Personal Data Protection and Privacy Policy
KIRIN HOLDINGS SINGAPORE PTE, LTD.
Established on June 11, 2020
KIRIN HOLDINGS SINGAPORE PTE, LTD. (the “Company”, “we”, “our” or “us”) realizes the importance of protecting your personal data. Therefore, we properly handle your personal data in accordance with our management philosophy, specifically stipulated as follows:
This document contains the personal data protection and privacy policy adopted by the Company to manage your personal data in accordance with the Personal Data Protection Act 2012 of Singapore (No. 26 of 2012) and the relevant subsidiary legislations and guidelines (collectively, the “Act” or “PDPA”). Please take a moment to read this policy to understand the purposes for which we collect, use and/or disclose your personal data.
- Concerning the observance of laws and standards
- The Company respects the privacy of individuals and recognizes the need to treat personal data in an appropriate and lawful manner, and is committed to comply with its obligations in this regard, in respect of all personal data it handles.
- The Company may change some parts or all of the contents of this policy from time to time to ensure that this policy is in line with the legal and regulatory requirements, as well as the regulations and constitutive documents of the Company. Hence, we advise you to check regularly for updated information on the handling of your personal data.
- If you consider that this policy does not follow PDPA in respect to the personal data about you or others, you should raise the matter with our Data Protection Officer as soon as possible.
- Concerning the collection, use and/or disclosure of personal data
- In general, we collect your personal data in several ways, including but not limited to the following:
- When you contact us for enquiries, via your selected mode of communication;
- When you request us to contact you; and
- When you submit your personal data to us for employment purposes.
- Personal data that is collected by the Company may include some or all of the following personal information:
- Name;
- Nationality;
- Marital status;
- Date of birth;
- Gender;
- Contact information such as email addresses and telephone numbers;
- Demographic information such as address, postal code, preferences and interests;
- Photographs, audio/video recordings and digital images.
Notwithstanding, the Company will not collect your NRIC/FIN/Passport number unless permitted by the Act or any other applicable laws or regulations.
- Generally, the Company collects, uses and/or discloses your personal data for the following purposes:
- Providing you with our products;
- Responding to your queries and requests;
- Resolving complaints, and handling requests of and enquiries;
- Communication and marketing purposes; or
- Internal record keeping;
- Employment related purposes (including but not limited to salary, personal income tax. work pass and residential);
- Your personal data will be retained by the Company for as long as necessary according to our internal policy for the fulfilment of the purposes stated above or is required to satisfy any legal, regulatory or accounting requirements.
- The Company will take reasonable steps to protect your personal data against unauthorized collection, use and/or disclosure. Subject to the provisions of any applicable law or regulations, your personal data may be collected, used and/or disclosed for any purposes listed in clause 2.3 (where applicable), to the following:
- the Company’s staff;
- agents, contractors or third party service providers who provide services to the Company;
- our professional advisers such as auditors and lawyers;
- relevant government regulators, statutory boards or authorities, or law enforcement agencies to comply with any laws, rules, guidelines, regulations or schemes imposed by any governmental authority; and
- any other party to whom you authorise us to disclose your personal data to.
- In addition to clause 2.5, the Company will transfer your personal data to the entities outside Singapore (i.e. Kirin Holdings Company, Limited (Japan), third party service providers we appoint in Japan and other overseas entity(ies) the Company will notify you from time to time), for any purposes listed in clause 2.3.
- In order to provide the best service possible, the Company may engage a data intermediary to process and handle personal data on its behalf. In these cases, we will only work with recognized personal data management firms and shall enter into contracts with these data intermediaries to include provisions that clearly set out the data intermediaries’ responsibilities and obligations to ensure compliance with the Act.
- In general, we collect your personal data in several ways, including but not limited to the following:
- Concerning the consent for collection, use and/or disclosure of personal data
- By submitting your personal data to the Company, you agree and consent to the collection, use and/or disclosure of your personal data by the Company for some or all of the purposes mentioned above.
- If at any time we decide to collect, use or disclose your personal data in a different manner as to the purposes set out above, we will request your consent to the additional purpose(s) in writing, in which you may refuse to give at your discretion.
- If you provide us with personal data relating to a third party (e.g. information of your spouse, children, parents or relatives), you represent to us that you have obtained the consent of such third party to provide us with their personal data for the relevant purposes.
- You may at any time withdraw any consent given in respect of the collection, use or disclosure of your personal data by giving prior notice in the form of a formal written request addressed to the Data Protection Officer.
- In the event that you withdraw your consent to the Company in relation to the purposes mentioned above, the Company shall cease to collect, use and/or disclose your personal data within 30 days upon receiving your withdrawal request. Please note that once consent is withdrawn, it may not be possible for us to accomplish the purposes as set out previously above, and hence, we may be unable to continue providing the requisite services to you.
- Concerning personal data management and security measures
The Company will take reasonable measures to protect your personal data from unauthorized access or modification, improper collection, use or disclosure, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures.
- Concerning access, correction and accuracy of personal data
- You may apply for a copy of your personal data held by the Company, or request for your personal data to be updated or corrected, by sending a formal written request to our Data Protection Officer. Please be informed that we are entitled to charge a fee to recover the costs directly related to the access of the personal data for the time and effort spent by us in responding to the same, and will let you know the amount accordingly.
- Within 30 days upon receiving your request, the Company shall:
- provide you with a copy of your personal data under our custody and/or other relevant information in accordance with the Act therein;
- correct your personal data as soon as practicable and inform you that the relevant correction has been made; or
- inform you that your request for access or correction of your personal data is rejected, if the request was made in circumstances predefined by the Act where such access or correction is prohibited or not required.
- You should ensure that all personal data submitted to us is complete and accurate. Failure to do so may result in our inability to provide you with the information or services you requested.
The Company shall make a reasonable effort to ensure that the personal data collected by or on behalf of the Company is accurate.
- Concerning transfer of personal data outside of Singapore
The personal data we collect from you may be transferred to multiple destinations outside Singapore. The Company will ensure that any transfers of your personal data to a territory outside of Singapore will be in accordance with the PDPA so as to ensure a standard of protection to personal data so transferred that is comparable to the protection under the PDPA.
- Concerning the establishment and continual improvement of a management system for personal data protection
In order to appropriately manage personal data, the Company shall continually work towards improving the development of our data management system and internal company regulations.
- Contact information
Should you have a complaint or require more information about how we manage your personal data, please contact our Data Protection Officer at:
Phone: +65 6908 5078
Email: info@kirin-singapore.com.sg