How we Secure Use Store Your Data
If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact our data protection officer via phone at +65 6327 0567 or via email at email@example.com.
Personal information we collect
We collect certain personal information about visitors and users of our Sites. The most common types of information we collect include things like: names, email addresses, IP addresses, contact numbers, survey responses, support queries, sales queries, content you direct us to make available on our Sites and web analytics data. We will also collect personal information from job applications (such as, your CV and cover letter).
Consent to collect
We collect personal information directly when you provide it to us, automatically as you navigate through the Sites, or through other people when you use services associated with the Sites. We collect your personal information when you provide it to us when you subscribe to a newsletter, email list, submit feedback, fill out a survey, or send us a communication. Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular, third party service providers (like Google and Facebook) who are located in the US, which may provide information about you when you navigate our site and they send us information such as your browser ID, IP address, Internet Service Provider etc. The information varies and is controlled by that service provider or as authorized by you via your browser settings.
Your rights to your personal information
You can access some of the personal information that we collect about you by logging in to your account for selected Sites. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. You can also close the account you have with us for any of our Sites or request removal of your personal information at any time. To make an access, correction, or removal request of your personal information, you may contact us using the contact details at the start of this policy. Your personal information will be:
- Collected fairly and for lawful purposes only
- Processed by us within its legal and moral boundaries
- Protected against any unauthorized or illegal access by internal or external parties
Your personal information will not be:
- Communicated informally
- Transferred to organizations, states or countries that do not have adequate data protection policies
- Distributed to any party other than the ones agreed upon by you (exempting legitimate requests from law enforcement authorities)
To exercise data protection we are committed to:
- Restrict and monitor access to sensitive data
- Develop transparent data collection procedures
- Train employees in online privacy and security measures
- Build secure networks to protect online data from cyber attacks
- Establish clear procedures for reporting privacy breaches or data misuse
- Include contract clauses or communicate statements on how we handle data
- Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.)
Where we store your personal information
We store personal information on secure servers that are managed by us and our service providers, and occasionally hard copy files that are kept in a secure location in Singapore and the US. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate. We rely on third party services to maintain its own services.
- Amazon, US;
- Amazon, Singapore;
- Facebook, US;
- Google, US;
How we use your personal information
We use information that we collect about you or that you provide to us, including any Personal Data:
- to present our Sites and their contents to you;
- to provide you with information, or services that you request from us;
- to fulfill any other purpose for which you provide it;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us;
- to notify you about changes or updates to our Sites or that we offer or provide though our Sites;
- to allow you to participate in interactive features on our Sites;
- to enable us to analyze visitor profiles to our Sites;
- when necessary to contact you about processing an order or transaction, to contact you through phone or SMS messages;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent.
With your consent, we may also use your information to send you newsletters and contact you about our services that may be of interest to you, including events and other activities that may be in your area or may be of interest to you. If you wish to consent to this use, please check the relevant box located on the form on which we collect your data. If you wish to change your choice, you may do so at any time by sending us an email stating your request using the contact details at the start of this policy.
Length of data retention
We retain your information for as long as it is necessary to fulfill the purpose for which it was collected, the legal or business purposes of Epitomist, or as required by relevant laws. We will endeavor to delete data within 30 days of a request for deletion or contact you if it will take longer.
Who has access to your personal information
Your data at Epitomist is not shared with or sold to any third party. Epitomist’s staff and contractors have access to users data for the purpose of providing services. No personal information is stored on staff or contractor computers on a permanent basis. Contractors are requested to delete this data at the end of their mission.
Effective date 20 May 2018