The Singapore Personal Data Protection Act 2012 and other related rules and regulations, which may occasionally be published by the Personal Data Protection Commission of Singapore, serve as the foundation for this policy.
To carry out our contractual obligations and render our services, this Policy applies to any information in our custody or under our control that relates to an identifiable individual.
Business contact details, such as names, addresses, and phone numbers, are not regarded as personal data under the Singapore Personal Data Protection Act 2012 as long as they are solely utilised for B2B interactions.
According to an exemption from the Personal Data Protection Act or another written law, we may gather, disclose, or use your personal information under the following circumstances:
To act in the national interest for any inquiry or proceedings; in response to an emergency that endangers your life, health, or safety, or the safety of another person.
In general, subject to the applicable exceptions allowed in the Singapore Personal Data Protection Act 2012, we will inform you of the purposes for which your data may be collected, used, and disclosed before we collect the aforementioned personal information from you and obtain your consent for the collection, use, and disclosure of your data for those purposes. We might not be able to carry out our obligations under the terms of our contract with you, process your request, or offer the service if you decide not to give us the personal information outlined in this Policy.
Any personal information you voluntarily supply to us may be utilised for the following activities, as appropriate:
Answer your requests and questions; Send you news, updates, invitations, marketing materials, and information regarding workshops/activities held by aZaaS Pte Ltd , its partners, and each of their respective affiliates;
Please abide by all applicable laws, rules, regulations, codes of conduct, guidelines, and other legal requirements in addition to our internal policies and procedures;
Accept our use of your data in any other manner. You have been informed, and we have your permission as a result.
All Personal Data that we maintain will be kept private. However, we reserve the right to disclose personal data to the following parties when doing so is required to achieve the stated goal or a purpose that is closely related to it as indicated in sections 3 and 4 above:
Any individual or entity acting on our behalf, jointly with us, or for a purpose that is reasonably related to or related to the purpose for which the Personal Data was provided; Any financial institutions, charge or credit card companies, credit bureaus, or collection agencies required to establish and support the payment of any services due or requested; and Any government authority by any applicable laws, rules and regulations, codes of conduct, or guidelines.
Until you withdraw it in writing, your consent for gathering, using, and disseminating your data will be deemed valid. If you want to cancel your permission, you may fill out the consent cancellation form below and email it to our data protection officer at firstname.lastname@example.org. Please be aware that we can only handle filled-out Consent Withdrawal Forms properly, and we might need to get in touch with you for clarification if such forms are found to be unclear or incomplete. Please be aware that if you refuse to allow aZaaS to carry out our contractual obligations to you, fulfil your request, or provide you with our services, there may be repercussions. Before fulfilling your request, we will analyse the withdrawal’s effects and let you know what they are. After confirming your identity, we will handle your withdrawal request within ten business days. If we need more time, we will let you know when we can finish processing your withdrawal notice.
In the event that you want to access, update, modify, or otherwise get rid of any information you’ve given. If so, please make your request to our data protection officer at email@example.com using the below Access Request Form and Correction Form.
Considering its intended use, we shall reasonably guarantee that the personal information we gather about you is true, complete, accurate, and up-to-date. To the extent practical, we shall verify the Personal Data you have supplied using commonly recognised standards and procedures. You must inform us of any changes to your company contact information if we are to maintain a partnership with you.
Regardless of the format in which it is stored, we take the necessary administrative, physical, technical, and organisational security precautions to help safeguard your data against loss and to prevent unauthorised access, disclosure, copying, use, or alteration. We have also put in place reasonable and necessary organisational safeguards to protect the integrity and confidentiality of your information, and we will only divulge it to those who have a legitimate need to know about it.
Your Personal Data will only be kept by us for as long as those purposes—as disclosed to you—continue to be met or as long as it’s required for our legitimate business or legal needs. When the period specified in our Retention and Destruction Policy has expired, or it is reasonable to presume that the approved purpose is no longer being served by its retention, we shall securely dispose of, destroy, or erase documents containing your data.
We dispose of any unsolicited personal information that we get. These unauthorised requests for personal information, whether by email or through our website, will be immediately destroyed. These won’t be recorded if they are received by phone. Before utilising, distributing, and keeping the submitted document, we shall mask any unsolicited personal information you may have given us in the document.
When sending your information outside of Singapore, we shall ensure that the quality of data protection abroad is on par with Singapore’s PDPA. If not, we shall negotiate a contract with the recipient party to provide data protection comparable to Singapore’s.
If a security breach results in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data, we will immediately assess the impact, and if we determine that it is a notifiable data breach, we will notify the Personal Data Protection Commission of the breach within three calendar days (PDPC). After we have notified PDPC, we will inform you if the data breach will likely cause serious harm. If necessary, we may also alert other pertinent regulatory agencies.
This Policy is subject to change at any moment, and any such modifications will be posted on this website.
The terms of our contracts and your consent for our collection, use, and sharing of your personal data are incorporated into this Policy. Your continued use of our services evidences your acknowledgement and acceptance of this Policy and any amendments.
You can contact our Data Protection Officer at firstname.lastname@example.org if you have any inquiries or comments regarding this Policy or if you want to learn how we manage, store, and discard your personal data.