We at NERA respect the privacy and confidentiality of the personal data of our Clients, Customers, Visitors and others whom we interact with in the course of providing our services. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.
We have developed this Data Protection Policy to assist you in understanding how we collect, use, disclose, process and retain your personal data with us.
2. How We Collect Your Personal Data
The PDPA defines personal data as “data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which the organisation has or is likely to have access.”
We collect your personal data when you:
- leave your contact details with us after visiting our website;
- interact with our Employees e.g. via telephone calls, faxes, text messages, face-to-face meetings or emails;
- are referred to us by one of our clients or customers;
- are our shareholders or proxies attending our Annual General Meeting or Extraordinary General Meetings;
- submit your CV and job application form to us in response to our recruitment advertisements;
- submit your CV to recruitment firms or job portals, which are in turn forwarded to or retrieved by us;
- register at the guardhouse when you visit our physical premises;
- communicate with us via emails or written correspondences; and
- provide feedback or make a complaint to us.
3. Types of Personal Data We Collect About You
The types of personal data we collect about you include:
- Personal contact information;
- Personal particulars;
- Photos and video footages;
- Educational and professional qualifications – for job applicants; and
- Work experience – for job applicants.
4. How We Use Your Personal Data
We use the personal data you provide us for one or more of the following purposes:
- Administer Annual General Meetings or Extraordinary General Meetings;
- Facilitate bank verification;
- Process job applications, recruitment and selection;
- Comply with legal obligations and regulatory requirements; and/or
- Provide and deliver Nera’s services and process transactions related to Nera’s services, including registrations, subscriptions, purchases and payments.
5. Who We Disclose Your Personal Data To
We disclose some of the personal data you provide us to the following parties or organisations outside NERA in order to fulfil our services to you:
- Government agencies including but not limited to Central Provident Fund Board, Ministry Of Manpower, Inland Revenue Authority of Singapore, Workforce Development Agency;
- NERA’s subsidiaries;
- Transactions Involving third parties;
- Third party service providers; and/or
- Other External service providers (travel agents, payroll processing services, corporate secretariat services, training providers).
Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.
We may also share some of your personal data, after they are anonymised, with third parties for research purposes in order to improve our products and services to you.
6. How We Manage the Collection, Use and Disclosure of Your Personal Data
6.1 Obtaining Consent
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you apply for a job with us using our job application forms.
6.2 Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us.
We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in the user’s computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.
Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session.
You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web application.
7. How We Ensure the Accuracy of Your Personal Data
We will take reasonable precautions and verification checks to ensure that the personal data you provide us is accurate, complete and up-to-date. From time to time, we may do a data verification exercise with you to update us on any changes to your personal data
8. How You Can Access and Make Correction to Your Personal Data
You may write in to us to find out how we have been using or disclosing your personal data over the past one year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will try to respond to your request as soon as possible, or within 30 days, as stipulated in the PDPA. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
You may also ask us to correct an error or omission in the personal data we hold about you. We will correct the personal data as soon as practicable, or within 30 days, unless we are satis?ed on reasonable grounds that a correction should not be made.
9. How We Protect Your Personal Data
We have implemented appropriate information security measures (such as data encryption, firewalls and secure network protocols) to protect the personal data you provide us against unauthorised access, use, disclosure, or similar risks. We will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.
10. How We Retain Your Personal Data
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes. We will dispose of or destroy such documents containing your personal data in a proper and secure manner.
11. Contacting Us
If you have any query or feedback regarding this Policy, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at: firstname.lastname@example.org
Any query or complaint should include, at least, the following details:
- Your full name and contact information; and
- Brief description of your query or complaint.
We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.