Personal Data Protection Policy
Thomson Medical Group
Updated: 1 Sep 2023
The privacy of your Personal Data is important to us and we are committed to accord the information the due level of care in compliance with the Personal Data Protection Act of Singapore (the “Act”).
This Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your Personal Data, and any consents you may have provided in connection with this Policy are cumulative and additional to any rights which we may have under applicable law to collect, use or disclose your Personal Data
For the purpose of this Policy, Personal Data means any information or combination of information, relating, directly or indirectly to an identified or identifiable natural person.
Depending on the nature of your interaction with us, the Personal Data we collect may include your personal identification information, health and medical information, account and profile information and related data and/or any other information which have been provided to us or we may have access to, in the course of your interaction with us.
When you provide us with any Personal Data relating to a third party (e.g. information on your customers, spouse, children, parents, and/or employees), you represent to us that you have obtained the consent of such third party in providing us with their Personal Data for the respective purposes.
HOW DO WE COLLECT PERSONAL DATA
When we obtain Personal Data about you, this is generally necessary to fulfill a statutory or contractual requirement or is required to perform or enter into a contract with you. In this case, you are obliged to provide your Personal Data. In other exceptional cases, decision to provide us Personal Data is voluntary. In this case, if you do not provide your Personal Data to us, we may not be able to accomplish some of the purposes outlined in this Policy.
We collect Personal Data from you in the following ways:
- when you create an account, register with us and/or submit any form to us or benefit from our services;
- when you disclose Personal Data in face-to-face meetings, telephone conversations, emails and/or over any communication or messaging platforms with our teams such as marketing or customer service officers;
- when you sign up for our marketing and promotional communications and/or any initiatives;
- when you interact, communicate with us and/or leave comments on our websites or social media platforms;
- when you enter into an agreement, partnership, collaboration and/or provide any other documentation or information in respect of your interactions with us;
- when you visit and/or are within our premises and your images are captured by us via CCTV cameras, photographs or videos taken by us or our representatives when you attend any of our events;
- when you submit application for employment, internship, attachment or accreditation;
- when you make available your Personal Data to us for any other reason.
- when we seek and receive your Personal Data in connection with your relationship with us (including, but not limited to, for our products and services or work, and accreditation applications) from other data sources;
- if you act as an intermediary or are supplying us with Personal Data and information relating to a third-party/other individual (such as a family member, friend, patient, employee, etc.), you undertake that you have obtained all necessary consents from such third-party/ other individual for processing of their Personal Data by us and such third-party/other individual is aware of the contents of this Policy;
- any other information which we may collect from other sources.
PURPOSE FOR COLLECTION, USE, AND DISCLOSURE OF PERSONAL DATA
We collect Personal Data for the purposes stated in this Policy.
Your Personal Data may be shared with our employees, representatives and/or Affiliates and access to Personal Data will be limited to those who have a need to know the information for the purposes described in this Policy.
These purposes include, but are not limited to:
- providing and administering medical care, health, and wellness services, therapy and procedures;
- liaising with third-party service providers, vendors, suppliers and business and collaboration partners for the provisions of such, and related, products and services;
- creating and maintaining account profiles and information including, but not limited to, health, medical, transaction (enquiries and feedback, appointments, admissions, bills, purchases and/or payments, insurance claims, etc), benefits entitlement, accreditation, records;
- processing of requests including, but not limited to registrations, applications, subscriptions, execution and conclusion of contracts;
providing customer service and support, including, but not limited to handling enquiries, feedback and complaints, arranging and facilitating bookings, registrations, applications;
- facilitating payments to, and receive payments from individuals, service providers, vendors, suppliers and business and collaboration partners;
- administering debt recovery and management;
- managing administrative and business operations;
- marketing offers and promotions in relation to products and services;
- conducting internal audits and investigations;
- recording video or other digital, electronic, or wireless surveillance system or device to secure and maintain IT infrastructure, office equipment, facilities and other property;
- disclosing Personal Data to government institutions or supervisory authorities as required by law or judicial authorisation;
- exercising or defending legal claims;
- facilitating corporate restructuring processes and business asset transactions (which may extend to any mergers, acquisitions or asset sales);
- conducting market research or analysis for statistical and/or profiling to improve operations, services, product offerings and personalised experience based on individual behaviour, patterns and trends;
- any other purpose relating to or reasonably necessary for any of the above.
If you access, download or use any of our Platforms, you agree we may collect, use, disclose and/or process your Personal Data for any of the following purposes:
- where the Platform includes subscription services, to process your application for these services;
- to maintain your account with us and to ensure your access of the Platform is within the scope of your subscription;
- to verify and process your personal particulars and payments in relation to provision of goods and services connected to the Platform;
- to provide you with the goods and services which you have signed up for and to push articles to you which may be relevant to you;
- communicating with you to inform you of changes and development to our policies, terms and conditions and other administrative information, including for the purposes of servicing you in relation to products and services offered to you;
- resolving complaints and handling requests and enquiries;
- conducting market research for statistical, profiling and statistical analysis for the improvement of services provided to you;
- the processing of your Personal Data in relation to any of the purposes stated above.
DIRECT MARKETING / MARKETING AND PROMOTIONS
From time to time, we may contact you via mail, electronic-mail, telephone (call or SMS-Text) or facsimile, to inform about our products and services, or about special offers and promotions that we think may be of interest to you. If you have provided your Singapore telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Singapore telephone number(s), then from time to time, we may contact you using such Singapore telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services (including discounts and special offers).
You can let us know at any time if you no longer wish to receive marketing materials (by unsubscribing from receiving such marketing material or contacting our Data Protection Officer (DPO) listed below and we will remove your details from our direct marketing database.
If you have given your consent, we may use your Personal Data to market our partners’, sponsors’ and advertisers’ products, services, events or promotions by sending you newsletters, updates, mailers, promotional materials, special privileges, festive greetings and invite and manage your participation in our events or activities.
We may communicate our publicity promotions by post, telephone call, short message service, online messaging service, push notification by hand and by email through the contact points you provided us. You may unsubscribe to the processing of your Personal Data for any of the marketing and promotions by clicking on the unsubscribe link in any email or message. Alternatively, you may also update your preferences via our apps.
COOKIES WEB BEACONS AND OTHER TECHNOLOGIES
Our Platform(s) may include technologies that automate the collection, use, disclosure, and/or processing of data (including your Personal Data). Such technologies may include cookies, web beacons and other web analytics. If you do not wish to have your data collected through such technologies you should disable the operation of these technologies on your devices (where possible), or refrain from using our Platform(s).
TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE
We will only transfer your personal data to countries outside of Singapore with your written consent and in accordance to the requirements under applicable law and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the Singapore PDPA.
ENSURING PERSONAL DATA IS UP-TO-DATE
We rely on the Personal Data we hold in conducting our business. Therefore, it is very important that the Personal Data we hold is accurate, complete and up-to-date. You shall ensure that all Personal Data submitted to us is complete, accurate, true and correct. Please update us immediately if there is any change to the Personal Data you submitted to us as it may result in our inability to provide you with services and products you have requested.
SECURITY OF PERSONAL DATA
Security of Personal Data is very important to us and we take all reasonable precautions and care to protect your Personal Data from misuse, loss, unauthorised access, modification or disclosure.
Some of the ways we protect Personal Data include:
- restricting access to Personal Data only to staff who need it to perform their day-to-day functions;
- securing internal and external premises;
- maintaining technology products that are up-to-date to prevent unauthorised computer access or damage to electronically stored information, such as requiring identifiers and passwords, firewalls and anti-virus software; and
- maintaining physical security over paper records.
We will retain your Personal Data only for as long as they are needed for the purposes for which the consent is given or as required by law. If the Personal Data are no longer required to be retained by us, they will be properly and securely destroyed or deleted from our systems.
CONTACT US FOR WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION OF YOUR PERSONAL DATA
If you would like to withdraw your consent to any use of your personal data or would like to obtain access and make corrections to your personal data records, please contact our DPO listed below.
We will need to verify your identity before processing your personal data.
In addition, a fee will be charged to cover the cost of processing your access request.
We will do our best to respond to you within a reasonable time and no longer than 30 days from the date we receive complete information of your request and feedback. Should we need longer time to respond to you, we will keep you informed.
To facilitate the request, we will require the following information when you put up your request:
- Full Name
- Contact Number
- Email Address
- Relationship (if request on behalf of the individual) and the individual name, contact number and/or email address)
- Personal data to be corrected and related document to prove, if any (for correction request)
- Timeframe (i.e. date and time (if applicable)) and location (if applicable) of the requested personal data (for access request)
- Reason for the access request
Please note that if you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our products or services to you or administer any contractual relationship in place, and this may also result in the termination of any agreements with us and you being in breach of your contractual obligations or undertakings, and our legal rights and remedies in such event are expressly reserved.
If you believe that the privacy of your Personal Data has been compromised, please contact DPO listed below immediately and we will take the relevant steps to address your concerns.
Please note that if your Personal Data has been provided to us by a third party, you should contact such party directly to make any queries, feedback and request to TMG on your behalf.
CONTACTING OUR DATA PROTECTION OFFICER
For any questions, feedback or request relating to your Personal Data or about this Policy, including without limitation our reliance on the legitimate interests and/or deemed consent bases of collecting, using, and/or disclosing your Personal Data as described in this Policy, you may contact our DPO at DPO@thomsonmedical.com
RIGHT TO AMEND THE POLICY
We reserve the right to update or modify this Policy from time to time, and send you notification of updates to this Policy in any form as we may deem appropriate. While you should regularly check this Policy, we may also inform you of how we process your Personal Data by publishing (or amending) this Policy and, where required by applicable law, by posting a Policy, or reaching you via other forms of communication (e.g. sending you an SMS message or email) according to such contact particulars that we may have of you in our records from time to time. You may also contact us in the manner disclosed in this Policy to learn about our handling or processing of your Personal Data. To the maximum extent permissible under applicable law, you agree to be bound by the prevailing terms of this Policy as may be updated from time to time and/or as you may be notified.
This Policy shall be governed in all respects by the laws of Singapore.