GoLux Pte. Ltd. respects the privacy of individuals and recognizes the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect, process and disclose your personal data. We are also committed to adhering to the provisions and principles of the Personal Data Protection Act 2012. As such, this Personal Data Protection Statement is to assist you in understanding how we collect, use and/or disclose your personal data.
GoLux Pte. Ltd. will collect, use and disclose your personal data in accordance with the Personal Data Protection Act 2012 (“Act”). The Act establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognizes both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organizations to collect, use or disclose personal data for legitimate and reasonable purposes.
The Act takes into account the following concepts:
- Consent – Organizations may collect, use or disclose personal data only with the individual's knowledge and consent (with some exceptions);
- Purpose – Organizations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure; and
- Reasonableness – Organizations may collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.
In projecting the three main concepts above, the Act contains nine main obligations which organizations are expected to comply with if they undertake activities related to the collection, use and/or disclosure of personal data:-
(1) The Consent Obligation
(2) The Purpose Limiting Obligation
(3) The Notification Obligation
(4) The Access and Correction Obligation
(5) The Accuracy Obligation
(6) The Protection Obligation
(7) The Retention Limitation Obligation
(8) The Transfer Limitation Obligation
(9) The Openness Obligation
While GoLux Pte. Ltd. will not be going into the details of these Obligations in this Personal Data Protection Statement, you can be rest assured that we are constantly mindful of them in our collection, use and disclosure of personal data. Should you wish to know more about these obligations, an excellent summary can be found in the Advisory Guidelines of the Personal Data Protection Commission at:
1. Your Personal Data
In this Personal Data Protection Policy, “Personal Data” refers to any data and/or information about you from which you can be identified by, either (a) from that data; or (b) from that data and other information to which we may have legitimate access to. Examples of such Personal Data include but are not limited to:
- your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address and any other information relating to you which you have provided in any forms you may have submitted to use, or in other forms of interaction with you;
- your photos;
- your employment history, education background, and income levels;
- Personal Data of your family members, such as next of kin, spouses, and children;
- information relating to payments, such as your bank account number or credit card information;
- information about your usage of and interaction with our website and/ or services including computer and connection information, device capability, bandwidth, statistics on page views and traffic to and from our website
2. Collection of your Personal Data
Generally, we may collect your Personal Data through the following ways:
- when you sign up for an account with us;
- when you access our websites or perform an online transaction;
- when you interact with any of our external and internal employees of the Organization;
- when you respond to our request for additional Personal Data;
- when you ask to be included in an email or other mailing list;
- when you request that we contact you;
- when you respond to our initiatives or promotions; and
- when you submit your Personal Data to us for any other reason.
When you browse our website, you generally do so anonymously, but please see section 6 below on cookies.
- Purposes for the Collection, Use and Disclosure of Your Personal Data
Generally, we may collect, use, disclose and/ or retain your Personal Data for the following purposes:
- to manage your account including onboarding, processing and termination of your account for usage of our platform’s services;
- to provide you with promotions and special privileges;
- to provide you with employment and employability services;
- to assist you with your enquiries;
- to process payment for your purchases or any other usage;
- to improve customer services, such as resolving complaints and handling requests and enquiries;
- to conduct research, surveys and interviews;
- to keep you updated on our events; and
- to comply with applicable laws and regulations.
4. Marketing/ Optional Purposes
- From time to time, we may contact you via mail, electronic mail, telephone (call or SMS-Text), facsimile or social medial platforms, to inform you about our benefits, services and events that we think may be of interest to you.
- You can let us know at any time if you no longer wish to receive marketing materials (by informing us via email to: firstname.lastname@example.org) and we will remove your details from our direct marketing database.
- Please note that we may still send you non-marketing messages such as surveys, customer-service notices and other service related notices.
5. Disclosure of your Personal Data
- We may disclose your Personal Data to the following group of external organization for purposes mentioned above, subjected to the requirements of applicable laws:
- External employees (e.g. instructors, cleaning agencies, laundry services, transportation companies, retailers, etc.) whom GoLux employs to provide our services to you;
- agents, contractors, data intermediaries or third party service providers who provide services, such as telecommunications, mailing, information technology, payment, payroll, data processing, training, market research, carding, storage and archival, to the Organization;
- external banks, financial institutions, credit card companies and their respective service providers;
- our professional advisers such as our auditors;
- relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any government authority;
- third party reward, loyalty, privileges and co-branded programme providers;
- business partners that provide any additional services and benefits; and
- any other person in connection with the purposes set forth above.
- We may collect or analyze anonymized information from which individuals cannot be identified (“Aggregate Information”), such as number of users and their frequency of use, the number of page views (or page impressions) that occur on our websites and common entry and exit points into our websites.
- We make use of “cookies” to store and track Aggregate Information about you when you enter our website(s). Such cookies are used to track information such as the number of users and their frequency of use, profiles of users and their online preferences.
- Such aggregate Information collected may be used to assist us in analyzing the usage of our website(s) so as to improve your online experience with us.
- Should you wish to disable the cookies associated with these technologies you may do so by changing the setting on your browser. However, please note that this may affect the functionality of the website(s).
7. Third-Party Sites
- Our website may contain links to other websites operated by third parties independent of the Organization. We are not responsible for the privacy practices of such websites operated by third parties even though it is linked to our website(s).
- We encourage you to learn about the privacy policies of such third party website(s) by checking the policy of each site you visit and contact its owner or operator if you have any concerns or questions.
8. Protection of your Personal Data
- We maintain appropriate security safeguards and practices to protect your Personal Data unauthorized access, collection, use, disclosure, copying, modification disposal or similar risks, in accordance with applicable laws.
9. Accuracy of your Personal Data
- We take all reasonable measures to ensure that your Personal Data remains accurate, complete and up-to-date.
- You may also keep us informed when there are any updates to your Personal Data by contacting us directly.
10. Withdrawal of Consent
- If you wish to withdraw your consent to any use or disclosure of your Personal Data as set out in this Personal Data Protection Policy, you may contact us via email@example.com.
- Please note that if you withdraw your consent to any or all use or disclosure of your Personal Data, depending on the nature of your request, we may no longer be in a position to continue to provide membership benefits and services to you.
- Such a withdrawal may therefore result in the termination of the usage of services in our website.
11. Access and Correction of your Personal Data
- You may request access to or make corrections to your Personal Data records, but the Organization has the right to charge a reasonable fee for processing your request.
- Please submit your request to us by writing to our general email: firstname.lastname@example.org
12. Contacting Us
- If you have any questions or complaints relating to the use or disclosure of your Personal Data, or if you wish to know more about our data protection policies and practices, please contact our Data Protection Office via email at AskDPO@ntuc.org.sg.