This document (“Data Protection Policy”) applies to all personal data collected by the Singapore Shipping Association, Singapore (referred to herein as the “SSA”, “us”, “we” or “our”).
This Personal Data Protection Policy describes the types of personal data we collect from our operations. The Policy also sets forth how we use this data, provides other details about our personal data practices, and explains how to contact us if you have any questions or concerns.
This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to SSA in respect of your Personal Data, and your consents herein are additional to any rights which SSA may have at law to collect, use or disclose your Personal Data.
SSA may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends, and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Protection Policy as updated from time to time on our websites, applications, and digital services. Please check back regularly for updated information on the handling of your Personal Data.
- A. Our Obligations
- B. Collection of Personal Data
- C. Purpose of Collection
- D. Consent and Right to Withdraw Consent
- E. Rights of Access
- F. Disclosure of Personal Data
- G. Security, Storage, and Duration of Data Retention
- H. Exceptions and Exclusion of Liability
- I. Integrity of Personal Data
- J. Transferring and Sharing of Personal Data
- K. Protection of Personal Data in SSA’s Possession
- L. Language
- M. Changes to our Personal Data Protection Policy
- N. Governing Law
- P. Data Security
- Q. Contacting Us – Feedback, Withdrawal of Consent, Access and Correction of your Personal Data
A. Our Obligations:
1. Consent Obligation
SSA only collects, uses, or discloses personal data of which you have given your consent.
SSA allows you to withdraw consent, with reasonable notice and shall inform you of the likely consequences of withdrawal. Upon withdrawal of consent to the collection, use, or disclosure for any purpose, SSA shall cease such collection, use, or disclosure of your personal data.
2. Purpose Limitation Obligation
SSA may collect, use or disclose your personal data for the purposes that you would consider appropriate in the circumstances and for which you have given consent.
SSA may not, as a condition of providing a service, require you to consent to the collection, use, or disclosure of your personal data beyond what is reasonable to provide that service.
3. Notification Obligation
SSA shall notify you of the purposes for which SSA is intending to collect, use or disclose your personal data on or before such collection, use, or disclosure of personal data.
4. Access and Correction Obligation
Upon request, your personal data and information about the ways in which your personal data has been or may have been used or disclosed within a year before the request should be provided. However, is prohibited from providing you access if the provision of the personal data or other information could reasonably be expected to:
- cause immediate or grave harm to your safety or physical or mental health;
- threaten the safety or physical or mental health of another individual;
- reveal personal data about another individual;
- reveal the identity of another individual who has provided the personal data, and the individual has not consented to the disclosure of your identity; or
- be contrary to the national interest.
SSA shall correct any error or omission in your personal data upon your request. Unless SSA is satisfied on reasonable grounds that the correction should not be made, SSA should correct the personal data as soon as practicable and send the corrected data to other organisations to which the personal data was disclosed within a year before the correction is made, or with your consent, only to selected organisations.
5. Accuracy Obligation
SSA shall make reasonable effort to ensure that personal data collected by or on behalf of SSA is accurate and complete. If it is likely to be used to make a decision that affects you, or if it is likely to be disclosed to another organisation.
6. Protection Obligation
SSA shall make reasonable security arrangements to protect the personal data that SSA possesses or controls to prevent unauthorised access, collection, use, disclosure, or similar risks.
7. Retention Limitation Obligation
SSA shall cease retention of personal data or remove the means by which the personal data can be associated with particular individuals when it is no longer necessary for any business or legal purposes.
8. Transfer Limitation Obligation
SSA shall transfer personal data to another country only according to the requirements prescribed under the regulations, to ensure that the standard of protection provided to the personal data so transferred will be comparable to the protection under the PDPA, unless exempted by the Personal Data Protection Commission.
9. Openness Obligation
SSA shall make information about SSA’s data protection policies, practices, and complaints process available on request.
B. Collection of Personal Data
The types of Personal Data we collect essentially depend on the purpose of collection. Thus depending on the purpose of collection, the Personal Data collected may be in the form of:
- a. Name.
- b. Date of birth.
- c. Gender.
- d. NRIC / passport.
- e. Contact Information, address.
- f. Nationality.
- g. Race.
- h. Photograph.
- i. Education.
- j. Income.
- k. Feedback, performance review.
- l. Employment records.
- m. Family records.
- n. References.
- o. Banking particulars, credit card details.
- p. Information on tax and CPF.
- q. Sensitive information such as criminal record, religion, health, etc.
- r. Such other information as may be required for specific reasons.
C. Purpose of Collection
The Personal Data as provided/furnished by you to SSA or collected by SSA from you or through such other sources as maybe necessary for the fulfillment of the purposes (“collected”) at the time it was sought or collected, will be used for such purpose and or for the following reasons (collectively “Purposes”):
- a. Assessing application for membership [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- b. Assessing application for employment [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- c. Assessing application for council election [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- d. Communicating with its member [Personal Data collected maybe in the form of B(a) – (e), (r) or part thereof].
- e. Providing services, to process billing / payment transactions [Personal Data collected maybe in the form of B(a) – (g), (o), (r) or part thereof].
- f. Responding to an individual’s inquiries [Personal Data collected maybe in the form of B(a), (d), (e), (r) or part thereof, depending on the nature of the inquiries].
- g. Administering participation in any programme/event/activity organised by SSA [Personal Data collected maybe in the form of B(a) – (h), (r) or part thereof, and may also include B(o) if any payment is required].
- h. For marketing and promotional activities, market surveys, trend and statistical analysis [Personal Data collected maybe in the form of B(a) – (k), (r) or part thereof].
- i. For finance activities [Personal Data collected maybe in the form of B(a) – (f), (j), (l), (n), (o), (r) or part thereof].
- j. For credit assessments, financial and background investigation as and when deemed necessary [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- k. For the maintenance and upkeep of internal records, filing and operations [Personal Data collected maybe in the form of B(a) – (h), (k), (o), (r) or part thereof].
- l. For meeting any legal or regulatory requirements relating to our provision of services and to make disclosure under the requirements of any applicable law, regulation, direction, court order, by-law, guideline, circular, code applicable to us or our affiliates [Personal Data collected maybe in any form as required by the requirements].
- m. To enter into the necessary agreement and/or contract [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- n. For handling the report for a lost item, customer complaints and taking appropriate action relating thereto [Personal Data collected maybe in the form of B(a) – (g), (h), (k), (o), (r) or part thereof].
- o. For security and crime prevention purposes; when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events at our premises, risks management, safeguarding SSA in the event of any claim, litigation, suits, etc [Personal Data collected maybe in the form of B(a) – (r) or part thereof].
- p. For any other grounds or reasons [Personal Data collected will correspond to such grounds or reasons]
- q. For browsing our websites, or use our applications and/or digital services, you generally do so anonymously but please see the section below on cookies. We do not, at our websites, applications, and digital services, automatically collect Personal Data unless you provide such information or login with your account credentials.
Please note that an individual must provide us with your accurate personal data. Failure to do so may result in us being unable to process and/or use your personal data in relation to the Purposes.
D. Consent and Right to Withdraw Consent
You shall be invited to express consent to SSA collecting, using, and disclosing your personal data for the purposes of membership soliciting, research activities, and future event notification and publicity as well as SSA’s news dissemination.
By so indicating your acceptance of the terms of this Policy, you shall be deemed to have expressly consented to the processing of your Personal Data by SSA or any of our authorized staff, partners, and/or contractors for the Purposes outlined in B above.
Notwithstanding anything to the contrary, you may at any time withdraw your consent to SSA processing any Personal Data of yours or to any part or portion of the processing by sending to SSA at the address set out below a written notice of withdrawal and within the period prescribed under the Act. SSA shall take all necessary measures to give effect to your withdrawal of consent, to the extent that such withdrawal does not conflict with any of SSA’s other legal obligations.
E. Rights of Access
You may at any time hereafter make written inquiries, complaints and request for access to, or correction of, your Personal Data or limit the processing of your Personal Data by submitting such written request to the Personal Data Protection Officer of SSA via e-mail to firstname.lastname@example.org or post it to the address as set out below:
Data Protection Officer
Singapore Shipping Association
59 Tras Street
Any Personal Data retained by us shall be destroyed and/or deleted from our records and system in accordance with our retention policy in the event such data is no longer required for the said Purposes.
F. Disclosure of Personal Data
The Personal Data provided to us shall be kept confidential however, we may disclose your Personal Data to the following parties:
- a. Within the SSA Family that includes SSA’s subsidiaries, our business partners, and our affiliates that provide related services in connection with our services;
- b. Our auditors, consultants, lawyers, accountants, or other financial or professional advisers appointed in connection with our services;
- c. Our third-party service providers, third-party management companies, sub-contractors, or other parties as may be deemed necessary by us to facilitate your dealings with us;
- d. Our appointed service providers in fulfilling our services; and
- e. Any persons, government agencies, statutory authorities, and/or industry regulators, whom we are compelled or required to do so pursuant to any law
Third parties are legally tasked with processing your Personal Data in line with principles specified by SSA and may not use it for any other purposes. Third parties are also held responsible for securing your Personal Data at an appropriate level of security in relation to applicable data protection laws and widely accepted industry standards.
SSA reserves its right to use or disclose any data as needed to satisfy any law, regulation or legal request, to protect the integrity of the Online Service, to fulfill your requests, or to cooperate in any law enforcement investigation or an investigation on a matter of public safety.
G. Security, Storage, and Duration of Data Retention
SSA is committed to ensuring that your Personal Data is secure, and in connection therewith, suitable processes and procedures have been put in place to ensure that all Personal Data collected by us shall be stored and/or filed in such manner as to ensure that the Personal Data maintains its accuracy, integrity, remains confidential, is protected against loss, misuse, modification, and unauthorised or accidental access, disclosure, alteration, destruction or manipulation.
SSA shall store and/or retain all Personal Data only for as long as required for the fulfillment of the purposes stated in B above or pursuant to any legal obligation imposed upon SSA in its operation of the Services or by virtue of any applicable law that may from time to time be in force.
H. Exceptions and Exclusion of Liability
Notwithstanding the foregoing provisions, SSA reserves the right to refuse to entertain any request for withdrawal of consent, access, or correction in the following circumstances:
- Where there is an insufficiency of information provided by any party making a request to enable SSA to positively locate or identify the Personal Data in question;
- Where there is reasonable doubt surrounding the identity of the person making the request or where SSA feels that the requesting party is not, in fact, the owner or the subject of the Personal Data in question and is not lawfully entitled to make any requests in relation to the Personal Data;
- Where permitting access or correction would be tantamount to a violation of an order of Court;
- In requests for access or for correction (excluding instances of withdrawal of consent):
- a) where the burden or expense of entertaining the request for access or correction is disproportionate to the risk to the privacy of the party making a request;
- b) where compliance with the request would involve the unauthorised disclosure of Personal Data belonging to a third party;
- c) where compliance would result in the disclosure of confidential commercial information; or
- d) where access is regulated by another law
In the area of Personal Data protection, SSA shall not be liable for any purported violation, breach, or non-compliance with any precepts of privacy or the protection of Personal Data in the following instances:
- Where an act of nature or event outside the control of SSA results in the damage or malfunction or destruction in any equipment or machinery used to secure, store or process Personal Data;
- Where Personal Data is readily available or able to be found in the public domain; and
- Where despite SSA’s best efforts, there is unauthorised access, modification, alteration, misuse, tampering, or abuse of Personal Data caused by the malicious or fraudulent or criminal acts or conduct of a third party not being under the control or direction of SSA.
I. Integrity of Personal Data
You are responsible for ensuring that the Personal Data you provide us is accurate, complete, and not misleading and that such Personal Data is kept up to date. We may request your assistance to procure the consent of third parties whose Personal Data is provided by you to us and you agree to use your best endeavours to do so.
J. Transferring and Sharing of Personal Data
It may be necessary if so required for any of the Purposes to transfer your Personal Data outside of Singapore or to disclose your personal data to our related subsidiaries, business partners, affiliates, associates, service providers, and/or relevant authorities, who may be located within or outside Singapore. Save for the foregoing, your personal data will not be knowingly transferred to any place outside Singapore or be knowingly disclosed to any third party.
SSA also does not sell, transfer or disclose personal information to third parties outside the SSA Family. The SSA Family includes our subsidiaries, our affiliates, and our service vendors. However, with your permission, we will, on occasion send marketing information on behalf of our business partners or associates about products or services they provide that may be of interest to you. You may be asked if you wish to receive marketing materials from SSA’s partners or associates. If you elect to receive such materials, SSA will not share your personal information with such partners or associates but rather will send an e-mail on behalf of the partners or associates.
K. Protection of Personal Data in SSA’s Possession
SSA shall limit the collection and use of personal information to what is necessary to administer its services and to deliver superior service to you. To serve you better, SSA may combine the information which you have given to us through our website or other channels.
SSA shall protect the confidentiality of all personal information which you have shared with us. In cases where we share personal information with our subsidiaries, partners, or affiliates, we will protect that personal information with strict confidentiality as stated in our agreement. Companies hired by us to provide support services or to act as our agent must conform to our privacy standards.
SSA corporate policies stipulate that any staff with access to confidential customer information is not permitted to use or disclose such information except for business purposes. All staff are required to safeguard such information as specified in their confidentiality agreements with SSA.
In all cases, your personal information is protected by a strict confidentiality agreement. We do not allow any non-affiliated company to retain your personal information any longer than it is necessary to provide you with the service or information unless you have permitted us to do so.
Staff of SSA shall sign the Confidentiality Clause to undertake not to misuse or disclose personal data in their possession during their cause of work and to take every precaution to ensure all personal data under their possession are being kept confidential at all times.
This Policy is issued in the English language.
M. Changes to the Personal Data Protection Policy
This Personal Data Protection Policy is effective as of July 2014. From time to time, it may be necessary for SSA to change this policy. If we change our policy, we will post the revised version on our corporate website, so we suggest that any interested person checks for the most up-to-date version of our personal Data Protection Policy online.
N. Governing Law
This Data Protection Policy, your browsing of our websites, and use of our applications and/or digital services shall be governed in all respects by the laws of Singapore.
A cookie is a small piece of information that is placed on your computer when you visit certain websites. The cookies placed by the servers hosting our websites are readable only by us, and cookies cannot access, read or modify any other data on an electric device, nor does it capture any data which allows us to identify you individually. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
Should you wish to disable the cookies associated with these browsers, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our websites.
P. Data Security
- SSA will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example, no harmful code will enter our websites, applications, and digital services (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites, applications, and digital services.
- While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet, when you browse our websites, or use our applications and/or digital services, and the method of electronic storage. We urge you to take every precaution to protect your Personal Data when you are on the Internet, when you browse our websites, or use our applications and/or digital services. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
- If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
Q. Contacting Us – Feedback, Withdrawal of Consent, Access, and Correction of your Personal Data
- (a) have any questions or feedback relating to your Personal Data or our Data Protection Policy;
- (b) would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or
- (c) would like more information on or access and make corrections to your Personal Data records,
you can contact SSA membership services at email@example.com or call (65) 6305 2260.
If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, SSA may not be in a position to administer any contractual relationship in place, which in turn may also result in the termination of any agreements with SSA, and your being in breach of your contractual obligations or undertakings. SSA’s legal rights and remedies in such event are expressly reserved.