1.1 The purpose of this Data Protection Policy (“DP Policy”) is to inform you of how the Radium Group manages personal data which is subject to the Personal Data Protection Act 2012 (the “PDPA”).
1.2 The “Radium Group” refers to (a) Aetas Aesthetics Pte. Ltd. (“AAPL”) and Radium Medical Aesthetics, (b) Radium Wellness Pte. Ltd. (“RWPL”) and Radium Wellness Centre, (c) in the event of any restructuring that results in AAPL and RWPL being held by a holding company, the said holding company (“Holdco”), and (d) and any Subsidiary of Holdco.
1.3 “Radium Company” refers to any company in the Radium Group.
1.4 “Subsidiary” means any other company in which Holdco (or a person acting on its behalf) directly or indirectly holds or controls either (i) a majority of the voting rights exercisable at general meetings of the company; or (ii) the right to appoint or remove directors having a majority of the voting rights exercisable at meetings of the board of directors of the company.
1.5 By interacting with a Radium Company, submitting information to it, or signing up for any events organized by it, you agree and consent to each member of the Radium Group as well as our respective representatives, employees and/or agents (collectively referred to in this DP Policy as “us”, “we” or “our”) collecting, using, disclosing and sharing amongst ourselves your personal data, and disclosing such personal data to our authorized services providers and relevant third parties in the manner set out in this DP Policy.
1.6 This DP Policy supplements but does not supersede or replace any other consents you have previously provided to us in respect of your personal data, and your consent in this DP Policy are additional to any rights which we may have at law to collect, use or disclose your personal data.
1.7 We may from time to time update this DP Policy to ensure that this document is consistent with our future development and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this DP Policy as updated from time to time on our website: https://radium-aesthetics.com/. Please check regularly for updated information on the handling of your personal data.
2. PERSONAL DATA
2.1 In this DP Policy, “personal data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or is likely to have access, including data in our records as may be updated from time to time.
2.2 Examples of such personal data that you may provide to us include (depending on the nature of your interaction with us) your name, full or partial NRIC, passport or other identification number, telephone number(s), residential address, email address, photographs, video recordings and any information relating to any individual which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.
3. COLLECTION OF PERSONAL DATA
3.1 Generally, we collect personal data in the following ways:
- when you submit any registration form, document or agreement relating to or in connection with any proposed services from us;
- when you interact with our employees, for example, via telephone calls, emails, face to face exchanges, letters and social media platforms;
- when you use our electronic services, or interact with us on our website, Facebook page or any other social media platform;
- when you request that we contact you or request that you be included in an email or other mailing list;
- when you respond to our campaigns, initiatives or to any request for additional personal data;
- when you submit an employment or internship application or when you provide documents or information in connection with any appointment as an officer, member, representative or any other position;
- when your images are captured by us via photographs or videos taken by us when you attend closed-door or private events at our premises or at other third-party venues;
- when you are contacted by, and respond to, our employees, interns or volunteers;
- when you submit the personal data of any other third party (such as a family member) to us; and
- when you are an intern or employee and you submit the personal data of your emergency contact persons.
3.2 We may collect the following kinds of personal data through the different channels mentioned above:
- full name;
- NRIC Number/Passport Number/Work Pass Number (last 3 digits and letter, whenever possible, and complete numbers, only if necessary);
- residential addresses;
- email addresses;
- mobile and telephone numbers;
- medical history;
- date of birth;
- marital status;
- photos and videos (including CCTV), if applicable;
- bank account details; and
- debit or credit card numbers;
- redacted NRIC/WP/FIN numbers (last 3 digits and letter), whenever possible, and complete NRIC/WP/FIN numbers, only if necessary.
3.3 Additionally, if you are applying for employment with us, we will collect the following:
- educational history and qualifications;
- next-of-kin and family details and emergency contact information;
- medical and insurance information, if necessary;
- employment history and professional qualifications, including testimonials and information disclosed about references, if necessary;
- medical, legal and financial history;
- curricula vitae, if any.
3.4 When you browse our website, you generally do so anonymously but see Clause 6 below on cookies. We do not, at our website, automatically collect personal data unless you provide such information.
3.5 If you provide any personal data relating to a third party (such as your spouse, children, parents, or partners), by submitting such information to us, you represent to us that you have obtained the consent of the third party to (i) provide us with their personal data for the respective purposes and (ii) for their personal data to be retained, used and disclosed in accordance with this DP Policy.
3.6 You represent to us that that all personal data submitted to us, including without limitation, personal data of third parties (such as your spouse, children, parents, or partners) are complete, accurate, true and correct.
4. PURPOSES FOR THE COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
4.1 Generally, we collect, use and disclose personal data for the following purposes:
- to perform or carry out our obligations arising from any contracts entered into between you and any Radium Company
- to complete your order fulfillment process which may involve one or more of the following measures:
- Process your registration;
- Process your orders, send billing to and receive payment from you;
- Schedule deliveries of products that you have ordered;
- Confirm and track status of your orders;
- Contact you and/or the recipient(s) in the event of order or delivery difficulties;
- Handle and follow up on service calls, enquiries and complaints;
- Fulfill request(s) you have made;
- Verify your identity;
- Better understand the demographics of our users to enable us to provide better services tailored to your needs;
- Market our products;
- Send you email updates about our products, promotions and events;
- Future marketing purposes and that of third parties; and
- Any other purposes that would enable us to provide electronic services verification of your identity
- to enable our officers and employees, related companies and entities (if any), partners, affiliates, service providers, vendors, advisors, subcontractors and third-party agents, including inter alia, banks, payment vendors, logistics and courier services, to fulfil obligations/services as stipulated in your agreement with any Radium Company;
- for purposes (such as product trials) for which you have provided your consent, to us or to third parties, for your personal data to be used;
- for security, identity verification and safety surveillance and monitoring purposes;
- responding to your queries, feedback and requests;
- administration, management and operations of the Radium Group;
- to comply with the law, the requests of law enforcement and regulatory officials, or orders of Court;
- managing the safety and security of our premises and events including but not limited to CCTV surveillance and conducting security clearances;
- monitoring or recording phone calls and public-facing interactions for quality assurance, training and performance evaluation and identity verification purposes;
- in connection with any claims, actions or proceedings including but not limited to drafting and reviewing of documents, obtaining legal advice and facilitating dispute resolution, and/or protecting and enforcing our contractual and legal rights and privileges;
- to plan, monitor, and enhance the provision of new programmes, services, projects, and planning of events or campaigns;
- in connection with investigations relating to disputes and complaints;
- improving our operations through your feedback;
- for follow-up purposes for various our programmes and events;
- to facilitate data analysis and operation planning purposes;
- for communications, marketing efforts and publicity purposes;
- for vendor management and communication purposes;
- government, compliance, audit and other regulatory purposes;
- for internal approval and reporting and/or accounting purposes;
- for the purposes mentioned in Clause 4.2 below;
- for any other purposes reasonably related to the above;
- for any other purposes for which we have obtained your consent, express or implied.
4.2 In addition, we collect, use and disclose personal data for the following purposes:
- If you are an owner of an external services provider or vendor:
- managing tenders, quotations, processing orders or managing the supply of goods and services;
- processing and payment of vendor invoices and bills;
- any other purpose reasonably related to the above.
- If you have submitted an application to us as a candidate for employment:
- conducting interviews;
- processing your application including but not limited to pre-recruitment checks;
- obtaining employee references and for background screening;
- assessing your suitability for employment with any Group Company; and/or
- any other purpose reasonably related to the above.
4.3 In relation to particular events or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your personal data. If so, we will collect, use and disclose personal data for these additional purposes as well, unless we have specifically notified you otherwise.
4.4 We may also contact you by any means of communication for which you have given us contact details, including but not limited to via email, telephone numbers, face to face meetings, our website, mobile apps, online chat programmes and post, for the purpose of getting your feedback or for providing you with information which we believe could be of interest to you or your organisation.
4.5 By your submission of your personal data to us, you consent to the onward disclosure of your personal data to our agents or external services providers and the processing of your personal data by these agents or external services providers for the purposes set out in this DP Policy.
4.6 We only collect, process, use or disclose such personal data, in accordance with this DP Policy. If you are acting as an intermediary, or otherwise on behalf of a third party, or supply us with information regarding a third party, you undertake that you are an authorised representative or agent of such third party and that you have obtained consent from such third party to our collection, processing, use and disclosure of their personal data. Because we are collecting the third party’s data from you, you undertake to make the third party aware of all matters listed in this DP Policy by referring them to our website.
5. DISCLOSURE OF PERSONAL DATA
5.1 We will take reasonable steps to protect personal data in its possession against unauthorized disclosure. Subject to the provisions of any applicable law, your personal data may be disclosed, for the purposes listed in Clause 4 above (where applicable) to the following entities or parties whether they are located in Singapore or overseas:
- our event organisers and services providers;
- insurance companies in relation to any insurance claim;
- companies providing services in connection with events organized by us;
- agents, contractors or third-party services providers who provide operational services to us such as courier services, information technology, payment, printing, invoicing, book keeping, market research or other services;
- any assignee or transferee (actual or prospective) to facilitate any business asset transactions in connection with any re-organisation or restructuring of any Group Company;
- our professional advisers such as consultants, auditors and lawyers;
- relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies (including without limitation, Singapore Medical Council, Inland Revenue Authority of Singapore and Singapore Police Force);
- any other party whom you authorise to disclose your personal data to; and
- any other party to whom we are permitted, under the PDPA, to disclose your personal data.
7. DATA SECURITY AND RETENTION POLICY
7.1 The personal data that we hold is stored on local workstations and laptops located in Singapore as well as cloud-based servers located both in Singapore and overseas. The Radium Group implements a variety of security measures to maintain the safety of your submitted information. All electronic storage and transmission of personal data is secured and stored on managed servers with controlled access and appropriate security technologies.
7.2 Although every reasonable effort has been made to ensure that all personal data will be so protected, we cannot be responsible for any unauthorised use or misuse of such information and from risks which are inherent in all internet communications. We cannot completely guarantee the security of any personal data we may have collected from or about you, or that for example no harmful code will enter our websites (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites. While we strive to protect your personal data, we cannot ensure the security of the information you transmit to us via the Internet or when you use our online portals, and we urge you to take every precaution to protect your personal data when you are on the Internet.
7.3 Our website may contain links to other third-party websites. This DP Policy does not apply to the third-party websites. We take no responsibility for the privacy practices of such websites. Some of these third-party websites may have our logo or trademark acknowledged on their website. However, these websites are not operated and maintained by us. Please contact the owner of the respective websites should you have any questions on their privacy policies.
7.4 We will only retain personal data collected for as long as it is required for the fulfillment of the purposes or allowed by any applicable law to be retained.
8. CONTACTING US – FEEDBACK, WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION
8.1 If you:
- have any questions or feedback relating to your personal data or this DP Policy;
- wish to be removed from our email subscription or contact lists or would like to withdraw your consent to any use of your personal data as set out in this DP Policy; or
- would like to obtain access and make corrections to your personal data records;
you may contact our Data Protection Officer via the following channel: firstname.lastname@example.org
8.2 All requests for access and/or correction of personal data must be in writing stating the full name and such other requisite details as may be required and signed by the requestor.
8.3 We may impose a reasonable charge for providing you with access to personal information.
8.4 If you withdraw your consent to any or all use of your personal data, depending on the nature of your request, we may not be in a position to administer any contractual relationship in place, which in turn may also result in the termination of any agreements with any Radium Company, and your being in breach of your contractual obligations or undertakings. Our legal rights and remedies in such event are expressly reserved.
9. GOVERNING LAW