This Personal Data Protection Policy notice for personal data (“Policy”) is issued to all our valued customers and guests of Founders Beauty Pte Ltd (“us”, “we”, “our” or “ours”), pursuant to the statutory requirements of the Personal Data Protection Act 2012 (Act 26 of 2012) (“PDPA”).
We take our responsibilities under Singapore’s PDPA seriously. We recognise the importance of the personal data entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
In order to conduct our business operations, we may disclose the personal data you have provided us to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether located in Singapore or outside of Singapore.
Please take a moment to read our Policy so that you know and understand the purposes for which we collect, use and disclose your personal data.
This Policy supplements but does not supersede nor replace any consents you may have previously provided to us in respect of your personal data, and your consents herein are additional to any rights which any of us may have at law to collect, use and/or disclose your personal data.
If you have any questions or concerns about our privacy practices, we welcome you to contact us by email at concierge@foundersbeauty.com.
1.1 “Personal data” is defined under the PDPA to mean data, whether true or false, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data include names, identification numbers, contact information, medical records, photographs and video images.
1.2 Personal data is collected in accordance with the PDPA. You will be notified of the purposes for which your personal data may be collected, used, disclosed and/or processed, as well as obtain your consent for the collection, use, disclosure and/or processing of your personal data for the intended purposes, unless an exception under the law permits us otherwise
2.1 The provision of your personal data is voluntary. However, withholding your personal data from us will mean that we may not be able to provide you the relevant Products and / or Services required.
2.2 We collect personal data during the course of our ordinary business activities and will only collect such personal data if it is necessary for our functions, operations or activities. We will never knowingly seek access to your information which is confidential or subject to privilege (including medical or legal) except with your express prior consent.
2.3 The PDPA requires us to collect personal data about you, only from you, if it is reasonable and practical to do so. Some examples of the types of information which we may collect include:
3.1 As our Site is designed for individuals aged 18 and above or not considered a minor in the user’s country of residence for the purposes of entering into a contract, we do not knowingly collect personal data from minors who may visit our Site, and we do not knowingly include any such information in our customer databases.
4.1 Some examples of how your personal data can be collected:
5.1 The personal data we collect from you may be used, disclosed and/or processed for various purposes, depending on the circumstances for which we may need to process your personal data, including but not limited to:
As the purposes for which we may/will collect, use, disclose or process your personal data depend on the circumstances at hand, some purposes may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless the collection, use, disclosure or processing of your personal data without your consent is permitted under the PDPA or under any other law.
5.2 In order to conduct our business operations better, we may also disclose your personal data to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether Singapore, or outside of Singapore, for one or more of the purposes referred to in paragraph 5.1. Such third-party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the purposes referred to in paragraph 5.1.
6.1 Save as expressly provided in this Policy or permitted under the PDPA or under any other law, we will not share, sell, rent or release any personal data collected to any third party individuals, companies or groups. Any personal data we collect is used for our own purposes as described in this Policy.
6.2 In order to enable us to provide a wide range of products and services to you, we may from time to time engage third party service providers, including but not limited to:
6.3 The third party service providers are only authorised to use your personal data to perform the service for which they were hired. They are required to comply with the PDPA, all other laws and any of our prevailing policies in relation thereto (including this Policy), and to take reasonable measures to ensure your personal data is secure.
6.4 We will not disclose your personal data to third parties without first obtaining your consent. However, we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, where in our opinion any of the following arises:
6.5 The instances listed above at paragraph 6.4 are not intended to be exhaustive. For more information on the exceptions, you are encouraged to refer to the Second, Third and Fourth Schedules of the PDPA which can be found at https://sso.agc.gov.sg/.
6.6 Where we disclose your personal data to third parties with your consent, we will employ our best efforts to require such third parties to protect your personal data in a manner required under the PDPA or any other law
7.1 You may request to access and/or correct your personal data for the time being in our possession by submitting your request through email or in person (if applicable).
7.2 For a request to access personal data, we will provide you with the relevant personal data within thirty (30) days from the date of your request.
7.3 Where a request cannot be fulfilled within the above time frame, you will be informed of the earliest time in which we will respond.
7.4 For a request to correct personal data, we will correct your personal data as soon as possible after our receipt of such request, unless we have reasonable grounds to do otherwise.
7.5 Depending on the scope and nature of the work required to process an access or correction request, a fee may be charged to recover administrative costs. This will be assessed on a case-by-case basis. Where such a fee is required, you will be provided with a written estimate of the fee for your consideration. Your request will be processed once payment of the fee is received. In certain cases, we may also require a deposit from you before we process your request. You will be notified if a deposit is required, if any.
8.1 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession by submitting your request through email or in person (if applicable).
8.2 Your request will be processed within a reasonable time. Thereafter we will not collect, use and/or disclose your personal data in the manner stated in your request.
8.3 However, your withdrawal of consent may result in certain legal consequences arising. In this regard, depending on the extent of your withdrawal of consent for us to collect, use, disclose and/or process your personal data, it may mean discontinuing your existing relationship with us
8.4 The collection of your personal data may be mandatory or voluntary depending on the purposes for which your personal data is collected. Where it is necessary for you to provide us with your personal data, and you fail or choose not to provide us with such personal data, or do not consent to the above or this Policy, we will not be able to provide our products and/or services (or any part thereof) to you.
9.1 We will take all reasonable effort to ensure that your personal data is accurate and complete, if usage of your personal data is likely to affect you. This means that you are required to update us of any changes in your personal data from time to time. We will not be responsible or liable for any consequences arising from the provision of any inaccurate or incomplete personal data to us.
9.2 We will arrange for reasonable security measures to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorized use of your personal data by third parties, or for instances attributable to factors beyond our control.
9.3 We will put in place measures to destroy and/or anonymise your personal data in our possession as soon as it is reasonable to assume that:
10.1 If you have any complaint or grievance regarding the handling of your personal data, or about how we are complying with the PDPA, you are welcome to contact us through email at concierge@foundersbeauty.com.
10.2 You may also contact us through one of the following methods with your complaint or grievance: email or letter.
10.3 When drafting an email or a letter, your indication at the subject header that it is a PDPA complaint will assist us in attending to your complaint expeditiously. For example, the subject header can be titled “PDPA Complaint”.
11.1 As part of our efforts to properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
11.2 We reserve the right to amend the terms of this Policy at our discretion. Any amended Policy will be posted on our website and can be viewed on this page.
11.3 You are encouraged to visit this page from time to time to keep updated of our latest policies in relation to personal data protection.
12.1 In order to maintain the security of your personal data, we have taken reasonable methods to prevent unauthorised access and maintain accuracy of all personal data collected by our Website. Physical and technical methods of protection include limited access by internal personnel to your personal data on a need-to-know basis, and password protecting documents or logs that contain personal data.
12.2 By remaining on our Website, you acknowledge that transmission of information over the internet is not fully secure and at your own risk. We cannot therefore guarantee that any information you submit to us will be accessible to only us as the intended recipients. We shall, however, do our best to protect your personal data. Nevertheless, if there is a security breach on behalf of an unauthorised party, you agree to indemnify us and hold us harmless for any and all claims against the unauthorised party.
12.4 You acknowledge that your use of our Website, Products and Services is completely voluntary. As such, you shall indemnify us and hold us and our agents and affiliates harmless for any damages or injury that may arise from your use of our Website, Products and Services, which include, but are not limited to, issues regarding the confidentiality and security of your Personal Information.
12.5 We securely store your data on our servers which are located in Singapore.
12.6 We will keep your personal data for a period of time no longer than that permitted by the PDPA from time to time. Upon expiry of such period, we will delete your data by erasure from our servers and online systems.
13.1 The parties agree that in relation to any information, whether confidential or not that is shared between us and yourself, that we shall each be individually responsible to comply with any and all relevant data protection laws and legislation including the General Data Protection Regulation of the European Union (EU GDPR).
13.2 Any information or data that is provided by either of us pursuant to this engagement, including personal data, will be maintained by the other party and stored, accessed and processed in accordance with recognised data protection legislation including the General Data Protection Regulation of the European Union (EU GDPR).
13.3 Terms of the PDPA shall prevail to the extent of any inconsistencies between the PDPA and the EU GDPR.
1.1 Cookies are data from a server to your browser which are saved on your hard drive. Cookies do not contain personally identifiable information, such as your name or contact information. You may adjust your browser settings with regards to the collection of internet cookies - for example, you may delete, block and/or refuse cookies, or you may elect to be notified before cookies are placed.
1.2 This Site uses cookies to collect information to monitor and aggregate web traffic to our Website. This Site may also use web beacons, pixels, tracking gifs and social media widgets set by us or third parties to help us understand browsing activity and traffic patterns. This information helps us improve our Website, products and Services, and your online experience. For example, social media widgets may be placed on our Website by third party social media platforms to allow you to interact with our social media accounts. These technologies may also collect browsing data, although the collection and use of data amongst these third parties is subject to their control and respective privacy policies.
1.3 You may opt out or limit how we use cookies, including by the following methods: