IIT Alumni Association Singapore (“IITAAS” or, as appropriate in the context, “we”, “us” or “our”) is a non-profit organisation registered under the Laws of Singapore.
IITAAS respects the protection of your Personal Data and values the relationship we have with you.
This Privacy Policy (“Policy”) describes the types of Personal Data we might collect from you, how we might use that information, and with whom we might share it.
Our Policy also describes the measures we take to protect the security of the information you provide to us, including without limitation through this Website.
We also tell you how you can reach us to update your Personal Data, ask questions you may have about our personal data protection practices and provide feedback on our personal data protection practices.
- Personal Data – What We Collect
The types of Personal Data we collect about individuals might, but not necessarily, include:
- personal particulars (e.g., name, date of birth, contact information, residential address, NRIC/FIN/Passport details and/or education details)
- financial information (e.g., particulars relating to income, expenditure, tax, insurance, risk profile, investments, business interests, assets, financial objectives, knowledge, experience, bank accounts, transactions and/or credit history)
- specimen signature
- audio, video and images
- employment information and associated particulars (e.g. occupation, titles and positions held, duties and responsibilities, employment history, remuneration and/or benefits)
- personal opinions provided to us (e.g. feedback or survey responses)
You might have provided the Personal Data to us personally or authorised other individuals to provide the Personal Data to us and consent (on your behalf) to our collection of your Personal Data from these individuals.
Where you give us Personal Data about yourself, you confirm that you consent to the use, disclosure, retention and processing of such Personal Data for the purposes described in Section 2 or other purposes for which your consent has been sought and obtained.
Where you give us Personal Data about other individuals, you confirm that you are authorised to disclose and consent, on their behalf, to the use, disclosure, retention and processing of such Personal Data for the purposes described in Section 2 or other purposes for which your authorised consent on their behalf has been sought and obtained.
- Personal Data – What We Collect
The Personal Data that we collect might, but not necessarily, be used for the following purposes:
If you are a Vendor / Service Provider / Business Partner
- To conduct due diligence / background checks mandated by legislation or IITAAS’s internal policies, requirements and practices
- To facilitate the supply of products and services and support by vendors / service providers / business partners to IITAAS
- To keep vendors / service providers / business partners updated on changes to IITAAS’s policies
- To evaluate and to improve IITAAS’s products and services
- To evaluate the products and services provided by vendors / service providers / business partners to IITAAS
- To facilitate interactions with IITAAS
If you are a Customer
- To conduct due diligence / background checks mandated by legislation or IITAAS’s internal policies, requirements and practices
- To facilitate the providing of products and services and to communicate with customers as part of providing products and services
- To evaluate and to improve IITAAS’s products and services
- To respond to queries or comments on IITAAS’s products and services
Others
- To evaluate applications for employment / job positions within IITAAS
- To conduct due diligence/background checks on job applicants
- To organise and manage events for community and charitable purposes
- For security clearance / entry access into IITAAS’s premises
We collect and use Personal Data only for purposes which you have consented to and for which we have been authorised.
If we need to use your Personal Data for any purpose which you have not previously consented to, we will seek your consent prior to using your Personal Data for the new purpose.
- Personal Data – Disclosure, Sharing & Transfer
IITAAS does not sell or rent Personal Data that we collect from individuals, including our website visitors except in the course of or in connection with providing our products and services to our customers. We disclose, share and transfer Personal Data to the following parties for the following purposes:
- To our agents/vendors/subcontractors/consultants/business partners for the purposes of providing products and services to our customers on our behalf.
- To government and non-government authorities, agencies and/or regulators as required under law or under directions or orders from the government and non-government authorities, agencies and/or regulators for security, regulatory approvals or permits.
- To other IITAAS entities for the purpose of responding to questions, concerns, comments or feedback on our products or services or our business, or to share knowledge on issues such as industry developments, IITAAS’s business, market outlook, corporate events and other products and services of IITAAS that may be of interest to your company, organisation or business.
- To other IITAAS entities to facilitate the provision of products and services to our customers where the project or engagement involves other IITAAS entities.
- To event organisers and service providers to facilitate the planning of events / functions that IITAAS organises or is involved in.
We might transfer, store, process and/or deal with your personal data outside Singapore. If we do so, we will comply with the applicable data protection and privacy laws.
We also disclose and transfer Personal Data to the following parties for the purposes of managing, operating, administering and running our business and for our business and legal purposes:
- To group companies for security purposes
- To group companies for purposes of evaluating our products and services and our business as a group
- Financial institutions for purposes of payments and transactions related to IITAAS’s provision of products and services or related to products and services provided to IITAAS by our vendors / service providers / consultants
- To our service providers (who may be located outside Singapore) that have been retained to perform services on our behalf or on behalf of group companies, including:
- To group companies for security purposes
- Professional, financial and legal advisors, tax advisors, auditors, insurers and insurance brokers,
- Vendors, service providers and consultants that have been engaged to help manage, operate, administer and run IITAAS’s operations and business process or provide services to facilitate our provision of our products and services, and
- External contractors that provide consultancy and evaluative services to IITAAS and for IITAAS’s products and services, or organise events for IITAAS.
- For job applicants, your Personal Data may be shared with other entities in the Group companies if IITAAS takes the view that you may be suitable or eligible for another job position within the Group, unless you inform us otherwise (please refer to Section 7). The Personal Data will be used in a confidential manner to help IITAAS Group monitor recruitment processes. IITAAS requires that the parties to whom we transfer Personal Data and our service providers implement adequate levels of protection in order to protect Personal Data. We also require that these parties only process Personal Data strictly for purposes for which we engage them for and consistent with the purposes that we have described in Section 2 or with other purposes for which consent has been sought and obtained
We also disclose and transfer Personal Data to the following parties for the purposes of managing, operating, administering and running our business and for our business and legal purposes:
- we are required to do so by law,
- in response to a request from law enforcement authorities or other government officials,
- to comply with a court order or direction from a government agency or regulatory authority ordering the disclosure of the Personal Data; and
- where the disclosure is necessary for investigations or legal proceedings.
- Cookies & Internet Technologies
Websites and other online and mobile applications [“app(s)”] that we might own or maintain might place small text files, called cookies, on your computer or mobile device when you visit a website or use an app.
Cookies gather data like Internet Protocol (IP) addresses and other information related to your visit or use of our website or app(s).
We use the cookies and other technologies to facilitate and improve your interaction with our systems and to track the effectiveness of our websites and apps. We might also make use of pixel tags or web beacons, which are invisible tags placed on webpages but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the website.
You may set up your web browser to block cookies, which will, in turn, disable the pixel tags from monitoring your website visit. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies and pixel tags, you may not be able to use certain features and functions of our websites.
Our websites might also contain links to other websites not maintained by IITAAS. This privacy policy applies only to IITAAS’s websites. When visiting others’ websites, you should read their privacy policies regarding your use of their websites.
- Protection of Personal Data
With reference to Personal Data, we have safeguards to protect against accidental or unauthorised access, collection, use, disclosure, copying, sharing, disposal, deletion, modification and other similar risks.
- Retention of Personal Data
IITAAS retains Personal Data only for as long as the retention is required for the purposes for which we collected the Personal Data, the purposes described in this Policy and for our business and legal purposes. Generally, we do not retain Personal Data for a period longer than 7 years after the original purposes for which the Personal Data was collected have ceased to be applicable, unless otherwise required by law or other mandatory directions by court or government authorities or for purposes of legal proceedings or other similar proceedings or investigations. For unsuccessful job applicants, IITAAS will retain your Personal Data for no longer than one year for the purposes of evaluating your suitability for future job openings within IITAAS, unless you inform us otherwise (please refer to Section 7).
- How to Contact Us
If you have any questions or comments about this Policy and our policies and practices on our collection, use, disclosure or retention of Personal Data, you may contact our Data Protection Officer.
Email address: secretariat@iitaas.org
If you are a job applicant and wish to inform us that:
- you do not wish for IITAAS to share your personal data with other entities in the IITAAS Group for evaluating your suitability or eligibility for another job position within the Group companies other than the one you are applying for; or
- you do not wish for IITAAS to retain your personal data for the purposes of evaluating your suitability for future job openings within the IITAAS Group, please contact our Data Protection Officer.
Email address: secretariat@iitaas.org
- Updating or Correcting your Personal Data
IITAAS takes reasonable measures to ensure that the Personal Data we collect about individuals is accurate and complete. For this reason, if there is any change or update in Personal Data, we would like to know about these changes or updates.
If there is a change or an update in your Personal Data or if there is a need to correct any Personal Data of yours that we have, please write to us and provide us with the following details:
- Your namer
- An address to contact you
- The nature of our relationship with you
- The Personal Data to be changed, updated or corrected
You may send your requests to our Data Protection Officer at the contact details listed in Section 7 above. We will endeavour to acknowledge the receipt of your request within seven working days after the date of receipt of your request.
As it is important to us that the Personal Data that we have about you is accurate and complete, it may be necessary for us to request for supporting documentation from you. We will contact you if we require supporting documentation from you.
There may be circumstances where we will not update or correct Personal Data, including:
- The Personal Data is opinion data that is kept solely for an evaluative purpose; and
- The Personal Data is in documents related to a prosecution if all proceedings relating to the prosecution have not been completed.
- Requests & Feedback on Personal Data
You may request for information from IITAAS on what Personal Data of yours we have and how we have used and shared your Personal Data during the last one year before the date of your request. To learn how you can request for information from IITAAS, please see our Request for Information Notice.You may also choose to withdraw your consent to IITAAS’s use, collection, sharing or processing of your Personal Data at any time. To learn how you can withdraw your consent, please see our Withdrawal of Consent Notice.
Please note that your withdrawal of your consent to our use of your Personal Data may affect our provision of products and services to you or our business dealings with you, depending on the nature of your relationship with us.
If you have any concerns, feedback or complaints about the use and/or sharing of your Personal Data, we are open to receiving your feedback or complaint. To learn how you may submit a complaint about our use and/or sharing of your Personal Data, please see our Feedback and Complaint Notice.
- Updates to Policy
We may change or update portions of this Policy at any time and without prior notice to you. Please review this Policy from time to time so you are aware of any changes or updates to the notice. The effective date of this Policy is provided at the end of this document.
If you do not agree with any of the changes or updates to the Policy, you have the option of withdrawing your consent to our collection, use, disclosure and processing of your Personal Data (please refer to Section 9 above).
Effective Date: 01 January 2022