Etiquette & Image International collects and uses personal data about participants/purchasers in accordance with Singapore Personal Data Protection Ac 2012 (PDPA).
The purpose of this document (“Data Protection Policy”) is to inform you of how Etiquette & Image International manages Personal Data which is subject to the Singapore Personal Data Protection Act. Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we collect, use and process Personal Data.
By interacting with us, submitting information to us, or signing up for any Courses, Services, Products offered by us, you agree and consent to Etiquette & Image International (including its related business units) (collectively, the "EII Group"), as well as our representatives (collectively referred to herein as "EII", "us", "we" or "our").
DATA COLLECTED AND PURPOSE
EII holds personal data on individuals, including: contact details, attendance information and photographs.
EII Group consists of three part entities – Etiquette & Image International, The Etiquette Alliance International, Shift N Sheath, EII Fitness & Wellness.
The data is used in order to support the provision of events, trainings, goods, services and post-event feedback and other services normally associated with workshops, conferences, sales of goods and any registered events.
The Centre may make use of limited personal data (such as contact details) relating to attendees, their parents or guardians for marketing or promotional purposes and to maintain relationships with the EII Group.
Data is shared as necessary with third party companies to provide extended services, examples include transport, medical, catering, accommodation and online services such as sign-up and event management.
In particular, EII Group:
- Will share relevant details with the certifying body in the case of courses leading to third-party certification.
- May make use of photographs, videos or sound recordings of participants in EII Group’s publications, website and other official EII Group’s communication channels, as well as external media.
- May retain and use personal data after an event to provide post event services consistent with training events.
The EII Group undertakes to:
- Implement appropriate security measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular when the processing of data involves the transmission or storage on or within a network.
- Notify data subjects about any accidental or unauthorised access of their data that may lead to damage or harm.
DATA RETENTION & REMOVAL
EII Group undertakes that it shall only keep the data collected as long as is necessary to provide the services outlined above.
EXEMPTIONS TO RIGHT OF ACCESS
The PDPA does not provide the right of access to any and all information held by an organisation. Therefore EII Group retains the right to refuse access to:
- Opinion data kept for evaluative purposes
- Data or material that provide personal data about other individuals in contravention of this policy or the PDPA.
Sharing Data with Third Parties
The EII Group shares personal data with a variety of third parties for the purposes of providing a relevant service to the institution. Examples of these services include certification, transport, catering, travel services, accommodation, medical, training and workshops.
EII Group will only share data for the purposes of eliciting a necessary service from these third party organisations and not for commercial gain.
Where EII Group signs explicit contracts with these organisations it will include clauses and statements of confidential with Third Parties to ensure that the organisation is using the data purely for the intended purpose of providing the required service and that it is taking appropriate precautions to safeguard the data.
In some instances, for example for online services provided by companies outside of Singapore, explicit signed contracts do not exist. In these instances EII Group will ensure that the terms & conditions of the service include clauses that:
- EII Group remains the owner of the data
- the service provider/collaborator is not entitled to use any data held on its service for any purpose other than to provide the required service
- the service provider/collaborator is taking reasonable precautions to ensure the security of the data
- once EII Group terminates its agreement with the service provider/Collaborator, that any and all data held will be deleted and not used for any other purpose
DATA PROTECTION AND EII GROUP
- 'Personal data’ shall refer to data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the organisation has or is likely to have access and all other data deemed protected under the Personal Data Protection Act 2012
- 'PDPA’ shall mean the personal Data Protection Act (2012)
- 'EII GROUP’ shall mean the entity who transfers the data to be used
- 'the company’ shall mean the processor who agrees to accept the Centre’s personal data intended for processing and use in accordance with this agreement
The company agrees and warrants:
- Any personal data shared by the EII Group or collected by the company as a result of providing the services covered in this agreement will be used solely for the purpose of providing the service.
- Detailed in this agreement that no personal data collected or shared will be used to offer or solicit further services from the individual concerned.
- To process the personal data only on behalf of the EII Group and in compliance with its instructions
- Personal data protection will continue to be carried out in accordance with the relevant provisions of Data protection law and do not violate the relevant laws of the Republic of Singapore in which the EII resides.
- You shall promptly notify EII Group about any request for disclosure received directly from any authority or individual.
The company agrees and warrants:
- To implement appropriate security measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular when the processing of data involves the transmission or storage on or within a network.
- That it shall promptly notify EII Group about any accidental or unauthorised access of the data, or any loss of the data whether leading to unauthorised access or not.
DATA RETENTION - OBLIGATIONS AFTER THE TERMINATION OF CONTRACT OR SERVICES
EII agrees and warrants Guarantee the confidentiality of the personal data and will not actively process the personal data transferred anymore. Once the legal requirement for retention has passed, EII Group warrants that it will destroy all data retained.
The parties agree that if one party is held liable for a violation of the clauses committed by the other party in contravention of the PDPA, the latter will, to the extent be liable, indemnify the first party from any cost, charge, damages, expenses or losses it has incurred.