DATA PROTECTION POLICY OF SGTECH

Introduction

At SGTech, we respect the privacy and confidentiality of personal data and we are committed to protecting your privacy and safeguarding your personal data.  

Our Privacy Statement covers 
How We Collect Your Personal Data 
Types of Personal Data We Collect About You 
How We Use Your Personal Data
Who We Disclose Your Personal Data To
How We Manage the Collection, Use and Disclosure of Your Personal Data
How You Can Access and Make Correction to Your Personal Data
How We Ensure the Accuracy of Your Personal Data
How We Protect Your Personal Data
How We Retain Your Personal Data
How We Transfer Your Personal Data
How We Handle Queries and Complaints 

In so doing, our Privacy Statement has set out the choices that you can make about SGTech’s use of your personal information and how you can make informed decisions about what personal data you would like to share with us.

SGTech may, in our sole discretion, permit users of our website and web applications (“the Platforms”) to post, upload, publish, submit or transmit content, which may include but is not limited to photos, write-ups, videos or links (“User Content”), on our Platforms.

 

How We Collect Your Personal Data

We collect your personal data in the following ways: 
When you respond or subscribe to our mailing list, events or campaigns
Provide feedback to us on our quality of service or your user experience
Participate in surveys
Provide your personal information relating to membership matters
Provide your personal information when enquiring on, registering membership and setting up user profile
Visit our websites and leave behind your contact information
Communicate with us online, via email or written correspondence
Submit student details for awards administered by SGTech
Submit your CV and job application form to us in response to our recruitment advertisements in newspapers and websites, or at roadshows or job fairs, or to set up website user profiles
Submit your CV to recruitment firms or job portals, which are in turn forwarded to or retrieved by us
For tax filing preparations
Processing credit notes and processing refunds
Collection of fees, charges, and expenses for services provided
Billing, accounting, auditing and the maintenance of proper book-keeping of SGTech’s operations 
Appointment as Exco, Council, Chapter committee member• Fulfilling any other reasonable purpose which may, in the ultimate discretion of SGTech, be necessary.
 

Types of Personal Data We Collect About You

The types of personal data we collect about you may include:
Your personal information such as name, last 3 digits and letter of NRIC, residential address, work address, e-mail address, telephone number, mobile phone number, date of birth, gender, names and ages of children, employment details, nationality, race, marital status, and other information necessary to fulfil special requests such as bereavement, emergency contact information, etc.
Your personal government-issued identification document numbers such as NRIC/FIN/Work Permit/birth certificate and passport numbers; only when required under the law or necessary to accurately establish or verify your identity to a high degree of fidelity
Personal information such as name, mobile phone number, e-mail address, school/institution when applying for awards administered by SGTech
Other personal details (where relevant) when applying for an employee position, creation of online user profile for recruitment : name, nationality, marital status,  languages spoken or written; professional and work experience (job title, occupation, employment history, work experience, Curriculum Vitae; education and professional qualifications, schools attended, academic transcripts, membership of professional bodies)
SGTech may also collect non-personally identifiable information about you, such as use of our website, internet protocol addresses, browser and computer system information, cookies, invisible pixels, web beacons, and aggregated data related to your use of our Platforms. 

Should you require more details on types of personal data we collect about you, you may visit our website: http://sgtech.org.sg/ or contact our DPO at dataprotection@sgtech.org.sg
 

How We Use Your Personal Data

We use the personal data we have collected about you for one or more of the following purposes:
Members care, user profile creation and account management
Communicate with enquirers and analyse website visitors
Notify you about our services, special events and programs
Respond to enquiries, update requests and feedback on user experience 
Monitor the movement of visitors to our physical premises for safety and/or security purposes
Manage and administer student tech awards
Process job applications, recruitment and selection
Authorized 3rd party (prospective employer or authorized agency)’s access to online user profile for job recruitment
Bank related matters, annual report filing, trustee matters
Carry out our obligations arising from any contracts entered into between you and us
Comply with legal obligations and regulatory requirements

Who We Disclose Your Personal Data To

We disclose some of the personal data we have collected about you to the following parties or organisations outside SGTech:
External advisors e.g. auditors, lawyers, consultants
Insurance Companies 
IT/Technical Support, IT Service Providers
Web-hosting Companies, Cloud Service Providers
Banks, Payment card processing companies
Recruitment Agencies / Head hunters / Prospective employers
Commercial Service and Training Providers
Other government agencies (e.g. Ministry of Manpower, Ministry of Health, Infocomm Media Development Authority etc)
 
 

How We Manage the Collection, Use and Disclosure of Your Personal Data

Obtaining Consent
To the fullest extent required by the PDPA, before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We next obtain written confirmation from you on your expressed consent. 
We will not collect more personal data than necessary for the stated purpose.
Under certain circumstances, we will rely on deemed consent when you voluntarily provide your personal data for the stated purpose and it is reasonably appropriate to do so, e.g. when you submit a membership application to us.
Please note that SG Tech will be exempted from obtaining consent for collection, use or disclosure based on the conditions and circumstances specified under the 2nd, 3rd, and 4th Schedules of the PDPA.

Third-Party Consent
If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his/her personal data.

Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. You have to be aware, though, of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us or our clients.

Your request for withdrawal of consent can take the form of an email or letter to us, or through the “UNSUB” feature in an online service.
 

How You Can Access and Make Correction to Your Personal Data 

You may write in to us, based on reasonable grounds, to find out how we have been using or disclosing your personal data. We are obligated under the PDPA to allow you access to your personal data of the past one year, and to make any correction if there is any error or omission. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. 

We will endeavor to fulfill your request within 30 days, with an estimate of the fee for processing the request (if applicable). If we are not able to do so within 30 days, we will notify you of the additional time required.

How We Ensure the Accuracy of Your Personal Data

We will take reasonable precautions and verification checks to ensure that the personal data we have collected from you is reasonably accurate, complete and up-to-date. From time to time, we may do a verification exercise with you to update us on any changes to your personal data.  

How We Protect Your Personal Data

We will take the reasonable security arrangements to protect your personal data that is in our possession to prevent unauthorised access, use, disclosure, or similar risks. We will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis. 
External Data Intermediaries who process and maintain your personal data on our behalf will be bound by contractual information security arrangements we have with them.

How We Retain Your Personal Data

We will not retain any of your personal data under our charge when the original purpose has been fulfilled or it is no longer necessary for any business or legal purposes. Based on our Document Retention Policy, we will ensure that your personal data that are no longer needed by us will be destroyed or disposed of in a secure manner. 

How We Transfer Your Personal Data

If there is a need for us to transfer your personal data to another country, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore. 
 

Tracking of User Activity

Where we track user activity, we will document this in our data inventory, and disclose such activity in our External Privacy Notice.

We use Tracking Tools such as Google Analytics
Use of Cookies
We use "cookies" to collect information about your activity on our web site. Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive. You can instruct your browser to refuse all cookies or to indicate them when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our web site. 

Behavioural Re-marketing 
Where we use remarketing services to advertise on third party web sites to you after you have visited our website, we, and our third party vendors, use cookies to inform, optimize and serve ads based on your past visits to our website.
The following is used for remarketing services for purposes of advertising:
Remarketing and behavioural targeting - Google Analytics for display advertising
You can opt out of these re-marketing services by visiting the web site of the relevant third party vendor(s).

Compliance with Laws

Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.

Links to Other Sites

Our website may contain links to other websites that are not operated by us. If you click on a third party link, you will be directed to that third party's website. It is important that you review the Privacy Policy of every site you visit. We have no control over, and are unable to assume any responsibility for, the content, privacy policies or practices of any third party sites or services.

Changes to this Data Protection Policy

We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page.

Contacting Us

If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Policy, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may contact our Data Protection Officer(s) at dataprotection@sgtech.org.sg.

Any query or complaint should include, at least, the following details:
Your full name and contact information
A brief description of your query or complaint

We treat such queries and complaints seriously and will deal with them confidentially and within reasonable time.
 

Last updated 12 May 2020