1 Collecting personal information
1.1 What is personal information?
Personal information is information that identifies you as an individual or from which your identity can be reasonably identified and includes sensitive information. Sensitive information is personal information that includes information or opinions about you such as your membership of political or professional associations or a trade union, your racial or ethnic origins, religious or philosophical beliefs or sexual orientation.
The types of personal information we may collect include your name, work address, email address, fax number or work phone number, date of birth and other biographical information, your employment and experience history, political and professional affiliations, languages, other skills and educational history.
1.2 What is the purpose for collecting personal information?
We only collect personal information for the purpose of developing, organising and integrating our information database on industry stakeholders, organisations, trends and issues. This database ultimately forms the basis of our business stakeholder product sales and support business.
We collect your personal information either:
(a) if you are a client or potential client, for the purpose of providing you with our high quality business stakeholder product and associated services. If we do not collect your personal information, we may not be able to provide this to you. For example, we may not be able to communicate with you and deal with your enquiries or requests; or
(b) if you are a person with a significant role in culture, commerce, politics or any other prominent position, for the purpose of providing our clients with comprehensive analysis of issues important to them and their business. This may include using your personal information to give our clients a better understanding of your background and how you are involved in the areas of interest to our clients.
1.3 How do we collect personal information?
There are several ways that we may collect your personal information, which are set out below. We continuously collect data and improve our data by matching and cross-checkingsources. All of the information we collect is already disclosed by the individual, either publicly or to a third party.
(a) Directly from you
As a client or potential client you may give us personal information directly. We may collect this information when we meet you in person, such as if we visit you for sales or support purposes, when you receive a quote from us or complete an application form or contract. But we may also collect your personal information directly from you in other ways, including when we have a conversation with you over the telephone or you send an email or letter to us.
(b) From clients
Our clients may have existing personal information about you from their previous interactions with you, which we incorporate into our database.
(c) From publicly available sources
We may collect personal information about you from publicly available databases and other public sources, such as the websites of various organisations or from event websites. We may also collect personal information from publicly available government registers, professional association memberships, newspapers and journals. We collect such information both manually and by using automated software which we then compile into a database held at our own premises.
(d) From third party databases
From time to time we purchase access to third party databases containing information about significant figures that may contain personal information about you.
As a potential client, third parties may give us personal information about you so that we may contact you about our services.
(e) From other sources
We may collect information from ad hoc sources as it becomes available, such as business cards, email records and as revealed by processes undertaken by our data experts.
(f) From our website
We do not store or use personal information collected from you using our website, except as is reasonably necessary to operate the website. Such information is not used in our business functions and activities. If you are using our website, you will browse anonymously except as set out in this section.
Information collected in this way is not capable of personally identifying you.
However, if you have completed an application form on our website or if you contact us by email and we have identified you, we may be able to link your identity to your previous anonymous browsing history and collect information about your possible future use of our website, irrespective of how you access our site (eg from a third party website). We do not do this as a matter of course, however it is technically feasible.
If you would prefer not to be identified in this way or would prefer us not to collect anonymous cookie information about you at all, you can delete the cookies and reconfigure the cookie preferences on your internet browser.
2 How we use and disclose your personal information
2.1 Using and disclosing personal information
We only hold, use and disclose personal information about you for the purposes outlined in section 1.2, or for related purposes which might be reasonably expected.
For instance, we may collect, hold, use and disclose your personal information to provide our business stakeholder product and associated services to you, manage our relationship with you, verify your identity and other details, deal with your enquiries and concerns and to give our clients a better understanding of your background and experience if you are a person of interest in the area in which our clients operate.
To do this, we may disclose your personal information to third parties who:
(a) are our clients;
(b) provide services which are necessary for us to conduct our business, such as providers of archival, data storage, auditing, debt collection, banking, insurance, marketing, advertising, delivery, technology, data processing, research and professional advisory (legal, accounting, financial and business consulting) services;
(c) are regulatory bodies, government agencies, police, courts and dispute resolution schemes; or
(d) are your authorised agents, executors, administrators or legal representatives.
We may also hold, use and disclose your personal information in connection with suspected fraud, misconduct and unlawful activity, and as part of a restructure of TSC.
On some occasions, we may be obliged to disclose your personal information by law, e.g. court order or statutory notices pursuant to any legislation and to government authorities.
2.2 Disclosure of personal information outside of Singapore
If you are a person with a significant role in culture, commerce, politics or any other prominent position, then we may have collected your information from publicly available sources. We do this for the purpose of developing and integrating our business stakeholder product. As part of our business activities we may provide this product to clients who are located outside of our headquarters in Singapore. It is not always practical to specify in which countries those clients may be located, but we have currently have clients in Australia, Europe, Papua New Guinea, the Middle East, the United Kingdom, the United States of America, and countries within Asia, Africa and South America.
Internet infrastructure is global, and therefore the personal information we collect about you may be transferred to countries outside of Singapore that do not have similar data protection legislation as set out in this policy (for example, we may host information on servers outside of Singapore). However, we have taken the steps outlined above to try and maintain the security of your information.
3 Keeping personal information secure
Before disclosing personal information to a client, we confirm the identity of that person to prevent misuse or unlawful disclosure of the information.
We take measures to ensure the physical security of personal information at TSC and maintain a set of security controls governing access to data by our employees and contractors. Our data security policies are compatible with best practice and ISO 27001 requirements. We are constantly improving our security policies, they already follow a number of accepted best practices, and we are on target for an ISO certification in 2014.
4 Access and correction of personal information
You may access the personal information we hold about you.
You can make a request in a letter or by telephone if you prefer. To make such a request, please see our contact details in section 5 below.
We will provide you access within 30 days if it is reasonable and practicable to do so, but in some circumstances it may take longer.
Your rights to access your personal information are subject to some limitations. For example, we do not have to provide you with access to the extent it would be illegal to do so, if it would have an unreasonable effect on the privacy of others or the request is frivolous or vexatious.
If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint.
We do not usually charge you for access to your personal information. However, if the request is complex, we may charge you the marginal cost of providing the access, such as staff costs of locating and collating information or copying costs.
We take reasonable steps to ensure that all personal information we hold is as accurate as possible.
If you feel that the personal information we hold for you is incorrect, you are able to contact us at any time to request that we correct that information.
If you would like to do so please contact our Privacy Officer using the contact details in section 5 below.
We will normally try to resolve correction requests within 30 days of you making a request. If we need more time to resolve your request we will notify you in writing as to the delay and seek your agreement to a longer period. There will be no cost to you if we correct your personal information held by us.
If you believe that we have not complied with our obligations relating to your personal information, please contact our Privacy Officer as follows:
Between 9.00am and 6.00pm (Sg time) Monday to Friday, +65 6815 0019
Mail your written complaint to: Privacy Officer
The Stakeholder Company 23A Bussorah Street Singapore 199441
Send an email at any time to firstname.lastname@example.org
You will receive an acknowledgement of the receipt of your complaint as soon as practicable. If you feel we have not properly dealt with a complaint, you may contact the Personal Data Protection Commission, Singapore, email@example.com or via telephone on +65 6377 3131.
Last updated: July 2015