Data Protection Policy
The Singapore Personal Data Protection Act – 2012 (PDPA) established a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.
This data protection policy is applicable to HR Quest firms (“the Company”) which are established and registered in Singapore.
Data Collection and Purpose
The Company collects and holds personal data of its clients, customers, business contacts, personnel, contractors and other individuals. These personal data may include: identification number or passport number, contact details, work experience, education history and personal characteristics such as ethnic group, medical records and photographs. Collection of data may be in the form of: resume submission, forms filled out by individuals, emails, telephone/online communications, meetings etc.
The data collected are deemed necessary for business purposes in order to support and improve the employability of employees, to monitor and report on their progress and to provide appropriate personal and social care.
Disclosure of Personal Data with Third Parties
The Company may share personal data with third parties for the purposes of the third party providing a relevant service to the individual. Examples of these services include transport, travel services, accommodation, medical etc. The Company will only share data for the purposes of eliciting a necessary service from these third party organisations and not for commercial gain.
Data is shared as necessary with third party companies to provide extended services; examples include transportation, medical, catering, travel services and online services.
The Company shall:
1) implement appropriate security measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access of data.
2) notify data subjects about any accidental or unauthorised access of their data that may lead to personal damage or harm.
Right of Access and Correction
Upon request, individuals will have the right to see the data held about them and to request for data to be corrected or omitted if erroneous.
However, some exceptions may take place as we can refuse requests where releasing the information would prejudice the privacy rights of a third party.
Data Retention & Removal
The Company will only keep the data collected as long as it is necessary to provide the services outlined above.
Data Transfer outside of Singapore
Due to the nature of the industry, employees in Singapore may be seconded to overseas locations for job completion. The Company will ensure that any transfers of personal data to a territory outside of Singapore will be in accordance to the PDPA.
Data Protection Officer
If at any point in time you believe that the information withheld by the Company about you is incorrect or out-of-date, or if you have further enquiries on the Company’s methods of handling your personal data, please contact our Data Protection Officer at: email@example.com
The Company reserves the right to modify or amend this Policy at any time, with the effective date stated at the end of this article. The effective date signifies the beginning of this Policy.
Last revised on 15 April 2015