Privacy Policy

Last Updated: 04 February 2020

1. Introduction

We at aikiForest Pte Ltd respect the privacy and confidentiality of personal data in our possession or under our control. We have implemented policies and practices to safeguard the collection, use, disclosure, storage and other processing of personal data provided to us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.

This Data Protection Notice is to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.


2. How We Collect Your Personal Data

Personal data are information, whether true or not, about an individual person who can be identified (a) from that data; or (b) from that data combined with other information.

We collect your personal data when you:


3. Types of Personal Data We Collect About You

The types of personal data we collect about you include:


4. How We Use Your Personal Data

We use the personal data you provide us for one of more of the following purposes:


5. Who We Disclose Your Personal Data to

We disclose some of the personal data you provide us to the following entities or organisation outside aikiForest in order to fulfil our services to you:

Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.


6. Who We Disclose Your Personal Data to

6.1 Obtaining Consent

We will notify you of the purpose before we collect, use or disclose your personal data. We will obtain confirmation from you on your expressed consent. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed. However, when you voluntarily provide your personal data for a purpose and it is reasonable that you do so we may rely on you being deemed to have consented to us collecting, using and disclosing your personal data for that purpose.

Under certain circumstances, we may collect, use and/or disclose personal data about you without your consent for example, so that we can comply with our statutory obligations or where personal data is publicly available.

6.2 Withdrawal of Consent

If you have given us consent to collect, use, disclose and otherwise process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of your withdrawal of consent. We will notify you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future updates or that the quality of our service may be impacted.

Your request for withdrawal of consent can take the form of an email or letter to us, or through the UNSUB feature in an online service.

6.3 Third-Party Consent

We do not get consent of behalf of another individual. We only get consent from the individual who will be dealing directly with us.


7. How We Ensure the Accuracy of Your Personal Data

We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up to date.

From time to time, we may do a verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us if there are any changes in the personal data we hold about you (such as a change in your contact number).


8. How We Protect Your Personal Data

We have implemented an Information Security Policy that governs how we protect personal data. We make reasonable security arrangements to protect personal data about you that is in our possession or under our control to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All our employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a 'need to know' basis

When we engage third-party entities to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us in respect of the technical and organisational security measures, and have taken reasonable steps to ensure compliance with these measures.


9. How We Retain Your Personal Data

We will not retain any documents containing personal data about you as soon as it is reasonable to assume that the purpose for which we collected that personal data is no longer being served by retention of it and retention is no longer necessary for legal or business purposes.

We have a Document Retention Policy that spells out when we must cease to retain personal data and that requires documents and personal data to be destroyed (paper documents) or deleted (electronic documents and data stored in databases) securely. Certain retention periods are based on statutory or regulatory requirements.


10. How You Can Access and Make Correction to Your Personal Data

You may write to us to find out how we have been using or disclosing your personal data over the past one year. When we received your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will inform you an estimate of how much time we require. We may also charge you a reasonable fee for processing your request.

If you find that the personal date we hold about you is inaccurate, incomplete or not up to date, you may ask as to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.


11. Transfer of Personal Data

If there is a need for us to transfer personal data about you to a country or territory outside Singapore, we will ensure that the recipient organisation will provide the standard of data protection comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the recipient organisation to accord similar levels of data protection as those in Singapore


12. Contacting Us

If you have any questions on how we manage your personal data or feedback regarding this Notice, you may contact our Data Protection Officer (DPO) at: [email protected]

Any query or complaint should include, at least, the following details:

We treat your queries and feedback seriously, confidentially and will deal with them within reasonable time.


13. Changes to this Data Protection Notice

We may update our Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically for any changes. Changes to this Notice are effective when they are posted on our website