This policy was last updated on 07 July 2020
Yes, SkinFitness is compliant with the requirements of the PDPA (Personal Data Protection Act) of Singapore, has appointed a Data Privacy Officer and is also compliant with the somewhat more stringent European General Data Protection Regulations (GDPR code of conduct published by CISPE Data Protection Code of Conduct. You can access a copy of Code of Conduct Here
All Client data is stored electronically with our software service provider, ServiceQUIK. The software is a cloud service, whereby no data is stored on site - only in ServiceQUIK's secure data storage. Our data is available to no one except SkinFitnes. All data is stored in a Cloud data center here in Singapore.
You can read more on the specifics of our service provider's compliance with the PDPA here and their own Data Privacy Policy here.
SkinFitness Pte Ltd (‘SkinFitness’, ‘we’, ‘us’, and ‘our’) take data protection very seriously and we are committed to protecting your personal information.
This explains what information we gather about you, what we use that information for, and who we give that information to. It also sets out your rights in relation to your information, how long we keep it and who you can contact for more information.
It is our policy to collect only the minimum information required from you. If you believe we have collected excessive information about you, please contact us contact-us@skinfitness.com.sg to raise any concerns you may have.
Although you do not have to provide any of your personal information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods or services you want from us.
Personal information is anything that enables you to be identified or identifiable, such as your:
Your personal information is sometimes called “personal data”. We collectively refer to handling, collecting, protecting or storing your personal information as ‘processing’.
Below are just some examples of how you may provide personal information to us:
When you provide personal information to us, we may use it for any of the purposes described below or as stated at the point we collect it from you (or as may be obvious to you from the context of collection), including:
We do not collect personally identifying information for sale to third parties.
We rely on one or more of the following processing conditions:
We have implemented generally accepted standards of technology and operational security in order to protect personally identifiable information from loss, misuse, alteration or destruction.
Only authorised persons are provided access to personally identifiable information we have collected, and such individuals have agreed to maintain the confidentiality of this information.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure.
We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.
We may transfer, share or disclose the personal data we collect from you to third parties (other organisations or individuals) for:
We also may transfer, share or disclose personal data to third party service providers of identity management, website hosting and management, data analysis, data backup, security and storage services.
These third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.
We may also disclose personal information to third parties under the following circumstances:
We may also disclose your personal information to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with applicable laws or regulations.
Your personal information may be transferred outside the European Economic Area (EEA). Where we collect your personal information within the EEA, any transfer to outside the EEA will be only:
We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.
Normally, this means we will retain your personal information for five years.
Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.
If you want to unsubscribe from any emailed promotions that you had previously provided permission for us to send you, you should look for and follow the instructions we will provide in the relevant communications to you. This is usually located at the bottom of the email and identified by unsubscribe.
If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.
You have certain rights in relation to the personal information we hold about you. In particular, you have the right to:
If you would like to exercise these rights or understand if these rights apply to you, please contact us at contact-us@skinfitness.com.sg
We will not use your personal information for automated decision making or profiling.
We understand the importance of protecting children's privacy and we never knowingly collect personal information about individuals under the age of 13. We adhere to laws regarding marketing to children.
Our Websites may link to third-party sites not controlled by us and which do not operate under our privacy practices. When you link to third-party sites, our privacy practices no longer apply. We encourage you to review each third-party site's privacy policy before disclosing any personally identifiable information.
We do not intend to collect special category (also known as sensitive) personal information through our websites (unless we are legally required to do so). Examples of special category information are: race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records.
We ask that you do not provide us with special category personal information when using our websites.
If you have any questions or complaints about the way your personal information is processed by us, or would like to exercise one of your rights set out above, please contact us by one of the following means:
Email:
Contact our Data Privacy Officer at:
We may update this Data Privacy Policy notice at any time by publishing an updated version here. So that you know when we make changes to this Data Privacy Policy statement, we will amend the revision date at the top of this page. The new modified or amended Data Privacy Policy will apply from that revision date. Therefore, we encourage you to review this Data Privacy Policy notice periodically to be informed about how we are protecting your information.