Data Protection Notice
This notice outlines how KR Konsulting Pte Ltd ("we," "us," or "our") collects, uses, discloses, or processes customer personal data in accordance with the Personal Data Protection Act ("PDPA"). Applicable to personal data in our possession or under our control, including data held by organizations engaged for data processing. In this notice, "customer" refers to an individual who has contacted us to learn about our goods or services or has entered into a contract with us. "Personal data" encompasses information identifying a customer, including name, contact details, identification, nationality, employment, and financial information. Terms follow PDPA definitions.
Collection, Use, and Disclosure of Personal Data
We typically refrain from collecting personal data unless: (a) provided voluntarily by you directly or through an authorized third party, with your consent and notification of the purpose; or (b) permitted or required by the PDPA or other laws. Additional consent is sought before collecting more data or using it for unnotified purposes, except where allowed by law. Personal data may be used for various purposes, including service provision, identity verification, responding to queries, managing relationships, processing transactions, and marketing. We may disclose personal data to fulfil service obligations or engage third-party service providers and organizations for specified functions. The outlined purposes may persist even after the termination or alteration of your relationship with us, for a reasonable period, including enforcing contractual rights.
Withdrawing Your Consent
The consent you provide for the collection, use, and disclosure of your personal data remains valid until withdrawn in writing. To withdraw consent and cease the use/disclosure of your data for the listed purposes, submit a written request or email our Data Protection Officer (contact details below). Processing your withdrawal request may take a reasonable time, and we will notify you of the consequences, including legal implications affecting your rights and liabilities. Generally, we aim to process requests within ten (10) business days. While we respect your decision, note that depending on your request's nature, we may be unable to continue providing goods or services, and we will inform you accordingly before completing the request processing. If you choose to cancel your consent withdrawal, notify us in writing as described in clause 8. Withdrawal does not affect our right to collect, use, and disclose personal data without consent when permitted or required by applicable laws.
Access to and Correction of Personal Data
If you desire to (a) access a copy of your personal data held by us or information about how we use or disclose it, or (b) correct or update any of your personal data within our possession, submit your request in writing or via email to our Data Protection Officer (contact details below). A reasonable fee may be applicable for access requests, and we will inform you before processing. We strive to respond promptly. If we cannot address your request within thirty (30) days, we will notify you within the same timeframe and provide an estimated response date. If we are unable to provide the requested data or make corrections, we will generally communicate the reasons, unless not required under the PDPA.
Protection of Personal Data
To secure your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, we have implemented suitable administrative, physical, and technical measures. These include up-to-date antivirus protection, encryption, and privacy filters for all personal data storage and transmission, shared internally and with authorized third-party service providers and agents on a need-to-know basis. While we strive to ensure information security, please note that no Internet transmission or electronic storage method is entirely secure. Security cannot be guaranteed, but we consistently review and enhance our information security measures.
Accuracy of Personal Data
We primarily rely on the personal data provided by you (or your authorized representative). To maintain the current, complete, and accurate status of your personal data, please inform our Data Protection Officer in writing or via email about any changes to your personal data using the contact details provided below.
Retention of Personal Data
We may retain your personal data for the duration necessary to fulfil the purpose for which it was collected or as required/permitted by applicable laws. Once it becomes reasonable to assume that retaining the personal data no longer serves its collection purpose and is unnecessary for legal or business purposes, we will cease retention or remove means associating the data with you.
Transfers of Personal Data Outside of Singapore
While we typically refrain from transferring your personal data beyond Singapore, if such transfers become necessary, we will seek your consent before proceeding. Rest assured, we will take measures to ensure that any transfer maintains a standard of protection at least equivalent to that provided under the PDPA.
Data Protection Contact
For any inquiries, feedback on our personal data protection policies, or requests, please reach out to us via email at [email protected].
Effect of Notice and Changes to Notice
This Notice works in conjunction with other applicable notices, contractual clauses, and consent clauses concerning the collection, use, and disclosure of your personal data by us. We may make revisions without prior notice; check the last updated date to track changes. Your continued use of our services implies your acknowledgement and acceptance of any such revisions.
Effective Date: August 17, 2020
Last Updated: August 17, 2020