Personal Data Protection Policy
We at Ingenique Solutions Pte Ltd take our responsibilities under the Personal Data Protection Act 2012 (the “PDPA”) seriously. We also recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
This Data Protection Policy is designed to assist you in understanding how we collect, use and/or disclose the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Data Protection Officer (the “DPO”) at:
1. INTRODUCTION TO THE PDPA
- The Personal Data Protection Act of Singapore (the “PDPA”) establishes data protection laws that govern the collection, use and disclosure of Personal Data and came into effect on July 2, 2014.
- “Personal Data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organization has or is likely to have access. Common examples of personal data could include names, identification numbers, contact information, medical records, photographs and video images.
- Ingenique Solutions Pte Ltd provides Anti-Money Laundering/ Countering the Financing of Terrorism (AML/ CFT) screening solutions to our authorised users (You) as a Software-as-a-Service (“Service”). In this regard, we are considered as a data intermediary under the PDPA as we process personal data on behalf of you when delivering our Service.
2. DATA INTEMEDIARY
- As a data intermediary, we will process personal data under the following situations as part of our Service:
i. When you register for an account to use the Service. The information collected constitutes “business contact information” and the obligations of the PDPA do not apply.
ii. When you provide your customers’ personal data to be processed as part of the Service.
- We are obliged by the PDPA as a data intermediary to take commercially reasonable efforts to ensure that your personal data which we are processing on your behalf is:
i. adequately protected and secured (Protection Obligation under Section 24 of the PDPA); and
ii. destroyed as soon as it is reasonable to do so, when you are no longer using the Service by terminating the Service according to our Service Agreement (Retention Limitation Obligation under Section 25 of the PDPA).
3. PERSONAL DATA PROTECTION OBLIGATIONS
- The Protection Obligation requires us to put in place appropriate administrative, physical and technical measures to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks to the Personal Data in our possession or under our control, regardless whether the Personal Data is stored in a central server, or on local storage media, or at facilities operated by a third party vendor. We utilize reasonable precautions to protect the confidentiality and security of the Personal Data within the Service, by employing technological, physical and administrative security safeguards, such as access control, encryption and carefully developed security procedures. These technologies, procedures and other measures are used in an effort to ensure that Personal Data is safe, secure, and only available to you and to those authorized to access such Personal Data. However, no cloud-based systems, internet, e-mail or other electronic transmission is ever fully secure or error free, so you should take care in deciding what information is transmitted, stored or hosted through the Service.
- The Retention Limitation Obligation requires us to cease to retain Personal Data which is processed or remove the means by which the Personal Data can be associated with particular individuals, as soon as it is reasonable to assume that the purpose for which the Personal Data was collected is no longer being served by retention of the Personal Data; and, the retention of the Personal Data is no longer necessary for legal or business purposes.
4. UPDATES ON DATA PROTECTION POLICY
- As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
- We reserve the right to amend the terms of this Data Protection Policy at our absolute discretion. Any amended Data Protection Policy will be posted on our website and can be viewed at Personal Data Protection Policy Page.
- You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.