Data Protection Notice
(Last updated 08th December 2021)
- This is the data protection notice of Assurance Partners LLP, and its affiliated and its associated businesses.
Assurance Partners LLP and its affiliated and its associated businesses (collectively referred to as “Assurance Group of Entities”) owned and operated websites and mobile applications (collectively refer to as “Services”) may have different channels of collecting personal data, but each are committed to complying with this Notice in its collection, use, disclosure of personal data to ensure that there is a accountability and uniformity in the way we protect your personal data. Although this Notice is in common use by Assurance Partners LLP, and its ‘affiliated and its associated businesses, each is responsible to you to the extent of its own collection, use and disclosure of your personal data, and its own actions.
1.3 COMPLIANCE WITH THIS NOTICE.
This Notice applies to all personal data you provide to us, or that we may collect about you. Please do not provide any personal data to us if you do not accept this Notice.
We may also require you to accept this Notice when you contact, interact, transact, or deal with us, or when you access and use our websites, applications or services. If you notify us that you do not accept this Notice, we may not be able to establish a relationship with you or be able to service your requests.
For purposes of this notice, we will use the following definitions:
Personally identifiable information (PII) is information that can identify a user of the Services, including his or her e-mail, name, address, pictures and videos. It also includes PII combined with non-PII.
De-identified information is information from which personally identifiable components have been removed and a reasonable determination made that an individual is not identifiable.
1.4 Amendment to this Notice. We may amend this Notice from time to time without notice to you, to comply with applicable laws or as we update our data usage and handling processes. The updated Notice will supersede earlier versions and will apply to personal data provided to us previously. The amended Notice will take effect when made available.
2. Personal Data
2.1.What personal data we collect. The personal data we collect depends on the purposes for which we require the personal data and what you have chosen to provide. This may include your name, address, contact information (e.g. telephone number and email address), identification number, photograph, video image and any other information that may identify you or is personal to you.
2.2.How we collect personal data. We collect personal data relevant to our relationship with you.
We may collect your personal data directly or indirectly through various channels, including when:
- you use our services or enter transactions with us (or express interest in doing so)
- you respond to our promotions or subscribe to our mailing lists.
- you visit our websites, download, or use our mobile applications.
- you register an account with us through our websites or applications.
- you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, telephone calls, emails, fax, and letters.
- your images are captured via photographs or videos taken by us or our representatives when you are within our premises or attend events organised by us.
- you participate in events and programs, competitions, contests, or games organised by us
- we seek information about you and receive your personal data in connection with your relationship with us, for example, if you are a customer, investor, or shareholder; or
- you submit your personal data to us for any other reason.
Depending on your relationship with us, we may also collect your personal data from third parties, including:
- from your family members, employees, and mutual contacts who provide your personal data to us on your behalf; and
- from public agencies or other public sources.
Our website and applications may also contain or involve certain technologies that automate the collection of data (including personal data). These technologies include cookies, web beacons and web analytics. If you do not wish to have your data collected through such technologies you may disable the operation of these technologies on your devices (where possible), or you may refrain from using our websites and applications.
2.3.Voluntary provision of personal data. Your provision of personal data to us is voluntary and you have the right to withdraw your consent for us to use your personal data at any time by contacting and submitting a request to us. Your withdrawal will take effect after your request is processed. However, if you choose not to provide us with the personal data we require, it may not be possible for us to fulfil the purposes for which we require the personal data, including providing products and services which you need from us.
2.4.Providing personal data belonging to others. In certain circumstances, you may also provide the personal data of persons other than yourself (including your family members, business associates and employees). If you do so, you are responsible for informing him / her of the purposes for which we require his/her personal data and warrant that you are validly acting on behalf of him / her to consent to our collection, use and disclosure of his / her personal data.
2.5.Accuracy and Completeness of personal data. You must ensure that all personal data that you provide is true, accurate and complete and promptly inform us of any changes to the personal data.
3.1.We collect, use, and disclose your personal data where:
- you have given us consent.
- necessary to comply with our legal or regulatory obligations.
- necessary for our legitimate business interests if this does not override your interests or rights; and/or
- necessary to perform a contract or transaction you have entered with us or provide a service that you have requested or require from us.
3.2.General purposes. Generally, we collect, use, and disclose your personal data for purposes connected or relevant to our business, including:
- processing your transactions with us, or to provide products and services to you.
- managing your relationship with us.
- facilitating your use of our platforms and services.
- assisting you with your requests, enquiries and feedback.
- administrative purposes, e.g., accounting, risk management and record keeping, business research, data, planning and statistical analysis, and staff training.
- security and safety purposes, e.g., protecting our platforms from unauthorised access or usage and to monitor for security threats, and your image may be captured by security cameras.
- carrying out research, data, and statistical analysis.
- compliance with laws and regulations, internal policies, and procedures, e.g., audit, accounting, risk management and record keeping.
- enforcing legal obligations owed to us, or responding to complaints, litigation or investigations concerning us.
- managing and engaging third parties or data processors that provide services to us, e.g., IT services, data analytics, marketing, and other professional services.
- such purposes that may be informed to you when your personal data is collected.
- carrying out our legitimate business interests (listed below); and/or
- any other reasonable purposes related to the aforesaid
3.3.Marketing purposes. Where you give us consent, we collect, use, and disclose your personal data for purposes of:
- managing and/or administering your request to receive news (including events and product launches), promotions and marketing information from us (and/or our affiliates or related entities) and on our group products.
- analysing and/or profiling your purchases, transactions and/or likes or dislikes to be better able to send you relevant or targeted news (including events and product launches), promotion and marketing information from us (and/or our affiliates or related entities) and on our group products; and/or
- sending you news (including events and product launches) and promotions from us (and/or our affiliates or related entities) as well as marketing information from us (and/or our affiliates or related entities) and on our group products.
3.4.Legitimate business Our legitimate business interests include:
- managing our business and relationship with you and providing services to our users and customers.
- protecting our rights and interests and those of our users and customers.
- preventing and investigating possible misuse of our websites, applications, and services.
- understanding and responding to inquiries and feedback.
- understanding how our users use our websites, applications, and services.
- identifying what our users want and improving our websites, applications, services, and offerings.
- enforcing obligations owed to us, or protecting ourselves from legal liability; and
- sharing data in connection with acquisitions and transfers of our business.
3.5.Use permitted under applicable laws. We may also collect, use, disclose and process your personal data for other purposes, without your knowledge or consent, where this is required or permitted by law.
3.6.Contacting When using your personal data to contact you for the above purposes, we may contact you via email, e-mail, SMS, telephone, pop-up notifications (when you are using our applications), or any other means.
We will not contact you for marketing purposes unless with your consent, or we are exempted by applicable law from having to obtain consent. When contacting you for marketing purposes, we will not contact you through your telephone number, unless you have specifically consented to such a mode of communication. If you do not wish to receive any communication or information from us or wish to restrict the manner by which we may contact or send you information, you may contact us to do so.
4 Disclosure of Personal Data
4.1.Disclosures. We may also disclose or share your personal data in connection with the purposes described in paragraphs 2, 3.3 and 3.4 above, including to the following parties:
- third parties who are appointed to provide services to us, e.g., IT vendors, marketing companies and event organisers.
- third parties that we conduct joint marketing and cross promotions with; and/or
- regulatory authorities and public agencies.
When disclosing personal data to third parties, we will (where appropriate and required by applicable law) enter contracts with these third parties to protect your personal data in a manner that is consistent with applicable laws and/or ensure that they only process your personal data in accordance with our instructions.
5 Cross Jurisdiction Transfers of Personal Data
- Safeguards. We may transfer your personal data out of Singapore for the purposes set out in paragraph 3 When transferring personal data outside Singapore, we will require recipients of the personal data to protect personal data at a standard comparable to that under the laws of Singapore. For example, we may enter into legally enforceable agreements with the recipients to ensure that they protect your personal data. You may obtain details of these safeguards by contacting us.
6 Protection of Personal Data
6.1.Period of retention. We keep your personal data only for so long as we need the data to fulfil the purposes, we collected it for, and to satisfy our business and legal purposes, including audit, accounting, or reporting requirements. How long we keep your personal data depends on the nature of the data, e.g., we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Certain information may also be retained for longer, e.g., where we are required to do so by law. Typically, our data retention period is from 6 years upwards, depending on the limitation period.
6.2 Anonymised data. In some circumstances we may anonymise your personal data so that it no longer identifies you, in which case we are entitled to retain and use such anonymised data without restriction, including for data analytics.
6.3 Unauthorized access and vulnerabilities. While we take reasonable precautions to safeguard your personal data in our possession or under our control, we cannot be held responsible for unauthorized or unintended access that is beyond our control, including hacking or cybercrimes. We also do not guarantee that our websites and applications are invulnerable to security breaches, or that your use of our websites and applications is safe and protected from viruses, worms, Trojan horses, and other vulnerabilities.
7 Your Rights
7. 1 You enjoy certain rights at law in relation to your personal data that we hold or control. These rights include:
- Withdrawal of consent: you may withdraw consent for our use of your personal data.
- Correction. you may request that any incomplete or inaccurate data that we hold, or control be corrected.
- Access. you may ask if we hold or control your personal data and if we are, you can request access or a copy of such data. Please note that will be charged at (SGDXX/hr) subjected to the complexity of the request. The fees charge for an access request shall only be calculated on a manpower hours’ basis to complete the request. If so, we will inform you of the fee before processing your request.
7.2 Exercising your rights. If you wish to exercise your rights, you may contact us to do so. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may charge you a fee to process your request. We may also be permitted under applicable laws to refuse a request.
7.3 Limitations. We may be permitted under applicable laws to refuse your request to exercise your rights, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.
Information Collected Automatically
We automatically receive and record information on our server logs from a user’s browser. This may include the IP address, pages of Assurance Partners LLP visited, the time spent on those pages, and access times and dates. We use this information to better display our Services, maintain a user’s session, identify the country the user is located in, monitor, analyse use of and administer Assurance Partners LLP, and to better tailor it to your needs. We may also use this information to serve advertising to adult users.
To collect this information, we use technological tools including:
Cookies. A cookie is a small data file sent from a website or application and stored on your computer or device. Cookies allow us to recognize your browser when you return to Assurance Partners LLP, remember your login information, enable access to paid content and monitor potential account misuse. Cookies also allow us to better understand how you interact with Assurance Partners LLP and to monitor aggregated usage. You can set your browser to detect some cookies, to stop accepting cookies or to prompt you before accepting a cookie. Disabling our cookies will prevent access to paid content and limit some of the functionalities within our Services. To learn more about browser cookies, including how to manage or delete them, look in the Tools, Help or similar section of your web browser.
Pixel Tags. A pixel tag (also known as a “clear GIF” or “web beacon”) is a tiny image – typically just one-pixel – that we place in our marketing emails, newsletters, promotional offerings and surveys. We use pixel tags and line tracking to analyze the effectiveness of our marketing campaigns.
By using our Services, you agree to our use of these tracking technologies.
In addition, we and our third-party partners may use tracking technologies to deliver targeted advertisements and marketing messages to adult users on our or unaffiliated websites and online services. We also occasionally source information about groups of adults to generate a “lookalike audience” or similar audience of prospective customers through PII platforms. This allows us to target prospective customers with advertisements on their networks who appear to have shared interests or similar demographics to our existing customers, based on the platforms’ own data. We do not have access to the identity of anybody in the lookalike audience, unless they choose to click on the ads, and this information is only used for customer prospecting.
Note that if you wish to opt out, you will need to do so separately for each of your devices and for each web browser you use.
We also subscribe to various third parties’ education market information and databases, for example databases of school contacts. We use this data to learn about the industry we serve, to improve our services and for direct marketing. Some third parties may provide us pseudonymized information about you (such as demographic information or sites where you have been shown ads) from offline and online sources that we may use to provide you more relevant and useful advertising.
Push notifications on mobile apps: Our adult users have the option to accept push notifications. If push notifications are accepted, we will store your previously provided name and email address in the push notification token. If you choose to receive push notifications, we will need to collect certain information about your device – such as operating system and user identification information – to ensure they are delivered properly. We also collect the user time zone, which is set on the device, to ensure that we send notifications at an appropriate time of the day. We do not combine this information with other PII. You may turn push notifications off at any time using your device controls.
How Long We Retain Personal Information:
How We Share Your Information
We reserve the right to disclose personally identifiable information if we are required to do so by law, or if we believe that disclosure is necessary to protect our rights, protect your safety or others’ safety, investigate fraud, and/or comply with a judicial proceeding, court order, subpoena, or legal process.
We may share your email addresses collected when registering to free trials with third parties business partners for marketing purposes when the individual has opted in to receive such communication. You may opt out of promotional messaging at any time as described in the Opt Out section below.
Data Protection Officer
We have appointed a Data Protection Officer to oversee the protection & security management of all personal data. Should you have any query, request or feedback relating to your Personal Data, please contact us at the following:-
Data Protection Officer: Mr. Cliff Goh
Assurance Partners LLP
140 Paya Lebar Road, #10-09 AZ@Paya Lebar Singapore 409015
Tel: +65-6702 3178
For more information about the Singapore Personal Data Protection Act, please visit http://www.pdpc.gov.sg