Data Protection and Privacy Policy

 

  1. Introduction

This Policy applies to the Edmund Tie & Company group of companies, namely Edmund Tie & Company (SEA) Pte Ltd, Edmund Tie & Company Hospitality Management Services Pte Ltd and Edmund Tie & Company Property Management Services Pte Ltd.

We at Edmund Tie & Company respect the privacy and confidentiality of our Clients’ personal data. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data of our clients in accordance with the Personal Data Protection Act (“PDPA”). This Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.

We have developed this Data Protection Policy to assist you in understanding how we collect, use, disclose, process and retain your personal data with us.

 

  1. How we collect your personal data

The PDPA defines personal data as “data, whether true or not, about an individual who can be identified a) from that data; or b) from that data and other information to which the organisation has or is likely to have access.”

We collect the personal data of our Clients or potential Employees in the following ways when you:

  • Leave your contact details with us after attending our events e.g.,marketing events such as roadshows and seminars;
  • Leave your contact details with us after visiting our websites and portals, or making enquiries on other third party portals;
  • Visit our showflats or open houses and leave behind your contact details or express an interest to preview a unit;
  • Express an interest on the property we are marketing e.g., to book a unit at our property launch;
  • Interact with our Employees or Coordinators, e.g. via telephone calls, faxes, text messages, face-to-face meetings or emails;
  • Respond to some of our marketing collaterals e.g. advertisements, brochures or flyers;
  • Fill in our application, registration, enquiry or survey forms;
  • Engage our Employees to help market and transact the sale, purchase or leasing of a property;
  • Book or reserve a serviced apartment online;
  • Engage our valuation or auction services, or participate in our auctions;
  • Engage our services or do transactions with us in other business areas;
  • Respond to our job advertisements in newspapers, websites, etc;
  • Submit your job application form and CV to us; and
  • Provide feedback or make a complaint to us.

 

  1. Types of personal data we collect about you

The types of personal data we collect about you may include:

  • Personal contact information (Name, Address, Phone No., Email Address);
  • Personal particulars (Name, Gender, Date of Birth, Nationality, Race/Ethnicity);
  • Family details – to determine eligibility to purchase a Housing Development Board (HDB) flat or executive condominium;
  • Financial information to determine eligibility to purchase a HDB flat or executive condominium;
  • Educational and professional qualifications for job applicants; and
  • Personal and professional details contained in your curriculum vitae – for job applicants.

 

  1. How we use your personal data

We use the personal data we have collected about you for one or more of the following purposes:

  • Inform you of property launches, sale or leasing of properties;
  • Conduct balloting exercises at property launches;
  • Check with government agencies e.g., HDB on your eligibility to purchase HDB flats or executive condominiums;
  • Service your booking of a unit at property launches;
  • Follow up on your expression of interest to purchase or rent a property;
  • Process and complete a property sale or leasing transaction;
  • Perform valuation of properties;
  • Conduct property auctions;
  • Conduct market research and analysis;
  • Provide our consultancy and advisory services;
  • Process billing, payment and other credit-related activities;
  • Respond to your inquiries and feedback;
  • Process employment passes of our employees with the relevant government agencies;
  • Process job applications, recruitment and selection; and
  • Comply with or fulfil legal obligations and regulatory requirements.

 

  1. Whom We Disclose Your Personal Data To

We disclose some of the personal data we have collected about you to the following entities or organisations outside Edmund Tie & Company in order to fulfil our services to you:

  • Property developer or owner – Client (buyer’s) particulars;
  • Property buyer – Client (seller’s) particulars;
  • Landlord – Client (tenant’s) particulars;
  • Tenant – Client (landlord’s) particulars;
  • Partners – Client’s particulars;
  • Co-brokers – Client’s particulars;
  • Government agencies e.g.,Housing and Development Board, Council of Estate Agents, Central Provident Fund Board, Ministry Of Manpower, Inland Revenue Authority of Singapore, Workforce Development Agency – Client’s and Employee’s particulars;
  • Industry associations – Employees’ particulars;
  • External service providers (mailing houses, courier services, delivery services) – Client’s contact information; and
  • Cloud service providers.

 

  1. How we manage the collection, use and disclosure of your personal data

 

6.1 Obtaining consent

Under PDPA, before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.

Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you enter into an Option to Purchase in the sale of a property.

Some of the exceptions to the need for consent under PDPA to the collection, use or disclosure of your personal data under the following circumstances includes, but is not limited to:

  • the personal data is publicly available;
  • the personal data is collected by the individual’s employer and the collection is reasonable for the purpose of managing or terminating an employment relationship between the organisation and the individual;
  • the personal data was disclosed by a public agency

 

6.2 Third-Party Consent

If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent (e.g. SMS, email or written confirmation) from that individual in order for us to collect, use or disclose his/her personal data.

 

6.3 Withdrawal of consent

The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us.

We will try to respond to the withdrawal of consent at least ten (10) business days from the date that we receive the withdrawal notice. If we are unable to do so within the 10 days, we will let you know and give an estimate of how much longer we require for the withdrawal of consent to take effect.

Your request for withdrawal of consent can take the form of an email or in writing to us, or through the “UNSUB” feature in an online service.

 

7 How you can access and make correction to your personal data

You may write in or via email to us to find out how we have been using or disclosing your personal data within a year before the date of your request. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document.

We will try to respond to your request as soon as reasonably possible, or within 30 days from the date that we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require and the cost in processing your request (if applicable).

If you find that the personal data about you is inaccurate, incomplete or not up-to-date, you may ask us to correct the data. We will correct the data as soon as possible if we are satisfied on reasonable grounds that a correction should be made.

 

8 How we ensure the accuracy of your personal data

We generally rely on personal data provided by you (or your authorized representative). In order to ensure that the personal data is accurate, complete and up-to-date, we will make reasonable verification checks to ensure that the personal data we collect from you is correct. From time to time, we may do a verification exercise with you to update us on any changes to your personal data.

It is important that you update us of any changes to your personal data in an ongoing relationship.

 

9 Protection of personal data

We have implemented appropriate administrative, physical and technical measures (such as email encryption, antivirus protection, two-factor authentication and secure network protocols) to secure the personal data we hold about you against loss; misuse; destruction; unauthorised alteration/modification, access, disclosure; or similar risks.

We will take the necessary security arrangements to protect your personal data that is in our possession to prevent unauthorised access, use, disclosure, or similar risks. All our Employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data and will only share your data with authorised persons on a ‘need to know’ basis.

External Data Intermediaries who process and maintain your personal data on our behalf will be bound by contractual information security arrangements we have with them. We will ensure that they have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

 

9.1 NRIC

In general, Edmund Tie & Company does not collect, use or disclose an individual’s NRIC number or a copy of the NRIC, except in the following circumstances:

  1. Collection, use or disclosure of the NRIC number or copy of the NRIC is required under the law; or
  2. Collection, use or disclosure of the NRIC number or copy of the NRIC is necessary to accurately establish and verify the identity of the individual.

In situations where we have to collect, use or disclose an individual’s NRIC number or a copy of the NRIC, we will notify the individual of the purpose for the above. We will also ensure that there are adequate security arrangements to prevent any unintended disclosure of the NRIC number, including during the process of making a copy of or recording the NRIC number, and to protect copies of the NRIC kept by us.

 

10 Retention of personal data

We will not retain any of your personal data under our care when it is no longer necessary for any business or legal purposes.

Under our Document Retention Policy, we will keep track of the retention schedules of the personal data you provide us and ensure that such documents containing your personal data that are no longer needed by us will be destroyed or disposed of in a proper and secure manner.

 

11 Transfer of personal data

We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.

 

12 Do-not-call (DNC) provisions

Before we make any ‘cold calls’ in telemarketing activities, we will check the National DNC Registry and our internal ‘blacklist’ before we make the phone call, send text messages or faxes to you, unless you have given us your clear and unambiguous consent. [The ‘blacklist’ refers to phone numbers belonging to those individuals who have informed us to withdraw their consent].

 

13 Use of cookies

We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.

Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session.

You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web applications.

 

14 Handling queries and complaints

If you have any query or feedback regarding this Policy, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer at:

 

Data Protection Officer

Tel: +65 6393 2362

Email: dpo.sg@etcsea.com

Any query or complaint should include, at least, the following details:

  • Your full name and contact information
  • Brief description of your query or complaint

We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.