DATA PRIVACY POLICY
This Data Privacy Policy (“Policy”) describes Articares Pte Ltd’s (“Company”) policies and procedures on the collection, use and disclosure of your personal information. All personal data collected are processed in accordance with the Singapore Personal Data Protection Act (PDPA) (Act 26 of 2012) and General Data Protection Regulation (Regulation (EU) 2016/679 (the “GDPR”) where applicable.
Please read the following carefully to understand our practices regarding your personal data, and how we process it.
As used in this Policy:
“Company” referred to as either “the Company”, “We”, “Us” or “Our” in this policy.
“personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name, contact information such as your address, email address or telephone number, gender, date of birth, marital status, photographs and other audio-visual information, employment information and financial information such as credit card numbers, debit card numbers or bank account information.
“You” means the individual accessing or using the service, or the company, or other legal entity on behalf of which such individual is accessing or using the service, as applicable. Under the Singapore Personal Data Protection Act (PDPA) & General Data Protection Regulation (GDPR), You can be referred to as the Data Subject or as the User as you are the individual using the Service.
Other terms used in this Policy shall have the meanings given to them in the PDPA & GDPR (where the context so permits).
2. COLLECTION OF PERSONAL DATA
We generally do not collect your personal data unless:
a) it is provided to us voluntarily by you directly while using our services or via a third party (e.g., Hospitals/Clinics) who has been duly authorised by you to disclose your personal data to us (your “authorised representative”).
b) It is collected automatically while using our products, services or visiting our website.
c) When you interact with our business development team during face-to-face meetings, exhibitions, telephone calls, online forms e.g., “connect with us” on our website, social media platform, emails and when you submit a job application to us.
3. USE OF PERSONAL DATA
We may use your personal data collected for any or all of the following purposes:
a) performing obligations in the course of or in connection with our provision of the goods and/or services requested by you.
b) responding to, handling, and processing queries, requests, applications, complaints, and feedback from you.
c) managing your relationship with us.
d) to help us review, develop, improve, manage the delivery of and to the extent this requires the use of Personal Data – enhance our products and services, including analysing future customer needs, conducting market research and data analytics (which does not involve automated profiling or result in automated decision-making activity which is regulated under the GDPR).
e) sending your marketing information about our goods or services including notifying you of our marketing events, initiatives and other promotions.
f) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.
g) any other incidental business purposes related to or in connection with the above.
4. PROTECTION OF PERSONAL DATA
We are committed to protecting your privacy and will only use information collected lawfully in accordance with the Personal Data Protection Act (PDPA) & General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”). To safeguard your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate organizational, physical and technical measures such as pseudonymization, encryption and transfer control via VPN to secure all storage and transmission of personal data.
You should be aware, however, that no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures. We are closely aligned to PDPA & GDPR requirements and offer security and privacy by design.
5. DISCLOSURE OF PERSONAL DATA
We may disclose your personal data:
a) where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you; or
b) to third party service providers, agents and other organizations we have engaged to perform any of the functions listed in USE OF PERSONAL DATA above
The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you or your authorized representative in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
6. ACCURACY OF PERSONAL DATA
We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
7. STORAGE OF PERSONAL DATA
Your data will be stored for a period of ten (10) years. We securely store your data anonymized & encrypted in both local device within the country you are located and servers (Cloud) outside your country of residency. All data pushed and pulled from the server is also anonymized and encrypted.
8. RETENTION OF PERSONAL DATA
We will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected and to the extent necessary to comply with our legal obligations.
We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected and is no longer necessary for legal or business purposes.
9. YOUR DATA PROTECTION RIGHTS
We undertake to respect the confidentiality of your personal data and fully aware of all your data protection rights. Every user is entitled to the following:
a. REQUEST ACCESS TO YOUR PERSONAL DATA
You have the right to request for an access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data.
b. REQUEST TO RECTIFICATION
You have the right to request for correction and update of any of your personal data which you believe is incorrect or inaccurate.
c. OBJECT TO PROCESSING OF YOUR PERSONAL DATA
If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.
d. REQUEST FOR ERASURE OF YOUR PERSONAL DATA
You have the right to request our company to remove or delete your personal data.
e. REQUEST FOR THE DATA PORTABILITY
You have the right to request to our company to transfer the data that we have collected about you to another organization, or directly to you.
For all request related to your data protections rights, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below. We may charge you a small fee and shall inform you before processing your request.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data requested by you, we shall generally inform you of the reasons why we are unable to do so.
10. SUPERVISORY AUTHORITY
Should you have any concerns about how your information is managed at our company, please contact the Data Protection Officer as above. You have a right to lodge a complaint with a supervisory authority in your member state.
11. WITHDRAWING YOUR CONSENT
Where we have obtained your consent to process your personal data for the purpose it was collected, you may withdraw your consent at any time. If you withdraw the consent, we may not be able to provide you access to certain specific functionalities of our services.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
12. TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
We may hold your data on our servers outside the country of your residency and any other territories as we see fit from time to time. We will take reasonable steps to ensure that your personal data transferred outside of your country of residence is adequately protected. In addition, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the Personal Data Protection Act (PDPA) and General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”).
13. DATA PROTECTION OFFICER
If you would like to know more about your rights in respect of the personal data, we hold about you or if you have any enquiries or feedback on our personal data protection policies and procedures, you may contact our Data Protection Officer in the following manner:
Asif Hussain / Kenneth Goh
ARTICARES PTE LTD 10 Kallang Avenue, #05-17 Aperia,
Singapore 339510
Email: dpo@articares.com
14. EFFECT OF POLICY AND CHANGES TO POLICY
This Policy applies in conjunction with any other Policies, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
Updated: 31st Aug 2023