Last Updated 21 October 2020
At Make Merry Studio LLP (UEN: T20LL0982H), all our customers are important to us and we are committed to protecting your privacy. Make Merry Studio LLP will be referred to as “The Company”, “us” or “we” throughout this document.
The Company is subject to the Personal Data Protection Act 2012 (“PDPA“) as well as other applicable laws protecting privacy. In some circumstances, we may undertake contractual obligations to observe additional privacy obligations. Any reference to “personal data” in this document shall have the meaning given to it in the PDPA, as amended from time to time.
WHAT PERSONAL DATA DO WE COLLECT AND WHY?
The Company collects the personal data we need to produce our projects, products and events, operate The Company, conduct related activities and operations, involve the community in The Company’s projects and activities and promote and seek support for The Company.
We generally collect personal data relating to you:
- that you knowingly and voluntarily provide to The Company; and
- where the collection of such personal data is permitted or required under the PDPA or any other applicable law.
Personal data which we may collect in relation to you includes:
- your name (including any alias used by you);
- NRIC or other identification number;
- Transaction history with The Company.
From time to time, we may obtain information about you from third-party sources as required or permitted by applicable laws and regulations, such as public databases, joint marketing partners and social media platforms.
Your personal data will be collected and used by The Company for the following purposes (each a “Purpose“):
- managing your relationship with us;
- to allow us to perform our obligations under or in connection with the provision of our goods and/or services to you;
- improving our goods and/or services;
- Improving marketing and/or customer relationships;
- allowing you to receive updates in relation to our goods and services, promotions and rewards through SMS, email and/or contact number you provided to us from time to time, regardless of your registration with the Do Not Call Registry;
- to allow us to comply with any applicable laws and regulations; and
- such other purpose as The Company may require to conduct its business.
(collectively the “Purposes”)
HOW DO WE USE PERSONAL DATA?
When we collect personal data, we generally use it for the purposes for which it was collected, or as otherwise authorised or required by law. We may sometimes use personal data for marketing or other research or allow information in aggregated form (without identifying individuals) to be shared with other companies and agencies to guide and assist future programming and marketing planning.
If you have purchased products or events from us or if you have asked us to, we may use your information to send you material (including by email) about The Company or its programs or other related programs or services, unless you tell us not to.
If at any time you do not want us to use your personal data to send you any further information, you can always let us know by contacting our Privacy Officer through the contact details given below.
From time to time, we may send you special offers and promotions from Third Parties. We will never disclose your personal data to that Third Party. If you do not wish to receive offers from Third Parties please contact our Privacy Officer through the contact details given below.
DISCLOSING PERSONAL DATA
We may disclose your personal data for any one or more of the Purposes and we will take reasonable care to allow your personal data to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. We will only disclose your personal data in the following circumstances:
- We may share your personal data with service providers under contract who help with parts of our business operations such as technology services;
- We may share your personal data with companies or other entities that we plan to merge with or be acquired by;
- We may share your personal data with companies or other entities pursuant to the applicable insolvency laws in Singapore or in any other jurisdiction;
RETENTION OF PERSONAL DATA
We may retain your personal data for as long as it is necessary to fulfil the Purposes or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which such personal data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which your personal data was collected, and are no longer necessary for legal or business purposes.
PROTECTION OF PERSONAL DATA
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate measures to secure all storage and transmission of your personal data by us, and disclosing your personal data both internally and to our authorised third-party service providers only on a need-to-know basis. You should be aware, however, that no method of transmission over the internet or method of electronic storage is completely secure.
ACCESS AND CORRECTION
If you wish to make:
- an access request for access to a copy of your personal data which we hold or information about the ways in which we use or disclose your personal data (“Access Request“); or
- a correction request to correct or update any of your personal data which we hold about you (“Correction Request“),
you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
To process any Access Request by you, we will need to take measures to verify your identity which may include requesting for additional information (which may include personal data) relating to you.
Please note that a reasonable fee may be charged for an Access Request. If so, we will inform you of the fee before processing your Access Request. We will respond to your Access Request as soon as reasonably possible. Should we not be able to respond to your Access Request within thirty (30) days after receiving your Access Request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your Access Request.
We generally rely on your personal data provided by you. In order to ensure that your personal data provided by you is current, complete and accurate, you should make a Correction Request if there are changes to such personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
If we are unable to provide you with any personal data relating to you pursuant to an Access Request by you or to make a Correction Request by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA). Please note that depending on the request that is being made, we will only need to provide you with access to your personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to imply provide you with confirmation of the personal data that The Company has on record, if the record of your personal data forms a negligible part of the document.
TRANSFER OF PERSONAL DATA OUTSIDE OF SINGAPORE
We generally do not transfer your personal data to countries outside of Singapore other than Australia. If we do so, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
CONSENT AND WITHDRAWING CONSENT
A type of anonymous information shared between your browser and our server is a cookie. A cookie is a small text file that a server places on your hard drive to identify that subsequent requests to a site have come from the same user.
If you have any queries or would like further information about our privacy policies or practices, please contact our Privacy Officer by calling +65 8862 2190 or emailing firstname.lastname@example.org or by writing to:
Data Protection Officer
TripleOne Somerset, Level 3
111 Somerset Road, #03-09