Galaxy Logistics Pte Ltd – DATA PRIVACY POLICY

Last revised: 22 September 2022

Galaxy Logistics Pte Ltd values your privacy. This is why we only collect and use personal data to provide and improve our services and experience that you expect from us. Your personal data is any information that could be used to identify you or another individual.

What personal data do we collect

Your personal data which we may collect includes information such as:

·         Name

·         Email address

·         Contact number

·         Mailing address

·         Billing and payment information

·         Candidate information (for job applicants)

·         Where required, image (CCTV surveillance in our premise)

·         Other data collected that could directly or indirectly identify you

Our Personal Data Policy explains how and why we use the personal data we collect and how you can access, update, or withdraw your personal data.

If at any time you have questions about our practices or any of your rights described below, you may reach our Data Protection Officer (“DPO”) and our dedicated team by contacting us at dpo@virgogroup.com.sg.

When do we collect your personal data

We directly collect information from you when:

a)    Engaging with our services (billing information including name and government identification)

b)    Requesting assistance from our customer service representative

c)     Completing customer feedback forms

d)    Applying for a job

e)    Entering our premises

How we use your personal data

We use the personal data you share with us in the following ways:

·         To respond to your queries and requests

·         To communicate with you

·         To provide services

·         For customer satisfaction surveys to enable us to identify where service improvements can be made

·         To comply with our legal obligations

·         To assist in any disputes, claims, or investigation relating to services we offer

·         To manage visitor access and ensure appropriate security access in our premises

What personal information does Galaxy share with third parties

We do not sell your data or share it to anyone and only share it as outlined in this policy or when you ask us to.

We share your personal data with certain third-party service providers. They only have access to personal data they need to perform these services. Third party service provider fall into the following categories:

·         Third parties that help us with insurance claims

·         Third parties that help us with staff training

·         Third party that help us with detection, investigation, and prevention of criminal activities such as law enforcement bodies

Suppliers and other Third Parties’ personal data

The personal data we will process includes:

·         Contact details

·         Payment information and terms

We use your personal data in the following ways:

·         To enable Galaxy Logistics to work with you and make use of your services

·         To be able to process and fulfil the agreed compensation for your services

·         To complete our required due diligence process

How long do we keep your personal data

We only keep your personal data as long as we need to, to be able to use it for the purposes give in this policy and for as long as we are required to keep it by law. The actual period for which we store your personal data will vary depending on the type of personal data and how it is used.

Where applicable, we will inform the third parties whom we have disclosed your personal data to return or delete such data.

How do we store and protect your data

We are committed to protect your data. We use appropriate technical, administrative, and physical measures to store and protect your personal data and privacy to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal, destruction, or other similar risks. We will immediately notify you when a breach of any of its obligations to the PDPA surfaces.

Galaxy Logistics Pte Ltd is located in Singapore. We will not transfer your personal data to a place outside Singapore without your prior written consent. Where applicable, we will ensure that your personal data transferred outside Singapore will be protected at a standard that is comparable to that under the PDPA.

Personnel who have access to your information will be subject to disciplinary action should they fail to observe this Data Protection Policy and other guidelines.

We shall immediately notify you when a breach of any of its obligations to the PDPA surfaces.

 

Compliance with legal, regulatory, and law enforcement requests

We cooperate with government and law enforcement officials and private parties to enforce and comply with the law of Singapore. We will collect, use, and disclose any information we hold about you to government of law enforcement officials or private parties to respond to claims and legal process to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider illegal or unethical.

Your controls and choices

Where possible, we give you control over the personal data we collect about you to ensure it is accurate and reflects your preferences. You must ensure that all personal data that you provide is true, accurate and complete and promptly inform us of any changes to the personal data.

 

You have the rights to exercise the following:

a)    Access to the personal data we hold about you

b)    Update details of your personal data

c)     Withdraw consent for use of personal data for certain purposes

d)    Request that any incomplete or inaccurate data we hold or controlled be corrected or removed

e)    Request access for a copy of the personal data we have

Please note that those rights do not always apply and there are certain expectations to them. We will also need to verify identity before acting on certain requests.

We may be permitted under applicable laws to refuse your request to exercise your rights, for example, we may refuse

a)    A request for erasure where the personal data is required for in connection with claims

b)    An objection request to continue processing your personal data based on compelling legitimate grounds for the process.

On such instances your request for access or correction was rejected or refused, you may raise objections or clarification to DPO via email.

If you would like to exercise your rights in relation to your personal data, please email our Data Protection Officer at dpo@virgogroup.com.sg. We will respond to requests, inquiries, or concerns within 30 days

Changes to this policy

We will review and update this data protection policy at least once a year and will note the date it was last updated. If we change our policy, we will post the changes below. This data protection policy was last reviewed and updated in September 2022