This Policy sets out the manner in which SSIA collects, uses, manages and protects personal data (as defined below) in compliance with the provisions of the Personal Data Protection Act 2012.
This policy applies to all individuals (as defined below) who provide SSIA with personal data or whose personal data is otherwise collected, used and/or disclosed by SSIA in connection with and/or for the purpose of its operations.
This policy supplements but does not supersede or replace any previous consent which an individual may have provided to SSIA, nor does it affects any rights that SSIA may have at law in connection with the collection, use and/or disclosure of any individual's personal data. Subject to that, SSIA will not collect any personal data from an individual unless the individual has voluntarily chosen to provide us with it.
SSIA may from time to time update this policy to ensure it is consistent with its future developments or business purposes or to accommodate future changes to applicable legal or regulatory requirements. All updates to this policy will be published at www.ssia.org.sg and appropriate notifications of any material revisions will be issued to the relevant persons. Subject to an individual's rights at law, the prevailing terms of the policy from time to time shall apply. By continuing their relationship with SSIA after any amendments have been introduced and published, individuals shall be deemed to have accepted the policy as amended.
For the avoidance of doubt, this policy forms part of the terms and conditions, if any, governing an individual's specific relationship with SSIA ("Terms and Conditions") and should be read in conjunction with such terms and conditions. In the event of any conflict or inconsistency between the provisions of this policy and terms and conditions, the provisions of the terms and conditions shall prevail to the fullest extent permissible by law.
"Members” means Individuals or Companies who members of SSIA;
“Non-members” means Individuals or Companies who are not members of SSIA;
“Data Protection Officer” means the person designated to be responsible for ensuring that SSIA complies with the PDPA;
“DNC Registry” means the Do-Not-Call registry maintained by the Personal Data Protection Commission, pursuant to the PDPA;
“Event Participants” means persons (whether or not Members or Non Members) who participate in or attend events or programs organised or sponsored by SSIA from time to time;
“Individuals” means natural persons, whether living or deceased, and “Individual” means any of them;
“PDPA” means the Personal Data Protection Act 2012;
“Personal Data” means data that is capable of identifying a natural person, whether on its own or in conjunction with other data that is accessible to SSIA;
“Personnel” shall include any person engaged under a contract of service or contract for service with SSIA, management personnel, permanent or temporary employees, as well as trainees, interns and volunteers engaged by SSIA from time to time; and
Personal Data Collected by SSIA
SSIA will only collect, use or disclose personal data about an individual which it reasonably considers necessary for the relevant purposes underlying such collection, use or disclosure. Depending on the specific nature of an individual's interaction with SSIA, personal data that SSIA collects, uses or discloses concerning an individual may variously include the following:
a) The individual's name, gender and contact particulars, including telephone number(s), residential/mailing address(es) and email address;
b) Photographs or video recordings of the individual taken during SSIA events; and
c) Other information which the individual may provide to SSIA, from time to time, in the course of such individual's interaction with SSIA.
How SSIA collects Personal Data
Generally, SSIA may collect Personal Data about an Individual in one or more of the following ways:
a) Through application or registration forms submitted by the Individuals or Companies;
b) Through correspondence, emails or electronic messages submitted by the Individual to SSIA or otherwise posted on SSIA’s website(s);
c) Through the Individual’s interactions and communications with SSIA Personnel and Executive Committee members;
d) Through surveys conducted with and/or feedback received from an Individual or Companies;
f) Through recordings of the Individual when attending at SSIA’s premises or at any events or programs organized by SSIA;
g) Through third party business partners or associates of SSIA; and
h) Then the Individual submits his/her Personal Data to SSIA for any other reason related to SSIA’s ordinary course of operations.
Purposes for which SSIA may collect, use and/or disclose Personal Data
Generally, SSIA may collect, use and/or disclose Personal Data about an Individual for one or more of the following purposes:
a) Administering and managing Member relationships with SSIA, including the provision of services to Members;
b) Providing Members and Non-members with information about services and/or other benefits being offered or made available by SSIA to Members and Non-members;
c) Providing Members and Non-members with information about third party and/or external partner events and/or other services being offered or made available to Members and/or Non-members, through partnerships, associations and/or other collaborations involving such third parties or external partners and SSIA;
d) Organising and/or facilitating events or programs involving Members and Non-members and/or verifying the eligibility of such Members and Non-members to participate in such events or programs;
e) Tailoring activities or services available to match Members’ and Non-members preferences; and
f) Transmitting Personal Data to third parties engaged by or working in collaboration with SSIA to facilitate any of the above-mentioned purposes.
a) Administering and managing Personnel relationships with SSIA, including the provision of services to Personnel;
b) Undertaking staff training and quality assurance activities;
c) Providing Personnel with services, facilities and/or other benefits being offered or made available by SSIA to such Personnel as well as information about such services, facilities and benefits; and
d) Transmitting Personal Data to third parties engaged by or working in collaboration with SSIA to facilitate any of the above-mentioned purposes.
a) Administering and managing the event participant’s relationship with SSIA;
b) Verifying the identity and eligibility of event participants;
c) Promotional and publicity purposes, including recording videos or taking photographs of participants at events; and
d) Transmitting Personal Data to third parties such as funding agencies engaged by or working in collaboration with SSIA to facilitate or subsidies any of the above-mentioned purposes.
General business purposes
a) Engaging the administrative and business operations of SSIA;
b) Facilitating the completion of transactions with Individuals;
c) Responding to complaints, queries and/or requests;
d) Conducting market research for statistical profiling and other purposes in order to improve SSIA’s services;
e) Safety and security purposes;
f) Preventing, detecting or investigating any actual or crime, fraud, misconduct, unlawful action, breach or dispute;
g) Record-keeping, accounting or auditing purposes;
h) Legal purposes (including but not limited to obtaining legal advice and dispute resolution); and
i) Complying with laws, regulations, codes or guidelines binding on SSIA, including disclosures to regulatory authorities or other public bodies; and
j) Transmitting Personal Data to third parties such as funding agencies engaged by or working in collaboration with SSIA to facilitate or subsidies any of the above-mentioned purposes.
Unless otherwise authorised under the PDPA or any other applicable law and the collection methods stated above, SSIA will not collect, use or disclose an Individual’s Personal Data without his/her consent.
SSIA will take reasonable steps to highlight the purposes relevant to an Individual, by appropriate means, at the point or time of collection of the Personal Data from such Individual, including:
a) Express provisions in contracts, application forms and/or registration forms to be signed with or submitted to SSIA;
b) Via notifications on SSIA’s websites; and
c) In the course of verbal communications.
Where feasible, SSIA will inform the Individual of purposes that are intrinsic to the relationship between SSIA or to the provision of services to such Individual, as well as purposes that are optional.
In so far as any purpose(s) are intrinsic to the relationship or provision of services, SSIA reserves the right to decline to engage in the relevant relationship or to provide the relevant services to the Individual if he or she does not consent to SSIA’s collection, use or disclosure of his/her Personal Data for such purpose.
a) Voluntarily provide their Personal Data to SSIA for the specified purposes;
b) Use or access SSIA’s website(s);
c) Enter SSIA’s premises or using any of the facilities thereon; and/or
d) Attend or participate in events or programs organised by SSIA
In so far as SSIA collects Personal Data of an Individual from any third party(ies), such as the other business partners or associates of SSIA, SSIA will take reasonable steps to inform the relevant third party(ies) of SSIA’s purposes for collecting the Personal Data and to verify that consent from the Individual has been obtained by the relevant third party(ies) to such disclosure for the intended purpose.
Withdrawal of Consent
Policy on telephone numbers registered with the DNC Registry
SSIA is prohibited from sending unsolicited telemarketing messages (“specified messages”) to Singapore telephone numbers through voice calls, text or fax messages registered on the DNC Registers unless SSIA has obtained the relevant Individual’s clear and unambiguous consent in written or other accessible forms.
In compliance with the PDPA, SSIA will not send specified messages to telephone numbers that appear on the DNC Registry unless the relevant Individual has given SSIA clear and unambiguous consent to do so.
Protection of Personal Data
SSIA shall make reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks to Personal Data in its possession.
SSIA will ensure that third parties who receive Personal Data from SSIA protect such Personal Data in a manner consistent with this Policy and not use such Personal Data for any purposes other than those specified by SSIA, by incorporating appropriate contractual terms in its written agreements with these third parties.
SSIA is not responsible in any way for the security and/or management of Personal Data shared by Individuals with third party websites accessible via links on SSIA’s website.
Contacting SSIA—Access and Correction of Personal Data
Any Individual who:
a) has questions or feedback relating to this Policy;
b) would like to obtain access to his/her Personal Data held by SSIA;
c) would like to obtain information about the ways in which his/her Personal Data held by SSIA has been or may have been used or disclosed by SSIA in the year preceding the request; and/or
Individuals should note that SSIA is not required, under the PDPA, to provide access and correction to Personal Data in certain situations.
SSIA may require up to 1 week from the date of the Individual’s request to respond and effect any change.
This Policy shall be governed by and construed in accordance with the laws of Singapore. Any dispute arising out of or in connection with this Policy including any question regarding its existence, validity or termination, shall be referred to and finally resolved by the Courts of Singapore.
NOTE TO SSIA MEMBERS