data in the manner stated in your request.
6.3 However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your personal data, it may mean that we will not be able to continue with your existing relationship with us.
7. ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
8. RIGHTS AND CHOICES
9. COMPLAINT PROCESS
10. UPDATES ON DATA PROTECTION POLICY
(a) to improve your user experience on this website;
(b) to remember your preferences;
(c) to help us understand how this website is performing;
(d) to monitor traffic to the website;
(e) to enable this website to function properly; (collectively the “Purposes”)
4. Personal data (if any) that we collect from you through cookies may be passed to our third party service providers, whether located in Singapore or elsewhere, for one or more of the Purposes, for managing and/or administering our website, or for the purpose of data hosting/storage/backup.