Last Updated: 22 July 2022
Rajah & Tann Technologies Pte. Ltd (“RTTech”, “we”, “us” or “our”) operates https://hub.novusdemia.com/ (the “Website”) and Novusdemia Hub, the e-learning portal on the Website (the “Platform”) which you may use to access our services.
1.1. We take our responsibilities under the Personal Data Protection Act 2012 (the “PDPA”) seriously. We recognise the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
1.5. If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process personal data, please do not hesitate to contact our Data Protection Officer (“DPO”) at the contact details below.
1.6. The Website and Platform may from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates or other third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies. As these websites are not owned or operated by us, we do not accept any responsibility or liability for the contents of these websites and their privacy policies and you access and provide personal data to these third party websites at your own risk. Please check these policies before you submit any personal data to any such websites.
2. Purposes for Collection, Use and Disclosure of Personal Data
(a) to facilitate, process, administer and/or manage your use of the Website and Platform;
(b) to verify and process your registration for an account on the Platform and in connection with your access and use of the Platform after such registration;
(c) to manage and administer your account in connection with your access and use of the Website and Platform;
(d) to process any online purchases made by you, including effecting payment, and to process any subscription to the content on our Platform and for purposes related to your subscription;
(e) to process, administer and/or respond to any requests, inquiries, consultations, negotiations or provide customer support in relation to the the access and use of the Website and Platform;
(f) to administer and/or manage the use of facilities including but not limited to the facilities within RTTech’s premises;
(g) to deal in any matters which you are entitled to under your contract with us, including performing the contract;
(h) to contact you or communicate with you via phone/voice call, text message and/or fax message, email and/or postal mail for the purposes of administering and/or managing your relationship with us such as but not limited to communicating information to you related to your access and use of the Website and Platform;
(i) to carry out your instructions or responding to any enquiry given by (or purported to be given by) you or on your behalf;
(j) conducting customer due diligence or other screening and personal identification in accordance with laws, regulations or our risk management procedures that may be required by law or that may have been put in place by us;
(k) to prevent or investigate any fraud, unlawful activity or omission or misconduct, whether or not there is any suspicion of the aforementioned;
(l) complying with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including meeting the requirements to make disclosure under the requirements of any law binding on us and/or for the purposes of any guidelines issued by regulatory or other authorities, whether in Singapore or elsewhere, with which we are expected to comply;
(m) complying with or as required by any request or direction of any governmental authority, or responding to requests for information from public agencies, ministries, statutory boards or other similar authorities. For the avoidance of doubt, this means that we may/will disclose your personal data to the aforementioned parties upon their request or direction;
(n) to send you information, promotions, updates and marketing and advertising materials in relation to our products and services and those of third party organisations;
(o) to process your registration and/or participation for seminars, exhibitions, and other events organised or co-organised by us;
(p) for reporting and sharing with your employers or such other human resource management who have engaged us on your behalf;
(q) to store, host and/or back up (whether for disaster recovery or otherwise) your personal data, whether within or outside Singapore;
(s) to administer security matters and arrangements, detect abuse, fraud and illegal activity on the Website and Platform and ensure your safety and security including reviewing user content, messages and associated metadata for breaches and inappropriate content;
(t) conducting research, analysis and development activities (including but not limited to data analytics, surveys and/or profiling) to improve our products and services in order to enhance your relationship with us or for your benefit;
(u) processing and/or administering requests for access and/or correction of your personal data;
(v) where it is in the legitimate interests of RTTech or another person;
(w) to fulfil any other purposes for which you have provided the information; and/or
(x) any other incidental business purposes related to or in connection with the above.
(collectively the “Purposes”)
2.2. In order to conduct our business operations more smoothly, we may also be disclosing some of the personal data you have provided to us to our third party service providers, agents and/or our affiliates or related corporations, which may be situated outside of Singapore, including the United States of America, the United Kingdom and Greece , for one or more of the above-stated Purposes, to process your personal data on our behalf.
3. Types of Personal Data
3.1. We may collect, use and disclose personal data, including but not limited to:
(a) account information upon registration of an account to use our Platform such as your personal particulars for example name, date of birth, gender, profession, address, country of residence and nationality;
(b) contact information that allows us to communicate with you. This information is obtained upon registration on our Platform including your name, address, telephone number, e-mail address and other means of communication which you may be contacted online or offline;
(c) payment information related to your financial relationship with us such as credit or debit card details at the point of payment and your payment history;
(d) product/service usage information such as how you use your device to access our Platform;
(e) third party partner information related to how you engage our third-party partners;
(f) communications with us by e-mail, electronic messages, social media and other electronic and non-electronic means;
(g) networks and connections made available to us, depending on the permissions you have granted, from your mobile or desktop devices address book contacts, Facebook friends list and other social media such as LinkedIn, Instagram, Pinterest and Twitter; and/or
(h) log files and details of visits to the Website and Platfom, the activities you engage in when accessing the Platform and the resources that you use on or via the Website and Platform such as the content engaged and the frequency or duration of such activity.
4. How We Collect Personal Data
4.1. Personal data may be collected from you through the Website in a variety of ways, including but not limited to the following:
(a) for the purpose for which the information was provided;
(b) when you visit, access or use the Website and Platform;
(c) when you communicate with us electronically and through other means;
(d) when you respond to surveys or feedback forms provided by us;
(e) when you register an account with us;
(f) when you register on our Platform as a user, whether to sign up for exclusive online features, or for any other purpose available through registration;
(g) when you interact with us through social media websites and other websites and apps;
(h) when you share content on our Platform with other parties; and/or
(i) to conduct due diligence checks on you in accordance with all applicable laws and for us to comply with all legal and regulatory obligations, including Anti-Money Laundering and Countering the Financing of Terrorism.
4.2. Where you are providing the personal data of an individual other than yourself (the “3rd Party Individual”), you warrant that the personal data of the 3rd Party Individual is legitimate and accurate, that you are validly acting on behalf of the 3rd Party Individual, and that you have the authority and consent of the 3rd Party Individual to provide the 3rd Party Individual’s personal data to us for our collection, use and disclosure in accordance with paragraph 2 above.
5. Cookies and Web Beacons
5.1. We may also collect personal data and other information through automatic data collection and tracking technologies. In this regard:
(i) Strictly necessary cookies. These cookies are essential for the function and operation of the Website and Platform.
(ii) Performance cookies. These cookies collect anonymous information on the users of the Website and apps to enable us to improve the operation of the Website and apps. For example, by ensuring that users are able to use custom features.
(iii) Functionality cookies. These cookies retain choices you make such as user ID, email ID and other preferences in order to personalise the Website and Platform for you as you navigate through the Website and Platform.
(iv) Targeting cookies. These cookies record your browsing habits to allow us to provide advertising relevant to you and your interests. We may share this information with third parties for this purpose on an anonymous basis.
(b) Information may also be collected through the use of web beacons which may be contained in the Website, apps or e-mails that permit us to, for example, count users who have visited the pages or opened an e-mail and collect other related website and app statistics.
6. Disclosure of Personal Data to Third Parties
6.1. In the event that we may be required to share your personal data with any third party, we will notify you beforehand and obtain your consent. However, please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:
(a) cases in which the disclosure is required based on the applicable laws and/or regulations;
(b) cases in which the purpose of such disclosure is clearly in your interests, and if consent cannot be obtained in a timely way, provided that we shall, as soon as may be practicable, notify you of the disclosure and the purposes of the disclosure;
(c) cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual;
(d) cases in which there are reasonable grounds to believe that the health or safety of yourself or another individual will be seriously affected and consent for the disclosure of the data cannot be obtained in a timely way;
(e) cases in which the disclosure is necessary for any investigation or proceedings;
(f) cases in which the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer; and/or
(g) cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest.
The instances listed above are not intended to be exhaustive. For an exhaustive list of exceptions, you are encouraged to peruse the First and Second Schedules of the PDPA which are publicly available at https://sso.agc.gov.sg/
6.2. In all other instances of disclosure of personal data to third parties with your express consent, we will endeavor to provide adequate supervision over the handling and administration of your personal data by such third parties, as well as to provide for adequate forms of protection over such personal data.
6.3. Where personal data is transferred by us to any third parties outside of Singapore, we will ensure that such transfers are compliant with the requirements under the PDPA. In this regard, we will take such necessary measures to ensure that such overseas recipients are bound by legally enforceable obligations to ensure that these overseas recipients provide a standard of protection to the personal data so transferred that is comparable to the protection under the PDPA.
6.4. We do not sell any personal data in our possession to anyone or any third party for any purpose. Your personal data will not be published on the Website.
7. Security and Management of Personal Data
7.1. We will take appropriate measures to keep your personal data accurate, complete and updated.
7.2 We will also take commercially reasonable efforts to take appropriate precautions and preventive measures to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorized use of your personal data by third parties which are wholly attributable to factors beyond our control.
7.3. To protect and safeguard the confidentiality of your personal data and to ensure that they are safe, secure and private, the Platform and management system is hosted on cloud infrastructure provided by Amazon Web Platform (“AWS”). The AWS infrastructure is highly stable, fault-tolerant and secure. For additional information about AWS security certifications and standards compliance, please refer to http://aws.amazon.com/security and http://aws.amazon.com/compliance/.
7.4. If you wish to find out more about the Platform internal security protocols, do contact us via email at [email protected].
7.5. We are committed to monitoring our security system constantly for potential situations that could compromise the security or the privacy of our customers, online users and visitors to the Website and to exploring new technology continually to enhance our security system. Nevertheless, we do not warrant or guarantee the security of your personal data transmitted to us using the Website and internet and online services. We do not assume any responsibility and shall not be liable for any transmission of information by you using the Website and internet and online services which shall be at your own risk.
7.6. Your responsibility in safeguarding your personal data
(a) If you wish to access the Website, the best way is to directly enter the Website address in the browser address bar and not via hyperlinks within emails (unless those emails are sent by us).
(b) Clear your browser’s cache and history after each session. Default files on a computer, sometimes called "cache" files can retain images of personal data or otherwise sent to or received by us at the Website , making them a potential target for a system intruder. Therefore, we strongly advise that you clear your browser’s disk cache and history after each visit to the Website.
(c) Do not use a shared computer or an Internet cafe; computer to access the Website because such computers may be installed with certain software which could capture your personal data or otherwise without your knowledge.
(d) If you have installed or downloaded any software which claims to speed up your internet connection or other software, games, screensavers etc, you should be aware that they may be spyware which has the ability to track your internet sessions and/or gain access to your personal data and Internet browsing history. We recommend that you uninstall such spyware.
(e) Do not leave your personal computer unattended during your online session whereby your personal data may be viewed by unauthorised persons.
(f) Ensure that your personal computer has the latest anti-virus, anti-spyware and firewall software and updates to guard against new viruses. Make sure that your computer’s operating system and browser software are updated with the latest security patches.
(g) Do not use the app or log into your account on a device that does not belong to you.
(h) Do not leave your personal devices which have the app downloaded and your account logged in unattended.
(i) Ensure that your devices, including your mobile phone, tablet or otherwise, have the latest anti-virus, anti-spyware, anti-malware, anti-ransomware and/or firewall software and updates to guard against cybersecurity threats.
(j) Update us whenever you have changed your contact details in order for us to contact you in a timely manner on any issues or matters relating to your access to our website.
(k) Contact us should you notice something suspicious or encounter any issues, difficulties or irregularities in accessing our website.
(l) Do not open email attachments from strangers, install software or run programs from unknown sources or origins.
(m) Delete junk or chain emails.
(n) Email messages sent to us over the Internet containing your personal data cannot be guaranteed to be completely secure and you assume all risks arising or in connection thereto.
7.7 It is important that you do your part to ensure that any personal data provided to us via our Services or email or any other channels of communication are done in a safe and secure manner. We will not be liable to you for any losses, damages, expenses, costs (including legal costs) and charges (whether direct or indirect, foreseeable or unforeseeable, special or consequential or economic loss) incurred or suffered by you arising out of you sending email messages containing your personal data to us over the Internet or for any error, fraud, forgery, system failure or anything beyond our control or in connection with your failure to adhere to the terms and conditions herein and the terms and conditions of access to our website under and/or your failure to follow the above-recommended security measures.
8. Request for Access, Correction and/or Porting of Personal Data
8.1. You may request to access, correct and/or port the personal data currently in our possession at any time by submitting your request through email at [email protected].
8.1. If you have any reason to believe that any personal data which you have provided to us is inaccurate, incorrect, incomplete or not updated, you may write to us. We will, after using reasonable efforts to verify the authenticity of the request, update your records accordingly.
9. Retention of personal data
We will take commercially reasonably efforts to ensure that the personal data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any other legal or business purposes.
10.1. We may send you notifications from time to time. You may not opt-out of receiving certain service-related notifications when using our Platform. You are deemed to have consented to the receipt of all such notifications, updates, marketing or otherwise, through the use of our Platform. Such notifications include but are not limited to:
(a) necessary elements of your transactions on our Platform or any service we may provide, such as confirmations of particular actions you have taken or confirmation of particulars;
(b) are required for legal or security purposes;
(c) meant to inform you of changes to our policies, operations or services;
(d) information updates issued by us;
(e) user surveys or other requests for user feedback;
(f) seminars, talks or courses available; and
(g) marketing offers from us or sent on behalf of third parties through our Services.
11. Request to Withdraw Consent
11.1. You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control at any time by submitting your request to the contact details listed in paragraph 12.2 below.
12.2. We will process your request within a reasonable time from such a request for withdrawal of consent being made, and will thereafter refrain from collecting, using and/or disclosing your personal data in the manner stated in your request.
12. Complaint Process
12.1. If you have any complaint or grievance regarding how we are handling your personal data or about how we are complying with the PDPA, we welcome you to contact us with your complaint or grievance.
12.2. Please contact us through the following methods with your complaint or grievance:
E-mail: [email protected]
Attention it to the 'Data Protection Officer'
12.3. Where it is an email or a letter through which you are submitting a complaint, your indication at the subject header that it is a PDPA complaint would assist us in attending to your complaint by passing it on to the relevant staff in RTTech to handle. For example, you could insert the subject header as "PDPA Complaint".
12.4. We will certainly strive to deal with any complaint or grievance that you may have fairly.
12.5. We may record, and/or monitor any communication(s) (including telephone calls or other electronic communications) between you and us. We may do so in order to resolve queries in the future and/or for the purpose of ensuring security, staff training and complying with its legal and/or regulatory responsibilities.
13.1. As part of our efforts to ensure that we properly manage, process and protect your personal data, we will be reviewing our policies, procedures and processes from time to time.
13.4. You are encouraged to visit our website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.
14. Governing Law and Submission to Jurisdiction