PERSONAL DATA PROTECTION ACT (PDPA)

Privacy Policy


Introduction

We Accrete Technology (S) Pte Ltd (“ACCRETE”) respect the privacy and confidentiality of the personal data of the individuals whom we interact with while providing our services. We are committed to implementing policies, practices, and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.

We have developed this Data Protection Privacy Policy to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.

Personal Data

“personal data” means data, whether true or not, about an individual who can be identified:

(a) from that data: or

(b) from that data and other information to which we have or are likely to have access.

Collection, Use and Disclosure of Personal Data

a. it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us (your “authorized representative”) after

i. you (or your authorized representative) have been notified of the purposes for which the data is collected, and

ii. you (or your authorized representative) have provided written consent to the collection and usage of your personal data for those purposes, or

b. collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorized by law).

a. processing of job application

b. performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;

c. verifying your identity;

d. responding to, handling and processing queries, requests, applications, complaints, and feedback from you;

e. complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and / or regulatory authority;

f. carry out our obligations arising from any contracts entered between you and us;

g. processing payment or credit transactions; and

h. transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purpose

a. where such disclosure is required for performing obligations during or in connection with our provision of the goods and services requested by you; or

b. to third party service providers, agents, and other organizations we have engaged to perform any of the functions with reference to the above-mentioned purposes.

Withdrawal of Your Consent

Access to Correction of Personal Data

Protection of Personal Data

Accuracy of Personal Data

We generally rely on personal data provided by you (or your authorized representative). To ensure that your personal data is current, complete, and accurate, please update us if there are changes to your personal data by informing our DPO in writing or via email at the contact details provided below.

Retention of Personal Data

Transfer of Personal Data Outside of Singapore

We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

Data Protection Officer

You may contact our DPO if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

Email Address: dpo@accrete.com.sg

Data Breach Notification

In the event a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, we shall promptly assess the impact and if appropriate, report this breach within 3 calendar days to the Personal Data Protection Commission (PDPC). We will notify you when the data breach is likely to result in significant harm to you after our notification to PDPC. We may also notify other relevant regulatory agencies, where required. If we are a Data Intermediary, we shall inform the Data Controller immediately of any data breach so they can promptly assess the impact and comply with their data breach notification obligation.

Effect on Policy and Changes to Policy

This document was last updated in 26th Sept2024.