Personal Data Protection
1.
Policy
1.1
This is the privacy policy of SMF Centre for Corporate Learning Pte Ltd, a
company incorporated in Singapore (“SMFCCL“). The terms
“we” and “our” in this Policy refer to SMF Centre for
Corporate Learning Pte Ltd.
1.2 Application. SMFCCL
has different channels of collecting personal data, but is committed to
complying with this Policy in its collection, use and disclosure of personal
data, to ensure that there is accountability and uniformity in the way we
protect your personal data.
1.3 Compliance
with this Policy. This Policy applies to all personal data you provide to
us, or that we may collect about you. Please do not provide any personal data
to us if you do not accept this Policy.
We
may also require you to accept this Policy when you contact, interact, transact
or deal with us, or when you access and use our websites, applications or
services. If you notify us that you do not accept this Policy, we may not be
able to establish a relationship with you or be able to service your requests.
1.4 Concerns
and Contacting Us. If you have any feedback or issues in relation to your
personal data, or about this Policy, or wish to make a complaint to us, you may
contact our Data Protection Officer whose contact details are set out below.
Email: enquiry.ccl@smfederation.org.sg
Telephone Number: 6826 3100
1.5 Amendment
to this Policy. We may amend this Policy from time to time without notice
to you, to comply with applicable laws or as we update our data usage and
handling processes. The updated Policy will supersede earlier versions and will
apply to personal data provided to us previously. The amended Policy will take
effect when made available at Home – SMF CCL website.
2. Personal Data
2.1 What
personal data we collect. The personal data we collect depends on the
purposes for which we require the personal data and what you have chosen to
provide. This may include your name, address, contact information (e.g.
telephone number and email address), identification number, photograph, video
image and any other information that may identify you or is personal to you.
2.2 How
we collect personal data. We collect personal data relevant to our
relationship with you. We may collect your personal data directly or indirectly
through various channels, including when:
- you use our services
or enter into transactions with us (or express interest in doing so)
- you apply to be a
member of any of our loyalty programs, respond to our promotions, or
subscribe to our mailing lists;
- you visit our
websites, download or use our mobile applications;
- you register an
account with us through our websites or applications;
- you transact with
us, contact us or request that we contact you through various
communication channels, for example, through social media platforms,
messenger platforms, face-to-face meetings, telephone calls, emails, fax
and letters;
- your images are
captured via photographs or videos taken by us or our representatives when
you are within our premises or attend events organised by us;
- you participate in
events and programs, competitions, contests or games organised by us;
- we seek information
about you and receive your personal data in connection with your
relationship with us, for example, if you are a customer, investor or
shareholder; or
- you submit your
personal data to us for any other reason.
Depending
on your relationship with us, we may also collect your personal data from third
parties, including:
- from your family
members or friends who provide your personal data to us on your behalf;
and
- from public agencies
or other public sources.
- from other
organisations who are partners of SMF or SMFCCL
Our
website and applications may also contain or involve certain technologies that
automate the collection of data (including personal data). These technologies
include cookies, web beacons and web analytics. If you do not wish to have your
data collected through such technologies you may disable the operation of these
technologies on your devices (where possible), or you may refrain from using
our websites and applications.
2.3 Voluntary
provision of personal data. Your provision of personal data to us is
voluntary and you have the right to withdraw your consent for us to use your
personal data at any time by contacting and submitting a request to us. Your
withdrawal will take effect after your request is processed. However, if you
choose not to provide us with the personal data we require, it may not be
possible for us to fulfil the purposes for which we require the personal data,
including providing products and services which you need from us.
2.4 Providing
personal data belonging to others. In certain circumstances, you may also
provide the personal data of persons other than yourself (including your family
members). If you do so, you are responsible for informing him / her of the
purposes for which we require his/her personal data and warrant that you are
validly acting on behalf of him / her to consent to our collection, use and
disclosure of his / her personal data.
2.5 Accuracy
and Completeness of personal data. You must ensure that all personal data
that you provide is true, accurate and complete and promptly inform us of any
changes to the personal data.
2.6 Minor.
If you are a child, minor or not of legal age, please inform and seek the
consent of your parent or guardian, before you provide your personal data to
us. If you are a parent or guardian and you have reason to believe your child
or ward has provided us with their personal data without your consent, please
contact us to request for erasure of their personal data.
3.
Purposes
3.1
We collect, use and disclose your personal data where:
- you have given us
consent;
- necessary to comply
with our legal or regulatory obligations (e.g. Committee For Private
Education, Workforce Singapore, Skillsfuture Singapore, Ministry of
Manpower etc);
- necessary for our
legitimate business interests, provided that this does not override your
interests or rights; and/or
- necessary to perform
a contract or transaction you have entered into with us or provide a
service that you have requested or require from us.
3.2 General
purposes. Generally, we collect, use and disclose your personal data for
purposes connected or relevant to our business, including:
- processing your
transactions with us, or to provide products and services to you,
including without limitation, to apply or obtain funding from relevant
funding agencies;
- managing your
relationship with us;
- facilitating your
use of our platforms and services;
- assisting you with
your requests, enquiries and feedback;
- administrative
purposes, general accounting, risk management and record keeping, business
research, data, planning and statistical analysis, and staff training;
- security and safety
purposes, g. protecting our platforms from unauthorised access or usage
and to monitor for security threats, and your image may be captured by
security cameras;
- carrying out
research, data and statistical analysis;
- compliance with laws
and regulations, internal policies and procedures, e.g. audit, accounting,
risk management and record keeping;
- enforcing legal
obligations owed to us, or responding to complaints, litigation or
investigations concerning us;
- managing and
engaging third parties or data processors that provide services to us,
e.g. IT services, data analytics, marketing, and other professional
services;
- processing your
application for employment purposes or matters relating or leading to
employment;
- engaging you as an
associate trainer or matters relating to training;
- such purposes that
may be informed to you when your personal data is collected;
- carrying out our
legitimate business interests (listed below); and/or
- any other reasonable
purposes related to the aforesaid
3.3 Marketing
purposes. Where you give us consent, we collect, use and disclose your
personal data for purposes of:
- Managing and/or
administering your request to receive news (including events and product
launches), promotions and marketing information from us (and/or our
affiliates or related entities) and on our group products;
- Analyzing and/or
profiling your purchases, transactions and/or likes or dislikes so as to
be better able to send you relevant or targeted news (including events and
product launches), promotion and marketing information from us (and/or our
affiliates or related entities) and on our group products; and/or
- Sending you news
(including events and product launches) and promotions from us (and/or our
affiliates or related entities) as well as marketing information from us
(and/or our affiliates or related entities) and on our group products.
3.4 Legitimate
business Our legitimate business interests include:
- managing our
business and relationship with you, and providing services to our users
and customers;
- protecting our
rights and interests and those of our users and customers;
- preventing and
investigating possible misuse of our websites, applications and services;
- understanding and
responding to inquiries and feedback;
- understanding how
our users use our websites, applications and services;
- identifying what our
users want and improving our websites, applications, services and
offerings;
- enforcing
obligations owed to us, or protecting ourselves from legal liability; and
- sharing data in
connection with acquisitions and transfers of our business.
3.5 Purposes
involving Singapore Manufacturing Federation Membership (SMF Membership). Without
prejudice to the generality of other provisions in this Policy, for
administrative efficiencies and to allow us to better serve your needs, your
personal data will also be collected, used and disclosed to the SMF Membership
Department (if you are a SMF Member) as well as an organisation within the Singapore
Manufacturing Federation for the following purposes:
- facilitating the
provision of centralised administrative and management services;
- facilitating use of
centralised resources e.g. shared information technology resources and
systems;
- facilitating
internal audits, reporting and management of our operations; and/or
- facilitating the
conduct of centralised business activities and functions e.g. data
analytics.
3.6 Use
permitted under applicable laws. We may also collect, use, disclose and
process your personal data for other purposes, without your knowledge or
consent, where this is required or permitted by law.
3.7 Contacting
you. When using your personal data to contact you for the above
purposes, we may contact you via mail, e-mail, SMS, telephone, Whatsapp app, or
any other means.
We
will not contact you for marketing purposes unless with your consent, or we are
exempted by applicable law from having to obtain consent. When contacting you
for marketing purposes, we will not contact you through your telephone number,
unless you have specifically consented to such a mode of communication. If you
do not wish to receive any communication or information from us, or wish to
restrict the manner by which we may contact or send you information, you may
contact us to do so.
4.
Disclosure of Personal Data
4.1 Disclosure
to Singapore Manufacturing Federation. We may disclose or share your
personal data with the Singapore Manufacturing Federation (if you are a NTUC
union member) and/or any organisation within the Singapore Manufacturing
Federation for the purposes described in paragraph 3.2, 3.3, 3.4 and 3.5.
4.2 Other Disclosures.
We may also disclose or share your personal data in connection with the
purposes described in paragraphs 3.2, 3.3 and 3.4 above, including to the
following parties:
- third parties who
are appointed to provide services to us, e.g. associate trainers, IT
vendors, marketing companies and event organisers;
- third parties that
we conduct joint marketing and cross promotions with; and/or
- business partners;
and/or
- regulatory
authorities and public agencies.
When
disclosing personal data to third parties, we will (where appropriate and
required by applicable law) enter into contracts with these third parties to
protect your personal data in a manner that is consistent with applicable laws
and/or ensure that they only process your personal data in accordance with our
instructions.
5. Cross Jurisdiction Transfers of Personal Data
5.
1 Safeguards. We may transfer your personal data out of Singapore
for the purposes set out in paragraph 3 When transferring personal data outside
Singapore, we will require recipients of the personal data to protect personal
data at a standard comparable to that under the laws of Singapore. For example,
we may enter into legally enforceable agreements with the recipients to ensure
that they protect your personal data. You may obtain details of these
safeguards by contacting us.
6. Protection of Personal Data
6.1 Period
of retention. We keep your personal data only for so long as we need the
data to fulfil the purposes we collected it for, and to satisfy our business
and legal purposes, including audit, accounting or reporting requirements. How
long we keep your personal data depends on the nature of the data, e.g. we keep
personal data for at least the duration of the limitation period for bringing
claims if the personal data may be required to commence or defend legal
proceedings. Certain information may also be retained for longer, e.g. where we
are required to do so by law or to maintain a record of the certification you
have obtained with us. Typically, our data retention period is from 6 years
upwards, depending on the limitation period.
6.
2 Anonymised data. In some circumstances we may anonymise your
personal data so that it no longer identifies you, in which case we are
entitled to retain and use such anonymised data without restriction, including
for data analytics.
6.3 Unauthorised
access and vulnerabilities. While we take reasonable precautions to
safeguard your personal data in our possession or under our control, we cannot
be held responsible for unauthorised or unintended access that is beyond our
control, including hacking or cybercrimes. We also do not guarantee that our
websites and applications are invulnerable to security breaches, or that your
use of our websites and applications is safe and protected from viruses, worms,
Trojan horses, and other vulnerabilities.
7. Your Rights
7.
1 You enjoy certain rights at law in relation to your personal data that we
hold or control. These rights include:
- Withdrawal of
consent:
you may withdraw consent for our use of your personal data.
- Correction. you may request
that any incomplete or inaccurate data that we hold or control be
corrected.
- Access. you may ask if we
hold or control your personal data and if we are, you can request access
or a copy of such data. (administrative fee may apply).
7.
2 Exercising your rights. If you wish to exercise your rights,
you may contact us to do so (see paragraph 1.4 above for contact details). We
may require that you submit certain forms or provide certain information to
process your request. Upon receipt of your written request, we may require
reasonable time (depending on the complexity of the request and its impact on
our relationship with you) for your request to be processed and for us to
notify you of the consequences of us acceding to the same, including any legal
consequences which may affect your rights and liabilities to us. In general, we
will seek to process and effect your request within 30 days of receipt of your
request. Where permitted by law, we may charge you a fee to process your
request. We may also be permitted under applicable laws to refuse a request.
7.3 Limitations. We may be permitted under applicable laws to
refuse your request to exercise your rights, for example, we may refuse (a) a
request for erasure where the personal data is required for in connection with
claims; or (b) an objection request and continue processing your personal data
based on compelling legitimate grounds for the processing.
Last
Updated 25th July 24