Data Protection Policy

Ace Management Services Data Protection Policy

Data Protection Notice

This Data Protection Notice (“Notice”) outlines how Ace Management Services (“we,” “us,” or “our”) collects, utilizes, discloses, or manages the personal data of our freelancers and employees in accordance with the Personal Data Protection Act (“PDPA”). This Notice covers personal data that we have and those held by organizations we have enlisted to collect, utilize, disclose, or manage personal data on our behalf.

PERSONAL DATA

As used in this Notice:

“Freelancers” refer to self-employed individuals who are not formally employed by our organization but provide their services to support our operational needs.
“Personal Data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

Depending on the nature of your interaction with us, examples of personal data that we may collect from you include:

Identification Information: This includes your name and identification details such as your NRIC number.
Contact Information: We may collect your address, email address, and telephone number.
Personal Details: This can encompass information like your nationality, gender, date of birth, and marital status.
Photographs: In some cases, we might collect photographs for identification or verification purposes.
Emergency Contact: Information about your emergency contact person.
Employment Information: Details related to your employment, such as job title, responsibilities, and tenure.
Financial Information: This can include sensitive data like credit card numbers, debit card numbers, or bank account information.

Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).

COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

We do not typically collect your personal data unless one of the following conditions is met:

a) You provide the data voluntarily, either directly to us or through a third party who has your authorization to disclose your personal data to us. In such cases, you (or your authorized representative) will be informed of the purposes for which the data is collected, and your written consent will be obtained for the collection and use of your personal data for those specified purposes. b) Collection and use of personal data without consent is allowed or required by the Personal Data Protection Act (PDPA) or other relevant laws.

We will always seek your consent before collecting any additional personal data or using your personal data for a purpose that has not been previously communicated to you, except in cases where such collection or usage is permitted or authorized by law. This approach ensures that your personal data is handled transparently and in compliance with applicable data protection regulations.
We may collect and use your personal data for any or all the following purposes:

Verifying your identity.
Responding to, handling, and processing queries, requests, applications, complaints, and feedback from you.
Security clearance to verify the identity of the individual.
Managing your relationship with us.
Processing payment or credit transactions.
Complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or assisting in law enforcement and investigations conducted by any governmental and/or regulatory authority.

We may disclose your personal data:

Security clearance: To the client for the purpose of verifying and confirming the identity of the individual.

The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

WITHDRAWING YOUR CONSENT

Your consent for the collection, use, and disclosure of your personal data will remain in effect until you choose to withdraw it in writing. You have the option to withdraw your consent and request us to cease using and/or disclosing your personal data for any or all the purposes mentioned above. You can do so by submitting your request in writing or via email to our Data Protection Officer, whose contact details are provided below.
After receiving your written request to withdraw your consent, we may need a reasonable amount of time to process your request. The processing time will depend on the complexity of the request and its potential impact on our relationship with you. We will also inform you of any consequences, including legal implications, that may affect your rights and responsibilities toward us. Typically, we aim to process such requests within ten (10) business days of receiving them.

ACCESS TO AND CORRECTION OF PERSONAL DATA

If you wish to make (a) an access request for access to a copy of the personal data that we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

PROTECTION OF PERSONAL DATA

To protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, or similar risks, we have implemented suitable administrative, physical, and technical measures. These measures include up-to-date antivirus protection, encryption, and the use of privacy filters to secure all storage and transmission of personal data. We restrict the disclosure of personal data both internally and to our authorized third-party service providers and agents, sharing it only on a need-to-know basis.
It’s important to note that no method of transmission over the Internet or electronic storage is entirely secure. Although we cannot guarantee absolute security, we are committed to safeguarding your information and regularly assess and improve our information security measures.

ACCURACY OF PERSONAL DATA

We primarily depend on the personal data you or your authorized representative provide. To ensure that your personal data remains current, complete, and accurate, kindly inform our Data Protection Officer of any changes by submitting the updates in writing or via email using the contact details provided below.

REMOVAL OF PERSONAL DATA

Unless stated otherwise, all personal data will be deleted from our system after a one-year interval.

DATA PROTECTION OFFICER

If you have any inquiries, or feedback regarding our personal data protection policies and procedures, or if you wish to make any requests, you may contact our Data Protection Officer using the following methods:

Name: He Xingran (Isaac)

Contact: 90710998

Email: issache@amsasia.sg

Address: 3791 Jalan Bukit Merah, #04-08 E-Centre@Redhill, Singapore 159471

EFFECT OF NOTICE AND CHANGES TO NOTICE

This Notice applies in conjunction with any other notices, contractual clauses, and consent clauses that apply in relation to the collection, use, and disclosure of your personal data by us.
We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgment and acceptance of such changes.

Effective Date: 13/09/2020

Last Updated: 13/09/2020