- Personal Data
You hereby agree that the Group may collect, store, process, disclose, access, review and/or use personal data (including sensitive medical data) about you, whether obtained from you or from other sources, for the purposes set out below and/or any other administrative or operational purposes and/or the purpose of managing your relationship as a customer with the Company or any other company within the Group:-
- providing services to you in relation to your sales transactions with the Group, including services related to your medical or health condition (such as [providing diagnosis and/or treatment plan]);
- enabling your use of the services which the Group provides, including the Group’s website and, where necessary, contacting you (whether by SMS, email or otherwise);
- dealing with enquiries made by you;
- maintenance and updating of the data;
- statistical analysis;
- administrative or operational purposes;
- tax filing preparation;
- processing credit notes and processing refunds;
- collection of fees, charges and expenses for services provided;
- verification and identification purposes;
- carrying out billing, accounting, auditing and the maintenance of proper book-keeping to explain the Company’s operations and business; and/or
- the disclosure of the relevant books, documents, records and information (in hard or soft copy) to the auditors for the preparation of financial reports.
- Data Quality
The Company will take reasonable steps to make sure that the personal data it collects, uses or discloses is accurate, complete and up to date.
- Data Security
The Company will take reasonable steps to protect the personal data it holds from misuse and loss and from unauthorized access, modification or disclosure.
The Company will not keep personal data for longer than is necessary and will take reasonable steps to destroy or permanently de-identify personal data if it is no longer needed.
- Access and Correction
You are entitled to have access to the personal data about you that is in the possession or under the control of the Group and information about the ways in which the personal data has been or may have been used or disclosed within a year before the date of the request. This can be done by you making a written application to the Designated Person (as defined below) requesting for any such information. The Company reserves the right to charge a fee (representing its costs in administering your request) for supplying such information and to refuse requests which, in its opinion, occur with unreasonable frequency.
The Company will also, where you have requested that it correct an error or omission in the personal data about you that is kept with the Company, correct such data as soon as practicable and send the corrected personal data to every organization to which the personal data was sent before it had been corrected, if applicable, unless that organization does not need the corrected personal data for any legal or business purpose.
The Company may however choose not to provide you with access to or correct such information, in accordance with the exceptions under the PDPA. This would include cases where:
- The Company is satisfied on reasonable grounds that the correction should not be made;
- The request for access is frivolous or vexatious or the information requested is trivial;
- The personal data is related to a prosecution and all the proceedings related to the prosecution have not been completed;
- The personal data, if disclosed, would reveal confidential commercial information that could, in the opinion of a reasonable person, harm the competitive position of the Group; and
- The personal data was collected, used or disclosed for the purposes of an investigation and associated proceedings and appeals have not been completed.
- Transborder Data Flows
You hereby agree that, in order for the Group to perform its obligations arising from or in relation to any sales transaction or contract entered into between you and the Group, the Group will need to transfer your personal data (including sensitive medical data) to a country or territory outside of Singapore, for instance, to third-party service providers (including medical professionals and organizations) or to satisfy administrative or operational requirements in other companies within the Group. If your personal data is transferred to a country or territory outside Singapore, we will ensure that the recipients thereof provide a standard of protection to your personal data so transferred that is comparable to that which is provided herein.
- Enquiries and Complaints
The Company has designated the person whose details are set out below as the person (“Designated Person”) who will be responsible for ensuring the Company’s compliance with applicable data protection laws. If you have any queries or requests or wish to make any applications concerning your personal information or data, please contact the Designated Person :-
Philipp Graf von Hardenberg
President & Chief Executive Officer