Camelot Trust Pte Ltd Privacy Statement
In the rapid evolution of the privacy and data protection environment, we at Camelot Trust Pte Ltd (Camelot Trust), respect the significance of your privacy and maintaining confidentiality of your personal data. Our policies, processes and practices are in keeping with the Personal Data Protection Act (No. 26 of 2012) (the “Act”). This privacy statement is designed to assist you in understanding how we collect, use, disclose, manage, retain and protect personal data in compliance with the Act and your rights in relation to your personal data.
1. Personal Data
For the purpose of this privacy statement, personal data will be the meaning as ascribed by the Act:-
“Personal Data” means data, whether true or not, about an individual who can be identified —
(a) from that data; or
(b) from that data and other information to which the organisation has or is likely to have access
2. Collection of Personal Data
2.1 Camelot Trust will collect, use and disclose Personal Data for which we have your consent or where it is reasonably considered necessary for the relevant purposes underlying such collection, use or disclosure.
2.2 Categories and examples of personal data which Camelot Trust collects include data in relation to:-
|Identity/Verification & compliance||NRIC, FIN, Passport, PEP, photographs, date of birth, nationality|
|Contact information & client service||Residential address, telephone number, email address, correspondence, transaction details, client feedback|
|Professional/employment||Resume, educational qualifications, professional qualifications, certifications, employment references, employment and training history, directorship/board details; work-related health issue and special needs|
|Financial||Sources of wealth, portfolio of assets, beneficial interests, bank/credit card account, credit history, tax, invoicing, insurance|
|Family & related persons||Marital status, necessary information about spouse, children, parents, siblings|
|Third Parties||Service providers, employers, professional advisors|
|Marketing||Events registration, conferences, associations|
|Technological||IP address, operating system, browser settings, usage data, cookies|
|Others||CCTV, health data, ethnicity, gender|
For the avoidance of doubt, where you provide Camelot Trust with Personal Data relating to a third party (e.g. information of spouse, next-of-kin, or children) for any particular purpose, you represent to Camelot Trust that the consent has been obtained from that third party for collection use, and disclosure of such personal data by Camelot Trust for the relevant purpose.
3. Purpose of collection, use and disclosure
3.1 Personal Data may be collected for the following purposes:
- Camelot Trust’s business intake procedures
- Manage client relationships and deliver the services for which we have been engaged
- Respond to queries, requests or feedback
- Conducting due diligence checks to comply with compliance, legal or regulatory and internal policy requirements
- Comply with all compliance, legal, tax or regulatory requirements as may be imposed from time to time
- Necessary legitimate interests of Camelot Trust or that of a third party and where such interests outweigh any adverse effect on the individual
- Conduct administrative and operational process within Camelot Trust (including obtaining references for individuals who have applied for a role with Camelot Trust)
- Collect analytics in relation to the use of our website
- Facilitate service providers who provide IT and system administration services
- Consult professional advisers whom we may engage including lawyers, accountants, auditors, investment advisers, bankers, insurers, brokers
- Marketing, advertising and providing information through alerts, newsletters and/or invitations to events that may be of interest to the individual
- As required by a competent court, tribunal or such other legal or governmental authority
- Obtaining advice in relation to our rights and obligations, in relation to the services we provide
3.2 Change of Purpose
Generally, Camelot Trust will use Personal Data for the purposes for which such data was collected, unless upon assessment, we reasonably consider that the personal data is required for another basis which is compatible with the original purpose. In such instances, where relevant, we will take reasonable steps to notify the individual, as well as a reasonable period for the individual to communicate any objection.
4. Withdrawal of Consent
If you wish to withdraw consent, you are requested to provide reasonable written notice to our Data Protection Officer. We will examine and advise the consequences of a withdrawal of consent, e.g. inability for Camelot Trust to continue providing services to you, which may be considered as a termination of any agreement between you and Camelot Trust. Camelot Trust’s rights and remedies are expressly reserved in such circumstances.
5. Security & Confidentiality
Camelot Trust will take all reasonable measures consistent with industry standards to safeguard confidentiality of Personal Data in our possession and control. Only duly authorized personnel and affiliates will have access to Personal Data on a need-to-know basis. Nevertheless, to the fullest extent permitted by law, we will not be responsible for any unauthorised use of Personal Data, arising from circumstances that are beyond our reasonable control.
Camelot Trust will retain Personal Data for the duration that is necessary to fulfil the purpose(s) for which it was collected, or as required by law or reasonable business purposes. We will take commercially reasonable efforts to ensure that the Personal Data that is no longer required for i) the purpose for which it was collected and ii) no longer legal or business purposes, will be destroyed and/or anonymized.
7. Individual’s Rights Access and Correction Your Right of Access to Your Own Personal Information
To the extent permitted by applicable data protection laws and regulations, you may request access to your Personal Data in our possession or control, and to request information on how your Personal Data has been used or disclosed by us over the past one year, from the date of your request. Please submit your request to our Data Protection Officer. Before we accede to your request, as part of our data security measure, we may need to verify your identity by checking NRIC or any other legal identification document.
Whilst we will take appropriate measures to keep your Personal Data complete and accurate, if your personal data is likely to be used by us to make a decision that affects you, or if required to be disclosed to another organisation, we would require you to update us of any changes in the Personal Data that you had first provided to us. As such, we will not be responsible for any reliance on inaccurate and/or incomplete Personal Data arising from a failure to update us of any relevant changes to your Personal Data.
You may request for us to correct or update your Personal Data in our possession or control. Except in cases where we have made an assessment on reasonable grounds and determine that a correction should not be made, we will make the correction as soon as practicable and if necessary and subject to your request, we will also send the corrected Personal Data to any organisation to which we had disclosed your Personal Data within the past one year from the date of your correction request, unless that other organisation does not need the corrected personal data for any legal or business purpose.
You have the right to obtain and reuse your Personal Data across different organisations. We will include necessary contractual arrangements with overseas recipients for the transfer to be made and require from such recipient that your Personal Data continues to receive protection that is at least comparable to that provided under the Act. Once we have sufficient information from you to respond to your request, we will port your Personal Data within 30 calendar days.
Pursuant to 7.1 to 7.3 above,
- for access, correction and portability requests, upon obtaining sufficient relevant information from you to administer the request, we will respond within 30 calendar days. In the event we are unable to do so, we will notify you in writing within the 30 calendar days.
- please note that the Act entitles, and Camelot Trust reserves the right to charge a reasonable fee for managing and processing access, correction and portability requests. We will provide a written estimate of such fee.
If you have any questions in relation to this Privacy Statement, please contact us by emailing our Data Protection Officer: firstname.lastname@example.org. Any query should include your full name and contact information as well as a description of your query.
9. Changes to this Privacy Statement
Camelot Trusts reserves the right to change and update this Privacy Statement from time to time. Notification will be made and take effect on the date of posting the latest Privacy Statement on our website.
[26 August 2021]