CMPL EXTERNAL DP NOTICE

1. Introduction
We at Compliance Management Pte Ltd (including its subsidiaries and associates entities) respect the privacy and confidentiality of personal data in our possession or under our control. We have implemented policies and practices to safeguard the collection, use, disclosure, storage and other processing of personal data provided to us.

2. How We Collect Your Personal Data About You
We collect personal data from the following sources:

  • Website – Corporate (via submission forms, emails)
  • Company Premises (Front Staff)
  • Website – Third Party
  • Social Media – Individual
  • Client Acceptance Form
  • Associate
  • Social Media – Corporate
  • Commercial Background Check
  • Public Sources (Directories)
  • Public Agencies
  • Public Sources (Professional and Trade Associations)
  • Referrals
  • Public Sources (Others)
  • Third-party collection agents
  • New applicant / membership
  • Job Applicant
  • Job Search Portals
  • Administration
  • Front Office
  • Human Resource
  • Corporate Secretarial Staff
  • Payroll
  • Security
  • Operations
  • Accounts
  • Legal / Compliance
  • Finance
  • Agents / Associates / Affiliates

3. Types of Personal Data About You that We Process
The types of personal data we collect about you and process (or have a service provider process on our behalf) may include:

  • Authentication
  • Behavioural
  • Communication and Correspondence
  • Computer Device
  • Criminal Background / Past Offences
  • Demographic
  • Education Qualifications
  • Ethnicity
  • Family Background & Details
  • Financial Information
  • Knowledge and Belief
  • Location
  • Medical Details / Health Information
  • Ownership
  • Personal Contact Information
  • Personal Details
  • Photos & Video Footage
  • Physical Characteristics
  • Preference
  • Professional Profile
  • Social Network
  • Transactional

4. Our Purpose(s) for Processing Personal Data About You
We use and otherwise process the personal data we have collected about you for one or more of the following purposes:

  • Account payables/receivables
  • Claims & disbursements
  • Income tax returns
  • Sales commissions
  • Conduct credit checks, screenings or due diligence checks as may be required under applicable laws/regulations
  • Process and administer financial records
  • Provide financial and advisory services
  • Provide information to affiliates/associates about your transaction
  • Provide updates on changes / notifications
  • Analyse risk and business results
  • Billing and payment processing
  • Conduct risk assessment
  • Fulfil legal requirements
  • Internal purposes for accounting, auditing and booking
  • Process and administer employment records
  • Process payment for products and services
  • Process payment for purchases and transactions
  • Provide customer service and support
  • Respond to queries and feedback
  • Send information and updates
  • Update records in our database
  • Benefits & compensation management
  • Employee communication
  • Payroll processing
  • Processing & administration of employment records
  • Recruitment & selection
  • Training & career development
  • Register, setup and manage accounts

5. Who We Disclose Personal Data About You To
We disclose some of the personal data we have collected about you to the following parties or organisations outside Compliance Management Pte Ltd:

  • Banks
  • External Advisors (Recruiters, Auditors & Lawyers)
  • Others Business Associates
  • Cloud Service Providers
  • Legal Services
  • Other Professional Services
  • Survey Firms
  • Freight / Courier Services

6. How We Manage the Collection, Use, Disclosure and Storage of Your Personal Data

6.1 Obtaining Consent
If we collect personal data directly from you, we will ordinarily first notify you of the purposes for which we are collecting it and obtain your express consent to us collecting, using and disclosing it for those purposes. However, when you voluntarily provide personal data to us for a purpose and it is reasonable that you do so we may rely on you being deemed to have consented to us collecting, using and disclosing your personal data for that purpose.
Under certain circumstances, we may collect, use and/or disclose personal data about you without your consent for example, so that we can comply with our statutory obligations or where personal data is publicly available.

6.2 Third-Party Consent
If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his/her personal data.

7. How You Can Limit Processing of Personal Data About You

7.1 Withdrawal of Consent
If you have given us consent to collect, use, disclose and otherwise process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of your withdrawal of consent. We will notify you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future updates or that the quality of our service may be impacted.

Your request for withdrawal of consent shall take the form of an email or letter to us

8. Accessing and Making Correction to Personal Data About You
You may ask us in writing to tell you what personal data we hold about you and how we have, or may have, used or disclosed it within a year before the date of your request. We will respond to your request as soon as reasonably possible and, in any event, we will respond to you within 30 days after receiving your request. We may charge a fee for processing your request, but we will let you know the amount of the fee before you incur it.

You may also ask us to correct an error or omission in the personal data we hold about you. Unless we are satisfied on reasonable grounds that a correction should not be made, we will correct the personal data as soon as practicable.

When you make any such request, we may need to verify your identity – for example, by checking your identity card number or other legal identification document.

9. Accuracy of Your Personal Data
We will take reasonable precautions and make reasonable verification checks to ensure that the personal data we hold is reasonably accurate, complete and up-to-date.

From time to time, we may do a verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us if there are any changes in the personal data we hold about you (such as a change in your home address).

10. Protection of Personal Data
We have implemented an Information Security Policy that governs how we protect personal data. We make reasonable security arrangements to protect personal data about you that is in our possession or under our control to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All our employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.

Entities that provide services to us to process personal data on our behalf will be bound by contracts with us that require them to provide sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out and to take reasonable steps ensure compliance with those measures.