Your personal data is important to Kenn Organisation.
Your personal data is important to us and it is our policy to respect the confidentiality of information and the privacy of individuals. This Policy outlines how we manage the personal data we hold in compliance with the Personal Data Protection Act 2012 of Singapore and its regulation(s) (“PDPA”). This policy applies to all divisions and organisations in the Kenn Organisation stable of companies (collectively, “KO”, “we”, “us” or “our”) further details of which are available at our website www.kenn.org. We also comply with local data protection and privacy laws in our operations out of Singapore.
Main Data Protection Policy
We will collect, use or disclose personal data for reasonable business purposes only if there is consent or deemed consent from the individual, and the individual has been notified regarding information on such purposes. We may also collect, use or disclose personal data if it is required or authorised under applicable laws.
What types of personal data do we collect?
We collect personal data from clients, customers, business contacts, partners, personnel, contractors and other individuals. Such personal data may be provided to us in forms filled out by individuals, face-to-face meetings, email messages, telephone conversations, through our websites or provided by third parties. If you contact us, we may keep a record of that contact.
How do we collect your personal data?
We collect these personal data when it is necessary for business purposes or to meet the purposes for which you have submitted the information.
The ways in which we may collect your personal data include (but are not limited to) collecting directly or indirectly from you or your authorised representatives in the course of:
- you signing up for alerts or newsletters;
- you visiting our websites, etc;
- you acting as an intermediary or otherwise on behalf of a third party or supplying us with information regarding a third party (such as a friend, a colleague, an employee etc);
- you applying for a job with us;
- you participating in our marketing or promotional events;
- you using our products or services;
- you contacting us with your queries, requests or feedback;
- our conducting market research or surveys;
- our conducting interviews
- you undertaking that you are an authorised representative or agent of such third party and that you have obtained all necessary consent from such third party to the collection, processing, use and disclosure by us of their personal data. (Because we are collecting the third party’s data from you, you undertake to make the third party aware of all matters listed in this policy preferably by distributing a copy of this policy to them or by referring them to our website.)
Use of Personal Data
We use personal data for the following purposes:
- to provide our services
- to respond to the individual’s request or for the purposes for which it was provided to us as stated at the time of the collection (or as is obvious from the context of collection)
- to maintain contact with clients and other contacts
- to keep clients and other contacts informed of the services we offer, industry developments, service offerings, seminars and other events we are holding, that may be of interest to them
- for general management and reporting purposes, such as invoicing and account management
- for recruitment purposes
- for purposes related to the employment of our personnel and providing internal services to our personnel
- all other purposes related to our business.
You may choose to unsubscribe from mailing lists, registrations, or elect not to receive further marketing information from us by contacting our Data Protection Officer, or if we have contacted you by email, you may use the unsubscribe function in that email to notify us. Please allow 28 days for your request to be processed.
How do we use and/or disclose your personal data?
We do not disclose personal data to third parties except when required by law, when we have your consent or deemed consent, or in cases where we have engaged a third party such as data intermediaries or subcontractors specifically to assist with our firm’s activities. Any such third parties whom we engage will be bound contractually to keep all information confidential.
We will not sell, rent or give away personal data to third parties for commercial purposes without your consent.
We may disclose personal data to other member firms in the Kenn Organisation network of firms, where it is necessary (i) to meet the purpose for which you have submitted the information; or (ii) to enable you to be provided with information at a later date which may be of relevance and interest to you based on the nature and purpose of your voluntary requests. We may also transfer all data in our possession to a successor-in-interest to our business or assets.
Who do we share your personal data with?
Depending on the product or service concerned, personal data may be disclosed or transferred to:
- other divisions or organisations within KO;
- our joint venture/alliance partners;
- our service providers and specialist advisers/institutions who have been contracted to provide administrative, financial, legal, accounting, information technology, research or other services;
- courts, tribunals, law enforcement agencies, regulatory authorities and other governmental agencies as agreed or authorised by law;
- anyone authorised by an individual, as specified by that individual or the contract.
Access to and Correction of Personal Data
Upon request, we will provide the individual with access to their personal data or other appropriate information on their personal data in accordance with the requirements of the PDPA.
Upon request, we will correct an error or omission in the individual’s personal data that is in our possession or control in accordance with the requirements of the PDPA.
We may charge for a request for access in accordance with the requirements of the PDPA.
Withdrawal of Consent
Upon reasonable notice being given by an individual of his withdrawal of any consent given or deemed to have been given in respect of our collection, use or disclosure of his personal data, we will inform the individual of the likely consequences of withdrawing his consent. We will cease (and cause any of our data intermediaries and agents to cease) collecting, using or disclosing the personal data unless it is required or authorised under applicable laws.
Accuracy of Personal Data
We will make a reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete.
How do we manage, protect and store your personal data?
We have appointed Data Protection Officers (“DPOs”) from each of our business units to oversee our management of personal data in accordance with the Act. We regard breaches of your privacy very seriously and we have implemented measures to secure and protect your information, such as training our employees who handle your personal data to respect the confidentiality of such personal data and your privacy, storing personal data in a combination of secure computer storage facilities and paper-based files and other records, taking steps to protect the personal data we hold from misuse, loss, unauthorised access, modification or disclosure. However, you will appreciate that it is not for us to perfectly secure your personal data from cyber attacks, such as hacking, spyware and viruses. Accordingly, you will not hold us liable for any unauthorised disclosure, loss or destruction of your personal data arising from such risks. The Act also requires us not to store personal data longer than necessary. We will cease to retain your personal data when we no longer require such personal data for the purposes we originally notified you of or for any business or legal needs.
Retention of Personal Data
We will cease to retain personal data, as soon as it is reasonable to assume that the purpose for collection of such personal data is no longer being served by such retention, and such retention is no longer necessary for legal or business purposes.
Transfer of Personal Data Outside of Singapore
We will ensure that any transfers of personal data to a territory outside of Singapore will be in accordance with the PDPA so as to ensure a standard of protection to personal data so transferred that is comparable to the protection under the PDPA.
Privacy on Our Websites
This Policy also applies to any personal data we collect via our websites. Cookies may be used on some pages of our websites. “Cookies” are small text files placed on your hard drive that assist us in providing a more customised website experience. Cookies are now used as a standard by many websites to improve users’ navigational experience. If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a visitor may refuse a cookie and still fully navigate our websites; however, other functionality in the site may be impaired. After termination of the visit to our site, you can always delete the cookie from your system if you wish.
Data Protection Officer
If you believe that information we hold about you is incorrect or out of date, or if you have concerns or further queries about how we are handling your personal data, or any problem or complaint about such matters, please contact our Data Protection Officer, Carol Hoon, at firstname.lastname@example.org.
What if you have a complaint?
If you consider that any action of Kenn Organisation breaches the Act or this Policy, you can make a complaint to the DPO by contacting Carol Hoon at email@example.com. We will endeavour to act promptly in response to a complaint.
How to contact us?
You can contact the DPO in Kenn Organisation emailing Carol Hoon at firstname.lastname@example.org.
Updates to this Policy
This Policy will be reviewed from time to time to take account new laws and technology, changes to our operations and practices, and the changing business environment. This Policy was last updated on 1 June 2017. If you are unsure whether you are reading the most current version, please contact us.