BDX (SINGAPORE) PTE LTD
PERSONAL DATA PROTECTION POLICY
BDx (Singapore) Pte Ltd UEN 201926287W (“we”, “our”, “us” or “BDX”) take our responsibilities under the Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA”) seriously and are committed to protecting your personal data.
This Personal Data Protection Policy (“Policy”) is designed to assist you in understanding how we collect, use, disclose, store and/or process the personal data you have provided to us. Please read this Policy carefully to understand our practices regarding your personal data and how we handle it. By visiting or using our Website, you agree to the terms of this Policy.
We may update this Policy from time to time. Any changes we make to this Policy will be posted on this webpage, and your continued access of the website http://www.bdxworld.com (“Website”) or access or use of our services or any of the content accessible through our Website, shall constitute your acknowledgment and acceptance of the changes we make to this Policy.
1.1 This Policy applies to personal data that is in our possession or under our control, and personal data which is collected, used, disclosed and/or processed by us in Singapore.
1.2 Unless you withdraw your consent in accordance with the procedure set forth in this Policy, we may continue to share the personal data that we collect from you with our affiliates and subsidiaries. Such personal data may also, subject to the PDPA and other applicable Singapore laws, be transferred to and used by us outside of Singapore. When personal data is collected by or transferred to us, it will be treated according to the personal data protection practices set forth in this Policy.
2. Collection, Use and Disclosure of Personal Data
2.1 In this Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we (and all our affiliates, partners, subsidiaries and all relevant third parties mentioned in this Policy) have or are likely to have access.
2.2 Subject to the PDPA, we will obtain consent before collecting, using and disclosing your personal data and will notify you of such purposes. In doing so, we shall make a reasonable effort to ensure your personal data collected is accurate and complete.
2.3 The type of personal data that we collect about you depends on the nature of the activity or transaction. We collect personal data about you that you knowingly and voluntarily provide in connection with certain activities or transactions with us, including but not limited to:
(a) when you visit our premises (e.g. the Internet Data Centre);
(b) when you access or use our Website (or the website of any of our affiliates);
(c) when you enter into a contract with us for the provision of any of our goods or services;
(d) when we are providing service and support in connection with our products and services
(e) when you contact us to ask questions, provide feedback, submit an access or correction request, or make a complaint; and
(f) when you report a problem with our Website or our services; etc.
2.4 We may also collect your personal data from, and disclose your personal data to, our affiliates, including building security service providers engaged by us to protect our premises, related companies, and independent third-party sources.
2.5 The type of personal data which we may collect includes the following:
(a) your full name, designation and other business contact information;
(b) your image your NRIC number or other national identification numbers (including FIN, Birth Certificate number, Passport number and Work Permit number) and your identity information (including National Registration Identification Card details or equivalent). We will otherwise not collect your national identification numbers unless it is required under the law (or an exception under the PDPA applies), or if it is necessary to accurately establish or verify your identity to a high degree of fidelity;
(c) your image or likeness as recorded by the CCTV cameras installed in our premises for security purposes;
(d) if you apply for employment with the Company, your employment-related information (e.g. curriculum vitae, job history, references); and]
(e) your internet protocol (IP) address, login data, cookie data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, international mobile equipment identity, device identifier, how you use and view any content on the Website and other information and technology on the devices you use to access the Website.
2.6 The Website may contain links to other websites operated by other parties, such as our business affiliates, advertisers or other third parties. We are not responsible for the data protection practices of websites operated by these other parties. You are advised to check on the applicable data protection policies of those websites to determine how they will handle any information they collect from you.
2.7 When you provide your personal data to us, you are giving us permission to use and store that information consistent with this Policy, including storage in servers outside of Singapore, subject to the requirements of the PDPA and applicable law on cross-border data transfers.
2.8 If you provide personal data of any third party to us, you represent and warrant that you have obtained the necessary consent, license and permissions from that third party to share and transfer his/her personal data to us, and for us to collect, store, use and disclose that data in accordance with this Policy.
3. Purposes for Collection, Use and Disclosure
3.1 Depending on your relationship with us, other than the personal data described in clause 2.5(b) and (c) above, the personal data which we collect from you (either directly or through our affiliates, related companies or any other third party) may be collected, used and disclosed for the following (non-exhaustive) purposes:
(a) to carry out our obligations or to facilitate your use of the services or access to the Website;
(b) to communicate with you and to process and respond to your queries, feedback, claims or disputes, whether directly or through any outsourced customer service vendors;
(c) to update you on any of our products and services as well as the latest developments at BDx;
(d) to assess the suitability and eligibility of a prospective job candidate who has applied for employment with BDX;
(e) to improve our Website or to improve the services provided and products sold;
(f) to carry out market research on our users’ demographics, advertising or purchasing preferences, and other behaviour;
(g) to comply with a court order or other legal process or other statutory and/or regulatory requirements of any governmental and/or regulatory authorities; and
(h) any other purpose permitted by the applicable laws of Singapore, or as may be described to you from time to time at the point of collection of your personal data.
3.2 The personal data described in clauses 2.5(b) and (c) above may be collected, used and disclosed for the following (non-exhaustive) purposes:
(a) to establish the identity of every visitor to our premises in order to safeguard and secure premises, assets and infrastructure;
(b) to establish the identity of a person when we are providing of service and support in connection with our products and services; and
(c) is otherwise necessary to accurately establish or verify your identity to a high degree of fidelity.
4. Cookies and Web Tracking Tools
5. Sharing of Personal Data
5.1 We may share your personal data with third parties, related companies and our affiliates for any of the purposes described in clause 3 (“Purposes”), including but not limited to, facilitating your use of the Website or any services provided by us, completing a transaction with you, managing your account and our relationship with you, marketing and fulfilling any legal or regulatory requirements and requests as deemed necessary by us.
5.2 In sharing your personal data with external parties, we endeavour to ensure that the third parties and our affiliates and related companies keep your personal data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as they need your personal data to achieve the Purposes.
6. Accuracy of Personal Data
6.1 It is important that the personal data you provide to us is accurate and complete. You are responsible for informing us of changes to your personal data, or in the event you believe that the personal data we have about you is inaccurate, incomplete, misleading or out of date.
6.2 You can update your personal data anytime by contacting our Data Protection Officer as indicated below.
6.3 We may take steps to share the updates to your personal data with third parties and our affiliates with whom we have shared your personal data if your personal data is still necessary for the above Purposes.
7. Transfers of Personal Data Outside Singapore
7.1 By providing us with your personal data, you understand and agree that your personal data may be transferred to servers located outside Singapore for processing by us, our affiliates and/or any other organisation which we may choose, in accordance with this Policy.
7.2 In situations where we transfer your personal data overseas, we shall take steps to ensure that appropriate levels of protection necessary to maintain the security and integrity of your personal data are in place. We shall ensure that the recipient organisation is able to provide the transferred personal data with a standard of protection comparable to that under the PDPA.
8. Withdrawal of Consent
8.1 You may, at any time, communicate the withdrawal of your consent to the continued use, disclosure, storing and/or processing of your personal data for any of the Purposes by contacting our Data Protection Officer as indicated below.
8.2 Please note that if you withdraw your consent to our use, disclosure, storing or processing of your personal data for the Purposes as stated above, we may not be able to continue to provide the services to you or perform on any contract we have with you, and we will not be liable in the event that we do not continue to provide the services to, or perform our contract with you.
8.3 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process and effect your request within ten (10) days of receiving it.
8.4 Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.
9. Access to and Correction of Personal Data
9.1 You may, at any time, request to access your personal data in our possession, or enquire about the ways in which your personal data may have been used, disclosed, stored or processed by us for the past year. You may also, at any time, request to correct any error or omission in your personal data records.
9.2 In order to facilitate the processing of your access or correction request, it may be necessary for us to request further information relating to your request. Please also note that an administrative fee may be payable on access requests made.
9.3 If you wish to access, or correct an error or omission in, your personal data records, please contact our Data Protection Officer as indicated below. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days from the date of your request, we will inform you in writing.
9.4 If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the applicable data protection laws).
9.5 Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that we have on record, if the record of your personal data forms a negligible part of the document.
10. Retention of Personal Data
10.1 We may retain your personal data for as long as the purpose for which the personal data was collected continues, or if the retention is necessary for our legal or business purposes, even in circumstances where you have closed your account with us. We will cease to retain personal data once we have no reason for doing so.
11. Security of Personal Data
11.1 We take reasonable care of your personal data. We have implemented technical, procedural and other measures to protect your personal data from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss.
12. Contact Us
12.1 If you have any questions on this Policy or if you have any other queries in relation to how we may manage, protect and/or process your personal data, please contact our Data Protection Officer.
Data Protection Officer
Telephone number: +65 9843 2564
Email Address: DPO@bdxworld.com
This Policy is accurate as of 16 April 2020.