Data Protection and Privacy Policy

Last updated: 13 October 2021

1. Introduction

At Optimatic Pte Ltd (“e27”) of 114 Lavender Street, #11-83 CT Hub 2, Singapore 338729 (UEN 200717422C) we respect the privacy and confidentiality of the personal data of our Clients, Associates and others whom we interact with in the course of providing our services. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.

Depending on the context of personal data you provide, Optimatic may be the Data Controller or Data Processor, as applicable, of your Personal Data under this Policy. We collect Personal Data via the following:

  1. When job applicants create an e27 account for job application purposes using the job portal services available;
  2. For our own business: This includes certain data collected on our website, such as account creation, job applications, employment as well as data collected through other marketing-related efforts (if any).

(Collectively, the “Services”)
When we process any Personal Data as a Data Controller or a Data Processor in relation to the Services, we shall process such information in accordance with this Policy. If we are Data Processor for your Personal Data (i.e., not the controller), please contact the controller in the first instance to address your rights with respect to such data. If there is a data breach, we will notify the PDPC within 72 hours or 3 calendar days, if the breach is of significant scale involving (i) more than 500 individuals and/or (ii) involving prescribed personal data that cause significant harm to the individuals. We will also notify the individuals when a data breach is likely to result in significant harm or impact to them, regardless of the scale of the breach.

We have developed this Data Privacy Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession. This Policy will serve as an agreement in writing between Optimatic Pte Ltd and all website users.

2. How We Collect Your Personal Data

Personal data refers to any information that can uniquely identify an individual person (a) on its own, or (b) when combined with other information. Under the PDPA, business contact information (e.g. full name, business address, business telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.

We collect your personal data when you:

  • When you register for an account with us on our Site;
  • When you report any problem to us;
  • When you use certain features on our Site;
  • When you request any support from us; or
  • When you complete any survey or questionnaire we send you;
  • Visit our website and leave behind your contact information through our contact form
  • Communicate with us via emails or written correspondences
  • Apply for a job position with Optimatic via third parties (e.g. recruitment platforms)

3. Types of Personal Data We Collect About You

The types of personal data we collect about you include but is not limited to:

  • Your full name; and
  • NRIC, passport or other identification number; and
  • Contact information (Address, phone number, email address); and
  • Personal details (Gender, Date of Birth, Nationality); and
  • Personal and professional details contained in your curriculum vitae when you apply to us for a job (Employment, education and income details); and
  • Other information relating to you which you have provided to us in any forms you may have submitted to us, or in other forms of interaction with you; and
  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your log-in information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
  • Details of any transactions, purchases and payments you made on our Site and in our App; and
  • Information about your visit, including the full Uniform Resource Locators (URLs), click stream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, Page 1 of 5 length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number; and
  • Information we receive from third parties - We work with third parties and we may receive information about you from them, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, or credit reference agencies. We will notify you when we receive information about you from them and the purposes for which we intend to use that information.

4. How We Use Your Personal Data

We use the personal data you provide us for one or more of the following purposes:

  • Providing, improving and developing our services
  • Researching, designing and launching new features or products.
  • Presenting content and information in our Site in the most effective manner for you and for the device you use.
  • Providing you with alerts, updates, materials or information about our services or other types of information that you requested or signed up to.
  • Collecting overdue amounts.
  • Managing subscription plans.
  • Responding or taking part in legal proceedings, including seeking professional advice.
  • For direct marketing purposes (our products or services, seminars, conferences or events, and those of our affiliates or business partners).
  • Communicating with you and responding to your questions or requests.
  • Purposes directly related or incidental to the above.
  • Process job applications, recruitment and selection.
  • Perform background verification checks and reference checks for verification of your identity for employment purposes.
  • Process employment passes of our employees with the relevant government agencies
  • Perform internal management, operate management information systems, and conduct internal and external audits.
  • Comply with any applicable regulations, code of practice, rules and laws or to assist in law enforcement and investigations conducted by any form of governmental and/or regulatory authority. (hereinafter collectively referred to as the “Purposes”).

Should there be any need to use your personal information and data for any other purposes, Optimatic Pte Ltd will notify you and obtain prior permission and consent.

By providing personal data relating to a third party (e.g. spouse, children, parents, referees and/or employees), the individual shall represent and warrant that prior consent is obtained from such third party for the collection, use or disclosure of personal data.

We may collect, use and disclose your personal data pursuant to an exception under the Personal Data Protection Act or as required/authorised under any other written law.

By providing us with your personal information and data or by accessing or viewing the website or any of its products/services, functions or contents, it is deemed that you have agreed to each and all the terms, conditions and notices stated in this policy.

5. Consequences Of Not Consenting And/Or Providing Personal Data Necessary for Transaction/Service/Application

Please be noted that should you not consent and provide us with the relevant personal data to fulfil the “Purposes” of collection, use and disclosure of your personal data by Optimatic, it may hinder our ability to continue to interact with you.

For Job applicants: We may not be able to make a decision on your suitability for recruitment and employment or comply with the law and therefore, we may not be able to make an offer of employment.

For Optimatic’s Employees: We may not be able to fulfil the Purposes listed in the Personal Data Protection Policy, Section 4.2.1.

For e27 Job applicants: We may not be able to provide you with the services provided to job applicants through the e27 platform.

For e27 regular and pro members: We may not be able to provide you with the services and resources through the e27 platform.

6. Withdrawal of Consent

The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. If you wish to withdraw your consent to any use or disclosure of your Personal Data as set out in this Data Protection Policy, you may write to our Data Protection Officer at [email protected]

Please understand that your withdrawal of consent for all of the purposes necessary to Optimatic fulfilling our contractual duties towards you or facilitating your request or providing our services to you may carry consequences. We will review and inform you on the consequences of the withdrawal prior to processing your request.

7. Who We Disclose Your Personal Data To

We disclose some of the personal data you provide us to the following entities or organisations outside e27 in order to fulfil our services to you:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in Section 5 of the Companies Act (Chapter 50);
  • Personnel, agents, advisers, auditors, contractors, financial institutions, and service providers in connection with our operations or services (for example staff engaged inthe fulfilment of your order, the processing of your payment and the provision of support services);
  • Our overseas offices, affiliates, business partners and counterparts (on a need-to-know basis only);
  • Persons under a duty of confidentiality to us;
  • Persons to whom we are required to make disclosure under applicable laws and regulations in any part of the world; or
  • Actual or proposed transferees of our operations (or a substantial part thereof) in any part of the world.
  • Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.

8. How We Manage the Collection, Use and Disclosure of Your Personal Data

8.1 Obtaining Consent

Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.

We may rely on exceptions to the need for consent under the PDPA for the collection, use or disclosure of your personal data under the following circumstances (only those relevant to e27 are included):

  • The personal data is publicly available
  • The personal data is disclosed by a public agency or disclosed to a public agency
  • The personal data is necessary for any investigation or proceedings
  • The personal data is necessary for evaluative purposes (e.g. determining the suitability of a job applicant for the job applied for)
  • The personal data is necessary for the purpose of managing or terminating an employment relationship
  • The personal data is necessary for a business asset transaction

8.2 Use of Cookies

Our Site uses cookies to distinguish you from other users of the Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree to the use of cookies. Cookies contain information that is transferred to your computer's hard drive.

We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Site or a partner site that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session). We use the following cookies:

Strictly necessary cookies – These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access all or parts of our Site.

We may use third-party web services on our Site. The service providers that administer these services use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analyse how visitors use our Site and make the information displayed on it more relevant to your interests. The information collected through these means (including IP addresses) is disclosed to these service providers. These analytics services may use the data collected to contextualise and personalise the marketing materials of their own advertising network.

8.3 Third-Party Consent

We do not get consent on behalf of another individual. We only get consent from the individual who will be dealing directly with us.

8.4 Third-party Sites

Our Site or our communication with you may from time to time contain links to third-party websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites understand your rights. We accept no responsibility or liability for any practices of third-party websites.

9. How We Ensure the Accuracy of Your Personal Data

We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date.

From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data.

10. How We Protect Your Personal Data

We have implemented appropriate information security and technical measures to protect the personal data we hold about you against loss; misuse; destruction; unauthorised alteration/modification, access, disclosure; or similar risks. Please note, however, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk.

We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.

When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.

11. How We Retain Your Personal Data

We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.

We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.

12. How You Can Access and Make Correction to Your Personal Data

You may write in to us to find out how we have been using or disclosing your personal data over the past one year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.

If you find that the personal data we hold about you is inaccurate, incomplete, misleading or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request. You may also Login and manually edit your personal data to update it.

13. How You Can Delete Your Personal Data

You may delete your account at any time by logging in and following the instructions stipulated here.

We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require.

14. Transfer of Personal Data

Where there is a need to transfer your personal data to another country outside Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as those in Singapore.

15. Contacting Us

If you have any query or feedback regarding this Notice, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at: [email protected]

Any query or complaint should include, at least, the following details:

  • Your full name and contact information
  • Brief description of your query or complaint

We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.

16. Changes to this Data Privacy Notice

We may update this Data Privacy Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.

Changes to this Notice take effect when they are posted on our website.

A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at /var/www/html/e27beta/system/core/Output.php:445)

Filename: libraries/Session.php

Line Number: 674

A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at /var/www/html/e27beta/system/core/Output.php:445)

Filename: libraries/Session.php

Line Number: 674