Legal ● Compliance

Data Privacy Policy

VALUEHUB SINGAPORE PTE. LTD.

🕐 Last Updated 16 February 2024

Version: 1.0|Doc No: DP-1|Date: 16-02-2024|Classification: Confidential

PREPARED BY

Ralph Dollente

Development Lead

VERIFIED BY

Mageline Zafra

Account Manager

APPROVED BY

Phaneendra Arigachetta

CEO

Valuehub Singapore Pte. Ltd. is committed to protecting the privacy and confidentiality of personal information entrusted to us. Here is the Data Privacy in compliance with PDPA in Singapore.

Purpose

The primary purpose of the PDPA is to govern the collection, use and disclosure of personal data by organizations in an accountable manner.

Scope

This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with the Personal Data Protection Act (PDPA) of Singapore.

A.Collection of Personal Information

We may collect personal information from you directly or indirectly through various channels, including but not limited to:

B.The types of personal information we may collect include:

C.Use of Personal Information

We may use personal information for the following purposes:

To provide and personalize our products and services
To process transactions and fulfill orders
To communicate with you, respond to your inquiries, and provide customer support
To conduct research, surveys, and analysis to improve our products and services
To comply with legal and regulatory requirements

1.VALUEHUB IN COMPLIANCE IN PRIVACY POLICY

1.1Transparency

1.1.1Clear and accessible privacy policy

Valuehub Privacy Policy is accessible and has clear communication how personal data is collected, used, and disclosed.

1.1.2Informing users about data collection

Valuehub informed about the purposes of data collection and any intended recipients of the personal data.

1.1.3Providing opt-out options

Valuehub offer users the option to opt out of certain data collection or processing activities, where feasible.

1.2Consent

1.2.1Obtaining explicit consent

Valuehub obtain clear and explicit consent from individuals before collecting, using, or disclosing their personal data.

1.2.2Consent for specific purposes

Valuehub ensure that consent is obtained for specific purposes and that individuals are informed of the purposes for which their data will be used.

1.2.3Revocable consent

Valuehub allows individuals to withdraw their consent at any time, with clear and accessible procedures for doing so.

1.3Accountability

1.3.1Designating a Data Protection Officer (DPO)

Appointing our DPO who is responsible for ensuring compliance with the PDPA and acting as appoint of contact for data protection queries.

1.3.2Maintaining data accuracy

Taking reasonable steps to ensure that personal data is accurate and up to date, and allowing individuals to request corrections.

1.3.3Security safeguards

Implementing appropriate security measures to protect personal data against unauthorized access, disclosure, or loss.

1.3.4.Protection of Personal Information

Valuehub implements appropriate security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction.

2.Rights of individuals under PDPA in Privacy Policy

2.1Access and Correction of Personal Data:

2.1.1Access to Personal Data

Individuals have the right to request access to their personal data held by an organization, and the organization must provide the information within a reasonable time frame.

2.1.2Correction of Personal Data

If individuals believe that their personal data held by an organization is inaccurate, they have the right to request for it to be corrected.

2.1.3Verification of Personal Data

Organizations are required to take reasonable steps to ensure that the personal data they hold is accurate and complete if it is used to make a decision about the individual.

2.2Withdrawal of Consent and Opt-Out

2.2.1Withdrawal of Consent

Individuals have the right to withdraw their consent for the collection, use, or disclosure of their personal data at any time.

2.2.2Opt-Out of Marketing Communications

Organizations must provide individuals with the option to opt-out of receiving marketing communications or promotional materials.

2.2.3Effect of Withdrawal of Consent

Upon withdrawal of consent, organizations must cease collecting, using, or disclosing the individual’s personal data, unless there are legal or contractual obligations.

3.Retention and Protection of Personal Data

3.1Retention Limitation

Organizations should only retain personal data for as long as it is necessary for the fulfillment of the purposes for which the data was collected.

3.2Data Security Measures

Organizations are required to implement reasonable security arrangements to protect personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks.

3.3Transfer of Personal Data

Organizations must ensure that any transfer of personal data outside of Singapore is in accordance with the PDPA’s requirements for the protection of personal data.

4.Data collection and use practices in Privacy Policy

4.1Transparency in Data Collection and Use

4.1.1Clear and Detailed Data Collection

We outline the specific types of data we collect and the purposes for which it is used, ensuring transparency for our users.

4.1.2Informed Consent Mechanisms

We implement clear consent mechanisms to ensure that users are fully informed and have given explicit consent for the collection and use of their data.

4.1.3Data Usage Limitations

We specify the limitations on how collected data will be used, ensuring it is only utilized for the intended purposes disclosed to users.

4.1.4Data Retention Policies

We establish clear guidelines on the retention of data, ensuring that it is only stored for as long as necessary for the specified purposes.

4.1.5

We will retain personal information for as long as necessary to fulfill the purposes for which it was collected, or as required by law or our contractual obligations. When personal information is no longer needed, We will securely delete or anonymize it.

4.2Security Measures for Data Protection

4.2.1Encryption and Secure Storage

We employ robust encryption and secure storage measures to safeguard the confidentiality and integrity of collected data.

4.2.2Access Control and Authentication

We implement strict access controls and authentication mechanisms to prevent unauthorized access to user data.

4.2.3Regular Security Audits

We conduct regular security audits to identify and address any vulnerabilities that may compromise the security of collected data.

4.2.4Data Breach Response Plan

We have a comprehensive plan in place to respond to and mitigate the impact of any potential data breaches, ensuring swift and effective action.

4.3User Rights and Control Over Their Data

4.3.1Data Access and Correction

We provide users with the ability to access their collected data and request corrections or updates, as necessary.

4.3.2Data Deletion Requests

We facilitate the process for users to request the deletion of their data, ensuring compliance with data protection regulations.

4.3.3Opt-Out Mechanisms

We offer clear opt-out mechanisms for users to withdraw consent for the use of their data for specific purposes.

4.3.4Data Portability Options

We enable users to request the portability of their data to transfer it to another service or platform as per their preferences.

5.Third-Party Data Sharing and Protection

5.1Third-Party Data Handling Standards

We establish stringent standards for third-party partners to ensure the secure and compliant handling of user data.

5.2Data Sharing Agreements

We enter into data sharing agreements that outline the responsibilities and obligations of third parties in safeguarding user data.

5.3Audit and Oversight Mechanisms

We implement rigorous audit and oversight mechanisms to monitor the adherence of third parties to data protection standards.

5.4Data Minimization Practices

We emphasize the principle of data minimization when sharing user data with third parties, only disclosing necessary information for specific purposes.

6.Updates and Compliance with Privacy Regulations

6.1Policy Update Notifications

We notify users of any updates to our privacy policy, ensuring transparency and compliance with regulatory requirements.

6.2Compliance with PDPA

We adhere to the provisions of the Personal Data Protection Act (PDPA) of Singapore, ensuring that our data practices align with its requirements.

6.3Regular Compliance Assessments

We conduct regular assessments to ensure ongoing compliance with evolving privacy regulations and best practices.

6.4User Education on Privacy Rights

We provide resources and information to educate users about their privacy rights and our commitment to protecting their personal data.

7.Security measures for personal data in Privacy Policy

Encryption and Data Protection

7.1Data Encryption Techniques

Utilize advanced encryption methods to protect personal data from unauthorized access.

7.3Access Control Measures

Implement strict access controls and authentication mechanisms to limit unauthorized access to personal data.

7.4.Regular Security Audits

Conduct routine security audits and assessments to identify and address vulnerabilities in data protection measures.

8.User Consent and Transparency

8.1Explicit Consent Mechanisms

Implement clear and explicit consent mechanisms for users to provide informed consent for the collection and processing of their personal data.

8.2Transparency in Data Practices

Maintain transparency by providing users with clear information about data practices, purposes, and rights regarding their personal data.

8.3User Access and Control

Empower users with control over their personal data, including the ability to access, rectify, and delete their information as per regulatory requirements.

8.4Privacy Policy Accessibility

Ensure the Privacy Policy is easily accessible and comprehensible for users to understand the organization’s approach to personal data protection.

9.Incident Response and Compliance

9.1Data Breach Response Plan

We establish a robust incident response plan to promptly address and mitigate the impact of any potential data breaches or security incidents.

9.2Regulatory Compliance Measures

We adhere to all relevant regulatory requirements and standards pertaining to personal data protection, including the PDPA of Singapore.

9.3User Notification Procedures

Define clear procedures for notifying affected users and relevant authorities in the event of a data breach or unauthorized access to personal data.

9.4Continuous Compliance Monitoring

Regularly monitor and update data protection measures to ensure ongoing compliance with evolving privacy regulations and best practices.

10.Employee Training and Accountability

10.1Data Protection Training

Provide comprehensive training to employees on data protection practices, privacy policies, and their responsibilities in safeguarding personal data.

10.2Accountability Framework

Establish clear accountability measures to ensure that employees adhere to data protection protocols and are held responsible for compliance.

10.3Employee Awareness Programs

Conduct regular awareness programs to keep employees informed about the importance of personal data protection and the potential risks associated with mishandling data.

10.4Internal Monitoring Mechanisms

Implement internal monitoring systems to detect and prevent unauthorized access or mishandling of personal data by employees.

CONTACT US

If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact us at: