1. Background
Success IT Consultancy & Services (“we” or SICS) are committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us and your choices regarding the personal data we may hold about you. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. The privacy policy is based on Singapore’s Personal Data Protection Act 2012, hereinafter “PDPA”).
By visiting this Website you are accepting and consenting to the practices described in this policy.
2. DEFINITIONS
Customer means person or his or her representative who uses SICS software or services.
Visitor means person visiting the Website.
Personal Data means any information related to an identified or identifiable natural person.
Client Data means any data Customer inserts, uploads or otherwise stores in the Software.
“we” or “us” means Success IT (Success IT Consultancy & Services Pte Ltd, UEN 200502888N, location 5 Upper Aljunied Link, #04-06, Singapore 367903).
Website means the Success IT website.
Software means any of our digitalisation solutions, including but not limited to our General Insurance, Quotation System, Auto Suite, ERP Wholesales, ERP Payroll software, including applications, software, hardware, Personal Data bases, interfaces, associated media, documentation, updates, new releases, and other components or materials provided therewith.
Services means services offered by SICS related to the use of the Software.
Licence means Legal Agreement between Customer and Success IT for use of the Software and Services.
All Terms given in the singular are also applicable in the plural.
3. INFORMATION WE MAY COLLECT ABOUT YOU
We may collect and process the following data about you:
3.1 Information you give us. You may give us information about you by filling in forms on our Website or any sub-domain thereof, including, but not limited to, successit.com.sg (our site), or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our Services, use our Software and when you report a problem with our site. The information you give us may include your name, address, e-mail address, phone number, and financial and credit card information.
3.2 Information we collect about you. With regard to each of your visits to the Website we may automatically collect the following information:
3.2.1 Technical information, including the Internet Protocol (IP) address used to connect to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
3.2.2 Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
3.3 Information from other sources (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies).
3.4 Information collected by Customers. A Customer may insert, upload or otherwise store Client Data, which may contain Personal Data, in the Software. SICS has no direct relationship with the individuals whose Personal Data is hosted in the Software as part of Client Data. Each Customer is responsible for providing notice to its customers and third persons concerning the purpose for which Customer collects their Personal Data and how this Personal Data is processed in or through the Software as part of Client Data.
4. USES MADE OF THE INFORMATION
We use the information that we collect in a variety of ways in providing our Services and operating our business, including the following:
4.1 Provision of Services
4.1.1 We use the information, with the exception of Client Data, to operate, maintain, enhance and provide you with all aspects of the Software and Services, to carry out our obligations under the Licence and to provide you with the information, products and services that you request from us.
4.1.2 We process Client Data only at the request of the Customer and in accordance with the directions provided by the Customer who owns the respective Client Data.
4.2 Improvements of Services. We may use the information for administering our Website, analysing the preferences of Customers and Visitors and for improving our Software, Services and Website, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
4.3 Communications
4.3.1 We may use Personal Data (e.g. email or phone number) to contact you for administrative purposes, such as customer service (e.g. responding to customer queries), sending service notices (such as information about Software changes, maintenance, new features, etc.) or informing about contractual rights and obligations.
4.3.2 We may also contact you with updates on promotions or events related to our Software, Services or to the services offered by our partners. You have the right to opt out from receiving any promotional communications, see “9. Your choices“.
4.4 Cookies. Our site uses cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of our Website, which helps us to provide you with a good experience when you browse our site and also allows us to improve our site. The cookies we use are “analytical” cookies. They allow us to recognise and count the number of Visitors and to see how Visitors move around the site when they are using it. This helps us to improve the way our site works, for example by ensuring that Visitors can easily find what they are looking for.
5. PROTECTION OF PERSONAL DATA
5.1 Privacy and the protection of Personal Data is of the upmost importance to us and we ensure the security of Personal Data in accordance with existing legislation (e.g. PDPA) and good business practice.
5.2 Measures used to ensure the protection of Personal Data include, but are not limited to: organisational, physical and information technology security measures that cover the protection of IT infrastructure, computer and communications networks, technical equipment, employees, offices and information with the aim of ensuring a high level of risk mitigation and preventing threats of Personal Data leaks and losses.
5.3 In operations, Personal Data protection is regulated through internal security rules which ensure that only authorised employees are able to process Personal Data and only to the required extent.
6. DISCLOSURE OF PERSONAL DATA
We may under certain circumstances be required to disclose Personal Data to following parties:
6.1 In events required by law at the request of the authorities (e.g. law enforcement agencies, courts, enforcement officers, tax authorities, supervisory authorities);
6.2 to insurance companies, insurance brokers, credit institutions and credit intermediaries, where required for the performance of the Licence;
6.3 to legal and financial advisors, auditors, debt recovery undertakings and other authorised processors where required for provision of the Service, performance of our obligations and protection of our rights.
7. WHERE WE STORE YOUR PERSONAL DATA
7.1 We process the Personal Data within Southeast Asia (SEA), but in certain cases the Personal Data can be transferred to and processed in countries located outside the territory.
7.2 The transfer and processing of the Personal Data outside SEA may take place for the purpose of performance of a legal duty, obligations deriving from the Licence or under other circumstances with the consent of the Customer, provided that the following safeguards are ensured: a valid Contract with standard terms drafted or an approved code of conduct, approved certifications and other measures and conditions by which the Personal Data recipient or the country of its location ensures a sufficient level of Personal Data protection which is in compliance with the PDPA as per decision of the Personal Data Protection Commission and whereby the recipient has been certified on the basis of the Privacy Shield (applicable to Personal Data recipients located in the United States). On request, the Customer can obtain more detailed information on the transfer of the Personal Data outside SEA.
8. HOW LONG WE KEEP YOUR PERSONAL DATA
8.1 We do not process the Personal Data for longer than the purpose of use of the Personal Data has been fulfilled, usually until the expiry of the Licence and the applicable Termination Period and thereafter on the basis of legitimate interest and for performing statutory duties (e.g. duties arising from accounting, private legal grounds, etc.).
9. YOUR CHOICES
According to the law, you have the right to:
9.1 receive information from us about the extent and use of the processing of the Personal Data;
9.2 demand that we terminate the use of, correct or delete your Personal Data;
9.3 grant or withdraw consent to use the Personal Data for direct marketing or other marketing purposes;
9.4 for the purpose of protecting the Personal Data, contact the Personal Data protection authority or seek judicial protection;
9.5 claim justified compensation for proven damage caused to you as a result of unlawful use of the Personal Data;
9.6 demand that no decisions based merely on automated processing be made with regard to you.
10. DATA CONTROLLER AND DATA PROCESSOR
SICS does not own, control or direct the use of any of the Client Data stored or processed by a Customer via the Software. Only the Customer is entitled to access, retrieve and direct the use of such Client Data. We are largely unaware of what Client Data is actually being stored or made available by a Customer to the Software and do not directly access such Client Data except as authorized by the Customer or as necessary to provide Services to the Customer.
Because we do not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, SICS is not acting in the capacity of data controller in terms of the PDPA and does not have the associated responsibilities under the PDPA. SICS should be considered only as a processor on behalf of its Customers as to any Client Data containing Personal Data that is subject to the requirements of the PDPA. Except, as provided in this Privacy Policy, SICS does not independently cause Client Data containing Personal Data stored in connection with the Software to be transferred or otherwise made available to third parties, except to third party subcontractors who may process such data on behalf of SICS in connection with our provision of Services to Customers. Such actions are performed or authorized only by the applicable Customers.
The Customer is the data controller under the PDPA for any Client Data containing Personal Data, meaning that such party controls the manner of how such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.
We are not responsible for the content of the Personal Data contained in the Client Data or other information stored on Software at the discretion of the Customer nor is SICS responsible for the manner in which the Customer collects, handles disclosure, distributes or otherwise processes such information.
11. HOW TO CONTACT US
11.1 Our contact person for submission of notices, queries and declarations of intent: enquiries@successit.net
11.2 Data Protection Officer e-mail address is enquiries@successit.net.
12. AMENDMENTS TO THE PRIVACY POLICY
12.1 SICS has the right to revise the privacy policy by informing Customers at least one month in advance via the Website.
12.2 The privacy policy enters into force on 21 March 2022.