Data Protection Act
Your privacy is of utmost importance to us.
This data protection notice (the “Notice”) outlines how we collect, use, store and disclose your personal data in accordance with Singapore’s Personal Data Protection Act (“PDPA”) and the General Data Protection Regulation (GDPR). Please take a moment to read about how we collect, use and/or disclose your personal data so that you know and understand the purposes for which we may collect, use and/or disclose your personal data.
This Notice supplements but does not supersede nor replace any other consents which you may have previously provided to us nor does it affect any rights that we may have at law in connection with the collection, use and/or disclosure of your personal data. We may from time to time update this Notice to ensure that this Notice is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, the prevailing terms of this Notice shall apply. For the avoidance of doubt, this Notice forms part of the terms and conditions governing your relationship with us and should be read in conjunction with such terms and conditions.
What is Personal Data?
Personal data refers to any data or information about you from which you can be identified either (a) from that data or (b) from that data and other information to which we have or are likely to have access.
Depending on your relationship with us (e.g. prospective or current client, employee or business partner), the personal data about you that we may collect, use, store and disclose include:
- your contact details like your name, passport or other identification numbers, contact numbers, address, email;
- your personal details enabling us to evaluate and manage your client, employment or business relationship with us, e.g. your work experience, education, date of birth, bank details;
- your personal details enabling us to analyse your situation, determine suitable strategies and execute respective action, e.g. family status, financial status, transaction history;
- photos and videos of you from our events or office surveillances; and
- information about your use of our services and website, including cookies and IP address.
We Keep Your Personal Data Confidential and Secure
At each stage of data collection, use and disclosure, we implement physical, electronic, administrative and procedural safeguards to protect your personal data against loss, misuse, damage and unauthorized access, modifications or disclosures.
Purposes for Collection, Use and Disclosure of Your Personal Data
We collect, use and/or disclose your personal data to provide enhanced asset management services and/or family office services, including operations for these purposes. This may include the following (non-exhaustive) as applicable to the relationship we have with you:
(a) evaluating your standing, resources and capabilities to enter or maintain a relationship with you as a client, employee, business partner or other;
(b) analysing your financial situation and determining financial strategies and products suitable for you as our client;
(c) assessing and processing any applications, requests and instructions for financial products and services offered by us and/or other financial institutions or product providers for you as our client;
(d) managing commercial and financial risks, including preventing, detecting and investigating crime, including fraud and any form of financial crime;
(e) reporting to you as our client on your financial situation and our performance of our services to you;
(f) evaluating your performance as our employee or business partner;
(g) updating you on developments in our services and special happenings;
(h) responding to your queries and requests and handling complaints;
(i) internal reporting and analysis related to our business operations;
(j) maintaining records of our interactions with you, through telephone recordings, documentation (hard copy and electronic), and
(k) any other purposes related to the above purposes.
If we wish to collect, use, retain and/or disclose your personal data for any other purposes, we will adequately seek your consent.
How We May Collect Your Personal Data
Generally, we may collect your personal data ourselves or through third parties in ways including the following:
(a) during our preliminary discussions with you to establish a new client relationship, enter into employment or for any other business relationship;
(b) when you interact with our employees, in particular with your Relationship Manager;
(c) when you communicate with us by email or telephone, your emails will be retained and we may monitor and/or record your voice calls to us;
(d) when you attend our events or enter our premises, we may take pictures or videos or you may be captured on our closed circuit television cameras surveillance;
(e) when you access our website;
(f) when you respond to our requests for additional personal data; or
(g) when you submit your personal data to us for any other reason.
However, you may not be able to enter certain part(s) of our website. You are responsible for ensuring that the personal data you provide to us is accurate, complete, and not misleading and that such personal data is kept up to date. You acknowledge that failure on your part to do so may result in our inability to provide you with the products and services you have requested. To update your personal data, please reach out to your Relationship Manager or our Compliance Officer.
Where you provide us personal data concerning individuals other than yourself, you are responsible for obtaining all legally required consents from the concerned individuals and you shall retain proof of such consent(s), such proof to be provided to us upon our request.
Who We May Disclose Your Personal Data to
Generally, we shall protect and keep confidential your personal data. We will disclose your personal data only with your consent and for purposes that you have been informed about.
However, subject to applicable laws, we may disclose your personal data for the purposes set out above to parties such as those described below:
(a) our group companies and any of their subsidiaries, parent companies, affiliates, associated entities and any of their branches and offices which may also include entities and activities overseas;
(b) banks, financial institutions, credit card companies and their respective service providers;
(c) companies providing services relating to insurance and/or reinsurance to us, and associations of insurance companies;
(d) agents, contractors or third party service providers who provide services to us such as telecommunications, information technology, payment, data processing, storage and archival;
(e) our professional advisers such as our auditors and lawyers; and
(f) regulators and authorities.
When we disclose your personal data to third parties, we will ensure that they are contractually bound to protect your personal data in accordance with applicable laws and regulations, save in cases where your personal data is shared with governmental agencies and regulators, or where your personal data is publicly available, or where use/disclosure of your personal data is otherwise legally mandated and exempted.
If your personal data has to be transferred overseas, we will, where legally required, inform you of the extent to which your personal data will be protected, in the foreign jurisdiction(s) to which it will be transferred.
How Long We Keep Your Personal Data For
We shall store your personal data for as long as necessary to fulfil the purposes for which such data was collected, our business purposes, our internal and legal needs or as is otherwise legally required.
Queries, Access/Correction Requests and Withdrawal of Consent
(a) have queries about our data protection processes and practices;
(b) wish to request access to and/or make corrections to your personal data in our possession or under our control; or
(c) wish to withdraw your consent to our collection, use or disclosure of your personal data;
please submit a written request (with supporting documents, if any) to our Compliance Officer:
Our Compliance Officer shall strive to respond to you within 30 days of your submission.
Please note that if you withdraw your consent to any or all use or disclosure of your personal data, depending on the nature of your request, we may not be in a position to continue to provide our services or products to you or administer any contractual relationship in place. Such withdrawal may also result in the termination of any agreement you may have with us. Our legal rights and remedies are expressly reserved in such event.
If You Have A Complaint
We are committed to protecting your personal data. If, however, you should be dissatisfied with our handling of your personal data, please submit a written complaint containing details of your dissatisfaction to our Compliance Officer.
Our Compliance Officer shall acknowledge in writing the receipt of your complaint within 2 business days. Within 10 business days, our Compliance Officer shall contact you to provide you with an estimated timeframe for our investigations and resolution of your complaint. If your complaint requires more time beyond such estimation to resolve due to its complexity, our Compliance Officer shall inform you accordingly on or before the expiry of the original estimated timeframe.
In the event that the Compliance Officer’s investigations conclude with a solution that is dissatisfactory to you, you may wish to contact our Chief Executive Officer as follows:
Our Chief Executive Officer will acknowledge your complaint within 2 business days and strive to provide a satisfactory solution to you within 10 business days. In the unlikely event that we cannot reach an agreement with you, you may wish to refer your complaint to the Personal Data Protection Commission or consider dispute resolution by way of mediation.
This Notice is effective from 25 May 2018.