NOTES TO THE COMPANY’S PERSONAL DATA PROTECTION POLICY
The privacy of your personal data is important to SP Corporation Limited (“the Company”, “we”, “us” or “our”). The purpose of these notes is to outline how the Company manages personal data that we hold in and outside Singapore.
1. Personal Data
Personal data of an individual include any or all of the followings:
• Full name
• NRIC number or FIN (Foreign Identification Number) or Passport number
• Photograph or video image of an individual
• Residential address, Telephone number or Personal email address
• Employment history, Education background, and Income levels
• Payment-related or Credit information
The Company collects and keeps personal data of you if you are:
(c) Job applicants and employees;
(d) Visitors of the Company’s properties; and
(e) Any other persons whom the Company may come into contact.
2. Collection of Personal Data
Circumstances under which the Company may collect your personal data include but not limited to the following:
(a) when you submit forms relating to any of our services/purchases;
(b) when you contact us with your queries, requests and etc.;
(c) when you ask that we contact you;
(d) when you apply a job with us; and
(e) when you submit your personal data to us for any other reasons
The Company may also obtain your personal data through a third party (such as your authorised representative). If an individual provides the personal data of a third party (e.g. information of his or her dependents, referees, potential customers etc.) to the Company, he or she represents and warrants that the consent of that third party has been obtained for the collection, use and disclosure of the personal data set out in this Policy.
3. Use and/or Disclosure of Your Personal Data
The Company will not sell personal data to third parties for commercial benefits. The Company may use and disclose your personal data for the purposes stated below:
(a) If you are a Director;
i. For facilitating your appointment;
ii. For complying with applicable laws, regulations and other requirements (including the regulatory reporting obligations);
iii. For administrative matters (including but not limited to approving, executing and signing contracts, processing of bills, facilitating overseas travel arrangements and credit management);
iv. For maintaining statutory registers and to manage the publication and dissemination of director statistics on annual reports and circulars;
v. For compensation and benefits administration; and
vi. Any other purposes which are related to the aforesaid.
(b) If you are a Shareholder
i. For verification of your identity and/or the identity of your proxy where applicable in the event of general or extraordinary meetings or if you make certain enquiries;
ii. For investor relations activities (such as sending Company announcements, notices, circulars or annual reports to you);
iii. For maintaining statutory registers; and
iv. any other purposes which are related to the aforesaid.
(c) If you apply for an Employment / Internship:
i. For conducting background or reference check;
ii. For assessing your suitability for the position you are applying;
iii. For compensation and benefits administration;
iv. For training and development purposes; and
v. any other purposes which are related to the aforesaid.
(d) If you visit our Properties or Office Premises:
i. For managing the safety and security of our premises (including but not limited to issuing visitor access passes, and recording entries to and exits from our premises);
ii. For provision of services and facilities; and
iii. Any other purposes which are related to the aforesaid.
In addition, the Company may use your personal data for the following purposes:
(a) Providing services that you have requested, or to respond to your queries and feedback;
(b) Facilitating investigations relating to disputes, billing, fraud and money-laundering;
(c) In connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, obtaining legal advice, and facilitating dispute resolution) and/or protecting and enforcing our contractual and legal rights and obligations;
(d) Complying with applicable laws, regulations and other requirements (such as internal audits, providing assistance to law enforcement agencies);
(e) If you have provided us with your telephone number(s) and have given us the consent to receive marketing information then we may notify or contact you with the Company’s latest updates.
Your personal data will be protected and kept confidential and disclosed to relevant employees on “need to know” basis, but subject to the provisions of any applicable law, your personal data may, where necessary and depending on the products or services concerned, be disclosed to the following third parties:
(a) insurers or insurance investigators and credit providers;
(b) our authorised service providers and professional advisors to provide administrative, financial, legal, accounting or other services;
(c) relevant government ministries, regulators or authority or law enforcement agency;
(d) anyone to whom we transfer or may transfer our rights and obligations; and
(e) any other organisation whom you authorise us to disclose your personal data to.
In each of such instances, the afore-mentioned third parties (except government authorities whom we assume should have their own set of compliance rules to adhere to) will be requested to sign an undertaking and agreeing that they will not sell the data so obtained for commercial benefits and will destroy the data so obtained once the data are no longer required.
4. Data Security
The Company will take reasonable efforts to safeguard the confidentiality of your personal data and protect the personal data we hold from misuse, loss, unauthorised access, modification or disclosure. However, we cannot completely guarantee the security of any personal data we have about you from cyber-attacks (such as viruses, bugs, hacking and spyware). Accordingly, you will not hold us liable for any unauthorised disclosure, destruction of your personal data or damages arising from such risks.
We do not intend to store personal data longer than is necessary and will destroy personal data which we no longer require.
5. Keeping Personal Data Accurate & Up to date
We appreciate and encourage you to contact us on any changes to your personal data as soon as is practicable. Incomplete or outdated data may result in our inability to provide you with the services you have requested.
6. Withdrawal of Consent
You may withdraw your consent given for any or all purposes set out in this Policy in writing. You would appreciate that upon withdrawal, the Company may not be in a position to continue to provide our products or services to you.
7. Contact Information
Do contact us if you:
(a) have any questions on our Personal Data Protection Policy;
(b) have any feedback or complaints relating to your personal data;
(c) would like to obtain access and make corrections to your personal data records; or
(d) would like to withdraw your consent which you have previously given.
You can contact us via the following channel:
(a) For Board Members & Shareholders: firstname.lastname@example.org
(b) For Employees & Interns & Job Applicants: email@example.com
(c) All others: firstname.lastname@example.org
8. Review of Personal Data Protection Policy
The Company will review this Policy from time to time to take into account new laws and technology, changes to our operations and practices and the changing business environment. This Policy was last updated on 25 January 2017.