PDPA
At ETCH Empathy, we take the data security of our clients, event participants and event volunteers very seriously. Do take a moment to read about our data protection policy.
Introduction
We will collect, use or disclose personal data only if there is consent or deemed consent from the individual and information on such purposes have been notified. We may also collect, use or disclose personal data if it is required or authorised under applicable laws.
Collection of Personal Data
We collect personal data from clients, participants of our events and programmes, business contacts, partners, personnel, contractors and other individuals. Such personal data may be provided to us in (physical or electronic) forms filled out by individuals, at face to face meetings, via email messages, telephone conversations, through our websites or provided by third parties. If you contact us, we may keep a record of that contact.
We collect these personal data when it is reasonably necessary and to meet the purposes for which you have submitted the information.
We will only collect, hold, process, use, communicate and/or disclose such personal data, in accordance with this policy. If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party (such as a friend, a colleague, an employee, etc), you undertake that you are an authorised representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, processing, use and disclosure by us of their personal data. Because we are collecting the third party’s data from you, you undertake to make the third party aware of all matters listed in this policy preferably by distributing a copy of this policy to them or by referring them to our website.
Use of Personal Data
We use personal data for the following purposes:
• for organising and running as well as planning our events and programmes, in particular, those in respect of which you have signed up as a participant
• for security clearances (including for entry into event venues and other facilities as well as access to information and use of equipment)
• to provide our services
• to respond to the relevant individual’s request or for the purposes for which it was provided to us as stated at the time of the collection (or as is obvious from the context of collection)
• to maintain contact with past or prospective participants and facilitators of our events and programmes as well as other contacts
• to keep our past or prospective participants, clients, partners and other contacts informed of the initiatives carried out by us, the services we offer, industry developments, events and programmes that we are running, that may be of interest to them
• for general management and reporting purposes, such as invoicing and account management
• for our research and development of programmes (including simulation exercises, seminars and workshops)
• for recruitment purposes
• for purposes related to the employment of our personnel and providing internal services to our personnel
• all other purposes related to our business.
You may choose to unsubscribe from mailing lists, registrations, or elect not to receive further marketing or other information from ETCH Empathy by contacting our Data Protection Officer, , at , or if we have contacted you by email, you may use the unsubscribe function in that email to notify us. Please allow 30 days for your request to be processed.
Disclosure of Personal Data to Third Parties
We do not disclose personal data to third parties except when required by law, when we have your consent or deemed consent or in cases where we have engaged third parties such as data intermediaries or subcontractors specifically to assist with ETCH Empathy’s activities. Any such third parties whom we engage will be bound contractually to keep all personal data confidential.
We may disclose personal data to our event or programme partners, sponsors, collaborators and experts, where it is necessary (i) to meet the purpose(s) for which you have submitted the information; and/or (ii) to enable you to be provided with information and training at a later date which may be of relevance and interest to you. This is especially so where we conduct or run any event or programme (including workshop) where third parties are engaged or invited to undertake the roles of assessors, evaluators or consultants. We may also transfer all data in our possession to a successor-in-interest to our assets, business or vision.
Access to and Correction of Personal Data
Upon request, we will provide the individual with access to his personal data or other appropriate information on his personal data in accordance with the requirements of the Personal Data Protection Act 2012 (PDPA).
Upon request, we will correct an error or omission in the individual’s personal data that is in our possession or control in accordance with the requirements of the PDPA.
We may charge for a request for access as permissible under the PDPA.
Withdrawal of Consent
Upon reasonable notice being given by an individual of his withdrawal of any consent given or deemed to have been given in respect of our collection, use or disclosure of his personal data, we will inform the individual of the likely consequences of withdrawing his consent. We will cease (and cause any of our data intermediaries and agents as well as our event or programme partners, sponsors, collaborators and experts to cease) collecting, using or disclosing the personal data unless it is required or authorised under applicable laws.
Accuracy of Personal Data
We will make a reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete.
Security and Protection of Personal Data
We have implemented generally accepted standards of technology and operational security to protect the personal data in our possession or under our control and to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.
All our personnel follow a network-wide security policy. Only authorised personnel are provided access to personally identifiable information and these personnel have agreed to ensure confidentiality of this information. Our policy is to use secure socket layer technology for the protection of credit card information submitted through web forms. This policy is also required for any fulfilment agents.
Retention of Personal Data
We will cease to retain personal data, as soon as it is reasonable to assume that the purpose for collection of such personal data is no longer being served by such retention, and such retention is no longer necessary for legal or business purposes.
Transfer of Personal Data outside of Singapore
We will ensure that any transfers of personal data to a territory outside of Singapore will be in accordance with the PDPA so as to ensure a standard of protection to personal data so transferred that is comparable to the protection under the PDPA.
Privacy on ETCH Empathy’s Web Site(s)
This Policy also applies to any personal data we collect via our websites. Cookies may be used on some pages of our websites. “Cookies” are small text files placed on your hard drive that assist us in providing a more customised website experience. Cookies are now used as a standard by many websites to improve users’ navigational experience. If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a visitor may refuse a cookie and still fully navigate our website(s), however other functionality in the site may be impaired. After termination of the visit to our website(s), you can always delete the cookie from your system if you wish.
Our website(s) may contain or provide a number of links to third party websites to make your website experience to be as informative and resourceful as possible. ETCH Empathy assume no responsibility for the information practices of these third party websites that you are able to access through ETCH Empathy’s website(s). When a visitor to our website links to these third party websites, our privacy practices no longer apply. We encourage you to review each website’s privacy policy before disclosing any data.
Modifications
We reserve the right to modify or amend this Policy at any time. The effective date will be stated at the beginning of this Policy. To keep you informed, we will notify changes to this Policy by prominently identifying the alteration for a period of not less than two weeks on our home page at http://www.etch.sg.