This Data Protection Policy (“Policy”) sets out the basis on which Komoco Motors Pte Ltd and its subsidiary, Komoco Car Rentals Pte Ltd (“we”, “us”, or “our”) may collect, use, disclose or otherwise process your personal data. This Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to provide services relating to the processing of personal data.
By visiting or using any of the websites on which this Policy or a link to this Policy appears (collectively, “our Site”) or providing us with your personal data whether online or offline including at our dealerships or workshops (collectively, “our Premises”), you consent to the collection of your personal data for the purposes described below, and will be bound by the terms of this Policy. Please review this Policy carefully each time you visit or use our Site or provide us with personal data.
1. INFORMATION COLLECTION
1.1 We collect personal data about you when you visit our Site or we provide you with services on our Site or at our Premises (the “Services“) or you provide us with your personal data. This includes:
(a) Information that you provide directly to us when you register to use our Services or you make a purchase from us. We may require you to provide us with personal data as necessary to offer and fulfil the Services you request or the purchase. We may require your full name and contact information, national identification number, passport number, user ID, password, credit card, mobile payment and other payment details. We only use your passport number and other national identification information where this is required by law, or where we need to verify individual identities to a high degree of fidelity.
(b) Any correspondence you send to us, including record of any telephone correspondence and e-mails.
(c) Your reviews, feedback and opinions about our company, our business partners, our Site, Services and programmes.
(d) Details of transactions you carry out through our Site or at our Premises and of the fulfilment of your orders.
(e) Details of your visits to our Site and the resources that you access.
(f) Any other personal data that you choose to provide to us, or information that we may ask you for at times, for example in connection with a promotion or when you report a problem with our Website.
1.2 We also use tools like Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies” to measure traffic to our Site and how users interact with our Site. On behalf of our Site, Google will use this information for the purpose of evaluating your use of our Site, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. For further information on how Google uses your data, please refer to http://www.google.com/intl/en/policies/privacy/partners.
1.3 Where you provide personal data of third parties (for example, names and contact details of your family members in connection with bookings), you confirm that you have their consent to provide their personal data to us. We recommend you show them this Policy.
2. USES MADE OF THE INFORMATION
2.1 The purposes for which personal data may be used by us include:
(a) Carrying out our obligations arising from any contract entered into between you and us.
(b) Providing you with access to the content on our Site, responding to your queries, and requests for information and Services and allowing you to participate in interactive features of our Services.
(c) Processing, confirming, providing and charging for bookings of test drive appointments and/or new car purchases.
(d) Providing you with alerts, newsletters, education materials or any other information that you request or have signed up to receive.
(e) Monitoring your use of our Site and your bookings, and troubleshooting any problems with our Site.
(f) Ensuring that content from our Site is presented in the most effective manner for you and for your computer.
(g) Designing and conducting surveys/questionnaires and requests for feedback for client profiling/segmentation, statistical analysis, customer satisfaction, and improving and further developing our products and Services and those of our business partners.
(h) Complying with laws and regulations applicable to us or any of our affiliates in or outside Singapore.
(i) Conducting investigations and/or legal proceedings, including collecting overdue amounts and seeking professional advice.
(j) Researching, designing and launching services or products including seminars/events/forums.
(k) With your consent, facilitating promotional and marketing services and products (please see further details in clause 2.2 below).
(l) Processing or using your personal data in connection with any collaboration or initiative with our business partners.
(m) To provide you with Services including after-sales and maintenance services.
(n) To help us develop, improve, manage and administer our Services and any collaboration or initiative with our business partners.
(o) To help us verify your identity for the purposes of processing and administering any purchase, membership application, registration or Services.
(p) To conduct market research, customer profiling and customer insights.
(q) Any other purposes for which we have obtained your consent.
(r) Purposes directly related or incidental to the above.
2.2 We would like to use your data to send you information that we may think may be of interest to you, including about our business partner’s and our products and Services, news updates, special events, offers and promotions, surveys (“direct marketing”), but can only do so with your consent. In this connection, please note that:
(a) Your name, contact details (including address, contact number, email address), products and services information, transaction pattern and behaviour, background and demographic data held by us from time to time may be used by us in direct marketing.
(b) The following classes of services, products and subjects may be marketed in direct marketing:
(i) Services and products related to our site and/or our affiliates and business partners (including marketing affiliates programmes we are a part of);
(ii) Reward, loyalty or privileges programmes, promotional offers and related services; and
(iii) Invitations to events such as seminars/webinars/tele-seminars, conferences, live programs or events.
(c) We may conduct direct marketing via fax, email, direct mail, telephone and other means of communication or send e-newsletters to you (“marketing communications”).
(d) We will not share your personal data with third party entities so that they may send you marketing communications without your consent.
(e) You may, in accordance with the Personal Data Protection Act 2012 (“PDPA”), choose not to receive marketing communications, or opt-out from receiving marketing communications at any time, free of charge, by simply following the unsubscribe instructions contained in our marketing communications, or by contacting us directly (see below for contact details).
3. DISCLOSURE OF YOUR INFORMATION
3.1 We may disclose your personal data to the following entities and parties for the purposes listed at paragraph 2 above:
(a) Personnel, agents, advisers, auditors, contractors, financial institutions, data processors, and service providers working on our behalf in connection with our operations or Services.
(b) Our overseas offices, affiliates, business partners and counterparts (if any).
(c) Persons to whom we are required to make disclosure under applicable laws and regulations, including disclosure to legal, regulatory, governmental, tax and law enforcement authorities.
(d) Any investor, assignee or transferee (actual or prospective) in connection with any business asset transaction including any merger, sale of all or a portion of our business.
(e) With any other party to whom you have authorised us to disclose your personal data.
3.2 You fully understand and consent that we may transfer your personal data to any location outside of Singapore for the purposes set out in paragraph 2. When transferring your personal data outside of Singapore we will protect your personal data to a standard comparable to the protection accorded to your personal data under the PDPA by ensuring that the recipient is either in a jurisdiction which has comparable data protection laws, or is contractually bound to protect your personal data.
Cookies are small files which require user permission in order to be installed on a computer’s hard drive. Cookies will only start to perform their functions after such permission is granted. By collecting and analysing data on the user’s browsing patterns, cookies allow web applications to respond to the user as an individual by tailoring a web application’s operations to the user’s specific needs and preferences.
Permission for cookies is granted by default in most web browsers. You can however choose to disable this function in your browser’s settings. This may prevent you from taking full advantage of our website.
We may use traffic log cookies to identify which pages are being used. This use is designed to assist us in gathering data on web page traffic. The gathered data is used only for statistical purposes and is removed from our database shortly after.
When you access certain pages of our Site, you may be required to sign in, using an ID and password. Once you signed in, we will record your ID in the cookie file on your computer if you checked the box entitled "Remember me". Permanent cookie files remain on your computer's hard drive until you manually delete the file.
Overall, the data collected by the cookies is used for the purpose of improving your browsing experience on our Site. Cookies do not grant us access to your computer or any information about you outside of your browsing activity on our Site.
We have in place reasonable security arrangements to protect your personal data in our possession or control. However, we cannot be held responsible for unauthorised or unintended use, access or disclosure that is beyond our control. While the transference of electronic data over the internet has inherent risks, we will use reasonable precautions to ensure your personal data is not subject to unnecessary risks.
Some of the means through which such protection is rendered include:
(A) Physical security around the premises of our offices where your personal data may be stored;
(B) Access to your personal data is only available to the staff who require it to perform their duties. All such staff have entered into non-disclosure agreements with us to treat your personal data as confidential ### information; and
(C) Installing and maintaining industry standard technology to protect our networks and data storage systems from third party interference.
6. DO NOT CALL REGISTER
The Do Not Call (“DNC”) Registry prohibits the sending of unsolicited telemarketing messages to Singapore telephone numbers through voice calls, text or fax messages registered on the DNC Registers, unless the organisations sending the messages first procure the user’s/subscriber’s clear and unambiguous consent in written or other accessible forms.
We may, at any material time, present you a form for your signature to obtain your consent to send you such marketing messages.
Some of the parties we share your personal data with (under paragraph 3) may wish to contact you via email, phone call or otherwise for telemarketing purposes. We may, at any material time, present you a form for your signature to obtain your consent for them to send you such marketing messages.
Should you wish to withdraw your given consent, you may contact our Data Protection officer (“DPO”), who will be able to assist you on this matter.
We will retain your personal data for only as long as necessary in order to fulfil the purpose for which it was collected, or as required under the relevant laws or any specific industry-standard requirements.
8. ACCESS TO AND AMENDING PERSONAL DATA
We aim to keep our information as accurate as possible. You can access your personal data, request correction of such data, withdraw any consent to receiving marketing communications, or more generally to our processing of your personal data, or request deletion of your personal data that is in our possession or control by obtaining, filling out, and submitting to us the prescribed form.
Please note that it may take up to 30 business days after receipt of your form for us to process your request. We may charge you a fee for responding to your request. If a fee is to be charged, we will inform you of the amount beforehand and respond to your request after payment is received.
We may be prevented by law from complying with any request that you may make. We may also decline any request that you may make if the law permits us to do so.
Please also note that we may not be able to continue providing you with the products and/or Services you have requested or require if you entirely withdraw your consent or ask us to delete your personal data entirely.
For details on how to obtain such a form, please contact our Data Protection Officer (“DPO”), who will be able to assist you. You may also opt-out of receiving marketing communications at any time by following the unsubscribe instructions contained in the marketing communication, or by contacting our DPO, whose contact details can be found at paragraph 10.
9. CHANGES TO THIS POLICY
We reserve the right to amend this Policy at any time. If material changes are made to this Policy, they will be posted on this page and date stamped. We encourage you to review this page periodically in order for you to stay notified of any changes.
Your continued use of our Site and acceptance of our Services after any changes to this Policy constitutes your acceptance of the revised Policy.
10. CONTACT US
If you have comments or questions about this Policy statement, or wish to obtain a form mentioned in paragraph 8, please contact our DPO at: firstname.lastname@example.org