Data Privacy Policy
Valuehub Singapore Pte. Ltd. is committed to protecting the privacy and confidentiality of personal information entrusted to us. Here is the Data Privacy in compliance with PDPA in Singapore.
Purpose
The primary purpose of the PDPA is to govern the collection, use and disclosure of personal data by organizations in an accountable manner.
VALUEHUB IN COMPLIANCE IN PRIVACY POLICY
SCOPE
This Privacy Policy outlines how we collect, use, disclose, and protect personal information in compliance with the Personal Data Protection Act (PDPA) of Singapore.
a. Collection of Personal Information
We may collect personal information from you directly or indirectly through various channels, including but not limited to:
- When you visit our website or use our services
- When you contact us via email, phone, or other communication channels
- When you participate in surveys, promotions, or events
b. The types of personal information we may collect include:
- Name
- contact details, and other identifying information
- Demographic information
- Payment and billing information
- Information related to your interactions with us
c. Use of Personal Information
We may use personal information for the following purposes:
- To provide and personalize our products and services
- To process transactions and fulfill orders
- To communicate with you, respond to your inquiries, and provide customer support
- To conduct research, surveys, and analysis to improve our products and services
- To comply with legal and regulatory requirements
1. VALUEHUB IN COMPLIANCE IN PRIVACY POLICY
1.1 Transparency
1.1.1 Clear and accessible privacy policy
Valuehub Privacy Policy is accessible and has clear communication how personal data is collected, used, and disclosed.
1.1.2 Informing users about data collection
Valuehub informed about the purposes of data collection and any intended recipients of the personal data.
1.1.3 Providing opt-out options
Valuehub offer users the option to opt out of certain data collection or processing activities, where feasible.
1.2 Consent
1.2.1 Obtaining explicit consent
Valuehub obtain clear and explicit consent from individuals before collecting, using, or disclosing their personal data.
1.2.2 Consent for specific purposes
Valuehub ensure that consent is obtained for specific purposes and that individuals are informed of the purposes for which their data will be used.
1.2.3 Revocable consent
Valuehub allows individuals to withdraw their consent at any time, with clear and accessible procedures for doing so.
1.3 Accountability
1.3.1 Designating a Data Protection Officer (DPO)
Appointing our DPO who is responsible for ensuring compliance with the PDPA and acting as appoint of contact for data protection queries.
1.3.2 Maintaining data accuracy
Taking reasonable steps to ensure that personal data is accurate and up to date, and allowing individuals to request corrections.
1.3.3 Security safeguards
Implementing appropriate security measures to protect personal data against unauthorized access, disclosure, or loss.
1.3.4. Protection of Personal Information
Valuehub implements appropriate security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction.
2. Rights of individuals under PDPA in Privacy Policy
2.1 Access and Correction of Personal Data:
2.1.1 Access to Personal Data
Individuals have the right to request access to their personal data held by an organization, and the organization must provide the information within a reasonable time frame.
2.1.2 Correction of Personal Data
If individuals believe that their personal data held by an organization is inaccurate, they have the right to request for it to be corrected.
2.1.3 Verification of Personal Data
Organizations are required to take reasonable steps to ensure that the personal data they hold is accurate and complete if it is used to make a decision about the individual.
2.2 Withdrawal of Consent and Opt-Out
2.2.1 Withdrawal of Consent
Individuals have the right to withdraw their consent for the collection, use, or disclosure of their personal data at any time.
2.2.2 Opt-Out of Marketing Communications
Organizations must provide individuals with the option to opt-out of receiving marketing communications or promotional materials.
2.2.3 Effect of Withdrawal of Consent
Upon withdrawal of consent, organizations must cease collecting, using, or disclosing the individual’s personal data, unless there are legal or contractual obligations.
3. Retention and Protection of Personal Data
3.1 Retention Limitation
Organizations should only retain personal data for as long as it is necessary for the fulfillment of the purposes for which the data was collected.
3.2 Data Security Measures
Organizations are required to implement reasonable security arrangements to protect personal data from unauthorized access, collection, use, disclosure,copying, modification, disposal, or similar risks.
3.3 Transfer of Personal Data
Organizations must ensure that any transfer of personal data outside of Singapore is in accordance with the PDPA’s requirements for the protection
of personal data.
4. Data collection and use practices in Privacy Policy
4.1 Transparency in Data Collection and Use
4.1.1 Clear and Detailed Data Collection
We outline the specific types of data we collect and the purposes for which it is used, ensuring transparency for our users.
4.1.2 Informed Consent Mechanisms
We implement clear consent mechanisms to ensure that users are fully informed and have given explicit consent for the collection and use of their data.
4.1.3 Data Usage Limitations
We specify the limitations on how collected data will be used, ensuring it is only utilized for the intended purposes disclosed to users.
4.1.4 Data Retention Policies
We establish clear guidelines on the retention of data, ensuring that it is only stored for as long as necessary for the specified purposes.
4.1.5
We will retain personal information for as long as necessary to fulfill the purposes for which it was collected, or as required by law or our contractual obligations. When personal information is no longer needed, We will securely delete or anonymize it.4.2 Security Measures for Data Protection
4.2.1 Encryption and Secure Storage
We employ robust encryption and secure storage measures to safeguard the confidentiality and integrity of collected data.
4.2.2 Access Control and Authentication
We implement strict access controls and authentication mechanisms to prevent unauthorized access to user data.
4.2.3 Regular Security Audits
We conduct regular security audits to identify and address any vulnerabilities that may compromise the security of collected data.
4.2.4 Data Breach Response Plan
We have a comprehensive plan in place to respond to and mitigate the impact of any potential data breaches, ensuring swift and effective action.
4.3 User Rights and Control Over Their Data
4.3.1 Data Access and Correction
We provide users with the ability to access their collected data and request corrections or updates, as necessary.
4.3.2 Data Deletion Requests
We facilitate the process for users to request the deletion of their data, ensuring compliance with data protection regulations.
4.3.3 Opt-Out Mechanisms
We offer clear opt-out mechanisms for users to withdraw consent for the use of their data for specific purposes.
4.3.4 Data Portability Options
We enable users to request the portability of their data to transfer it to another service or platform as per their preferences.
5. Third-Party Data Sharing and Protection
5.1 Third-Party Data Handling Standards
We establish stringent standards for third-party partners to ensure the secure and compliant handling of user data.
5.2 Data Sharing Agreements
We enter into data sharing agreements that outline the responsibilities and obligations of third parties in safeguarding user data.
5.3 Audit and Oversight Mechanisms
We implement rigorous audit and oversight mechanisms to monitor the adherence of third parties to data protection standards.
5.4 Data Minimization Practices
We emphasize the principle of data minimization when sharing user data with third parties, only disclosing necessary information for specific purposes.
6. Updates and Compliance with Privacy Regulations
6.1 Policy Update Notifications
We notify users of any updates to our privacy policy, ensuring transparency and compliance with regulatory requirements.
6.2 Compliance with PDPA
We adhere to the provisions of the Personal Data Protection Act (PDPA) of Singapore, ensuring that our data practices align with its requirements.
6.3 Regular Compliance Assessments
We conduct regular assessments to ensure ongoing compliance with evolving privacy regulations and best practices.
6.4 User Education on Privacy Rights
We provide resources and information to educate users about their privacy rights and our commitment to protecting their personal data.
7. Security measures for personal data in Privacy Policy
Encryption and Data Protection
7.1 Data Encryption Techniques
Utilize advanced encryption methods to protect personal data from unauthorized access.
7.3 Access Control Measures
Implement strict access controls and authentication mechanisms to limit unauthorized access to personal data.
7.4. Regular Security Audits
Conduct routine security audits and assessments to identify and address vulnerabilities in data protection measures.
8. User Consent and Transparency
8.1 Explicit Consent Mechanisms
Implement clear and explicit consent mechanisms for users to provide informed consent for the collection and processing of their personal data.
8.2 Transparency in Data Practices
Maintain transparency by providing users with clear information about data practices, purposes, and rights regarding their personal data.
8.3 User Access and Control
Empower users with control over their personal data, including the ability to access, rectify, and delete their information as per regulatory requirements.
8.4 Privacy Policy Accessibility
Ensure the Privacy Policy is easily accessible and comprehensible for users to understand the organization’s approach to personal data protection.
9. Incident Response and Compliance
9.1 Data Breach Response Plan
We establish a robust incident response plan to promptly address and mitigate the impact of any potential data breaches or security incidents.
9.2 Regulatory Compliance Measures
We adhere to all relevant regulatory requirements and standards pertaining to personal data protection, including the PDPA of Singapore.
9.3 User Notification Procedures
Define clear procedures for notifying affected users and relevant authorities in the event of a data breach or unauthorized access to personal data.
9.4 Continuous Compliance Monitoring
Regularly monitor and update data protection measures to ensure ongoing compliance with evolving privacy regulations and best practices.
10. Employee Training and Accountability
10.1 Data Protection Training
Provide comprehensive training to employees on data protection practices, privacy policies, and their responsibilities in safeguarding personal data.
10.2 Accountability Framework
Establish clear accountability measures to ensure that employees adhere to data protection protocols and are held responsible for compliance.
10.3 Employee Awareness Programs
Conduct regular awareness programs to keep employees informed about the importance of personal data protection and the potential risks associated with mishandling data.
10.4 Internal Monitoring Mechanisms
Implement internal monitoring systems to detect and prevent unauthorized access or mishandling of personal data by employees.
11. Contact Us
If you have any questions or concerns about our Privacy Policy or the handling of your personal information, please contact us at
Valuehub Singapore Pte. Ltd
Address: 21 Tan Quee Lan Street, #02-04,
Heritage Place, Singapore 188108
Email:connect@valuehubit.com