PDPA compliance in Singapore

Manyone Pte. Ltd – Compliance with Personal Data Protection Act 2012

Singapore 30 July 2020

Ref.: https://www.pdpc.gov.sg/

Compliance

Risk assessment, auditing and awareness

Manyone Pte. Ltd (Manyone Pte) has appointed a Data Protection Officer (DPO).

The DPO conducts an annual data protection audit and continuously informs employees, collaborators and partners of obligations under the PDPA, as well as the internal policies and processes in place for the handling of personal data.

The DPO ensures awareness of any new developments, as well as any existing laws and contracts that may affect the personal data already under Manyone Pte's care.

Consent
Manyone Pte collect personal data as part of establishing contracts and agreements, and during networking, business meetings and events. The data is normally collected directly from the involved parties and includes contact information.

Manyone Pte also collect email addresses to notify interested parties of events, news and podcasts created, hosted or co-hosted by Manyone Pte. Terms available at the time of signup.

Purpose limitation

Manyone Pte only collect, use or disclose personal data about an individual for the purposes that a reasonable person would consider appropriate in the circumstances and for which the individual has given consent.

Notification

Manyone Pte will notify individuals of the purposes for which the personal data is being collected, used or disclosed at the time of submission or collection.

Access, correction and removal

Queries for personal data can be submitted to Manyone Pte via email or postal mail:

dpo.sg@manyone.com

Manyone Pte. Ltd
Katarina Ivarsson, DPO
160 Robinson Road
068914
Singapore

Requests for correction received by the DPO will be verified by contacting the requesting party via email, video call, or postal mail. If deemed valid, it will be actioned by the DPO within 30 days.

Manyone Pte will inform the individual of which personal data is held and how it has been used for a year prior to the request. Note that Manyone Pte is prohibited from providing any data in reply to a request if the provision of the data or other information could reasonably be expected to:

  • cause immediate or grave harm to the individual’s safety or physical or mental health;
  • threaten the safety or physical or mental health of another individual;
  • reveal personal data about another individual;
  • reveal the identity of another individual who has provided the personal data, and the individual has not consented to the disclosure of his or her identity;
  • or be contrary to national interest.

Manyone Pte will correct any data held, if asked to do so, and share the updated data with any organisations that may have been granted access under the terms in which the data was originally submitted to Manyone Pte.

External access to Personal Data will be granted to the proper authorities by the DPO in compliance with local laws and regulations.

Request for removal of data if approved, to the extent permitted by local laws and regulations, will prevent any further contact with the purpose for which the data collected, i.e. receiving promotional emails, invites etc.

Accuracy

Manyone Pte will make all reasonable efforts to make sure the data collected is correct. Any existing data held is believed to be accurate if received directly by the submitting party.

Protection

Access to collected personal data is restricted to employees or contracted team members of Manyone Pte. All data is held with the following cloud data storage and Saas services:

  • Microsoft365
  • Dropbox
  • iCloud
  • Google Drive
  • Tresorit
  • MailChimp

Access protection for Manyone Pte hardware, which may at times hold some of the data provided to us, is maintained by password access and other security procedures.

Retention limitation

Manyone Pte will cease retention of personal data, or remove means by which the personal data could be associated with any individual, when it is no longer necessary for business or legal purposes.

Transfer limitation

Manyone Pte will transfer personal data to another country only if the standard of protection provided is comparable to the protection under the PDPA (unless exempted by the PDPC).

Accountability obligations

The data protection policies, practices and complaints process of Manyone Pte are outlined by this document. Any questions should be directed to the designated Data Protection Officer.

dpo.sg@manyone.com


Manyone Pte. Ltd
Katarina Ivarsson, DPO
160 Robinson Road
068914
Singapore