Emphasizes IMS Systems Pte Ltd's commitment to data protection and compliance
Introduction
At IMS Systems Pte Ltd, we are committed to safeguarding your privacy and ensuring that your personal data is protected in accordance with applicable data protection laws. As a responsible company, we adhere to the highest standards of data security and comply fully with the Personal Data Protection Act (PDPA) of Singapore and the General Data Protection Regulation (GDPR) of the European Union.
This Privacy Policy outlines the ways in which we collect, use, process, and protect your personal information when you interact with our website and services. By accessing our website, you agree to the terms outlined in this policy, and we encourage you to read it carefully to understand how we handle your personal data.
Our Commitment to Your Privacy
We respect your right to privacy and take our responsibility to protect your personal information seriously. Our practices are designed to meet the requirements of both the PDPA and the GDPR, ensuring that your personal data is processed lawfully, transparently, and securely.
Scope of this Privacy Policy
This Privacy Policy applies to all users of the IMS Systems Pte Ltd website and services, and it covers the types of personal data we collect, the purposes for which we use it, and the measures we take to protect it. It also provides information on how you can exercise your rights with regard to your personal data.
Our approach to data protection is built on transparency, accountability, and respect for user rights. We do not sell, trade, or share your personal data with third parties without your explicit consent, except as required by law or to fulfill our contractual obligations.
Data Protection Laws
Personal Data Protection Act (PDPA): As a company based in Singapore, we comply with the PDPA, which governs the collection, use, and disclosure of personal data in Singapore. This law ensures that your personal data is handled in a responsible and secure manner.
General Data Protection Regulation (GDPR): For users in the European Union, we also comply with the GDPR, which sets forth stringent requirements regarding the processing of personal data and grants individuals certain rights to control their information.
We encourage you to review this Privacy Policy regularly, as it may be updated to reflect changes in our data processing practices or applicable laws.
For any questions or concerns regarding your personal data or this Privacy Policy, please do not hesitate to contact us.
Data Processing and Consent
At IMS Systems Pte Ltd, we are committed to processing your personal data in a transparent, lawful, and secure manner. This section outlines how we collect, use, and process your personal data, the purposes for which it is processed, and your rights regarding your data.
Collection of Personal Data
We may collect personal data from you when you visit our website, use our services, or interact with us through various communication channels. This may include, but is not limited to:
⦿ Contact Information: Name, email address, phone number, and company details.
⦿ Account Details: If you create an account, we may collect user credentials, passwords, and other information required for account management.
⦿ Usage Data: Information related to how you interact with our website, including IP address, browsing history, device information, and location.
⦿ Transaction Data: Data related to purchases, billing, and payment information if applicable.
Purpose of Data Processing
We process your personal data for specific, legitimate purposes, including but not limited to:
⦿ Providing Services: To offer, manage, and support the products and services you have requested.
⦿ Improving User Experience: To enhance and personalize your experience on our website by analyzing usage data.
⦿ Communication: To respond to inquiries, provide customer support, and send important updates related to our services.
⦿ Marketing: With your consent, to send promotional materials, newsletters, or offers that may interest you.
⦿ Compliance: To comply with legal obligations, such as tax reporting, regulatory requirements, or responding to lawful requests from government authorities.
Methods of Data Collection
We collect personal data in the following ways:
⦿ Direct Collection: Information you provide directly to us, such as when you fill out forms, register for an account, or contact us via email.
⦿ Automated Collection: Information collected through cookies, tracking technologies, and analytics tools as you navigate our website.
Consent for Data Processing
We will always seek your explicit consent for processing your personal data when required by law. Consent is obtained in the following ways:
⦿ Opt-in Consent: For marketing communications or other purposes not essential to the service.
⦿ Transactional Consent: For processing payments or providing support, which is necessary for fulfilling our contractual obligations.
You have the right to withdraw your consent at any time by contacting us or following the unsubscribe instructions in marketing emails.
Rights of Data Subjects
Under the Personal Data Protection Act (PDPA) and General Data Protection Regulation (GDPR), you have certain rights concerning your personal data. These rights include:
⦿ Right of Access: You can request access to the personal data we hold about you, including the purpose of processing, the categories of data, and the recipients.
⦿ Right to Rectification: You can request that we correct any inaccurate or incomplete personal data we hold about you.
⦿ Right to Erasure (Right to be Forgotten): In certain circumstances, you can request the deletion of your personal data, such as when the data is no longer necessary for the purposes for which it was collected.
⦿ Right to Restriction of Processing: You can request that we limit the processing of your personal data in specific situations, such as when you contest its accuracy or oppose its processing.
⦿ Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
⦿ Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or on grounds related to your particular situation.
If you wish to exercise any of these rights, please contact us using the details provided in this Privacy Policy. We will respond to your request in accordance with the applicable data protection laws.
Data Retention
We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Once the data is no longer required, we will securely delete or anonymize it.
Security Measures
At IMS Systems Pte Ltd, we recognize the importance of protecting your personal data and have implemented a range of technical and organizational measures to ensure its security. These measures are designed to prevent unauthorized access, alteration, disclosure, or destruction of your data.
Technical Measures
We use advanced technologies to protect your personal data from potential threats. These include:
⦿ Encryption: We use industry-standard encryption techniques to protect sensitive data, such as payment information and login credentials, both during transmission and at rest.
⦿ Firewalls and Anti-Malware Software: Our systems are protected by firewalls and anti-malware tools to prevent unauthorized access and defend against external threats.
⦿ Secure Servers: We store your data on secure servers with restricted access to ensure that unauthorized parties cannot gain access to it.
⦿ Regular Software Updates: We continuously monitor and update our systems to address known vulnerabilities and maintain a high level of security.
⦿ Data Masking: Where applicable, sensitive personal data is masked to protect it during processing or when being displayed to non-privileged users.
Organizational Measures
In addition to technical security, we also implement strict organizational policies to safeguard your data:
⦿ Access Control: Access to personal data is strictly limited to authorized personnel who need it to perform their job duties. We use role-based access controls to ensure that employees have access only to the data necessary for their responsibilities.
⦿ Training and Awareness: Our staff undergo regular training on data protection best practices and security protocols to ensure they understand the importance of safeguarding personal information.
⦿ Data Anonymization and Pseudonymization: When possible, we anonymize or pseudonymize personal data to minimize the risk associated with data processing.
⦿ Third-Party Contracts: We work with trusted third-party vendors and service providers, ensuring that they adhere to strict data protection standards and security measures in line with our policies.
Incident Response
In the event of a data breach or security incident, we have a defined incident response plan in place. This includes prompt investigation, notification to affected individuals (if required), and coordination with relevant authorities to mitigate any potential impact.
Data Storage and Retention
We store your personal data securely for as long as necessary to fulfill the purposes outlined in our Privacy Policy or as required by law. When the data is no longer needed, it is securely deleted or anonymized to prevent unauthorized access.
Limitations
While we strive to ensure the highest level of security, no method of transmission over the internet or electronic storage is entirely secure. As such, we cannot guarantee absolute security. However, we are committed to continually improving our security measures to address emerging risks and protect your data.
Contact Information
If you have any questions regarding this Privacy Policy, or if you wish to exercise any of your data protection rights, such as requesting access, rectification, or erasure of your personal data, please feel free to contact us using the details below:
⦿ Access: Obtain a copy of your personal data held by us.
⦿ Rectification: Correct any inaccuracies in your personal data.
⦿ Erasure: Request the deletion of your personal data, where applicable.
⦿ Restriction of Processing: Request the restriction of processing of your personal data, if certain conditions are met.
⦿ Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format.
⦿ Objection: Object to the processing of your personal data, where applicable.
All inquiries will be handled in accordance with applicable data protection laws, and we will respond to your request as soon as possible.
Retention Policy
IMS Systems Pte Ltd retains personal data for no longer than is necessary for the purposes for which it was collected, in accordance with applicable data protection laws. The retention period for personal data depends on the nature of the data and the specific purpose for which it was collected. Below are the general guidelines for data retention:
⦿ Personal Data for Contractual Purposes: Personal data related to contractual agreements, including sales, services, and customer support, is retained for the duration of the contractual relationship and for a period of up to 6 years thereafter, in compliance with local laws and regulations.
⦿ Personal Data for Marketing and Communications: If you have consented to receive marketing communications, your personal data will be retained until you opt-out or withdraw your consent. This data will be erased immediately upon request or at the time of opt-out.
⦿ Personal Data for Legal or Regulatory Compliance: In some cases, personal data may be retained for longer periods if required for compliance with legal obligations, such as tax or accounting regulations. For example, invoices and payment records may be retained for up to 7 years, as per Singapore's tax requirements.
⦿ Inactive or Unused Data: Personal data that is not actively required for processing or has not been accessed for a certain period may be archived or anonymized for analytical purposes, in compliance with data retention laws.
Erasure of Personal Data:
Personal data will be securely erased when it is no longer necessary for the purposes for which it was collected or when you request the erasure, subject to applicable legal or contractual obligations. Personal data may also be deleted upon your request if it is found to be inaccurate or improperly processed.
Requests for data erasure can be directed to our Data Protection Officer (DPO) as outlined in the "Contact Information" section.
Third-Party Sharing
IMS Systems Pte Ltd respects the privacy of your personal data and will only share it with third parties under certain conditions, as outlined below. The data may be shared with third parties in accordance with applicable data protection laws, as well as for the purposes of fulfilling our contractual obligations or legal requirements.
Conditions for Sharing Data with Third Parties:
Service Providers: We may share your personal data with trusted third-party service providers who perform essential functions on our behalf, such as cloud hosting, customer support, and marketing services. These service providers are contractually bound to protect your data and only use it for the specific services they provide to us.
Legal and Regulatory Compliance: We may disclose personal data to law enforcement authorities, regulators, or other government bodies when required by law or in response to lawful requests. This may include sharing personal data for compliance with legal obligations, to prevent fraud, or to comply with a subpoena or other legal process.
Business Transfers: In the event that IMS Systems Pte Ltd is involved in a merger, acquisition, or sale of all or part of its assets, personal data may be transferred as part of that transaction. We will notify you of any such changes through appropriate channels, and any new entity will be bound by the terms of this Privacy Policy.
Contractual Obligations: We may also share your personal data with third parties when it is necessary to fulfill contractual obligations, such as for processing transactions or providing services you have requested. This sharing will only occur to the extent necessary to fulfill these obligations.
Consent: We may share your personal data with third parties if you have explicitly provided your consent for such sharing, which can be withdrawn at any time.
Data Transfer:
In some cases, personal data may be transferred to third parties outside of Singapore or the European Economic Area (EEA). In such cases, we will ensure that adequate safeguards are in place to protect your data in accordance with data protection laws, such as using standard contractual clauses or ensuring the recipient is certified under privacy frameworks like the EU-U.S. Privacy Shield.
