Privacy Policy
We value your privacy
This Privacy Policy describes our practices in connection with personal data (defined below) that we or our service providers may collect, use or disclose when you use our services, visit our website at impevis.com (“Platform”), mobile sites, applications, software and other services that we offer (collectively, the “Services”), operated and controlled by us, Impevis. Pte. Ltd. (Company Registration No. 202336492G), a private limited company incorporated under the laws of the Republic of Singapore with its registered address at 2 VENTURE DRIVE #19-18, VISION EXCHANGE, SINGAPORE (608526) (the “Company” or “we”).
This Privacy Policy should be read in accordance with the Company’s Terms and Conditions available at https://impevis.com/page/privacy-policy.
By using the Services, you (“you” or “your” shall mean the party disclosing personal data who may include individuals or businesses) are deemed to have read, understood and accepted our practices in this Privacy Policy. We are not responsible for the privacy practices of any third-party websites that may be linked to our Services. It is your responsibility to check their policies periodically to see if any terms have been updated or modified. Your continued use of the Services constitutes your acceptance of any updates to this Privacy Policy.
We may modify this Privacy Policy, and if we make material changes to it, we will provide notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account. All personal information still retained with us will be erased at that point.
This Privacy Policy is drafted in accordance with the Personal Data Protection Act 2012 (“PDPA”) under Singapore law. it is intended for use in Singapore and, where applicable, other countries or regions which provide the same level of protection for personal data that is comparable to the standards set by these acts.
The PDPA recognise the rights of individuals to protect their personal data (including rights of access and correction) and the requirement for organizations to collect, use or disclose personal data for legitimate and reasonable purposes. Accordingly, this Privacy Policy outlines the personal data that we collect, how it may be used, how it is stored and retained, whom it may be transmitted to as well as our and your responsibilities in relation to such uses and disclosures. We recommend that you read this Privacy Policy and our Terms and Conditions carefully before disclosing any personal data to us or using the Services.
The information we collect
We collect personal data when you create an account to use the Services and at various other instances through your use of our Platform.
“personal data” or “personal information” means data, whether true or not, about an individual who can be identified –
(a) from that data; or
(b) from that data and other information to which the organization has or is likely to have access
If you choose not to provide us with the information requested, you may not benefit from certain features of the Services and your use of the Services may be limited.
The personal information we collect from you may include but is not limited to the following and you will be informed what information is required and what information is optional:
(a) General identification information such as full name, nationality, email address, billing/residential address, and contact number;
(b) Your proof of identity in the form of a government-issued identity document
(c) Your Curriculum Vitae (“CV”)
(d) Reference letters
(e) Job-specific training documentation
(f) Associations membership certificates
(g) Training certificates
(h) Geolocation data such as the location of your device (e.g. IP address);
We will only collect information that is reasonably necessary for us to provide you with the Services. We collect such information only when we ask you for it and you provide it, and through technology that collects information automatically, such as cookies or other similar technologies. We will not be responsible for relying on inaccurate or incomplete data arising from your failure to notify us of any changes or inaccuracies in your personal data that was provided to us.
We clarify that you are not obligated to provide us with personal data beyond the limited data we need for you to register and authenticate your account or to make payments if you conduct any transactions through our Platform.
However, a complete profile helps you to avail the full spectrum of services available to you on our Platform and helps make the Services more relevant and useful to you.
The Company reserves the right to restrict membership to the Platform if all requested information and documentation is not provided as per the terms and conditions.
We collect information in several ways, such as:
(a) When you apply for membership through the Platform, in accordance with User Due Diligence as provided in the terms and conditions, you may have an opportunity to send us information about yourself.
(b) Additionally, to ensure the validity of profiles on the Platform, the Company may request additional information or supporting documentation from you.
(c) The Company reserves the right to request information for anti-money laundering (AML) and countering the financing of terrorism (CFT) purposes.
(d) You may choose to personalize your user experience on the Services in which case we may collect information about your visits to our website, including the URL clickstream, products you viewed or searched for, length of visits to certain pages and page interaction which may be collected automatically through the use of cookies.
(e) We may collect information when you contact us for information on our Services, provide feedback or complaints or otherwise in the course of providing technical assistance or responding to product or service queries.
Sensitive information
We do not collect audio, visual or similar information such as photographs, videos or voice recordings. Unless specifically requested, we ask that you do not send us or disclose to us any sensitive personal information such as information related to racial or ethnic origin, political opinions, sexual orientation, or criminal background on or through the Services or otherwise to us.
We may collect certain information automatically through the use of cookie-less tracking technology when you use the Services, and the information may be collected in the following ways:
(a) Through your browser
This may include your Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, and Internet browser type and version.
(b) IP address
Your IP address, along with the time of the visit and pages visited, is identified and logged automatically in our server log files whenever you visit the Services. Collection of IP addresses is standard practice and is done automatically by many online services. The IP address collected may be use for diagnosing server problems and administering the Services.
(c) Mobile device
If you access the Service through a mobile device, we may collect information on it such as smartphone device brand and type to understand how you use the Service.
How we use your information
We may use your personal information only for purposes permitted by applicable laws and for the purpose for which it is collected, which generally includes the following:
(a) To assist you in setting up membership, in order to engage in transactions on the Platform;
(b) To identify and verify your identity when you apply for membership on the Platform or engage with us;
(c) To conduct trials (with your consent) to enhance, improve and optimize your experience when you use the Services; or
(d) To comply with regulatory requirements, where applicable.
By using the Services, you expressly authorize and consent to us collecting, reviewing, using, retaining your personal information in accordance with this Privacy Policy and where reasonably required, transmitting your personal information to our intermediary companies and entities for the proper and reasonable purpose of them storing and using the data responsibly and in strict accordance with the PDPA. When you provide personal information on or through the Services, the information may be sent to servers located outside of Singapore.
In such an event, we will take appropriate steps to ascertain that the foreign recipient organization of the personal data is bound by legally enforceable obligations that are in-line with the requirements under the PDPA
We may also use your personal information to:
(a) Ensure that the content on the Services is presented in the most effective manner for you and understand your interests;
(b) Provide you with other service providers that might be best suited to your profile and needs;
(c) Provide the Services to you and contact you on the same;
(d) Provide you with updated information with respect to the Services;
(e) Improve the functionality and usage of the Services;
(f) Prepare customer lists for market research;
(g) Allow you to participate in features of the Services;
(h) Identify the types of devices you use so that we can optimize our systems;
(i) Communicate with you by email or other chosen means to send relevant notifications about our activities, developments and services that may be of interest to you;
(j) Contact you and notify you about changes to the Services that we offer (except where you have expressly requested for us not to do so);
(k) Ensure that you comply with our terms and conditions and the applicable law; and
(l) Send you important notifications that you will require to use the Services.
We may, after anonymizing your personal information, conduct analytics on the data collected for the purposes of obtaining big data, trends, patterns or any other form of result or finding that the Company in its sole discretion deems necessary for the delivery of the Services.
Protection of Personal Data Collected
Personal data collected by the Company are stored in information systems adopted by the Company. We adopt commercially reasonable security measures to safeguard personal data collected including but not limited to the following:
(a) Engaging reputable third-party cloud system service providers to host our cloud storage systems and ensuring integration is properly done;
(b) Employing a reputable third-party specialist Information Technology team to ensure security of our storage systems and information communication systems;
(c) Checking that the third-party cloud system service providers that we engage adopt robust security measures; and
(d) Adopting processes within the Company’s information communication systems to ensure that the organization has security measures against malware and phishing attempts.
The Company adopts measures and procedures that are aligned with guidance from the PDPA. However, we do not guarantee that data breaches will not occur despite the adoption of commercially sound and reasonable security measures that include the measures set out above.
With whom we share your information
We do not share your personal information with others except as indicated in this Privacy Policy or when we inform you and allow you to opt out of having your personal information shared. We may share personal information with:
(a) Clients: We may require to share information, including some relevant personal information, with other clients that you engage with on the Platform. You will be reminded of all relevant data disclosures necessary prior to entering any transactions on the Platform. Any information you choose to share with clients after the commencement of a transaction shall not be the responsibility of the Platform.
(b) Third Parties: We may share information, including some relevant personal information, with third parties that perform certain services on our behalf. These services may include, without limitation, storage of personal information on a cloud service, server hosting, marketing and supporting our notification service functionality.
(c) We may allow third-party service providers, advertising companies, advertisement networks, merchandising companies and other third parties to display advertisements and brands on the Services. These companies may use tracking technologies, such as cookies or web beacons, to collect information about users who view or interact with their advertisements.
(d) We do not provide any non-anonymized personal information to third parties. We will adhere strictly to the provisions in the PDPA in relation to any disclosure and dissemination of information to any third parties.
We may disclose your information, including personal information in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights, to defend against legal claims, or as otherwise required by law.
Cross-border transfer and Data Intermediaries
In order to most efficiently provide our Services, your personal information (including your CV and Location) may be transferred, stored or processed in, or any country outside of, Singapore, where we have facilities (including data centres) or service providers. By using our Service or by providing consent to us (where required by law), your information may be transferred to countries or territories outside Singapore, which may provide for different data protection rules than in Singapore.
We will ensure that the use and disclosure of personal information transferred offshore is dealt with in accordance with this Privacy Policy, and we will not transfer your personal data within Singapore or (as the case may be) a country or territory outside Singapore that does not provide protection of personal data that is comparable to the protections under the PDPA.
Retention of information
We retain information for different periods of time for as long as needed or permitted for the purpose(s) for which it was obtained. Generally, we determine retention periods by the length of time for which we have an ongoing relationship with you and provide the Service to you; whether there is a legal obligation to which we are subject; or whether retention is advisable having regard to legal considerations (such as applicable statutes of limitations or regulatory investigations).
Third-party sites
There are a number of places on our Services where users may click on a link to access other websites that do not operate under this Privacy Policy. For example, if users click on a link provided to a website run by a service provider, they may be taken to a website that we do not control.
These third-party websites may independently solicit and collect information, including personal information, from the users and, in some instances, provide us with information about the users’ activities on those websites. You are advised to consult the privacy statements of all third-party websites that you visit. The availability of, or inclusion of a link to, any such site or property on the Service does not imply endorsement of it by us or by our affiliates.
How we protect personal information
We use reasonable physical, administrative and technical measures to help safeguard and secure your personal information from unauthorized access, collection, use, copying, modification, disposal and disclosure. However, no system can be completely secure. Therefore, we cannot guarantee that your personal information, and activities while you use the Services or other communications will always remain secure. If you have a reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you have with us has been compromised), please immediately contact us below.
We do not keep personal information for longer than it is required, and we destroy or permanently anonymize personal information that we no longer need, where permitted.
Data Breaches
In the event of a data breach, the Company shall have regard to the Guide on Managing and Notifying Data Breaches under the PDPA, including
(a) Assessing the extent to which personal data collected by the Company has been compromised and put in place appropriate measures to contain the breach of personal data and minimize any harm to you arising from the breach of personal data;
(b) Analysing and determine the cause of the data breach;
(c) Ascertaining if the data breach is a notifiable data breach under the PDPA;
(d) Report the data breach to the Personal Data Protection Commission (PDPC) of Singapore if the data breach is a notifiable data breach;
(e) Report the data breach to the European Data Protection Supervisor (EDPS) of the EU if the data breach is a notifiable data breach;
(f) Ascertain if you are required to be informed of the data breach;
(g) Inform you if you are required to be notified of the data breach; and
(h) Take continuing action to prevent further harm to you arising from the breach of personal data, including but not limited to reviewing measures taken to contain breaches of personal data and protect personal data.
Use by minors
Although our Services are for a general audience, we restrict the use of the Services to individuals aged 18 and above. By proceeding with the use of the Services, you warrant that you are either aged 18 or above, or you are the legal guardians of individuals below 18. It is your sole responsibility to provide your correct birth date when you set up an account and we are entitled to assume that all personal data provided is true and accurate. We will take appropriate steps to delete any personal data of persons less than 12 years of age that has been collected on or through the Services without verified parental consent, or consent from a legal guardian, upon learning of the existence of such personal data.
No Third-party Rights
This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the Services.
Individuals in the European Economic Area
We acknowledge that the European Union General Data Protection Regulation (“GDPR”) will apply if we process or hold any personal data of individuals located at or residing in the European Economic Area (“EEA”) or if we offer goods or services to individuals in the EEA (“EU Individuals”).
It is duly noted and recognized that the Personal Data Protection Act (PDPA) and the General Data Protection Regulation (GDPR) mutually acknowledge each other as frameworks providing akin levels of protection concerning the processing and safeguarding of personal data.
We understand that we may lawfully process personal data if consent is provided by the EU Individual for the processing for specific purposes, if it is necessary for the performance of a contract of if it is necessary for our compliance with a legal obligation.
We understand that personal data must be processed lawfully, fairly and transparently, be collected and applied only for specified, explicit and legitimate purposes, must be limited to only what is required, must be accurate, not be kept in personally identifiable form for longer than is necessary and must be secured and protected pursuant to the GDPR.
We acknowledge and agree that the GDPR affords EU Individuals with rights such as:
(a) Right to access and obtain a copy of the EU Individuals’ personal data, including the purposes of processing and who the personal data has been disclosed to;
(b) Right to rectify inaccurate personal data concerning the EU Individual;
(c) Right to erasure of personal data concerning the EU Individual in certain circumstances;
(d) Right to restriction of processing of personal data in certain circumstances, such as where the accuracy of the personal data is contested, or the processing is unlawful;
(e) Right to data portability by receiving personal data concerning the EU Individual or data which has been provided to us, in a structured, commonly used and machine-readable format, and the right to transmit that data to another organization;
(f) Right to object to the processing of personal data in certain circumstances, including for the purposes of direct marketing; and
(g) Right not to be subject to automated decision-making (including profiling) where this has a legal effect on the EU Individual or significantly affects him.
We agree that we will act on a request from an EU Individual without undue delay (within one month). We will maintain records of how we process personal data, acknowledge the need to conduct data protection impact assessments and the need to apply careful consideration in the adoption and engagement of our data processors.
Contact us
If at any time you would like to access, review, correct, update, restrict, or delete your personal data (including deleting your genetic data and/or DNA sample from our data storage) or if you would like to enquire about our privacy practices, please contact us by:
● Email to our Data Protection Officer: info@impevis.com
● Post to: IMPEVIS PTE. LTD. 21 BUKIT BATOK CRESCENT, #15-75, WCEGA TOWER, SINGAPORE (658065
We will endeavour to respond to your request as soon as reasonably practicable and no later than one (1) month after receipt. If circumstances cause any delay in our response, you will be promptly notified and provided a date for our response. Your withdrawal of consent to our collection, use and disclosure of personal information may mean that we will not be able to continue with the existing relationship with you and the contract that you have with us may be terminated.
Please note that while you may have a right to access your personal data, there are some circumstances where we are not permitted to give you access to it under the PDPA (for example, we will not accommodate a request to access, change or delete personal data if we believe that doing so would violate any law or legal requirement).
Updates to this Privacy Policy
As part of our efforts to ensure that we properly manage, protect and process your personal data, we will review our policies, procedures and processes from time to time. We reserve the right to amend the terms under this Privacy Policy at our absolute discretion. We will notify you of any changes to this Privacy Policy by way of email or by a pop-up notification when you access the Platform, app or Services to help ensure that you are always aware of the information that we collect, how we use it, and in what circumstances, if any, that we share it with other parties.
You are encouraged to visit the Services from time to time to ensure that you are well informed of our latest policies in relation to personal data protection. Your use of the Service following any changes means that you accept the revised Privacy Policy. This Privacy Policy was last updated on 1.03.2024.