SWiZ Technologies Pte Ltd (“SWiZ”, “we”, “us”, or “our”) respects your privacy and is committed to safeguarding personal data entrusted to us. This Data Protection Notice outlines how we collect, use, disclose, and protect personal data in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”).

This Notice applies to individuals whose personal data is provided to us in the course of business, including clients, partners, vendors, service providers, job applicants, and other external parties who engage with us through our website, communications, or service channels. It applies to personal data in our possession or under our control, including personal data held by organisations that process such data on our behalf.

1. PERSONAL DATA WE COLLECT

Personal data refers to data, whether true or not, that can identify an individual from that data, or from that data and other information to which we have or are likely to have access.

The personal data we collect may vary depending on the nature of your interaction with SWiZ. For example, it may include:

  • Name, identification number, nationality, contact details, job title, or business contact information;
  • Billing, bank account, or transaction details provided in the context of service engagements;
  • Job application materials such as resumes, education history, employment background, references, and other supporting information;
  • Photographs or audio-visual material captured in business or recruitment settings;
  • Technical or usage data from your interactions with our website or platforms.

This data may be provided directly by you, your authorized representative, or collected from third parties where appropriate.

2. PURPOSE FOR COLLECTION, USE, AND DISCLOSURE

SWiZ collects and uses personal data only for purposes that are reasonable, appropriate, and related to our business functions or activities. These purposes include, but are not limited to:

  • Managing and administering contracts, services, or transactions you have with us;
  • Responding to enquiries, service requests, or other communications;
  • Verifying your identity and managing user accounts or system access;
  • Processing payments, invoices, or claims;
  • Evaluating job applications and administering recruitment processes;
  • Complying with legal obligations, industry standards, or regulatory requirements;
  • Protecting our rights, property, and safety, including investigating potential misconduct;
  • Facilitating internal operations such as audits, business continuity, and IT maintenance.

Where appropriate, we may disclose personal data to third-party service providers, professional advisers, or government authorities in Singapore or overseas. Such disclosures are made strictly for the purposes stated above and only where necessary.

From time to time, we may also send you updates, newsletters, or marketing communications relating to our services, promotions, or initiatives. Where required under the PDPA or the Do Not Call provisions, we will obtain your consent before sending such messages. You may opt out at any time by following the unsubscribe instructions or by contacting our Data Protection Officer.

3. CONSENT AND WITHDRAWAL

By engaging with SWiZ—whether through our website, submission of a job application, business enquiry, or use of our services—you are deemed to have consented to the collection, use, and disclosure of your personal data for the purposes stated in this Notice.

Where required under the PDPA, additional or explicit consent may be obtained through written agreements, electronic submissions, or other clear affirmative actions.

Should you wish to withdraw your consent for the collection, use, or disclosure of your personal data, you may do so at any time by submitting a written request to our Data Protection Officer. Upon receiving such a request, we will inform you of any potential consequences, which may include our inability to continue providing you with services or processing your application. We aim to process such requests within thirty (30) to forty-five (45) business days, depending on the nature and complexity of the request.

Please note that withdrawing consent does not affect our right to continue to retain and use personal data where such retention or use is permitted or required under applicable laws.

3.1 Legitimate Interest

In specific instances allowed under the PDPA, SWiZ may collect, use, or disclose personal data without obtaining consent, if the action is necessary for our legitimate business interests or those of another person.

These legitimate interests may include:

  • Detecting or preventing fraud and misuse of systems;
  • Performing network monitoring, data loss prevention, and IT security reviews;
  • Ensuring operational continuity and service quality through audit, backup, and troubleshooting activities.

Before relying on this basis, we will assess that such use is reasonable and not expected to cause any undue impact or harm to the individuals involved.

4. ACCESS AND CORRECTION OF PERSONAL DATA

You may request access to the personal data that SWiZ holds about you, and you may also request correction or updates to ensure that the information is accurate, complete, and current.

All such requests should be submitted in writing to our Data Protection Officer. We may charge a reasonable administrative fee for access requests, and if so, you will be informed of the fee before we proceed.

Our aim is to respond to your request within thirty (30) business days. If we are unable to do so within this time frame, we will inform you of the estimated time required and the reason for the delay. In cases where we are unable to provide access or make a correction as requested, we will generally explain the reason, unless we are not required to do so under applicable law.

5. ACCURACY OF PERSONAL DATA

SWiZ relies on the personal data provided by individuals to be accurate and complete in order to deliver services effectively and maintain compliance with regulatory obligations.

You are encouraged to notify us promptly if there are any changes to your personal data. This helps ensure that our records remain accurate, complete, and up-to-date.

6. PROTECTION OF PERSONAL DATA

We implement robust administrative, technical, and physical safeguards to protect personal data under our care against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks.

These measures include but are not limited to:

  • Role-based access and internal authorisation controls;
  • Secure transmission protocols and encryption;
  • Antivirus software, intrusion prevention tools, and system patching;
  • Anonymisation or secure deletion where applicable;
  • Regular security reviews and audits.

Personal data is only disclosed to authorised personnel or third parties on a need-to-know basis. While no method of electronic storage or transmission over the internet is fully secure, we are committed to maintaining up-to-date security practices in accordance with industry standards.

In addition, SWiZ Technologies ensures that its employees, offshore members, and authorised personnel are bound by internal policies and trained to uphold personal data protection responsibilities in compliance with the PDPA.

7. RETENTION OF PERSONAL DATA

Personal data is retained only for as long as it is necessary to fulfil the purposes for which it was collected, or as required or permitted by applicable laws and regulations.

When data is no longer needed for business or legal purposes, we will securely dispose of it, anonymise it, or remove the means by which the data can be associated with any individual.

8. TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE

SWiZ Technologies operates in a global environment and engages with offshore employees, partners, and service providers. As part of our business operations, personal data may be transferred to or accessed from locations outside Singapore, including jurisdictions where our offshore personnel are based or where technical support is provided.

In such cases, we take all reasonable steps to ensure that any transfer or remote access complies with the requirements of the Personal Data Protection Act 2012. This includes:

  • Ensuring that the overseas recipient is contractually bound to provide a standard of protection that is comparable to that under Singapore’s PDPA;
  • Limiting access to authorised personnel for business-related purposes only;
  • Implementing encryption, secure access protocols, and audit trails for cross-border data access;
  • Reviewing data handling practices of offshore teams as part of our compliance and security controls.

By engaging with us, you acknowledge and consent to such cross-border transfers where necessary for service provision, internal administration, or personnel support.

9. DATA PROTECTION OFFICER

If you have any questions, feedback, or requests relating to your personal data or this Notice, please contact our appointed Data Protection Officer:

DPO: Mr. Andy Lim

Phone: +65 6921 7721

Email: andy.lim@swiz.com.sg

10. UPDATES TO THIS NOTICE

SWiZ may update this Data Protection Notice from time to time to reflect changes in legal or regulatory requirements, or in our internal policies. Any revisions will be published on our official website at www.swiz.com.sg, and the updated Notice will supersede previous versions.

Your continued engagement with us constitutes your acknowledgement and acceptance of any such updates.

 

Effective Date: 02 June 2019

Last Updated: 30 April 2025