DATA PRIVACY NOTIFICATION

1. NOTIFICATION

1.1 This is the Data Privacy Notification of James Cook Institute Pte. Ltd.

1.2 Compliance with this Notification. This Notification applies to all personal data we collect from you or that you provide to us. Please do not provide any personal data to us if you do not accept this Notification.

By using our services, you agree to this notification when you contact, interact, transact or deal with us, or when you access and use our websites, applications or services. If you notify us that you do not accept this Notification, we may not be able to establish a relationship with you or be able to service your requests.

1.3 Concerns and Contacting Us. If you have any feedback or issues in relation to your personal data, or about this Notification, or wish to make a complaint to us, you may contact our Data Protection Officer whose contact details are set out below.

Data Protection Officer
Email address: DPO@jci.edu.sg

1.4 Amendment to this Notification. We may amend this Notification from time to time without notice to you, to comply with applicable laws or as we update our data usage and handling processes. The updated Notification will supersede earlier versions and will apply to personal data provided to us previously.

2. PERSONAL DATA 

2.1 What personal data we collect. The personal data we collect depends on the purposes for which we require the personal data and what you have chosen to provide. This may include your name, address, contact information (e.g. telephone number and email address), identification number, photograph, video image and any other information that may identify you or is personal to you.

2.2 How we collect personal data. We collect personal data relevant to our relationship with you. We may collect your personal data directly or indirectly through various channels, including when:

• you use our services or enter into transactions with us (or express interest in doing so)
• you respond to our promotions, or subscribe to our mailing lists;
• you visit our website
• you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, telephone calls, emails, fax and letters;
• your images are captured via photographs or videos taken by us or our representatives when you are within our premises or attend events organised by us;
• you participate in events and programs, competitions, contests or games organised by us;

Our website may also contain or involve certain technologies that automate the collection of data (including personal data). These technologies include cookies, web beacons and web analytics. If you do not wish to have your data collected through such technologies you may disable the operation of these technologies on your devices (where possible), or you may refrain from using our websites and applications.

2.3 Voluntary provision of personal data. Your provision of personal data to us is voluntary and you have the right to withdraw your consent for us to use your personal data at any time by contacting and submitting a request to us. Your withdrawal will take effect after your request is processed. However, if you choose not to provide us with the personal data we require, it may not be possible for us to fulfil the purposes for which we require the personal data, including providing products and services which you need from us.

2.4 Accuracy and Completeness of personal data. You must ensure that all personal data that you provide is true, accurate and complete and promptly inform us of any changes to the personal data.

3. PURPOSES 

3.1 We collect, use and disclose your personal data where:

• You have given us consent;
• Necessary to comply with our legal or regulatory obligations (eg Skillsfuture Singapore)
• Necessary for our legitimate business interests, provided that this does not override your interests or rights; and/or
• Necessary to perform a contract or transaction you have entered into with us, or provide a service that you have requested or require from us.

3.2 General purposes. Generally, we collect, use and disclose your personal data for purposes connected or relevant to our business, including:

• Processing your transactions with us, or to provide products and services to you (e.g. submission of information to TPG, setting ICDL tests via ICDL Skillsbox, facilitating TRAQOM surveys);
• Managing your relationship with us;
• Facilitating your use of our services;
• Assisting you with your requests, enquiries and feedback;
• Administrative purposes, eg. invoicing
• Carrying out research, data and statistical analysis;
• Compliance with laws and regulations, internal policies and procedures, e.g. audit, accounting, risk management and record keeping;
• Managing and engaging third parties or data processors that provide services to us, e.g. IT services, data analytics, marketing, and other professional services;
• Engaging you as an associate trainer or matters relating to training;
• Carrying out our legitimate business interests (listed below); and/or
• Any other reasonable purposes related to the aforesaid, such purposes that may be informed to you when your personal data is collected

3.3 Marketing purposes. Where you give us consent, we collect, use and disclose your personal data for purposes of:

• Managing and/or administering your request to receive news, promotions and marketing information from us and our products;
• Analysing and/or profiling your purchases, transactions and/or likes or dislikes so as to be better able to send you relevant or targeted news, promotion and marketing information from us and on our products; and/or
• Sending you news (including events and product launches) and promotions from us as well as marketing information from us

3.4 Legitimate business our legitimate business interests include:

• Managing our business and relationship with you, and providing services to our users and customers;
• Protecting our rights and interests and those of our users and customers;
• Preventing and investigating possible misuse of our website;
• Understanding and responding to inquiries and feedback;
• Understanding how our users use our websites, applications and services;
• Identifying what our users want and improving our website and offerings; and
• Enforcing obligations owed to us, or protecting ourselves from legal liability;

3.5 Use permitted under applicable laws. We may also collect, use, disclose and process your personal data for other purposes, without your knowledge or consent, where this is required or permitted by law.

3.6 Contacting you. When using your personal data to contact you for the above purposes, we may contact you via mail, e-mail, WhatsApp, SMS, telephone, or any other means.

We will not contact you for marketing purposes unless with your consent, or we are exempted by applicable law from having to obtain consent. When contacting you for marketing purposes, we will not contact you through your telephone number, unless you have specifically consented to such a mode of communication. If you do not wish to receive any communication or information from us, or wish to restrict the manner by which we may contact or send you information, you may contact us to do so.

4. DISCLOSURE OF PERSONAL DATA 

4.1 Other disclosures. We may also disclose or share your personal data in connection with the purposes described in paragraphs 3.2, 3.3 and 3.4 above, including to the following parties:

• Third parties who are appointed to provide services to us, e.g. IT vendors, marketing companies and event organisers;
• Third parties that we conduct joint marketing and cross promotions with; and/or
• Regulatory authorities and public agencies.

When disclosing personal data to third parties, we will (where appropriate and required by applicable law) enter into contracts with these third parties to protect your personal data in a manner that is consistent with applicable laws and/or ensure that they only process your personal data in accordance with our instructions.

5. CROSS JURISDICTION TRANSFERS OF PERSONAL DATA

5.1 Safeguards. We may transfer your personal data out of Singapore for the purposes set out in paragraph 3 when transferring personal data outside Singapore, we will require recipients of the personal data to protect personal data at a standard comparable to that under the laws of Singapore. For example, we may enter into legally enforceable agreements with the recipients to ensure that they protect your personal data. You may obtain details of these safeguards by contacting us

6. PROTECTION OF PERSONAL DATA  

6.1 Period of retention. We keep your personal data only for so long as we need the data to fulfil the purposes we collected it for, and to satisfy our business and legal purposes, including audit, accounting or reporting requirements. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Certain information may also be retained for longer, e.g. where we are required to do so by law or to maintain a record of the certification you have obtained with us. Typically, our data retention period is from 6 years upwards, depending on the limitation period.

6.2 Anonymised data. In some circumstances we may anonymise your personal data so that it no longer identifies you, in which case we are entitled to retain and use such anonymised data without restriction, including for data analytics.

6.3 Unauthorised access and vulnerabilities. While we take reasonable precautions to safeguard your personal data in our possession or under our control, we cannot be held responsible for unauthorised or unintended access that is beyond our control, including hacking or cybercrimes. We also do not guarantee that our websites and applications are invulnerable to security breaches, or that your use of our websites and applications is safe and protected from viruses, Worms, Trojan horses, and other vulnerabilities.

7. YOUR RIGHTS 

7.1 You enjoy certain rights at law in relation to your personal data that we hold or control. These rights include:

• Withdrawal of consent. You may withdraw consent for our use of your personal data.
• Correction. You may request that any incomplete or inaccurate data that we hold or control be corrected.
• Access. You may ask if we hold or control your personal data and if we are, you can request access or a copy of such data. (Administrative fee may apply).

7.2 Exercising your rights. If you wish to exercise your rights, you may contact us to do so (see paragraph 1.3 above for contact details). We may require that you submit certain forms or provide certain information to process your request. Upon receipt of your written request, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we will seek to process and effect your request within 30 days of receipt of your request. Where permitted by law, we may charge you a fee to process your request. We may also be permitted under applicable laws to refuse a request.

7.3 Limitations. We may be permitted under applicable laws to refuse your request to exercise your rights, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.

8. WITHDRAWAL OF CONSENT

8.1 Students and companies may withdraw your consent to any or all use of Personal Data for any or all of the purposes set out in this policy in writing using the Withdrawal of Consent Form and submitting through our DPO email (DPO@jci.edu.sg) or through our Reception counter at James Cook Institute. You may “unsubscribe” to the relevant notifications via our Email Newsletter.

8.2 Without prejudice, if you withdraw your consent to the use of your Personal Data for any or all purposes, depending on the nature of your request, James Cook Institute may not be in a position to continue to provide our services to you or administer any contractual relationship in place, in which case James Cook Institute reserves the right to cease providing the services and/or terminate the contractual relationship with you.

9. ADMINISTRATION & MANAGEMENT OF PERSONAL DATA

9.1 You can view your personal data which James Cook Institute has collected and stored at any time. To do so, you will need to submit your request via email to the relevant schools to view your personal data residing with James Cook Institute. Your right to view your personal data is limited to your personal data only. James Cook Institute is not permitted to reveal any personal data about any other individual. James Cook Institute reserves the right to refuse access to your personal data if it will reveal or lead to the revelation of another individual’s personal data, cause harm to you or another individual or is contrary to the national interest.

9.2 Your Personal Data is retained to the extent one or more of the purposes for which it was collected remains valid and/or for other legal or business purposes for which retention may be necessary

9.3 James Cook Institute will take commercially reasonable efforts to take appropriate precautions and preventive measures to ensure that the electronic storage and transmission of your personal data is adequately protected and secured with the appropriate security arrangements and that our data intermediary are aware of the requirements of PDPA. However, we cannot assume responsibility for any unauthorised use of your personal data by third parties which are wholly attributable to factors beyond our control.

9.4 James Cook Institute reserves the right to amend this Notification with or without notice from time to time.

NOTICE
Please note that this Notification does not derogate from the terms and conditions governing your relationship with James Cook Institute and its related corporations. James Cook Institute under this Notification shall be without prejudice to other rights of collection, use and disclosure available pursuant to the terms and conditions or under the law and nothing herein is to be construed as limiting any of these other rights.