Personal Data Protection Policy and Privacy Statement

Fuji Xerox Asia Pacific Pte Ltd (“FXAP”) recognises the importance of protecting personal data and privacy rights of the individual who may provide it to us in relation to our various business activities. This document is our Personal Data Protection Policy and Privacy Statement (“Policy”) and explains how FXAP collects, uses, discloses and retains personal data.

The privacy of your personal data is important to us and we are committed to accord the information the due level of care as presented in this Policy, and consistent with the Personal Data Protection Act 2012 (Act 26 of 2012) (“PDPA”).

Section 1 - Personal Data we collect

In this Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be indentified (a) from that data; or (b) from that data and other information to which FXAP has or is likely to have access.

Example of such Personal Data you may provide to us includes the following:

  •    •   Name
  •    •   NRIC, passport or other identification number
  •    •   mailing or correspondence address
  •    •   email address
  •    •   telephone number
  •    •   facsimile number
  •    •   age or birth date
  •    •   profession, occupation or job title
  •    •   any additional information relating to you that you provide to us directly through our websites or indirectly through use of
           our websites or online presence,through our representatives or otherwise
  •    •   information you provide to us through our Customer Support Centre, customer surveys or visits by our representatives from
           time to time
  •    •   any information that is provided to us by, or that we have collected on behalf of, customers that have outsourced a
           business process function to us

Section 2 - How we collect Personal Data

We collect your Personal Data directly from you unless it is unreasonable or impracticable to do so. We may collect Personal Data in a number of ways including:

  •    •   through your access and use of our websites
  •    •   during conversations between you or your organisation and our representatives
  •    •   when you or your organisation submit to us a document containing Personal Data (for example, emails, contact forms,
           order forms, credit applications, assets and liabilities statements, proof of identification, direct debit requests, agreements,
           statements of work, surveys, promotional forms, competition forms etc)

We may also collect Personal Data from third parties including:

  •    •   from credit reporting agencies
  •    •   from law enforcement agencies and other government entities
  •    •   from agents, dealers and subcontractors that form part of our sales and/or service network
  •    •   from our customers that have outsourced a business process function to us
  •    •   from our service providers that collect information on our behalf

Regardless of who provides Personal Data to us, it will always be handled by us in accordance with this Policy and the PDPA.

Section 3 - Purposes for which we collect, process, use and disclose Personal Data

We collect Personal Data about you so that we can perform our business activities and functions and to provide best possible quality of customer service.

We collect, hold, use and disclose your Personal Data for the following purposes:

  •    •   to provide products and services to you and/or your organisation and to send communications requested by you or your
           organisation
  •    •   to answer enquiries and provide information or advice about existing and new products or services
  •    •   to provide you with access to protected areas of our websites
  •    •   to assess and improve the performance, operation and relevant of our websites
  •    •   to perform business processing functions including providing Personal Data to our related bodies corporate, contractors,
           service providers or other third parties
  •    •   to process and respond to any complaint made by you
  •    •   for the marketing (including direct marketing), planning, product or service development, quality control and research
           purposes of FXAP, its related subsidiaries/affiliates, contractors or service providers
  •    •   to update our records and keep your contact details up to date (including updating the records of our contractors)

if we determine that it is reasonably necessary to:

  •    •   comply with any law, rule, regulation, binding determination, decision or direction of a regulator or in co–operation with any
           governmental authority of any country, for example, the anti–money laundering legislation
  •    •   protect any person from death or serious bodily injury
  •    •   protect our rights

Your Personal Data will not be shared, sold, rented or disclosed other than as described in this Policy.

Section 4 - Disclosure of Personal Data

We may disclose your Personal Data to our related subsidiaries/affiliates and to various third party organisations. Except as permitted under the PDPA, we will only disclose your Personal Data for one of the purposes set out in this Policy.

These third party organisations include:

  •    •   any third party organisations involved in our sales and support network, for example: our authorised sales agents,
           our authorised dealers, our authorised service providers and subcontractors (for example, delivery services providers).
  •    •   any third party organisations involved in our business processing functions, for example: mail houses, payment
           processors, credit reporting bodies, debt collection providers.
  •    •   any third party organisations involved in the operation, hosting and management of our information technology
           infrastructure (including our website), for example: web hosting providers, IT systems administrators, electronic network
           administrators.
  •    •   any third party professional advisors, for example, accountants, solicitors, business advisors and consultants
  •    •   any third party organisations that perform advertising or marketing related services on our behalf, for example, advertising
           agencies and our authorised agents and dealers
  •    •   suppliers and other third parties with whom we have commercial relationships for business related purposes
  •    •   any third party organisation if we determine that it is reasonably necessary to:
    •          º   comply with any law, rule, regulation, binding determination, decision or direction of a regulator or in co–operation with
                   any governmental authority
    •          º   protect any person from death or serious bodily injury
    •          º   protect our rights
    •          º   (in addition to the above examples) any other third party organisation expressly authorised by you

We may combine or share any Personal Data that we collect from you with Personal Data collected by any of our related bodies corporate or by any organisations within our authorised sales and support network.

We will not disclose any Personal Data to third parties, except to third party organisations that have authorised our collection of such information on their behalf, for example, our customers that have outsourced a business process function to us.

Section 5 - Consent

From time to time we may seek your consent to a particular proposed collection, handling, use and disclosure of your Personal Data. If we decide to bundle multiple requests for your consent, you may withhold your consent to any or all such requests.

If you have consented to a particular purpose for our use and disclosure of your Personal Data, then we may rely on your consent until you withdraw your consent or until we become aware of a material change of circumstances. You may withdraw your consent by contacting our representative to whom you originally gave your consent or by contacting our Personal Data Protection Officer via the details specified in Section 16 ‘Contacting us’.

Your refusal to, or withdrawal of, consent may affect our ability to provide (to the same standard or at all) products, services or communications to you and/or your organisation subject to the relevant consent.

Section 6 - Direct Marketing

We may collect, hold, use and/or disclose your Personal Data to send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including (without limitation) mail, SMS, fax and email.

At any time you may opt–out of receiving marketing communications from us by using the opt–out facilities specified in our direct marketing communications. We will then ensure that your details are removed from the relevant marketing contact list you have elected to opt–out of.

Section 7 - Transfer of Personal Data outside Singapore

Your Personal Data may be disclosed to or accessed by our related subsidiaries/affiliates and third party organisations (for example, service providers) located outside of Singapore for some of the purposes specified in this Policy.

We may disclose your Personal Data in any of the following circumstances:

  •    •   to an overseas recipient if we have taken reasonable steps (for example, entered into a contract) to ensure that the
           recipient entity does not breach our Personal Data obligations relating to your Personal Data;
  •    •   to an overseas recipient that is subject to a law or binding scheme that is comparable to the PDPA; or
  •    •   to an overseas recipient if we have received your express and informed consent before doing so.

We may also make your Personal Data accessible to our related subsidiaries/affiliates and third party organisations to countries to handle or undertake a specific activity within our effective control (for example, IT or cloud storage service providers).

Section 8 - Do Not Call Registry

The Do Not Call (DNC) Registry prohibits the sending of unsolicited telemarketing messages (“specified messages”) to Singapore telephone numbers through voice calls, text or fax messages registered on the DNC Registers unless the organization sending the messages have the user’s/subscriber’s clear and unambiguous consent in written or other accessible forms.

In compliance with the DNC Registry provisions, FXAP will not send specified messages to telephone or facsimile numbers that appear on the DNC Registry unless the user/subscriber has given us clear and unambiguous consent to do so.

If you have given us such consent, we will continue to send you specified messages until you advise us in writing (via the details specified in Section 16 ‘Contacting us’ that you wish to withdraw the consent.

FXAP will continue to contact you at the telephone or facsimile number/s you have provided us in the limited circumstances allowed under the DNC Registry even if these telephone or facsimile number/s are registered with the DNC. You may, however, advise us in writing should you wish not to be contacted by us at your telephone or facsimile number(s) for any given purpose or all purposes.

Section 9 - Withdrawal of Consent

Should you wish to withdraw your consent for us to send you sales and marketing information via a specific mode or all modes of communications (e.g., mail, email, telephone calls, SMS-Text), please notify us in writing to our contact details below or the form attached. We may require up to 4 weeks, upon receipt of your request, for the change to take effect.

Section 10 - Access and correction of Personal Data

You can access most of the Personal Data we hold about you by contacting us formally through the contact details indicated below. We will require a formal written request from you to our Personal Data Protection Officer (forms attached).

We may charge an access fee to cover the reasonable cost of retrieving the information and supplying it to you.

Section 11 - Accuracy of Personal Data

We rely on you to ensure that your Personal Data is accurate. If you find that the Personal Data we hold about you is incorrect, please contact us immediately and we will correct it.

Section 12 - Retention

Your Personal Data will only be retained as long as required for the purposes for which it was collected, or as may be required by law.

When your Personal Data is no longer required, it will be destroyed, anonymised or disposed.

Section 13 - Cookies

A “cookie” is a small summary file containing a unique ID number which is sent to your internet enabled device, such as your computer. A web beacon is an electronic image which (whether alone or in conjunction with a cookie) is used to compile information about your website usage and your interaction with email. We use the term "cookies" to cover cookies, web beacons and similar technologies generally used in the market.

When you access any of our websites, we or our authorised service providers may use cookies to help provide you with a more enjoyable, relevant, faster and safer experience with us and our websites. Cookies may store information to help us recognise your internet enabled device (for example, the IP address of your device) and may collect information (for example, number of times a page is visited). In some cases the information used by cookies may be considered Personal Data if you are reasonably identifiable based on information readily available to us.

A cookie will enable us to greet you each time you visit a website without bothering you with a request to register. A cookie also enables us to keep track of your interest in particular products or services on our websites, which we may use to tailor the relevance of news we send you. We also use cookies to measure traffic patterns, to determine which areas of our websites have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. We may log the information for analytical purposes, for example, to analyse trends, administer our websites, track users movements and gather broad demographic information.

If you do not wish to receive cookies, you can set your browser so that your internet enabled device does not accept them.

Section 14 - Internet security and third party websites

We take reasonable steps to ensure your Personal Data is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hardcopy form. Personal Data is destroyed or de–identified when no longer needed.

As our websites are linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information communicated online and in particular cannot guarantee that the information will not be intercepted while being transmitted over the internet.

Our websites may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

Section 15 - Right to Amend our Policy

We reserve the right to amend this Policy at any time. If we make any changes to this Policy and the way in which we use your Personal Data we will post these changes on our websites and will do our best to notify you of any significant changes. Please check our Policy on a regular basis.

Section 16 - Contacting us - Withdrawal of Consent, Access and Correction of Personal data

If you (a) have any questions relating to your Personal Data or about our Policy, (b) would like to withdraw your consent to any use of your Personal Data; or (c) would like to obtain access and make corrections to your Personal Data records, you may contact our Personal Data Protection Officer at +65 68261551 or PDP.Officer@fujixerox.com