Generic popup message
RELC may collect, use and disclose your personal data in accordance with the Personal Data Protection Act 2012 (“PDPA”) and subject to any other relevant legal or regulatory requirements. This Personal Data Protection Notice (“Notice”) describes how your personal data is collected, used and disclosed and also informs you about how your personal data is protected.
Please read this Personal Data Protection Notice carefully to ensure that you are aware of and understand the nature of the data which we may collect from you, the use and disclosure of that data, and how you can contact us to make requests concerning your personal data.
References in this Notice to our partners include our strategic partners, stakeholders, agents, and third party service providers.
In accordance with the PDPA, RELC has appointed a Data Protection Officer (“DPO”) to ensure compliance with the Act. The DPO may be contacted by email at firstname.lastname@example.org
As used in this Notice, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name and identification information such as your NRIC number, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, photographs and other audio-visual information, employment information and financial information such as credit card numbers, debit card numbers or bank account information.
We may collect personal data from you in the following ways depending on your relationship with us:
Your personal data may be used or disclosed for the following purposes and any other incidental related business purposes:
For Students, Trainees, Examinees and Clients
For Hotel Guests
For Vendors and Suppliers
For Job Applicants
We may need to disclose your personal data to third parties and our partners, whether within or outside Singapore, for one or more of the purposes stated, including to perform functions and services on our behalf as well as to administer our products and services.
Notwithstanding, we will not disclose personal data to any third parties or partners without first obtaining consent to do so or unless any such disclosure is otherwise permitted or required under the PDPA or other laws.
Subject to certain exceptions and conditions in the PDPA, you may request to review and correct your personal data or withdraw your consent for the collection, use and disclosure of your personal data by submitting a request to our DPO.
We will generally ask you to verify your identity for any request and to specify in detail the nature of your request in order to process it.
We will respond to your request to access personal data as soon as reasonably possible and may charge an administrative fee in relation to your request. If a fee is to be charged, we will provide a fee estimate in advance and will only proceed with the request once we have received confirmation to proceed from you.
We will review any personal data access request received and may refuse a request in accordance to the exemptions and requirements of the PDPA.
We will consider a request to correct personal data as soon as practicable and will proceed to process the request unless satisfied on reasonable grounds that the correction should not be made or where the law does not require it to be corrected.
We will process a request to withdraw consent within a reasonable time after the request has been made. Where the withdrawal of consent affects your relationship with us, we will inform you about the likely consequences of withdrawing consent.
Subject to the requirements of the PDPA, we will take reasonable efforts to ensure that your personal data in our possession is (a) accurate, complete and updated; and (b) adequately protected and secured.
We will also take reasonable efforts to ensure that personal data in our possession is destroyed or anonymised as soon as soon as it is reasonable for us to assume that such retention no longer serves the purposes for which the personal data was collected, and is no longer necessary for any legal or business purposes.