This statement sets out the Data Protection Policy (“DPP”) and practices of MGATE Emerging Technologies Sdn. Bhd. (“MGATE”) that will be followed with respect to the collection, storage, processing, disclosure, accessing, reviewing, and/or use of your personal data. This statement is provided in accordance with the Personal Data Protection Act (Act 26 of 2012) (the “PDPA”).
We are aware of the revised Advisory Guidelines on the PDPA for NRIC and other National Identification Numbers that the Personal Data Protection Commission (PDPC) issued on 31 August 2018, and we will adhere to these guidelines.
Any data collected on behalf of any public agency by MGATE for the purpose required by the public agency will be exempted from the PDPA.
Please note that this DPP complements, and does not limit or replace, the purposes for which you provide MGATE with your personal data, which may be expressly stated in any forms for submission of personal data to MGATE. MGATE reserves the right to update this DPP from time to time to ensure that it reflects our current practices and remains consistent with the requirements imposed by law. This DPP was last updated on 22 November 2018.
What kind of data will this DPP apply to?
This DPP applies to “personal data” and, in line with PDPA, refers to any data, whether true or not, about an individual (i.e. the data subject) who can be identified (a) from that data or (b) from that data and other information to which we have, or are likely to have access, including data in our records as may be updated from time to time.
The exact type of personal data that may apply will vary depending on how you have interacted with us. Examples of such personal data provided to us include (depending on the nature of your interaction with us) name, NRIC, passport or other identification number, nationality, gender, date of birth, marital status, telephone number(s), mailing address, email address, photographs and other audio-visual information, employment information, financial information, and any other information relating to any individuals which you have provided us in any forms you may have submitted to us or via other forms of interaction with you.
What is not personal data?
Personal data does not include data about a data subject which has been anonymized. Anonymization is the process of removing identifying information such that the remaining data does not identify any individual.
Techniques can include pseudonymization, aggregation, replacement, data reduction, data suppression, data shuffling, or masking.
Collection, use and disclosure of personal data
In providing MGATE with your personal data (either directly or through a third party), you hereby agree that MGATE may collect, store, process, disclose, access, review, and/or use personal data (including sensitive personal data) about you, whether obtained from you or from other sources (such as our Approved Training Organisations), for the purposes set out below and/or any other administrative or operational purposes and/or the purpose of managing your relationship with MGATE:
You further agree to be bound by the prevailing terms of this DPP as updated from time to time.
Consent
a. Consent required
MGATE will not collect, use, or disclose your personal data unless:
If you disclose the personal data of third parties to MGATE, you represent that you have obtained the consent of the relevant third parties to have their personal data collected, used, and/or disclosed by MGATE for the applicable purposes listed in clause 1.
b. Provision of consent
MGATE will not obtain or attempt to obtain your consent for collecting, using, or disclosing personal data by providing false or misleading information with respect to the collection, use, or disclosure of your personal data.
c. Withdrawal of consent
Data quality
MGATE will take reasonable steps to make sure that the personal data it collects, uses, or discloses is accurate, complete, and up-to-date.
We generally rely on personal data provided by you (or your authorized representative). In order to ensure that your personal data is current, complete, and accurate, please update us if there are any changes to your personal data by informing our Data Protection Officer in writing or via email at the content details provided below.
Data security & retention
To safeguard your personal data from unauthorized access, collection, use, copying, modification, disclosure, disposal, or similar risks, MGATE takes appropriate administrative, physical, and technical measures.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
MGATE will not keep personal data for longer than is necessary to fulfill the purpose for which it was collected, or as required or permitted by applicable laws, and will take reasonable steps to securely dispose of personal data if it is no longer needed.
Use of cookies
Cookies are simple text files which are stored on your computer or mobile device by our website’s server. Only Aventra Group’ server will be able to retrieve or read the contents of these cookies. MGATE uses cookies on its website in order to enable certain features and functionality, ensure a smooth and optimized user experience, and improve user security.
Access and correction
You are entitled to have access to the personal data about you that is in the possession or under the control of MGATE and information about the ways in which the personal data has been or may have been used or disclosed within a year before the date of the request. This can be done by you making a written application to our Data Protection Officer or via email at the content details provided below requesting any such information. MGATE reserves the right to estimate a fee before processing your request (representing its costs in administering your request) for supplying such information and to refuse requests which, in its opinion, occur with unreasonable frequency.
MGATE will also, where you have requested that it correct an error or omission in the personal data about you that is kept with MGATE, correct such data as soon as practicable and send the corrected personal data to every organization to which the personal data was sent before it had been corrected, if applicable, unless that organization does not need the corrected personal data for any legal or business purpose.
MGATE will respond to your request as soon as reasonably practicable. Should we not be able to respond to your request within twenty (20) working days after receiving your request, we will inform you in writing within twenty (20) working days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so. MGATE Emerging Technologies Sdn. Bhd. may, however, choose not to provide you with access to or correct such information, in accordance with the exceptions under the PDPA. This would include cases where:
Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our organization has on record, if the record of your personal data forms a negligible part of the document.
Transborder data flows
We generally do not transfer your personal data to countries or territories outside of Singapore. However, if we do so, for instance, if your personal data is required to be transferred for administrative or operational purposes by MGATE, we will ensure that the recipients thereof provide a standard of protection to your personal data that is comparable to that which is provided herein.
Enquiries and complaints
MGATE has designated a Data Protection Officer who will be responsible for ensuring MGATE’s compliance with applicable data protection laws. If you have any queries or requests or wish to make any applications concerning your personal information or data, please contact the Data Protection Officer:
Contact Person: Data Protection Officer
Email: pandu.jayaraj@aventragroup.com
Please note that if your personal data has been provided to us by a third party, you should contact such party directly to make any queries, feedback, and access and correction requests.