Horangi Privacy Notice
Last updated: 23 September 2019
Horangi Pte. Ltd. (“Horangi”, “we” or “us”) cares about the privacy of your personal data, and is committed to protecting it. This Horangi Privacy Notice (“Notice”) describes how we may collect, use, disclose, process and manage your personal data, and applies to any individual’s personal data which is in our possession or under our control.
In this Notice, “personal data” means any personally identifiable data, whether true or not, about an individual who can be identified from that data. Capitalized terms used in this Notice that are not defined within shall have the meanings provided for those terms in the Website T&Cs and/or Client Terms of Business.
1. What personal data do we collect?
(a) Some examples of personal data that we may collect are:
- (i) Personal Details (e.g. full name, Access Credentials, signature specimens, contact details, postal address);
- (ii) Payment-related information (e.g. bank account details, credit card details);
- (iii) Voice recordings of our conversations with you;
- (iv) Usage-related details (e.g. location and browser information, date and time of use, log data, device configuration and settings, and other user content and feedback that can identify you); and
- (v) Employment-related details (e.g. full name, identification card and/or passport details, date of birth, educational and employment history, credit history, details of salary, tax, insurance and/or other benefits) if applicable.
(b) We do not collect personal data from children under the age of thirteen (13), and will take reasonable measures to remove such personal data from our systems. If you believe that a child under the age of thirteen (13) has provided us with personal data, please contact us in accordance with section 8 below.
(c) In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided at section 8 below.
2. When do we collect your personal data?
(a) We may collect your personal data, either actively or passively, when you:
- (i) Visit and interact with our Site;
- (ii) View and interact with our digital ads;
- (iii) Register for an account on our Site and/or for our courses and webinars;
- (iv) Respond to direct marketing emails and special offers sent by us to you as part of our marketing and promotion campaigns;
- (v) Enquire about our Offerings, whether directly or through a third party referral;
- (vi) Enter into any agreement(s) or contract(s) with us;
- (vii) Communicate with us through physical and/or electronic media (e.g. email);
- (viii) Access and use the Horangi Platform; and/or
- (ix) Provide us with your CV and other employment-related details in connection with employment or engagement by us.
(b) If you provide us with any personal data relating to any third-party individual (e.g. information of your spouse, children, parents), you represent to us that you have obtained the consent of the relevant third-party to such collection, use and disclosure by us.
3. How do we use your personal data?
(a) We may use your personal data for our core business purposes, including but not limited to:
- (i) Administering and providing our Offerings to you or our Clients;
- (ii) Processing billing, payment and other credit-related activities;
- (iii) Carrying out research, planning and analysis, in both manual and automated forms, to improve and optimise our Offerings, the Site, and our service standards to you and our Clients;
- (iv) Communicating with you (e.g. product announcements and software updates);
- (v) Sending direct marketing emails and special offers to you about Horangi where we have clear and unambiguous consent to do so, and from which you can unsubscribe at any time by clicking the “Unsubscribe” link found within such emails;
- (vi) Responding to instructions, requests, queries, and/or feedback from you or our Clients;
- (vii) Managing our infrastructure and business operations and complying with internal policies and procedures;
- (viii) Detecting and preventing violations, fraud, and misuse of the Site and/or the Horangi Platform;
- (ix) Purposes set out in any contract or agreement governing our relationship with you;
- (x) Verifying your identity for the purposes of employment and/or engagement, and conducting due diligence checks in connection with such purpose;
- (xi) Processing your job application, and applying for employment passes and visas with the relevant government agencies in connection with employment;
- (xii) Financial reporting, regulatory reporting, management reporting, risk management, audit and record-keeping purposes;
- (xiii) Complying with all applicable laws, regulations, rules, directives, orders, instructions and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;
- (xiv) Addressing or investigating any violations, complaints, claims or disputes; and/or
- (xv) Seeking professional advice, including legal advice, and enforcing obligations owed to us.
(b) You may withdraw consent and request us to stop using your personal data for any or all of the purposes listed above by by informing our Data Protection Officer in writing or via email at the contact details provided at section 8 below. Depending on the nature and scope of your request, our response times to your request may vary. In general, we shall seek to process your request within ten (10) business days of receiving it.
(c) Depending on the nature and scope of your request, we may not be in a position to continue providing our Offerings to you and we shall, in such circumstances, notify you before completing the processing of your request. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
4. Who do we disclose your personal data to?
(a) We may, from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to personnel of our group companies or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out in section 3 above.
(b) The third parties mentioned in section 4(a) above may include, but are not limited to:
- (i) External service providers who assist us in meeting operational business needs (e.g. cloud service providers, analytics providers);
- (ii) External professional service providers (e.g. legal advisors, auditors); and/or
- (iii) Relevant public authorities and law enforcement agencies.
(c) Horangi does not sell or rent personal data to any third parties, and we shall remain fully compliant with any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or contract(s) governing our relationship with you or any applicable law.
(d) We may be required to disclose your personal data in connection with a merger, acquisition, bankruptcy, reorganization, sale of some or all of our assets or stock, public offering of securities, or steps in consideration of such activities (e.g. due diligence). In any such case, your personal data may be disclosed or transferred to another entity, subject to this Notice.
5. How do we store and secure your personal data?
(a) The security of your personal data is important to us. We shall make reasonable security arrangements to prevent your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.
(b) Both electronic storage and transmission of personal data are secured with appropriate security technology. We use industry-standard encryption (transport layer security (“TLS”) or secure socket layer (“SSL”) technology) to protect your data in transit. Your personal data is encrypted using industry-standard encryption algorithms. We also practice defense in depth by implementing a combination of technical, physical, and logical safeguards to enforce security controls over personal data in our possession or under our control.
(c) We may anonymise or convert your personal data into data that cannot be used to identify any particular individual for the purposes of storage and security.
(d) In the event of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us, or by posting a notice on the Site.
(e) Our Site and our Offerings may contain links to other websites and software products which are not maintained by us. When accessing or using these third party websites and software products, you should read their privacy policies which will apply to such access and use.
6. How long do we retain your personal data?
(a) Your personal data is retained as long as the purpose for which it was collected remains, and until it is no longer necessary for any other legal or business purposes.
7. How do I access or correct my personal data?
(a) You may access or make corrections to your personal data held by us through the means stated at the “Contact Us” section below.
(b) Depending on the nature and complexity of your request, we may charge a fee for processing your request. Information on the fee amount will be made available to you.
8. Contact Us
(a) To contact us on any aspect of this Notice or your personal data, or to provide any feedback that you may have, you may get in touch with our Data Protection Officers by emailing firstname.lastname@example.org, or by post addressed to:
Office of the Data Protection Officer
Horangi Pte. Ltd.
155B Telok Ayer Street
(b) All such communication should include, at least, the following details:
- (i) Your full name and contact information; and
- (ii) Brief description of your query or feedback.
(c) We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.
9. For European Economic Area (“EEA”) users
(a) As a visitor, Client, or Authorised User of a Client based in the EEA, you have certain rights in respect of your personal data in our possession or under our control:
- (i) Access: You may request us for copies of your personal data, in accordance with section 6 above.
- (ii ) Rectification: You may request us to correct or complete any information you believe is inaccurate or incomplete, in accordance with section 6 above.
- (iii) Erasure: You have the right to request us to erase your personal data, under certain conditions.
- (iv) Restriction of processing: You may request us to restrict processing your personal data, under certain conditions.
- (v) Object to processing: You may object to us processing your personal data, under certain conditions.
- (vi) Data portability: You may request us to transfer personal data collected by us to another organization or directly to you, under certain conditions.
(b) You may, subject to our verification of your identity and express notice that you are an EEA user, exercise such rights by contacting us in accordance with Section 8 above.
10. Amendments and Updates
(a) We may amend this Notice from time to time to ensure its consistency with any developments to the way we use your personal data, and/or any changes to the laws and regulations applicable to us. We will make available the updated Notice on the Site. All communications, transactions and dealings with us shall be subject to the latest version of this Notice in force at the time.
11. Governing Law
(a) This Notice shall be governed in all respects by the laws of the Republic of Singapore.