Last updated: November 2021
We, THE PATATAS, (“the Company”, “we”, “us”, “our”) place great importance on the confidentiality, privacy and protection of your personal and transactional data. We handle all personal data provided to us in accordance with the standards prescribed by the Singapore Personal Data Protection Act (No. 26 of 2012) and the subsidiary legislation made thereunder, and where applicable, the European General Data Protection Regulation 2016/679.
2. INFORMATION WE COLLECT
When you access our website www.thepatatas.com and all pages within the domain (the “Website”) or when you contact us, the following types of information may be collected from you:
Contact and Billing Information
These relate to the following information about you, some or all of which may be collected:
(a) Full Name
(b) Name of organisation
(c) Contact telephone number
(d) Email address
(e) Billing address
These relate to information about your computer or mobile device and your access patterns, some or all of which may be collected when you use the Website:
(a) IP address
(b) Geographic location
(c) Operating system and browser type
(d) Device type
(e) Web traffic data
(f) Time spent on the Website
(g) Number of webpages within the Website viewed
(h) Access from third-party websites linking to our Website
(i) Advertising information, e.g. what ads were clicked and/or viewed
We use the following categories of cookies:
(a) Strictly necessary cookies: These are cookies that are required for the operation of the Website and the provision of our services to you.
Specifically, we run the cookies for the following purposes:
(b) To verify that you’re not a robot; and
(c) To remember preferences that you have set.
While you may disable these cookies in your internet browser settings, doing so may result in restrictions in your use of the Website and/or the failure of the Website to work properly for you.
(d) Analytical/Performance/functionality/advertising cookies: These cookies enable us to collect information about how users use our Website, and to personalize our content and advertisements for you. Specifically, we use these cookies to:
(i) Perform data analytics of how users use the Website, in order for us to improve the Website, our content and services;
(ii) Recommend other content on the Website which you may be interested in; and
(iii) Provide you with targeted advertisements.
While you may disable these cookies in your internet browser settings, please note that you will still receive recommendations for Website content, and that you will still see the same number of advertisements on the Website, except that these will not be tailored to you based on your personal information.
3. OUR COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
Why We Collect (Purpose)
3.1 Insofar as the information collected allows you to be identified directly, or indirectly when combined with other information, it will be deemed “Personal Data”.
3.2 We may collect, use, process, store and/or disclose your Personal Data, for the following purposes, where necessary or applicable:
(a) To verify your identity;
(b) To enable your device and/or software to access the Website;
(c) For the smooth administration and improvement of the Website, including troubleshooting, site analysis, testing, research, statistical and survey purposes and to obtain feedback so as to enable us to improve the operation of the Website and offer you a better user experience;
(d) For audit, customer service, administrative support, market research and business development purposes;
(f) To respond to any queries, requests or reports which you may have submitted;
(g) For payment and delivery of goods or services;
(h) To process payment or credit transactions
(h) To perform a contract to which you are a party to or deliver the services you have requested;
(i) To recommend and/or display content and advertisements on the Website that may be of interest to you;
(j) To comply with the requirements under any applicable law or requests from any competent authority, including but not limited to relevant governmental authorities, law enforcement agencies and regulatory bodies;
(k) Where required in any civil or criminal suit or for the protection and/or enforcement of our legal rights and obligations;
(l) In the event we sell or buy any business or assets, where necessary for the purposes of the sale or purchase;
(m) To enable any third parties to perform any of the above where necessary and/or applicable, including but not limited to law enforcement agencies, regulatory bodies, our business partners, affiliates, suppliers and subcontractors.
(n) To post testimonials (with your consent). We post testimonials on our Website that may contain personal information. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial.
(o) Any other purpose for which you have provided the personal data.
If we intend to use your Personal Data for any purpose not listed above, we will notify you of this purpose and obtain your consent, unless otherwise prescribed by any applicable law.
The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
Retention of Personal Data
3.3 We will retain your Personal Data only for the length of time required to fulfil the purposes for which the Personal Data was collected, save where continued retention is necessary for us to comply with our other legal obligations or to meet our business requirements.
Transfer of Your Personal Data
We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
4. YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA
4.1 We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data. You may write to our Data Protection Officer at email@example.com to:
(a) Correct or update your Personal Data;
(b) Reasonably request for access to your Personal Data. Do note that you may face reasonable charges for our provision of the Personal Data;
(c) Request for information relating to our use or disclosure of your Personal Data;
(d) Withdraw your consent and request that we stop processing your Personal Data for certain purposes;
(e) Delete any Personal Data we no longer have legally permissible grounds to use; or
(f) Make a report about any actual or potential breach of security in relation to your Personal Data.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) calendar days (10 business days for withdrawal of consent) after receiving your request, we will inform you in writing within thirty (30) days of receiving your request of the time by which we will be able to respond to your request.
Do note that we may not be obliged to comply with your requests under certain conditions as prescribed by the applicable law. In such an event, we will notify you accordingly of the basis for not acceding to your request.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.
5. DATA PROTECTION AND SECURITY
5.1 We will put appropriate and reasonable technical and administrative security measures in place to help ensure that your information is protected against unauthorised or accidental access, use, alteration or loss.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
The Company uses Google Drive and Synology to store documents such as:
(a) Contact information
We have taken steps to satisfy ourselves that the cloud service providers we use, such as, Google Drive and Synology, take reasonable steps to protect the personal data that they hold to a standard that is acceptable to Singapore’s Privacy and Data Protection Commission (PDPC)
5.2 All of our employees who deal with Personal Data are trained in the proper handling and protection of Personal Data.
5.3 Any data protection breach will be handled in accordance with our internal procedures, a copy of which may be obtained from our Data Protection Officer at the contact details provided below.
6. EU GENERAL DATA PROTECTION REGULATION (GDPR)
6.1 Where we collect, use or disclose the personal data of residents of the EU, we will also comply with any specific requirement of the GDPR:
(b)We will not collect sensitive data, such as race, ethnicity, political, religious or philosophical beliefs, trade union membership, genetic or biometric data, or sexual orientation unless
- you give explicit consent
- it is in your vital interests that we collect the data
- is required for legal claims, public health, scientific or historical research purposes, or
- it is required for reasons of substantial public interest.
- The right to erasure: You have the right to request that we erase your personal data under certain conditions.
- The right to restrict processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
- The right to object to processing: You have the right to object to our processing of your personal data under certain conditions.
- The right to data portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
8. DATA PROTECTION OFFICER (DPO)
You may contact our Data Protection Officer if you have any enquiries or feedback on our privacy policies, or if you wish to make any complaint or request. Please contact our DPO at firstname.lastname@example.org or 6850 5142.