This statement sets out the Data Protection Policy (“DPP”) and practices of Aventra Group Ltd. ("Aventra Group") that will be followed with respect to the collection, storage, processing, disclosure, accessing, reviewing, and/or use of your personal data. This statement is provided in accordance with the Personal Data Protection Act (Act 26 of 2012) (the “PDPA”).
We are aware of the revised Advisory Guidelines on the PDPA for NRIC and other National Identification Numbers that the Personal Data Protection Commission (PDPC) issued on 31 August 2018, and we will adhere to these guidelines.
Any data collected on behalf of any public agency by Aventra Group for the purpose required by the public agency will be exempted from the PDPA.
Please note that this DPP complements, and does not limit or replace, the purposes for which you provide Aventra Group with your personal data which may be expressly stated in any form for submission of personal data to Aventra Group. Aventra Group reserves the right to update this DPP from time to time to ensure that it reflects our current practices and remains consistent with the requirements imposed by law. This DPP was last updated on 22 November 2018.
What kind of data will this DPP apply to
This DPP applies to “personal data” and in line with PDPA, refers to any data, whether true or not, about an individual (i.e. the data subject) who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access to, including data in our records as may be updated from time to time.
The exact type of personal data that may apply will vary depending on how you have interacted with us. Examples of such personal data provided to us include (depending on the nature of your interaction with us) name, NRIC, passport or other identification number, nationality, gender, date of birth, marital status, telephone number(s), mailing address, email address, photographs and other audio-visual information, employment information, financial information and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.
What is not personal data
Personal data does not include data about a data subject which has been anonymized. Anonymization is the process of removing identifying information such that the remaining data does not identify any individual.
Techniques can include pseudonymization, aggregation, replacement, data reduction, data suppression, data shuffling, or masking.
Collection, use and disclosure of personal data
In providing Aventra Group with your personal data (either directly or through a third party), you hereby agree that Aventra Group may collect, store, process, disclose, access, review and/or use personal data (including sensitive personal data) about you, whether obtained from you or from other sources (such as our Approved Training Organisations), for the purposes set out below and/or any other administrative or operational purposes and/or the purpose of managing your relationship with Aventra Group:
You further agree to be bound by the prevailing terms of this DPP as updated from time to time.
Consent
a. Consent required
Aventra Group will not collect, use or disclose your personal data unless:
If you disclose the personal data of third parties to Aventra Group, you represent that you have obtained the consent of the relevant third parties to have their personal data collected, used and/or disclosed by Aventra Group for the applicable purposes listed in clause 1.
b. Provision of consent
Aventra Group will not obtain or attempt to obtain your consent for collecting, using or disclosing personal data by providing false or misleading information with respect to the collection, use or disclosure of your personal data.
c. Withdrawal of consent
Data quality
Aventra Group will take reasonable steps to make sure that the personal data it collects, uses or discloses is accurate, complete and up to date.
We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are any changes to your personal data by informing our Data Protection Officer in writing or via the email at the content details provided below.
Data security & retention
To safeguard your personal data from unauthorized access, collection, use, copying, modification, disclosure, disposal or similar risks, Aventra Group takes appropriate administrative, physical and technical measures.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
Aventra Group will not keep personal data for longer than is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws, and will take reasonable steps to securely dispose of personal data if it is no longer needed.
Use of cookies
Cookies are simple text files which are stored on your computer or mobile device by our website’s server. Only Aventra Group’ server will be able to retrieve or read the contents of these cookies. Aventra Group uses cookies on its website in order to enable certain features and functionality, to ensure a smooth and optimized user experience, and to improve user security.
Access and correction
You are entitled to have access to the personal data about you that is in the possession or under the control of Aventra Group and information about the ways in which the personal data has been or may have been used or disclosed within a year before the date of the request. This can be done by you making a written application to our Data Protection Officer or via the email at the content details provided below requesting for any such information. Aventra Group reserves the right to estimate a fee before processing your request (representing its costs in administering your request) for supplying such information and to refuse requests which, in its opinion, occur with unreasonable frequency.
Aventra Group will also, where you have requested that it correct an error or omission in the personal data about you that is kept with Aventra Group, correct such data as soon as practicable and send the corrected personal data to every organization to which the personal data was sent before it had been corrected, if applicable, unless that organization does not need the corrected personal data for any legal or business purpose.
Aventra Group will respond to your request as soon as reasonably practicable. Should we not be able to respond to your request within twenty (20) working days after receiving your request, we will inform you in writing within twenty (20) working days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so. Aventra Group may however choose not to provide you with access to or correct such information, in accordance with the exceptions under the PDPA. This would include cases where:
Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our organization has on record, if the record of your personal data forms a negligible part of the document.
Transborder data flows
We generally do not transfer your personal data to countries or territories outside of Singapore. However, if we do so, for instance, if your personal data is required to be transferred for administrative or operational purposes by Aventra Group, we will ensure that the recipients thereof provide a standard of protection to your personal data so transferred that is comparable to that which is provided herein.
Enquiries and complaints
Aventra Group has designated a Data Protection Officer who will be responsible for ensuring Aventra Group’s compliance with applicable data protection laws. If you have any queries or requests or wish to make any applications concerning your personal information or data, please contact the Data Protection Officer:
Contact Person: Data Protection Officer
Email: pandu.jayaraj@aventragroup.com
Please note that if your personal data has been provided to us by a third party, you should contact such party directly to make any queries, feedback, and access and correction requests.