This Personal Data Protection Policy (“Policy”) applies to Certis CISCO Security Pte. Ltd. and its subsidiaries (collectively, the “Certis Group” or “we”). This Policy outlines the responsibility of each member of the Certis Group in relation to the collection, processing, usage and disclosure of your Personal Data (as defined below). This is designed to protect the confidentiality of the Personal Data and regulate the way it is managed in regions where we operate, including Singapore, Australia, China, Hong Kong and Macau SARs, and Qatar.
This Policy supplements but does not in any way supersede nor replace any other consents you may have previously provided to us, and your consents are additional to any rights which we may have at law to collect, use, disclose and manage your Personal Data.
DESCRIPTION OF POLICY
1. Personal Data
1.1 | Personal Data (“Personal Data”), which is personal information that links back to an individual, includes but is not limited to: |
(a) | name, gender, date of birth, passport or other personal identification numbers, images, photographs, videos, closed circuit television (CCTV) footage, voice recordings; |
(b) | contact information e.g., address, phone number, email address; |
(c) | payment information e.g., credit or debit card information, including the name of cardholder, card number, billing address and expiry date; |
(d) | biometric information; |
(e) | health information e.g., medical records or requests; and |
(f) | technical information e.g., IP address or device identification. |
1.2 | The types of data that the Certis Group collects depends on the circumstances of the collection and on the nature of the service requested or transaction undertaken. |
1.3 | If you choose to make an enquiry or an application (including a job application through our website), send us an email, approach us in person or through any of our various offices in Singapore or overseas, we may require you to provide contact and identity information and other personal data (including name, address, contact details). Where possible, we have indicated the fields which are required and the fields which are optional. |
2. Purpose for collection, processing, usage and disclosure
2.1 | Generally, the Certis Group collects Personal Data either directly from you or your authorised representatives (i.e. persons who have been validly identified as being authorised by you through our security procedures) in the following ways: |
(a) | when you submit forms relating to or purchase or use any of our products or services; |
(b) | when you interact with our customer service officers, including via telephone calls, face-to-face meetings and emails; |
(c) | when you provide information prior to entering our buildings or premises; |
(d) | when you request that we contact you or be included in an email or other mailing list; |
(e) | when you respond to our promotions or other incentives; |
(f) | when you respond to our request for additional Personal Data; |
(g) | when you respond to our surveys; |
(h) | when you submit a job application; |
(i) | when you sign on for work or use any corporate digital resources; |
(j) | when we receive references from business partners and third parties, for example, where you have been referred by them; |
(k) | when you submit your Personal Data to us for any other reasons; and |
(l) | when you browse our website. If you are only browsing our website, you generally do so anonymously. We do not capture any data that allows us to identify you individually, unless you provide such information. However, we do use cookies on our websites. To find out more, please refer to Section 8 on cookies below. |
2.2 | We collect, use, disclose and/or share your Personal Data for the following purposes: |
(a) | to communicate with you on any queries you may have; |
(b) | to process your order and deliver products and services to you; |
(c) | to manage the administration and business operations of the Certis Group and complying with our policies and procedures; |
(d) | for service improvements, resolving complaints and disputes; |
(e) | for identity verification purposes; |
(f) | to communicate with you and/or to keep records in connection with a job application and other job opportunities; |
(g) | in relation to a job application by you, (i) to contact the referee(s) and/or guarantor(s) whose details have been provided by you; (ii) to verify your academic and professional qualification by contacting the school/college/university/institute/professional qualifying bodies; (iii) to disclose your personal data to the Certis Group’s customers in connection with your job application, (iv) to conduct other relevant pre-employment checks and screening, such as with authorities and credit agencies; and (v) to administer relevant assessments (including via third parties); |
(h) | for employee training, assessments for learning or development purposes, and performance evaluation (including via third parties); |
(i) | to provide access controls; |
(j) | to update our records and generally maintain your accounts with us; |
(k) | to detect and prevent fraudulent activity; |
(l) | to meet or comply with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on the Certis Group (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and |
(m) | purposes which are reasonably related to the aforesaid. |
2.3 | Furthermore, where permitted under applicable laws, we may collect, use and disclose your Personal Data for the following additional purposes: |
(a) | analytics and tracking, including facilitating the sale of analytical data; |
(b) | conducting market research and surveys to enable us to understand and determine customer location, preferences and demographics to develop special offers and marketing programmes in relation to our products and services and to improve our service delivery and your customer experience at our touchpoints; |
(c) | providing additional products and services and benefits to you; |
(d) | matching your Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision, marketing or offering of products and services to you; |
(e) | leads generation and management for marketing products and services of the Certis Group; |
(f) | administering contests, competitions and marketing campaigns, and personalising your experience at our touchpoints; |
(g) | organising promotional events; and |
(h) | purposes which are reasonably related to the aforesaid. |
2.4 | The Certis Group does not practice sharing, renting or selling of Personal Data with third parties. However, each member of the Group may share your personal information with members of the Certis Group (which includes our affiliates, subsidiaries and joint ventures worldwide). Access to Personal Data is limited to persons whom we reasonably believe requires access for effective delivery of our products and services to you, to process your job application or for the purposes set out herein. |
2.5 | We may also collect, use and disclose such personal information if so authorized or required by law or the relevant authorities, or exempt under the relevant privacy or personal data protection legislation, to do so. |
2.6 | Further, we may disclose or share your Personal Data in the following circumstances: |
(a) | Third Party Service Providers: We may disclose your personal data to third parties: (i) | contracted by us to assist us in delivering part or all of the products and services ordered by you; | (ii) | who provide services as part of the promotions or services offered to you; | (iii) | who provide services to us such as professional advisers, IT consultants, recruitment partners etc.; | (iv) | credit bureaux for the purpose of preparing credit reports or evaluation or updating of creditworthiness or enforcement of repayment obligations; | (v) | bankers, insurers, credit card companies and any of their respective service providers. | We will use all commercially reasonable endeavours to conduct due diligence on the data protection practices of these third parties by way of Certis Data Protection Due Diligence Form prior to our engagement and to ensure that these third parties comply with similar undertakings of privacy. |
(b) | With your consent: We may seek your consent to collect, hold, use and disclose your Personal Data for any other purpose not set out herein. |
(c) | Business Transfers: As we continue to develop our business, we might sell or buy businesses, subsidiaries or business units or undertake a merger. In such transactions, customer information may be one of the transferred business assets. |
2.7 | The Certis Group shall use its best endeavours to ensure that its employees, officers, partners and such other third parties mentioned above who are involved in the collection, processing and disclosure of Personal Data will observe and adhere to the terms of this Policy |
2.8 | The Certis Group also reserves the right to share your Personal Data as is necessary to prevent a threat to the life, health or security of an individual or corporate entity. Further, the Certis Group may disclose your Personal Data to law enforcement agencies, government representative and our advisers, as is necessary, to investigate suspected unlawful activities including but not limited to fraud, intellectual property infringement or privacy. |
3. Accuracy
3.1 | The Certis Group needs your assistance to ensure that your Personal Data is current, complete and accurate. We understand that this information may from time to time change. We encourage you to contact us as soon as possible to enable us to update any Personal Data we have about you. Incomplete or outdated Personal Data may result in our inability to provide you with products and services you have requested or complete the applications sought. |
3.2 | In certain circumstances, you may need to provide to us personal information about someone other than yourself (for example, your referee or guarantor in relation to your job application). If so, we rely on you to inform these individuals that you are providing their personal information to us, to make sure they consent to you giving us their information and to advise them about where they can find a copy of this Policy. By submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes. |
4. Access, Correction, Complaints and Withdrawal
4.1 | If you wish to: |
(a) | apply for a copy of the Personal Data we hold about you; |
(b) | request for your Personal Data to be updated or corrected; |
(c) | make a complaint about the way in which your Personal Data has been handled; or |
(d) | withdraw the consent you previously provided to us to use the Personal Data we hold about you, |
| please contact us at the relevant contact set out in Section 10 below. |
4.2 | Please allow us reasonable time to respond to any request and effect any change. We may ask you to verify your identity and for more information about your request. Access is only limited to your own data and no others. |
4.3 | Where we are legally permitted to do so, we may refuse your request and give you reasons for doing so. Where you request your Personal Data to be updated and there is a dispute about the facts, we will make a note on your Personal Data of such dispute. Where permitted to do so, we may charge an administrative fee for access requests |
4.4 | Please note that if your Personal Data has been provided to us by a third party (e.g. a referral), you should contact that organisation or individual to make such queries, complaints, and access and correction requests. This is to ensure that your queries, complaints, and access and correction requests are properly processed by the relevant organisation or individual. |
4.5 | If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our products and services to you, and/or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with us, and your being in breach of your contractual obligations or undertakings. Our legal rights and remedies in such event are expressly reserved. |
5. Retention
5.1 | The Certis Group will retain your Personal Data for the duration of time required to carry out the purposes for which your Personal Data was collected, for the other purposes set out in this Policy, for business purposes and as required by relevant laws. For the avoidance of doubt, the Certis Group may retain your Personal Data for any of the foregoing reasons notwithstanding any notice to withdraw the consent you previously provided to us to use the Personal Data we hold about you. |
6. Security
6.1 | The Certis Group have implemented stringent measures to protect the confidentiality of your Personal Data. We will take reasonable care to protect your Personal Data from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss. These include limiting access to information in our systems, authentication processes to prevent unauthorised access to information and safeguards to prevent security breaches in our network and database systems. |
6.2 | Further, we have appointed Data Protection Officers to oversee our management of your Personal Data in accordance with this Policy and the applicable laws. We train our employees who handle your Personal Data to respect the confidentiality of your Personal Data. We regard breaches of Personal Data seriously. |
7. Third Party Websites
7.1 | Our websites may contain links to third party sites whose data protection and privacy practices may differ from ours. We are not responsible for the content and privacy practices of these other websites and encourage you to consult the applicable privacy policies governing those sites. The Certis Group is not responsible for any information that is submitted to or collected by these third parties. |
8. Cookies and Google Analytics
8.1 | Our websites use cookies to monitor browsing preferences and help us analyse data about webpage traffic in order to make website improvements and for statistical analysis purposes. A cookie does not give us access to your computer or any information about you, other than the data you choose to share with us. Most Internet browsers allow you to turn off cookies. Should you do so, you may not be able to experience all of the features of our websites. |
8.2 | Our websites use Google Analytics. For more information about Google analytic cookies, please see Google's help pages and privacy policy: |
(a) | Google's Privacy Policy; |
(b) | Google Analytics Help pages. |
| Google have developed the Google Analytics opt-out browser add-on for the Google Analytics JavaScript (ga.js, analytics.js, dc.js). If you wish to opt out of Google Analytics, you can download and install the add-on for your web browser. |
9. Updates to the Policy
9.1 | This Policy will be reviewed and updated from time to time by the Certis Group to take into account new laws, technological changes, changes to our operations and practices and industry trends. |
9.2 | Subject to your rights at law, you agree to be bound by the prevailing terms of our Personal Data Protection Policy as updated from time to time on our websites. Please check back regularly for updated information on the handling of your Personal Data. |
10. Contact Us
If you have any comments or queries or would like to access, correct or withdraw your Personal Data, please refer to the relevant contact information below.
Country | Contact Details |
Singapore | Attention: Personal Data Protection Officer Re: Personal Data Protection Act 20 Jalan Afifi Singapore 409179 Customer Service Hotline: Local: 1800 747-2888 / Overseas: +65 6747 2888 email: info@certisgroup.com |
Australia | Attention: Privacy Officer Re: Privacy of Personal Information 2/24 Beaumont Street, Hamilton, NSW 2303 Telephone: (02) 4940 – 7874 Email: AU_Privacy_Officer@certisgroup.com |
Hong Kong/ Macau SARs | Attention: Privacy Officer Re: Personal Data Protection Ordinance Unit 2008-2011, 20/F, CDW Building, 388 Castle Peak Road, Tsuen Wan, N.T., Hong Kong Telephone: +852 2484 2311 Email: PDPO@certisgroup.com |
Qatar | Attention: Business Innovation & Information Technology Department (BIIT) Re: Personal Data Protection Address : PO BOX 4728, Doha, Qatar Telephone: +974 44448411 / Fax : +974 44448833 Email: info_qa@certisgroup.com |
Version: 1.12
Dated: 12 August 2021
Learn more about
Countries in which the Certis Group operates
If you are located in Australia: