Personal Data Protection Notice
Theta2beta is committed to ensure that personal data is protected and managed in accordance with Singapore’s Personal Data Protection Act 2012 (“PDPA”) (“the Act”). We collect, use and manage your personal data in order to offer individuals appropriate information on our initiatives, programmes and activities.
1. DATA PROTECTION NOTICE
The security of your personal data is important to us. In compliance with PDPA, this Notice sets out how Theta2beta collects, uses, retains, and discloses your personal data.
In this Data Protection Notice, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
Under the Singapore Personal Data Protection Act (PDPA), Business Contact Information (e.g., name, company address, company telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.
Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, photographs and other audio-visual information, employment information, education background, and information about your usage of and interaction with our website.
Other terms used in this Notice shall have the meanings given to them in the Singapore Personal Data Protection Act (where the context so permits).
2. CONSENT
Theta2beta obtains your consent before collecting, using and making disclosure of your personal data. After receiving written Withdrawal of Consent from you, we will stop the collection, use and disclosure of your personal data.
By voluntarily providing us your personal data, you are deemed to have given consent to this Notice and are agreeable to the collection, use, disclosure, and management of your personal data, unless we receive your written Withdrawal of Consent.
We may further disclose, share or transfer your personal data to our third party service providers, agents, affiliates or another organisation (and its downstream organisation), for the necessary conclusion or performance of the transaction.
3. COLLECTION OF PERSONAL DATA
When asking for your personal data, Theta2beta will explain why we need the personal data and will only ask for the information we need.
Theta2beta collects your personal data in the following ways:
- Face to face contact
- Electronically through our websites and related social media platforms
- Social media messages or conversations
- Phone calls, voice or image recordings
- Whilst delivering and administering services at our establishments
- From forms and other types of correspondence (both in writing and electronically)
- When you subscribe to our newsletters
- When you register for our programmes and activities
- When you participate in our programmes and activities
- When you submit your enquiry
- When you apply or another person or organisation applies on your behalf for our programmes
- When you submit your résumé for job applications
- When you contact us to share your stories
4. USAGE OF PERSONAL DATA
We may use your information for the following purposes:
- To update you on Theta2beta’s latest initiatives and activities
- To contact you for programmes and activities which you have signed up for
- To manage and administer your job application
- To send newsletters which you have subscribed to
- To publish your stories, sharing, photos, video recordings on our official website, related social media platforms, and other promotional materials
- To manage and administer your applications, registrations, enquiries, feedback or complaints
- To comply with any requirements by law.
We will not use your personal data for purposes other than what we have informed you or which are permitted under laws and regulations.
5. DISCLOSURE
In compliance with any regulatory requirements, we may be required to disclose your information with government agencies and investigation bodies.
We may collect, disclose or use your personal data pursuant to an exception under the Personal Data Protection Act or other written law such as during the following situations:
- To respond to an emergency that threatens your life, health and safety or of another individual; and
- Necessary in the national interest, for any investigation or proceedings.
You have the right of choice regarding the collection, usage and/or disclosure of your personal data. If you choose not to provide us with the personal data described in this notice, we may not be able to perform our obligations as stated in this notice. You have the right to object to the processing of your personal data and withdraw your consent in the manner described below.
If you choose not to provide us with your personal data for the purposes listed above, you may submit a request in writing or via email to our Data Protection Officer at the contact details provided below or indicate in the personal data collection form submitted to us (if any). By choosing not to provide us with your personal data, depending on our relationship, we may not be able to provide services to you or process your job application. Depending on the complexity of the request and its impact to our relationship with you, we will not collect or, within 30 days of our receipt of your request, cease using and/or disclosing your personal data in accordance with your request.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
In the case where we receive unsolicited personal data via email or any other communication channels, the unsolicited personal data will not be retained and will be securely disposed of immediately.
6. PROTECTION
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, Theta2beta takes reasonable steps to ensure the security of personal data we hold, only authorised personnel are permitted to access and use these details only a need-to-know basis. All electronic storage and transmission of personal data are protected with security technologies which comply with applicable security standards.
If there is a need to disclose your Personal Data to third parties in line with the purposes mentioned above, we will ensure that they provide sufficient guarantees to us to have implemented the necessary security measures to protect your Personal Data.
However, no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your personal data and are constantly reviewing and enhancing our information security measures. In the event of a personal data breach, we will endeavour to notify the affected parties no later than within 3 calendar days from when we become aware of the breach.
7. RETENTION
Theta2beta will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required for legal or business purposes. Any personal data which are no longer needed for legal or business purposes will be destroyed in a secure manner or anonymised according to our policy.
8. ACCESS, CORRECTION, ACCURACY
Subject to applicable laws and regulations, you or your authorised representative may at any time, give us reasonable written notice, to request for access to, to request for a copy of and to request to update or correct your personal data held by us. You may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
We will respond to your request as soon as reasonably possible. Before we accede to your access or correction request, we may need to verify your identity by checking identification document, and the legitimacy of your request. Should we not be able to respond to your request within thirty (30) days after receiving your request in writing (including both electronic and non-electronic methods), we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
If your request relates to personal data which we are processing on behalf of another organisation, we will instead forward your request to the relevant organisation for their necessary action.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will make every reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete. All personal data provided by you shall be deemed as accurate and complete, and that none of it is misleading or obsolete. You will promptly update us in writing in the event of any change to your personal data.
Address to: | Data Protection Officer |
Postal Address: | Theta2beta 3 Coleman St, #03-24, Singapore 179804 |
Contact No. : | +65-96153613 |
Email Address: | info@theta2beta.com |
9. WITHDRAWAL OF CONSENT
If you would like to withdraw your consent to any use of your personal data as set out in this Notice, please send a written request to us.
Please note that upon the receipt of your withdrawal request, we will stop collecting, using, disclosing or processing your personal data. However, we will be retaining your personal data as required by applicable laws. We will cease to retain your personal data as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving. Should we require more time to give effect to a withdrawal notice, we will inform you of the time frame by which the withdrawal of consent will take effect.
Please take note that the withdrawal of your consent may mean that we will no longer be able to liaise with you. Withdrawing consent also does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
10. CROSS-BORDER TRANSFERS OF PERSONAL DATA
Unless there is a need, we generally do not transfer your personal data to other jurisdictions. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA, including entering into an agreement with the receiving party to accord similar levels of data protection as those in Singapore.
11. FEEDBACK OR BREACH NOTIFICATION
Please write to us if you:
i. have any enquiries or feedback relating to your personal data or this Notice; or
ii. have identified or discovered a data breach. We endeavour to protect your personal data and contain the breach.
In the event a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data, we shall promptly assess the impact and if appropriate, report this breach within 3 calendar days to the Personal Data Protection Commission (PDPC). We will notify you when the data breach is likely to result in significant harm to you after our notification to PDPC. We may also notify other relevant regulatory agencies, where required. If we are a Data Intermediary, we shall inform the Data Controller immediately of any data breach so they can promptly assess the impact and comply with their data breach notification obligation.
12. COOKIE/TRACKING TECHNOLOGY
This site may use cookie and tracking technology. If you do not want cookies to be used, please disable them via your browser settings.
13. CHANGE OF NOTICE
Theta2beta reserves the right, at its sole discretion, to make changes to our Data Protection Notice, at any time. Any changes to this Notice will be posted. Continued use of our services and website following the posting of changes to this Notice shall constitute your consent to such changes.
Last updated in February 2023
Need help?
Fill in enquiry form here.
Email us: info@theta2beta.com
Whatsapp us: +65 9615 3613