SECTION 1 - INTRODUCTION
The IPS Securex Group of companies (namely: IPS Securex Holdings Limited, IPS Securex Pte Ltd, Securex GS Pte Ltd and IPS Securex (B) Sdn Bhd) respect the privacy and confidentiality of personal data in our possession or under our control. We have implemented policies and practices to safeguard the collection, use, disclosure, storage and other processing of personal data provided to us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.
We have developed this Policy to assist our employees, partners, customers and others in understanding how we collect, use, disclose and retain your personal data for legitimate and reasonable purposes.
SECTION 2 – COLLECTION OF PERSONAL DATA
We may collect personal information or data when we perform one or several of the following services for you:
- When you communicate with us or contact us with a question or request for assistance; via emails, letters or phone calls etc
- Sign up for alerts or newsletters
- Subscribe or use our network, products and/or services
- Register for a specific product or service (e.g. registering your interest to purchase our products)
- Participate in a competition, lucky draw or survey
- During the job application process:
- When you submit your CV and job application form to us
- When we receive your CV from recruitment firms or job portals
SECTION 3 – TYPES OF PERSONAL DATA
The types of personal information or data we may collect about you include, but is not limited, to the following:
- Your identity – This includes NRIC, FIN or passport number, address, telephone number, e-mail address, date of birth, any form of biometric that you may have submitted, as well as service-related information such as bank and credit card details, device ID and IP address.
- Your interaction with us – For example, a note or recording of a call you make to one of our contact centres, an email or letter you send to us or other records of any contact you have with us.
- Your account information – For example, the subscription services you use or other details related to your account.
- Information on your use of our services – For example, the phone numbers you call or send text messages to and vice versa, as well as the date, time and duration of your calls through our network and the approximate location of your mobile device.
- Information on equipment and our network – For example, information on the performance of your device on our network.
- Your preferences – This is based on what you share with us on how you would like to be contacted, and your preferred products, services and lifestyle activities for example.
- Information from other organisations – These organisations include fraud-prevention agencies, business directories, credit reference agencies or individuals we believe you have authorised to provide your personal details on your behalf.
SECTION 4 – USE OF PERSONAL DATA
We use the personal information or data you provide us for one or more of the following purposes:
Provisioning & administration of services
- Conducting identity checks
- Processing job applications, recruitments and selections
- To expedite attention to any emergency / medical situation
- Process your orders and activate or deactivate services
- Enable us to process bills and payments
- Respond to enquiries and requests from you or people you have authorised
- Inform you about service upgrades and updates
- Facilitate interconnection and inter-operability with other service providers
- Verification of identity
- Store information for performing certain functions such as completing forms, facilitating website navigation, authentication, and enabling marketing and advertising technology
Market research and service enhancement
- Conduct market research and customer satisfaction surveys to improve our customer service; develop new products, as well as personalise the services we offer you
- Perform market analysis
- Printing of brochures or other promotional materials for marketing purpose
- Surveys and evaluations
- Improve your user experience based on your usage behaviour on our websites and applications
Security and risk management
- Inform you of service and security issues
- Prevent and detect fraud or other crimes and recover debts
- Conduct internal audits and determine creditworthiness
- Ensure the safety and security of our properties and systems
Legal & regulatory requirements
- Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies
- Compliance with legal obligations and regulatory requirements
- Other relevant purposes
We will not use your personal data for purposes other than what we have informed you, or which are permitted under local laws and regulations.
We will not offer, publish or share your personal data with third parties outside of IPS Securex Group for commercial purposes, without seeking your explicit permission.
We will retain your information for only as long as there is a business or legal need.
SECTION 5 – DISCLOSURE OF PERSONAL DATA
We may disclose or share your personal information or data you provide us to the following parties or organisations:
- Companies in the IPS Securex Group
- Regulatory Authorities, e.g. MHA (Ministry of Home Affairs) and other Government agencies as required by law or local regulations
- Private Entities, e.g. Commercial Building Owners, etc
- Financial institutions
- External vendors, e.g IT / Technical Support and / or IT Service Providers
- Other partners that we work with on collaboration projects
- Research institutions for market analysis purposes
- Credit reference bureaus for the purpose of preparing credit reports or evaluation of creditworthiness
Your information is disclosed to the above only for relevant purposes or to protect the interests of our customers, or where such disclosure is required for performing obligations in the course of or in connection with our provision of goods or services requested by you.
In some cases, we encrypt, anonymise and aggregate the information before sharing it. Anonymising means stripping the information of personally identifiable features. Aggregating means presenting the information in groups or segments e.g. age groups.
The purposes listed may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
SECTION 6 – LIMITATIONS
Generally, we will not use your personal data for reasons not specified in the Purpose of Use unless:
- it is required by law or governmental or juridical authorities of Singapore
- it is necessary to establish and safeguard a legal claim or defence
- it is necessary to prepare, negotiate and perform a contract with you
- it is necessary to prevent illegal activities, e.g. in situations where your safety is concerned
SECTION 7 – OBTAINING CONSENT
We assure that all personal information collected shall be used or disclosed only for the purposes for which it was collected. As far as possible we will not collect more personal data than is necessary for the stated purpose.
If you have a one-on-one meeting with us or do a transaction with us, on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his / her personal data.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose e.g. when you register your enquiries with us through our telephone numbers, emails, fax, or apply for a job with us using our job application forms.
Under certain circumstances, we may collect, use and / or disclose personal data about you without your consent for example, so that we can comply with our statutory obligations or where personal data is publicly available.
SECTION 8 – LIMIT PROCESSING OF PERSONAL DATA
Withdrawal of Consent
If you have given us consent to collect, use, disclose and process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of at least 10 working days or more to process your withdrawal of consent. If you withdraw your consent, you agree that you are aware of the likely consequences, e.g. without your contact information, we may not be able to inform you of further updates or that the quality of our services may be impacted. Your request for withdrawal of consent can take the form of an email or letter to us, for the attention of the Data Protection Officer.
While we respect your decision to withdraw your consent, we are not liable for any consequences resulting from the withdrawal of consent. Please also be aware that withdrawal of consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
SECTION 9 – ACCESSING AND UPDATING PERSONAL DATA
If you wish to access your personal data with us, based on reasonable grounds, you may send a written request to us. Upon your request, we will provide information on use / disclosure of your personal data of the past one year before the date of your request based on intent. We will try respond to your request as soon as reasonably possible within 30 calendar days. If we are unable to respond to an access request within 30 calendar days after receiving your request, we shall inform you in writing within 30 days of the time by which we will be able to respond to your request. It is important that access to your personal data will not infringe on the privacy of others.
You may also ask us to correct an error or omission in the personal data we hold about you. Unless we are satisfied on reasonable grounds that a correction should not be made, we will correct the personal data as soon as practicable. When you make any such request, we may need to verify your identity e.g. by checking your identity card number or other legal identification document.
SECTION 10 – ACCURACY OF PERSONAL DATA
We generally rely on personal data provided by you (or your authorised representative). Where possible, we will validate data provided using generally cepted practices and guidelines. This includes the requests to see original documentation before we may use the Personal Identifiers and / or proof of address.
In order to ensure that your personal data is current, complete and accurate, please update us if there are any changes to your personal data.
SECTION 11 – PROTECTION OF PERSONAL DATA
We make reasonable security arrangements to protect personal data about you that is in our possession or under our control to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All our employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a 'need to know' basis. Entities that provide services to us to process and maintain your personal data on our behalf will be bound by contractual data security arrangements we have with them. We will protect your data by the following methods:
Secured office with biometric access
Training to all staff on data protection measures
Authorised access to folder
SOP on data measures
Locked cupboard or drawer
Regular briefing on data protection
SECTION 12 – RETENTION OF PERSONAL DATA
We will not retain any documents containing personal data about you as soon as it is reasonable to assume that the purpose for which we collected that personal data is no longer being served by retention of it and retention is no longer necessary for legal or business purposes. Certain retention periods are based on statutory or regulatory requirements.
SECTION 13 – COMPLIANCE WITH LAWS
Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.
SECTION 14 – LINKS TO OTHER SITES
Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party's website. It is important that you review the Policy of every site you visit. We have no control over, and are unable to assume any responsibility for the content, privacy policies or practices of any third party sites or services.
SECTION 15 – TRANSFER OF PERSONAL DATA
If there is a need for us to transfer your personal data to another country, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.
SECTION 16 – DO-NOT-CALL (DNC) PROVISIONS
Before we make any “cold calls” in telemarketing activities, we will check the DNC Registry and our internal blacklist before we make the phone calls, send SMSs or send faxes to the individual, unless that individual has given his/her clear and unambiguous consent. The blacklist refers to phone numbers belonging to those individuals who have withdrawn their consent.
SECTION 17 – CHANGES TO POLICY
We may update our Policy from time to time to maintain compliance with applicable laws and regulations. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page.
SECTION 18 – TRANSPARENCY
Our policy is accessible on our website. You can contact the Data Protection Officer via email should you need any clarification of our Policy.
SECTION 19 – CONTACT US
If you have any questions or feedback regarding the collection, use or disclosure of your personal data, you may contact us by email email@example.com to the attention of our Data Protection Officer.
Any query or feedback should include, at least, the following details:
- Your full name and contact information
- A brief description of your query or feedback
We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.