Legal

External Privacy Policy

This Data Protection Policy (“Policy”) sets out the basis which As Far As I Know LLP (“we, “us”, “our”, the “Production House”) manage your personal data in compliance with the Personal Data Protection Act 2012 (“PDPA”).

We collect, use, disclose, transfer, store and/or process your personal data in accordance with this Policy. This Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for or in connection with the purposes identified below.

PERSONAL DATA

  1. As used in this Policy:

    “Personal Data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

  2. Depending on the nature of your interaction with us, some examples of Personal Data which we may collect from you include your full name, identification numbers such as NRIC, FIN, work permit, and passport numbers, contact information, residential address, email address, telephone number, nationality, gender, date of birth, marital status, medical history, your family or genealogical history, photographs and other audio-visual information, your education and employment history, your employment details such as your job title/profession and your employer’s name and address; financial information such as credit card numbers, debit card numbers or bank account information, religious information (such as your religion, where you worship, etc.), names and ages of children, signature, photographs, audio/video recordings and digital images, CCTV footage (when you are within our premises), and other information which you may provide to the Production House. For the avoidance of doubt, data that has been anonymised by the removal of personally identifiable information shall not be regarded as personal data.

  3. Other terms used in this Policy shall have the meanings given to them in the PDPA (where the context so permits). 

COLLECTION, USE, DISCLOSURE AND TRANSFER AND/OR PROCESSING OF PERSONAL DATA

  1. We generally do not collect your Personal Data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your Personal Data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your Personal Data for those purposes, or (b) collection and use of Personal Data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional Personal Data and before using your Personal Data for a purpose which has not been notified to you (except where permitted or authorised by law).

  1. We may collect, use, disclose, process and/or transfer your Personal Data, whether obtained from you or from other sources, for the following purposes:

  • Verifying your identity;

  • Establishing or managing your relationship with us;

  • Providing you with marketing collateral relating to our services;

  • Internal record keeping;

  • Responding to, handling, and processing queries, requests, applications, complaints and feedback from you;

  • Complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;

  • Managing our administration and operations, including but not limited to audit, accounting, risk management and record keeping purposes;

  • Monitoring and evaluating the quality of our services provided and the effects of the services provided (both in the short and long term, and after you have stopped using the services);

  • Providing our services to you;

  • Performing our obligations in the course of and/or in connection with the provision of our services to you;

  • To store, host, back up data, including Personal Data;

  • Transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and

  • Any other incidental purposes related to or in connection with the above.

The purposes listed may continue to apply even in situations where a person’s relationship with us has been terminated or altered in any way, for a reasonable period thereafter.

  1. We may disclose your Personal Data to our Affiliates and third parties in limited circumstances as set out below:

  • We may share your Personal Data with our employees or independent contractors, including but not limited to camera operators, audio technicians, producers, production assistants, designers, editors, illustrators, interns, and writers, in connection with services they perform for us in relation to our provision of services to you. Where this occurs, we will ensure that the relevant contracts between such employees or independent contractors and us shall contain the necessary clauses which impose obligations on them to protect your Personal Data;

  • We may share your Personal Data with vendors, partners, and third party service providers or other organizations, whether located in Singapore or outside of Singapore, for fulfilling any of the purposes listed in clause 5 above;

  • We may share your Personal Data to comply with any applicable laws, regulations, codes of practice, guidelines, rules or requests by public agencies, or to assist in law enforcement and investigations;

  • We may also share your Personal Data with any other party to whom you have authorised to disclose your Personal Data to, or where necessary to undertake any action requested by you;

  • We may share your Personal Data with our professional advisers (including but not limited to lawyers, accountants and auditors) to the extent that it is necessary to disclose such information; and

  • We may also share your Personal Data with service providers which provide services to or conduct business activities on our behalf, including cloud data storage services.

  1. We will make reasonable arrangements to ensure that the third parties, whom your Personal Data is being disclosed to, will provide an undertaking or undertake contractual obligations to provide a standard of protection, or are by the applicable law required to provide a standard of protection, for the transferred Personal Data that is comparable to that of the PDPA. If your personal data is transferred out of Singapore, we will take make reasonable arrangements to ensure that the recipients are bound by legally enforceable obligations (such as laws, contracts, binding corporate rules or any other legally binding instrument), so that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. However, we do not provide any warranty or take any responsibility on the manner or care in which these third parties maintain, protect or utilise your Personal Data, or any misuse by such third parties.

REQUESTS FOR WITHDRAWAL OF CONSENT, ACCESS, OR CORRECTIONS

Withdrawal of Consent

  1. The consent that you provide for the collection, use, disclosure and transfer of your Personal Data will remain valid until such time it is being withdrawn by you or your authorised representative in writing. You or your authorised representative may withdraw consent and request us to stop collecting, using and/or disclosing your Personal Data for any or all of the purposes listed above by submitting your request via email or otherwise in writing to our Data Protection Officer at the contact details provided below.

  1. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within twenty-one (21) business days of receiving it.

  1. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform our Data Protection Officer in writing.

  1. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.

Access To and Correction of Personal Data

  1. You may request:

  • access to your personal data held by us;

  • for correction of your personal data;

  • deletion of your personal data (but only where it is no longer required for a legitimate purpose);

  • that you no longer receive marketing communications;

  • that the processing of your personal data is restricted; and/or

  • that certain personal data that you have provided to us in a structured, digital form be transmitted to another party, if this is technically feasible.

  1. If you would like to request access to, correction or deletion of your personal data, or request that the processing of your personal data be restricted, or opt out of marketing communications, you may (as applicable), (a) follow the instructions in the applicable communication, or (b) email our Data Protection Officer at the contact details provided below.

  1. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the applicable fee before processing your request.

  1. In order for us to facilitate the processing of your request, it may be necessary for us to request further information relating to your request.

  1. If you make a specific request, the request must:

  • provide enough information for us to be able to verify you are the person whose personal data we hold or are an authorised representative of that person. We cannot respond to your request unless we can verify your identity or authority to make the request. We will aim to verify your identity based on personal data we already hold about you. If we need to request further information from you in order to verify your identity, we will only use that personal data for the purposes of identifying you or that you have authorized the request; and

  • describe your request in enough detail so that we can properly locate the personal data the request relates to.

  1. To the extent permissible under law, we may refuse such requests if deemed unreasonable.

  1. After receiving such a request and we are (i) able to verify a person’s identity or authority to make the request; and (ii) able to identify the relevant Personal Data to be accessed or corrected, we will endeavour to respond to such a request within a reasonable period from the successful verification of a requestor’s identity (the “Response Time”). In the event that we are unable to respond to the Request within 30 days, we will inform the person making such a request that we will require more time to respond to their request.

  1. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

  1. Please note that depending on the request that is being made, we will only provide you with access to the Personal Data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the Personal Data that we have on record, if the record of your Personal Data forms a negligible part of the document.

  1. You may also request for information about the purposes for which your Personal Data has been or may have been used or disclosed by us within a year before the date of such Request.

PROTECTION OF PERSONAL DATA

  1. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures. We will take reasonable measures to protect your Personal Data from unauthorised access, improper use, disclosure or transfer, unauthorised modification, unlawful destruction or accidental loss.

  1. You should be aware, however, that no method of transmission over the internet or method of electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures. If you have reason to believe that your interaction with us is no longer secure, please immediately notify our Data Protection Officer at the contact details located below.

  1. We do not represent or warrant that our computer systems, our Site, and any Apps are free of errors, infection by computer viruses, and/or other harmful or corrupting code, program, macro and such other unauthorized software. We do not assume responsibility for any unauthorised use of your Personal Data by third parties, which are wholly attributable to factors beyond our control.

  1. The Production House’s employees, independent contractors, and partners are required to keep Personal Data confidential and only authorised persons have access to such information.

ACCURACY OF PERSONAL DATA

  1. We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer at the contact details provided below.

COLLECTION OF INFORMATION FROM CHILDREN

  1. Where we are required to collect Personal Data from persons under the age of 16 or the applicable threshold age (for which a minor may give consent to their personal data being collected) in the relevant jurisdiction, the use of our services requires the consent of and supervision of the child’s parent or legal guardian.

  2. Where you provide us with personal data of a minor, you warrant that you have either given consent on behalf of the minor (as the minor’s relevant parent and/or legal guardian).

  1. Where a minor who has provided us with personal data would like to have the personal data deleted from our records, they may contact us accordingly and explain what they desire to be done.

RETENTION OF PERSONAL DATA

  1. We will only retain your Personal Data for as long as is necessary to fulfil the purpose for which it was collected, or as required or permitted by the applicable laws.

  1. We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes

  1. However, please be advised that we may retain some of your Personal Data after you cease to engage us for our services, for instance if the data is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes and for marketing purposes.

  1. In some circumstances we may anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

COOKIES AND LINKS

  1. A cookie is a small piece of information that is placed on your computer when you visit certain websites.

  2. We use cookies and other similar technologies in the following way:

  • Analytics: We use Squarespace Analytics which provides us with information about how visitors use and interact with our website. Squarespace uses cookies as part of the process to collect anonymous information, such as the number of visitors to the website, where they are from, the pages they visit and the length of time they have spent on our website.

  1. You may change your browser settings to block cookies or to alert you when cookies are being sent to your device. Please note that if you decide to disable cookies, you may not be able to access certain functions of our website.

  1. Please also note that when you visit our website, information is automatically collected by the technology platforms providing the experience. For example, your web browser or mobile device may share certain data with us as those devices interact with our website. This data includes device ID, network access, IP addresses, referrer headers, data identifying your web browser and version, web beacons and events.

  2. The website contains links to other websites. The Production House is not responsible for the privacy policies and practices of third parties or third-party websites to which links are provided. You should check the privacy policies on these sites before providing any Personal Data to them.

MISCELLANEOUS

  1. To the maximum extent permitted by law, we shall not be liable in any event for any special, exemplary, punitive, indirect, incidental or consequential damages of any kind or for any loss of reputation or goodwill, whether based in contract, tort (including negligence), equity, strict liability, statute or otherwise, suffered as a result of unauthorised or unintended use, access or disclosure of your personal data.

  1. This Policy, our privacy practices and your use of our services or other media of collection in connection with services, shall be governed by Singapore law. We make no representation that this Policy and our privacy practices comply with the laws of any other country. If you are not residing in Singapore, your use of our website or application shall be deemed to mean that you will not hold us responsible for any non-compliance with the laws of your residence to the extent that such laws are applicable. Further, by your continued use of our website or our application for any services or events, you consent to the transfer and use of your personal data outside your jurisdiction.

DATA BREACH NOTIFICATION & DATA PROTECTION OFFICER

  1. In the event of a data breach that is notifiable under the PDPA, we will notify the affected individuals and/or the Commission in accordance with the PDPA’s requirements. We will use reasonable efforts to communicate with the affected individuals using the contact information provided to us or through other appropriate means. Our communication may include text messages, WhatsApp messages, Telegram messages, messages on any messaging platform, email, or phone calls.

  1. You may contact our Data Protection Officer if you have any enquiries or feedback on our Personal Data protection policies and procedures, or if you wish to make any request:

Data Protection Officer

As Far As I Know LLP

111 North Bridge Road #17-06

Peninsula Plaza

Singapore 179098

Email: asfarasiknowsg@gmail.com

EFFECT OF POLICY AND CHANGES TO POLICY

  1. This Policy applies in conjunction with any other notices, agreements, and contractual clauses that apply in relation to the collection, use, disclosure, transfer, and processing of your personal data by us. In the event of any inconsistency between this Policy and any other notices, agreements, and contractual clauses, this Policy shall prevail.

  1. We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Any revisions or changes shall become effective from the time the revised Policy is made available for your access at [LINK]. Your continued use of our services, or your continued employment or engagement with us constitutes your acknowledgement and acceptance of such changes.

Updated as 26 June 2024.