DataSpark Privacy Notice

DataSpark Pte. Ltd. respects the privacy of users in accordance with our Privacy Notice. Our Privacy Notice applies solely to personal data collected by DataSpark.

‍

We conduct our business with respect to collecting, using, disclosing and caring for personal data in compliance with the Singapore Personal Data Protection Act (PDPA) and other applicable data protection legislation.

‍

On or before the collection of your personal data, we will notify you of the purpose(s) of why we want to collect, use or disclose your personal data. We will obtain your explicit consent before we collect, use or disclose your personal data unless there are exceptions to consent as provided for under the PDPA.

‍

‍

Ways we collect your personal data

We may collect your personal data when you:

• Contact us with a question about our product, a job enquiry or request for assistance
• Apply for a job with us in response to our job advertisement, in which case the privacy notice here will govern
• Visit our websites and applications (through the use of cookies and other technologies)
• Visit our physical premises
• Provide us with products and/or services, in which case, please refer to “If you are a Subcontractor” under “How we use your personal data” section below on how we use your personal data.

Where you give us personal data about other individuals, you confirm that you are authorised to disclose and consent, on their behalf, to the processing of such personal data for the purposes described below, or other purposes for which your consent has been sought and obtained.

‍

The personal data we collect

Here are examples of personal data we collect:

‍

• Your identity in relation to job application and employment – This includes NRIC, FIN or passport number, address, telephone number, e-mail address, date of birth, any form of biometric that you may have submitted, as well as service-related information such as bank and credit card details, device ID and IP address.
• Your educational qualifications and work history – This includes the information you provide us when filling in a job application form.
• Your interaction with us – For example, an email or letter you send to us, an enquiry on the product and solutions that we offer, CCTV surveillance footage or other records of any contact you have with us.

How we use your personal data

We may use your personal data and share your personal data with third parties set out in “Sharing your personal data” below for the following purposes, purposes for which your consent has been obtained and other purposes permitted by applicable laws and regulations (“Purpose”):

‍

If you are a Customer

Product Enquiries

• Respond to enquiries and requests from you or people you have authorised
• Inform you about product product upgrades and updates‍

‍Market research, network & service enhancement

• Perform market analysis
• Improve your user experience based on your usage behaviour on our websites and applications‍

Security and risk management

• Handle any service, data breach and security issues
• Conduct internal audits
• Ensure the safety and security of our properties and systems
• Conduct checks against money laundering, terrorism financing and related risks

Legal & regulatory requirements

• ‍Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies

If you are a Supplier / Subcontractor

• To conduct due diligence / background checks that are mandated by legislation, DataSpark or DataSpark’s clients’ internal policies and practices
• For the purposes relating to the supply of goods and services and support by supplier / subcontractor to DataSpark
• Security clearance / entry access into DataSpark’s and DataSpark’s clients’ premises

If you are a visitor to our premises

• Ensure the safety and security of our properties and systems and contact you during your visit

If you are a website visitor

• To contact you about your enquiries. We will not use your personal data for purposes other than the Purposes. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose other than the Purpose.

If you are a job applicant

• To evaluate your suitability for the job position you applied for
• To shortlist you for job interviews
• To do background reference checks

Sharing your personal data

We may share your information with:

• Companies in the Singapore Telecommunications Ltd Group for the purposes set out in “How We Use Your Personal Data” section above.
• Business partners and vendors we work with to deliver goods and/or services you purchase or which we purchase
• Our clients for the purposes of performing our contract with our clients
• Regulatory authorities, law enforcement agencies, government agencies and other government organisations, as required by local laws and regulations
  

Your personal data is disclosed to the above only for the relevant "Purposes" stated above and for such other "Purposes" as you have consented to.

‍

We will also ensure that overseas organisations we work with observe strict confidentiality and protection of personal data we transfer to them according to a standard of data protection that is equivalent to Singapore’s PDPA.

‍

Accuracy of personal data

We have implemented measures to verify and ensure that the personal data we collect, use and disclose are accurate, complete and up-to-date, especially where such data are required to make decisions about you or where we need to disclose such data to third parties.

‍

‍Protecting your personal data

We have implemented stringent organisational and technical measures to secure and protect the personal data you provide us against any unauthorised access, use, disclosure, modification or disposal. These include:

• Safeguards to prevent security breaches in our networks and database systems
• Limits on access to information in our systems
• Strict verification processes to prevent unauthorised access to information

Withdrawing your consent

The consent that you provide us for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting this form to your contact person in DataSpark or our Data Protection Officer at the contact details provided below.

‍

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within twenty-one (21) business days of receiving it.

‍

Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods and/or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in this section above.

‍

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose your personal data where such collection, use and disclosure without consent is permitted or required under the PDPA or other applicable laws.

‍

Access to and correction of personal data

If you wish to make (a) a data access request for access to a copy of the personal data which we hold about you or information about the ways in which we have used or disclosed your personal data within the past one year, or (b) a data correction request to correct or update any of your personal data which we hold about you, you may submit the Access Request and Correction and Update Request to your contact person in DataSpark or our Data Protection Officer at the contact details provided below.

‍

Please note that a reasonable fee may be charged for a data access request. If so, we will inform you of the fee before processing your request.

‍

We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction as requested by you, we shall generally inform you of the reasons why we are unable to do so (except where there are exceptions under the PDPA).

‍

Retention of personal data

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We have a data retention policy where we keep track of the retention periods of the various types of personal data that are in our possession. We will ensure that those data that have reached the end of their retention periods will be securely disposed of or destroyed.

‍

Under certain of our business requirements, we may retain the personal data beyond the retention periods by anonymising them for use in data analytics, research and statistical analysis.

‍

Data Protection Officer‍

You may contact our Data Protection Officer, Marvin Landicho if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request at contactdpo@dsanalytics.com.

‍

General‍

This notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us. Please note that different or separate data protection policies may apply to specific products and services provided by DataSpark. Please refer to the terms of use for specific products and services for more information.

‍

We may revise this notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Privacy Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.

‍

Where your personal data is covered by the General Data Protection Regulation (GDPR), please refer instead to Singtel’s GDPR privacy policy.

‍

‍
Effective date: 26 June 2023
‍Last updated: 22 September 2023