Data Protection Policy – Draft
Data Protection Notice
(External Data Protection Policy)
This Policy applies to the Edmund Tie & Company group of companies, namely Edmund Tie & Company (SEA) Pte Ltd, Edmund Tie & Company Hospitality Management Services Pte Ltd and Edmund Tie & Company Property Management Services Pte Ltd.
We at Edmund Tie & Company respect the privacy and confidentiality of our Clients’ personal data. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.
We have developed this Data Protection Policy to assist you in understanding how we collect, use, disclose, process and retain your personal data with us.
2. How We Collect Your Personal Data
The PDPA defines personal data as “data, whether true or not, about an individual who can be identified a) from that data; or b) from that data and other information to which the organisation has or is likely to have access.”
We collect the personal data of our Clients or potential Employees in the following ways:
- When you leave your contact details with us after attending our events e.g.,marketing events such as roadshows and seminars;
- When you leave your contact details with us after visiting our websites and portals, or making enquiries on other third party portals;
- When you visit our showflats or open houses and leave behind your contact details or express an interest to preview a unit;
- When you express an interest on the property we are marketing e.g., to book a unit at our property launch;
- When you interact with our employees or coordinators, e.g. via telephone calls, faxes, text messages, face-to-face meetings or emails;
- When you respond to some of our marketing collaterals e.g. advertisements, brochures or flyers;
- When you fill in our application, registration, enquiry or survey forms;
- When you engage our employees to help market and transact the sale, purchase or leasing of a property;
- When you book or reserve a serviced apartment online;
- When you engage our valuation or auction services, or participate in our auctions;
- When you engage our services or do transactions with us in other business areas;
- When you respond to our job advertisements in newspapers, websites, etc;
- When you submit your job application form and CV to us; and
- When you provide feedback or make a complaint to us.
3. Types of Personal Data We Collect About You
The types of personal data we collect about you may include:
- Personal contact information;
- Personal particulars;
- Family details – to determine eligibility to purchase a Housing Development Board (HDB) flat or executive condominium;
- Financial information – to determine eligibility to purchase a HDB flat or executive condominium;
- Educational and professional qualifications – for job applicants; and
- Work experience – for job applicants
4. How We Use Your Personal Data
We use the personal data we have collected about you for one or more of the following purposes:
- Inform you of property launches, sale or leasing of properties;
- Conduct balloting exercises at property launches;
- Check with government agencies e.g., HDB on your eligibility to purchase HDB flats or executive condominiums;
- Service your booking of a unit at property launches;
- Follow up on your expression of interest to purchase or rent a property;
- Process and complete a property sale or leasing transaction;
- Perform valuation of properties;
- Conduct property auctions;
- Conduct market research and analysis; and
- Process job applications.
5. Who We Disclose Your Personal Data To
We disclose some of the personal data we have collected about you to the following parties or organisations outside Edmund Tie & Company:
- Property developer or owner – Client (buyer’s) particulars;
- Property buyer – Client (seller’s) particulars;
- Landlord – Client (tenant’s) particulars;
- Tenant – Client (landlord’s) particulars;
- Partners – Client’s particulars;
- Co-brokers – Client’s particulars;
- Government agencies e.g.,Housing and Development Board, Council of Estate Agents, Central Provident Fund Board, Ministry Of Manpower, Inland Revenue Authority of Singapore, Workforce Development Agency – Client’s and Employee’s particulars;
- Industry associations – Employees’ particulars; and
- External service providers (mailing houses, courier services, delivery services) – Client’s contact information.
6. How We Manage the Collection, Use and Disclosure of Your Personal Data
6.1 Obtaining Consent
To the fullest extent required by the PDPA, before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We next obtain written confirmation from you on your expressed consent. As far as possible, we will not collect more personal data than necessary for the stated purpose.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you enter into an Option to Purchase in the sale of a property.
6.2 Third-Party Consent
If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his/her personal data.
6.3 Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. You have to be aware, though, of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future property launches.
Your request for withdrawal of consent can take the form of an email or letter to us, or through the “UNSUB” feature in an online service.
7. How You Can Access and Make Correction to Your Personal Data
You may write in to us, based on reasonable grounds, to find out how we have been using or disclosing your personal data. We are obligated under the PDPA to allow you access to your personal data of the past one year, and to make any correction if there is any error or omission. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will notify you on the time and reasonable costs (if applicable) involved in retrieving all relevant personal data within 30 days. If we are unable to do so within 30 days, we will write to you with an expected date.
8. How We Ensure the Accuracy of Your Personal Data
We will take reasonable precautions and verification checks to ensure that the personal data we have collected from you is reasonably accurate, complete and up-to-date. From time to time, we may do a verification exercise with you to update us on any changes to your personal data.
9. Protection of Personal Data
We will take the necessary security arrangements to protect your personal data that is in our possession to prevent unauthorised access, use, disclosure, or similar risks. All our Employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.
External Data Intermediaries who process and maintain your personal data on our behalf will be bound by contractual information security arrangements we have with them.
In general, Edmund Tie & Company does not collect, use or disclose an individual’s NRIC number or a copy of the NRIC, except in the following circumstances:
a) Collection, use or disclosure of the NRIC number or copy of the NRIC is required under the law; or
b) Collection, use or disclosure of the NRIC number or copy of the NRIC is necessary to accurately establish and verify the identity of the individual.
In situations where we have to collect, use or disclose an individual’s NRIC number or a copy of the NRIC, we will notify the individual of the purpose for the above. We will also ensure that there are adequate security arrangements to prevent any unintended disclosure of the NRIC number, including during the process of making a copy of or recording the NRIC number, and to protect copies of the NRIC kept by us.
10. Retention of Personal Data
We will not retain any of your personal data under our charge when it is no longer necessary for any business or legal purposes. Based on our Document Retention Policy, we will ensure that your personal data that are no longer needed by us will be destroyed or disposed of in a secure manner.
11. Transfer of Personal Data
If there is a need for us to transfer your personal data to another country, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.
12. Do-Not-Call (DNC) Provisions
Before we make any ‘cold calls’ in telemarketing activities, we will check the National DNC Registry and our internal ‘blacklist’ before we make the phone call, send text messages or faxes to you, unless you have given us your clear and unambiguous consent [The ‘blacklist’ refers to phone numbers belonging to those individuals who have informed us to withdraw their consent].
13. Handling Queries and Complaints
If you have any query or feedback regarding this Policy, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer at:
Data Protection Officer
Tel: +65 6293 3228
Any query or complaint should include, at least, the following details:
- Your full name and contact information
- Brief description of your query or complaint
We treat such queries and complaints seriously and will deal with them confidentially and within reasonable time.