GENERAL
- We, Stanley Ear, Nose, Throat & Sinus Centre, are committed to safeguarding your privacy. We treat all personal data provided by you in strict confidence, and will only use your personal data in the manner set out in this Policy. This Policy applies to all personal data that you provide to us and the personal data we hold about you. This Policy describes how we may collect, use, disclose, process and manage your personal data. Please DO NOT provide any personal data to us if you do not accept this Policy.
- Information provided by organisations or individuals to us for business purposes is not considered personal data. This Policy does not apply to business contact information.
AMENDMENT TO THIS POLICY
- We may amend this Policy from time to time. The updated Policy will supersede earlier versions and will apply to personal data provided to us previously. The updated Policy will be made available upon request from our Data Protection Officer. If you do not accept any amendment to the Policy, please contact our Data Protection Officer (see paragraph 15 below).
PERSONAL DATA
- What is personal data? “Personal data” is data, whether true or not, about a natural person who can be identified from that data or from that data and other information to which we have or are likely to have access. Examples of personal data include name, address, contact details, NRIC, or other identification number, telephone numbers, email address, photograph, video image, personal data of family members, education background, employment history, references, medical history and results of employment checks.
- Voluntary provision of personal data. Your provision of personal data to us is voluntary. However, if you choose not to provide us with the personal data we require, it may not be possible for us to contact you, or provide products or services which you need from us.
- Providing personal data belonging to others. If you provide the personal data of anyone other than yourself (including your family members, employees - in the case of corporate healthcare arrangements fellow etc), you warrant that you have informed him/her of the purposes for which we are collecting his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes.
- Accuracy and Completeness or personal data. You confirm that all personal data that you provide to us is true, accurate and complete.
COLLECTION OF PERSONAL DATA
5. Generally, we may collect your personal data (at all times in accordance with applicable law) when you:
- register for or use any services or products we provide;
- respond to or register for any of our initiatives or events;
- send us an email;
- request to be included in our mailing list;
- interact with our staff, including customer service officers, for example, via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms and emails;
- call us to fix an appointment;
- when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend our events;
- request that we contact you;
- and/or submit your personal data to us for any other reason.
PURPOSES FOR COLLECTION, USE OR DISCLOSURE OF YOUR PERSONAL DATA
6.
Primary purposes. Our primary purpose in collecting your personal data is to serve you. Generally, we collect, use or disclose your personal data (or, where you are our corporate customer, the personal data of your employees) for the following purposes:
- to manage your relationship with us;
- to provide you with the services that you have requested;
- providing you with customer service and support;
- verifying your identity;
- to administer medical care, including dispensing medication and treatment, liaising with third party specialist doctors, clinics, hospitals and/or medical institutions in relation to your medical care (including by providing them with access to your medical records);
- to assist you with your enquiries;
- to contact you for feedback after the provision of our services;
- personalising your experience at our touchpoints and conducting market research, understanding and analysing customer behaviour, location, preferences and demographics in order to improve our service offerings;
- to keep you updated on our events and services;
- and/or purposes which are reasonably related to the aforesaid.
7.
Business purposes. In addition to the purposes set out above, we may also collect, use and/or disclose your personal data for purposes connected or relevant to our business, such as:
- complying with our legal obligations and requirements;
- enforcing obligations owed to us and administering debt recovery and debt management;
- research into the development of new products and services or improvement of our existing products and services;
- accounting, risk management and record keeping;
- carrying out research, planning and statistical analysis;
- processing and handling of medical and insurance claims and payments; and
- staff training;
- monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
- preventing, detecting and investigating crime and analysing and managing commercial risks;
- in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
- managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
- conducting any form of investigations including but not related to those relating to disputes, billing, fraud, offences, prosecutions etc.;
- meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on us (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations);
- facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales); and/or
- purposes which are reasonably related to the aforesaid.
8.
Vendors. If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by us, in addition to the other purposes set out in this Policy (as may be applicable), we may also collect, use and/or disclose your personal data and/or personal data submitted by you to us for the following purposes:
- assessing your organisation's suitability as an external service provider or vendor for us;
- managing project tenders and quotations, processing orders or managing the supply of goods and services;
- creating and maintaining profiles of our service providers and vendors in our system database;
- processing and payment of vendor invoices and bills;
- facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
- purposes which are reasonably related to the aforesaid.
9.
Contacting you. When using your personal data to contact you for any of the above purposes, we may contact you via regular mail, fax, e-mail, SMS, telephone or any other means.
DISCLOSURE OF PERSONAL DATA
10. We will not sell your personal data to third parties. Subject to the provisions of any applicable law, your personal data may be disclosed, for the purposes listed above (where applicable) to the following entities or parties, whether they are located overseas or in Singapore:
- where you have consented to our disclosure of your personal data to our strategic partners and business associates, we may disclose your personal data to them for such purposes;
- service providers and data processors working on our behalf and providing services such as hosting and maintenance services, analysis services, e-mail messaging services, delivery services, handling of payment transactions etc.
- our consultants and professional advisers (such as accountants, lawyers, auditors);
- any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale);
- external banks, credit card companies, other financial institutions and their respective service providers;
- relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority (including the Ministry of Health), or any other party to whom we are required or permitted to disclose personal data at law; and/or
- any other party to whom you authorise us to disclose your personal data.
TRANSFER OF PERSONAL DATA OUT OF SINGAPORE
11.
Transfer outside Singapore. You fully understand and unambiguously consent that we may transfer your personal data to any location outside of Singapore for the purposes set out above. If your personal data is so transferred, we will take reasonable steps to ensure that your personal data is kept confidential, secure and used or disclosed by the recipient only for purposes approved by us, and that your personal data will not be retained once such purposes are fulfilled.
RETENTION
12. The personal data collected from you by us is retained for the period of time that the purpose for which the personal data was collected continues.
13. We will destroy the personal data thereafter, unless it is necessary to retain the personal data longer for our satisfaction and compliance of legal, regulatory or accounting requirements, or to protect our interest.
SECURITY
14. While precautions will be taken to ensure that the information you provide is protected against unauthorised or unintended access, we cannot be held responsible for unauthorised or unintended access that is beyond our control.
YOUR RIGHTS
15.
Contact Data Protection Officer. If you wish to withdraw any consent you have given us at any time, or if you wish to correct or have access to your personal data held by us, or if you do not accept any amendment to this Policy, please contact our Data Protection Officer:
Name : Irene Lim
Tel : +65-64752282
16.
Fee for access. We may charge you a fee for responding to your request for access to your personal data held by us, or for information about the ways in which we have (or may have) used your personal data in the one-year period preceding your request. If a fee is to be charged, we will inform you of the amount beforehand and respond to your request after payment is received. We will endeavour to respond to your request within 30 days, and if that is not possible, we will inform you of the time by which we will respond to you.
17. Please note that if your personal data has been provided to us by a third party (e.g. a general practitioner or your employer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to us on your behalf.
18.
Effect of withdrawal of consent. In many circumstances, we need to use your personal data in order for us to provide you with products or services which you require. If you do not provide us with the required personal data, or if you withdraw your consent to our use and/or disclosure of your personal data for these purposes, it may not be possible for us to continue to serve you or provide you with the products and services that you require.
GOVERNING LAW
19. This Policy is governed by the laws of Singapore. You consent to submit to the exclusive jurisdiction of the Courts of Singapore in any dispute relating to this Policy.