top of page

Data Protection

Actuals Financial values your privacy and takes the protection of your data seriously. We do not collect any personally identifiable information when you visit this website ("this Website") or use the services offered here unless you voluntarily provide that information to us. This Data Protection Notice outlines how we comply with the Personal Data Protection Act 2012 of Singapore ("PDPA") and its regulations.
 

1. Roles in Processing Personal Data

For the purposes of this Notice, the following terms are defined as:

A. Personal Data: Refers to any information about an individual, whether true or not, that can be used to identify that individual, such as:

  • Name

  • Date of birth

  • Contact details (phone number, email address, postal address)

  • Identification numbers (e.g., National Registration Identification Card number)

  • Financial information

  • Location data

  • Online identifiers (e.g., cookies, IP addresses)

  • Biometric data (e.g., fingerprints, facial recognition)

(This list is not exhaustive).
 

B. Data Controller: An individual or entity (e.g., company, public agency) that determines the purposes and means of processing personal data.

C. Data Processor: An individual or entity (e.g., company, public authority, agency) that processes personal data on behalf of the Data Controller.

D: Processing: Any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

E. Exceptions under PDPA: In unforeseen circumstances where we may need to rely on exceptions under the PDPA to process personal data, we will proceed as deemed suitable and in accordance with the applicable provisions of the PDPA.

F: Data Breaches: We are committed to complying with the PDPA and will take prompt action to address any data breaches.

  • Notification: If we become aware of a data breach, we will notify relevant stakeholders in a timely manner as required by law.

  • Reporting: We encourage all individuals, including our employees, representatives, and clients, to promptly notify us of any suspected or actual data breaches involving personal data processed by us.

2. Collection of Personal Data

A. Data Collection: We may collect personal data from various sources, including:

  • Clients

  • Business partners

  • Employees

  • Representatives

  • Contractors

  • Job applicants

  • General inquirers

B. Forms of Data Collection: We collect personal data through various channels, such as:

  • Forms

  • Face-to-face meetings

  • Email messages

  • Telephone conversations

  • Our websites

C: Purposes of Collection: We collect personal data for legitimate business purposes or to fulfill the purposes for which you have provided the information.

D: Data Processing: We will only collect, hold, process, use, communicate, and/or disclose your personal data in accordance with this policy and applicable laws, such as the PDPA.

E. Specific Data Collection Practices:​​

  • Call Recordings: Phone calls may be recorded for quality assurance, training, and record-keeping purposes.

  • Third-Party Data: If you are acting on behalf of a third party, you must ensure you have the necessary consent from that individual for us to collect and process their personal data. You are responsible for informing the third party about this policy.

  • Client Due Diligence: We are required to collect NRIC/FIN/Passport details from clients who purchase products through us for anti-money laundering and counter-financing of terrorism purposes, as required by the Monetary Authority of Singapore.

  • Next of Kin Information:

    • Client's Next of Kin: May be collected for financial needs analysis. Providing this information is optional.

    • Employee/Representative's Next of Kin: May be collected for due diligence assessments or emergency contact purposes.

  • Unsolicited Data: We will not process unsolicited personal data and will delete or destroy it within a reasonable timeframe.

 

F. Deemed Consent: In certain circumstances, we may collect and use your personal data without explicit consent under the "deemed consent" provisions of the PDPA. This may occur when:

  • Collection, use, or disclosure is reasonably necessary to fulfill a contract or transaction.

  • You have been notified of the purpose of data collection and given a reasonable opportunity to opt-out (and have not opted out).

 

G. Your Rights: You have the right to:

  • Access your personal data.

  • Request correction of inaccurate personal data.

  • Limit the use and disclosure of your personal data.

  • Withdraw your consent to the processing of your personal data.

 

I. Withdrawal of Consent: You may withdraw your consent to the processing of your personal data by contacting us. However, please note that withdrawing consent may limit our ability to provide services to you.

 

3. Purposes for Using Your Personal Data

 

A. Purpose: We will only use your Personal Data for the purposes for which we collected it, unless:

  • We reasonably believe that the use is compatible with the original purpose.

  • The use is permitted by law and you are provided with appropriate notice.

B. Legal Basis for Processing: We may process your Personal Data based on:

  • Consent: Express consent, implied consent through contract agreements, or deemed consent under the PDPA.

  • Exceptions: Permitted exceptions outlined in the relevant schedules of the PDPA.

 

C. General Purposes of Processing: We generally use your personal data for the following purposes:

  • Providing Financial Advisory Services

  • Responding to your requests

  • Servicing clients

  • Marketing and Communications: Keeping you informed about our services, industry developments, and events.

  • Administrative Purposes: Invoicing, account management.

  • Recruitment: Assessing job applicants.

  • Employee/Representative Management: Employment-related purposes.

  • Contract Performance

  • Legal and Regulatory Compliance

  • Legal Claims

  • Legitimate Interests:

    • Fulfilling our contractual obligations.

    • Managing our relationship with you and providing our services.

    • Monitoring, analyzing, and protecting our business.

    • Facilitating internal business operations (including recruitment and employment).

    • Complying with legal, regulatory, or professional obligations.

    • Personalizing your customer experience and improving our services.

 

D. Consequences of Withholding Data: If you choose not to provide us with your personal data or withdraw your consent, we may be unable to:

  • Provide some or all of our services to you.

  • Respond to your requests.

  • Assess your suitability for employment opportunities (for job applicants).

 

E. Withdrawing Consent: You can withdraw your consent or unsubscribe from marketing communications by:

  • Contacting our Data Protection Officer (see part 14).

  • Using the electronic form provided at the end of this page.

  • We will process such requests within 30 days.

4. Disclosure of Personal Data

We do not disclose your personal data to third parties unless:

  • Required by law.

  • We have obtained your consent or deemed consent.

  • We have engaged third parties (e.g., data intermediaries, subcontractors) to assist with our activities.

 

Third parties engaged by us are contractually obligated to:

  • Maintain confidentiality of your information.

  • Implement reasonable security measures to protect your data.

  • Promptly notify us within 24 hours of any suspected or confirmed data breach.

 

We may disclose your personal data to third parties when:

  • Necessary to fulfill the purpose for which you provided the information.

  • Necessary to provide you with relevant and interesting information in the future (based on your voluntary requests).

5. Access and Correction of Personal Data

We will respond to all requests from individuals wishing to exercise their data protection rights in accordance with applicable laws.

  • Data Controllers: If we are the Data Controller, we will directly process your requests.

  • Data Processors: If we are the Data Processor, we will assist the Data Controller as far as reasonably possible to help them respond to your requests.

 

For security reasons, we may request information to verify your identity before processing your request.

A. Right of Access: You have the right to request access to the personal data that we process about you.

  • How to Request Access: You can submit your access request in writing to our Data Protection Officer (see part 14).

  • Our Response: We will respond to your access request as soon as reasonably possible. If we are unable to respond within 30 days, we will inform you in writing (via email) within 30 days of the expected response date.

  • Denial of Access: If we are unable to provide you with the requested personal data, we will generally inform you of the reasons for denial (except where not required by law).

  • Fees: We may charge a reasonable fee for processing your access request in accordance with the PDPA.

B. Right to Correction: You have the right to request that we amend or update your personal data if it is inaccurate or incomplete.

  • Accuracy of Information: While we strive to ensure the accuracy of your personal data, you are responsible for ensuring the accuracy of the information you provide to us.

  • How to Request Correction: You can submit your correction request in writing to our Data Protection Officer (see part 14).

  • Our Response: We will respond to your correction request as soon as reasonably possible. If we are unable to respond within 30 days, we will inform you in writing (via email) within 30 days of the expected response date.

  • Denial of Correction: If we are unable to correct your personal data as requested, we will generally inform you of the reasons for denial (except where not required by law).

  • Appeal: If you are dissatisfied with our refusal to correct your personal data, you can submit an appeal to our Data Protection Officer along with supporting documentation. The DPO will review your appeal on a case-by-case basis.

6. Withdrawal of Consent

 

A. Right to Withdraw Consent

  • Withdrawal of Consent: You have the right to withdraw your consent at any time, where consent is the legal basis for processing your personal data.

  • Consequences of Withdrawal: Please note that withdrawing consent may impact our ability to provide you with our services.

  • Notification and Cessation: Upon receiving your request to withdraw consent, we will:

    • Inform you of the potential consequences of withdrawing consent.

    • Cease collecting, using, or disclosing your personal data within 30 days, unless required or authorized by law.

 

B. Right to Erasure

You may request us to erase or stop processing all or some of your personal data.

  • Processing Requests: We will process your erasure request whenever possible.

  • Denial of Erasure: If we are unable to erase your data, we will provide you with an explanation.

7. Accuracy of Personal Data

 

We strive to ensure that the personal data we collect is accurate and complete. As such, we may ask for verification before processing any requests, such as:

  • Provide supporting documents (e.g., identification documents, proof of address).

  • Confirm the accuracy of the information you have provided.

8. Security and Protection of Personal Data

We implement security measures to protect your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal, and other risks. These measures include:

  • Technical safeguards: Such as encryption, firewalls, and secure data storage.

  • Organizational measures: Such as access controls, employee training, and regular security assessments.

 

Only authorized personnel have access to your personal data, and they are obligated to maintain the confidentiality of this information.

9. Retention of Personal Data

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected or as required by law.

Furthermore, we will cease to retain your personal data when it is no longer necessary for:

  • Fulfilling the original purpose of collection.

  • Legal or business purposes.

10. Transfer of Personal Data outside of Singapore

Due to the nature of our business and operations, we may make transfers of personal data to territories outside of Singapore, to our business partners and third party vendors. Should you require further information, please contact our Data Protection Officer (see part 14).

11. Privacy on Our Websites

A. Cookies: Our websites may use cookies. Cookies are small text files placed on your device to enhance your browsing experience. You can usually adjust your browser settings to decline cookies. However, this may limit your ability to use certain website features.

B. Third-Party Websites: Our websites may contain links to third-party websites. We are not responsible for the privacy practices of 1 these third-party websites. We encourage you to review their privacy policies before providing any personal information.

12. Policy Exceptions

In certain circumstances, we may collect, use, or disclose your personal data without obtaining your explicit consent. These circumstances are outlined in the PDPA, examples are as follows.

A. Protection of Vital Interests

  • Protecting your life, health, or safety, or the life, health, or safety of another individual.

    • Addressing an emergency where obtaining your consent is not feasible.

    • Situations where you would not reasonably be expected to withhold consent.

  • Contacting Next-of-Kin: Contacting the next-of-kin or a friend of an injured, ill, or deceased individual.

B. Matters Affecting Public or of Public Nature

  • Already publicly available data.

  • In the National Interest: Necessary for national security, defence, or public safety.

  • For Artistic or Literary Purposes: Used solely for artistic or literary purposes.

  • For Archival or Historical Purposes: Used solely for archival or historical purposes, provided the data is not considered overly sensitive.

  • For Investigations or Proceedings: Necessary for investigations, legal proceedings, or in the public interest.

C. Legitimate Interests

  • Legitimate Interests Assessment: We conduct an assessment to determine our legitimate interests and any potential adverse effects on you. We will provide you with reasonable access to information about how we collect, use, or disclose your personal data.

  • Mitigation Measures: We will implement measures to eliminate or mitigate any adverse effects on you.

  • Evaluative Purposes: For evaluating our products, services, or operations.

  • Investigations and Proceedings: For any investigation or legal proceedings.

  • Debt Recovery/Payment: For debt recovery or payment obligations.

  • Legal Services: For providing or obtaining legal services.

  • Services for Others: When another individual provides your personal data to us to provide a service for their personal or domestic purposes.

  • Business or Professional Purposes: When your personal data is included in a document produced in the course of your employment, business, or profession, and our use is consistent with the purpose of that document.

  • Employment Relationship: For entering into, managing, or terminating an employment relationship with you.

D. Business Asset Transaction

  • Mergers and Acquisitions: The sale, purchase, merger, or acquisition of all or part of our business.

  • Business Restructuring: Any reorganization, restructuring, or dissolution of our business.

E. Business Improvement

  • Service Improvement: Improving or enhancing existing services, or developing new services.

  • Process Optimization: Improving or enhancing our business methods and processes, or developing new methods and processes.

  • Customer Understanding: Learning about and understanding customer behavior and preferences.

  • Personalized Services: Identifying and recommending suitable products or services, and personalizing or customizing our offerings.

F. Research or Analysis Purposes

  • Individual Identifiability is Necessary: The research cannot reasonably be conducted without using your personal data in its identifiable form.

  • Clear Public Benefit: The research provides a clear public benefit.

  • No Impact on Individual: The research results will not be used to make any decisions that directly affect you.

  • Anonymized Publication: If the research results are published, they will be presented in a form that does not identify you.

13. Amendments to Our Data Protection Policy

We may update this Data Protection Notice from time to time to reflect changes in applicable laws or our business practices.

  • Notice of Changes: We will provide you with reasonable notice of any changes to this policy, such as by posting the updated notice on our website or sending you an email notification.

  • "Last Updated" Date: You can refer to the "Last Updated" date at the beginning of this policy to see when it was last revised.

  • Consent to Changes: By continuing to use our services after we have provided notice of any changes to this policy, you consent to the updated terms, to the extent permitted by applicable law.

14. Data Protection Officer (DPO)

Actuals Financial has appointed a Data Protection Officer to ensure that we comply with the Personal Data Protection Act of Singapore. If you have any questions or concerns relating to our policies relating to the Personal Data Protection Act of Singapore, please reach out to our Data Protection Officer:

Email
dpo@actualsfinancial.com
 
Mail
Actuals Financial, DPO
7 Harvey Road, LeBond #10-02B, Singapore 369613
 


Go back to Home.

bottom of page