Last Update: January 23, 2017
1. Personal Data
You agree that the Group may collect, store, process, disclose, access, review and/or use personal data (including sensitive personal data) about you, whether obtained from you or from other sources, for the purposes set out below and/or any other administrative or operational purposes and/or the purpose of managing your relationship as a customer with the Company or any other company within the Group:
(i) providing services to you in relation to your transactions with the Group;
(ii) enabling your use of the services which the Group provides, including, where necessary, contacting you (whether by SMS, email or otherwise);
(iii) dealing with enquiries made by you;
(iv) maintenance and updating of the data; (iv) maintenance and updating of the data;
(v) statistical analysis;
(vi) administrative or operational purposes;
(vii) tax filing preparation;
(viii) processing credit notes and processing refunds;
(ix) collection of fees, charges and expenses for services provided;
(x) verification and identification purposes;
(xi) facilitating the making and payment of claims, including payments by cheque, bank transfers or other means;
(xii) carrying out billing, accounting, auditing and the maintenance of proper book-keeping to explain the Company’s operations and business; and/or
(xiii) the disclosure of the relevant books, documents, records and information (in hard or soft copy) to the auditors for the preparation of financial reports.
2. Data Quality
The Company will take reasonable steps to make sure that the personal data it collects, uses or discloses is accurate, complete and up to date.
3. Data Security
The Company will take reasonable steps to protect the personal data it holds from misuse and loss and from unauthorized access, modification or disclosure.
The Company will not keep personal data for longer than is necessary and will take reasonable steps to destroy or permanently de-identify personal data if it is no longer needed.
4. Access and Correction
You are entitled to have access to the personal data about you that is in the possession or under the control of the organization and information about the ways in which the personal data has been or may have been used or disclosed within a year before the date of the request. This can be done by you making a written application to the Designated Person (as defined below) requesting for any such information. The Company reserves the right to charge a fee (representing its costs in administering your request) for supplying such information and to refuse requests which, in its opinion, occur with unreasonable frequency.
The Company will also, where you have requested that it correct an error or omission in the personal data about you that is kept with the Company, correct such data as soon as practicable and send the corrected personal data to every organization to which the personal data was sent before it had been corrected, if applicable, unless that organization does not need the corrected personal data for any legal or business purpose.
The Company may however choose not to provide you with access to or correct such information, in accordance with the exceptions under the PDPA. This would include cases where:
(i) The Company is satisfied on reasonable grounds that the correction should not be made;
(ii) The request for access is frivolous or vexatious or the information requested is trivial;
(iii) The personal data is related to a prosecution and all the proceedings related to the prosecution have not been completed;
(iv) The personal data, if disclosed, would reveal confidential commercial information that could, in the opinion of a reasonable person, harm the competitive position of the organisation; and
(v) The personal data was collected, used or disclosed for the purposes of an investigation and associated proceedings and appeals have not been completed.
5. Transborder Data Flows
If your personal data is transferred to a country or territory outside Singapore, for instance, if your personal data is required for administrative or operational purposes in other companies within the Group, we will ensure that the recipients thereof provide a standard of protection to your personal data so transferred that is comparable to that which is provided herein.
6. Enquiries and Complaints
The Company has designated the person whose contact details are set out below as the person (“Designated Person”) who will be responsible for ensuring the Company’s compliance with the PDPA. If you have any queries or requests or wish to make any applications concerning your personal information or data, please contact the Designated Person at Compliance-Singapore@theice.com.