This Policy governs data collection, processing and usage in compliance with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (“PDPA”). By using the Website, you consent to the data practices described in this Policy.
This Policy sets out the basis which we may collect, use, disclose or otherwise process your personal data in accordance with the PDPA.
This Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes when you or your organisation signs up to the services we provide and when you or your organisation accesses StaffAny’s services and/or applications using a business account via our website (staffany.com), subdomains (“Website”), through applications on devices, through APIs, or through third-parties (together, the “Application Users”); when you leave your organisation and cease to access StaffAny’s services or applications using a business account attached to your organisation (“Former Application User”) and when you visit our Website while browsing the internet (together, the “Website Users”).
1. As used in this Policy: “You” means an individual who is visiting and/or using our Website; and “personal data” means data, whether true or not, about you which can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
2. Some examples of personal data which we may collect from you include your name and identification information such as your contact information such as your home and business postal addresses, email addresses, telephone numbers, emergency contact details, profile photos, nationality, gender, date of birth, marital status, user behaviour and financial information such as credit card numbers, debit card numbers or bank account information and biometric information for the purpose of facial recognition software.
3. In addition the following information may be collected:-
We may collect your contacts information (if we are provided with access to your third party services (for example, your email account)); social networking information (if we are provided with access to your account on social network connection services); any further personal data contained in any files that you upload, download, or create (“Files”) within the StaffAny application; and log data from your device, its software, and your activity using the StaffAny application including the device’s internet protocol address, browser type, locale preferences, geo-location information, identification numbers associated with your devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your Files, and other interactions with StaffAny.
Former Application Users:
We may retain any further personal data contained in any files that you uploaded, downloaded, or created (“Files”) within StaffAny’s application; log data from your device, its software, and your activity when you used the StaffAny application including the device’s internet protocol address, browser type, locale preferences, geo-location information, identification numbers associated with your devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your files, and other interactions with the StaffAny application.
We may collect a limited amount of personal data from our Website Users which we use to help us to improve your experience when using our website and to help us manage the services we provide. This includes log data such as your device’s internet protocol address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, geo-location information, identification numbers associated with your devices, your mobile carrier, date and time stamps associated with transactions, system configuration information and other interactions with the Website. If you contact us via the website (including via any chat widget), we will collect any information that you provide to us, for example your name and contact details.
4. We may also collect from you information on your employment such as your current and previous salary, current and previous employment records, job designation, job description, attendance records and on-time ratios, work performance records and data, sales performance and responsiveness and work experience.
5. Other terms used in this Policy shall have the meanings given to them in the PDPA (where the context so permits).
6. If you are an Application User, your personal data can be used to provide our services to your organisation, assessing suitable job placements or employment recommendations, communicating with you on such job placements or recommendations and to offer you any StaffAny services which we think may be of interest to you. When we use your personal data to allow you to access and use the StaffAny’s application, we do so on the instructions of your organisation and on behalf of your organisation. This makes us a “data intermediary” for the purposes of the PDPA. However, there may be certain circumstances under which we use your personal data for purposes that are not on behalf of your organisation or in accordance with instructions of your organisation, for example, where we need to use it for our own purposes in which event the provisions in section 10 will apply.
7. If you are a Former Application User, we may retain your personal data to maintain a limited version of your business account profile and for our own purposes, for example, where we wish to offer you services which we think you may be interested in (please refer to section 10 below).
8. If you are a Website User, we use your information for our own purposes (please refer to section 10 below).
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
9. We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
10. We may collect and use your personal data for any or all of the following purposes:
(a) in order to display this Website to you and ensure stability and security;
(b) verifying your identity;
(c) responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
(d) facilitating StaffAny’s provision of the products and services which you use;
(e) communicating with you on your enquiries, and/or sending you marketing, advertising and promotional information and materials relating to products and/or services that we, our partners and/or third party organisations with whom we are collaborating, may be selling or marketing;
(f) administrative matters on your product and/or service purchases and/or subscriptions, managing your accounts, processing your sign-ups/registrations for mailing lists, etc.
(g) conducting market research and customer satisfaction surveys
(h) managing your relationship with us;
(i) processing payment or credit transactions;
(j) job placements or recommendations through a wholly web-based job portal;
(k) benchmarking or processing data for the purpose of analysis and/or preparing reports;
(l) to offer you services which we think you may be interested in;
(m) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
(n) transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes;
(o) any other incidental business purposes related to or in connection with the above.
(p) Any other purposes that we notify you of at the time of obtaining your consent. As the purposes for which we may/will collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your personal data without your consent is permitted by law; and
(q) any other purposes for which you have provided the information.
11. We may disclose your personal data: (a) where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you; or (b) to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in clause 10 above for us.
12. The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
FURTHER FUNCTIONS AND SERVICE OF THIS WEBSITE
13. Alongside the purely informational use of this Website, we offer a number of different services which you may use if they are of interest to you. For this purpose, you will normally have to supply some additional personal data which we will use to provide the respective service and to which the aforementioned principles of data processing apply.
14. We use external service providers for some parts of the processing of your data. These providers have been carefully selected and engaged by us, are bound to instructions and are monitored regularly.
15. Furthermore, we may provide your personal data to third parties if participation in promotions, contract conclusions or similar services of StaffAny are offered in conjunction with associates.
WITHDRAWING YOUR CONSENT
16. The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
17. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
18. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 8 above.
19. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
ACCESS TO AND CORRECTION OF PERSONAL DATA
20. If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
21. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
22. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
PROTECTION OF PERSONAL DATA
23. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
24. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
ACCURACY OF PERSONAL DATA
25. We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
RETENTION OF PERSONAL DATA
26. We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
27. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE
28. We may transfer your personal data to countries outside of Singapore. If we do so, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
29. In addition to the aforementioned data, cookies are stored on your computer when you use this Website. Cookies are small text files which are stored on your hard drive and allocated to the browser used by you and through which the agency which sets the cookie (in this case StaffAny) is provided with particular pieces of information. Cookies cannot execute applications or transfer viruses to your computer. Their purpose is to make the online service generally more user-friendly and effective.
a. Transient cookies – Transient cookies are automatically deleted when you close your browser. This particularly includes session cookies. These store a so-called session ID, through which different requests by your browser may be allocated to a single session. This enables your computer to be recognized when you return to this Website. Session cookies are deleted when you log out or close the browser.
b. Persistent cookies – Persistent cookies are deleted automatically after a pre-set period, which may differ depending on the type of cookie. You may at any time delete cookies in your browser’s security settings.
You may configure your browser settings according to your preferences and, for example, reject the acceptance of third-party cookies or all cookies. This may mean that you will not be able to use all functions of this Website.
DATA PROTECTION OFFICER
31. You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:
Contact person: Jeremy Hon
Email address: [email protected]
EFFECT OF NOTICE AND CHANGES TO NOTICE
32. This Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
33. We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Your use of this Website constitutes your acknowledgement and acceptance of such changes.