Product Features Contact us     Login 
Product Features Contact us
Privacy Policy

Version 1.0
Effective on 04 January 2021.
The original document is available at https://safeworkplace.today/privacy.


Introduction

This document describes the privacy policy for the “Safe workplace” service hosted at https://safeworkplace.today accessible through the website, the “Control Center” administration console and the mobile applications “Safe workplace” available on the Apple Store for iOS and the Google Play store for Android. The Safe workplace trademark, the website, the applications and all available services belong to Alterang Pte. Ltd. which is a Singapore Accounting and Corporate Regulatory Authority (ACRA) registered company under UEN 202022718Z. Alterang (we, us, our) fully complies with Singapore Personal Data Protection Act (PDPA) as our service is exclusively dedicated to Singapore-based users. More information on PDPA can be found at https://www.pdpc.gov.sg.

This policy explains how we collect, use, share and protect personal data, that is, any data that can be used to identify an individual.


What personal data we collect, how, and for what purpose

We collect personal data from two categories of person, each for different purposes:

1)   Company representative personal data
This data is limited to First name, Last name, Company name, Job title, E-mail address and Phone number. We collect this data through the online form at https://safeworkplace.today, e-mails sent to contact@safeworkplace.today or phone calls. This data is kept as part of our Customer Relationship Management process. We use this data to address our clients and provide them with the most adequate service offer. We do not disclose or share this data with anyone.

Specific note about the online form at https://safeworkplace.today: This form is protected by reCAPTCHA v2 Invisible, which is an automated spam detection service provided by Google, LLC. By submitting information through this form, the user accepts the terms and conditions of Google’s reCAPTCHA v2 APIs which can be found at https://www.google.com/policies/terms/.

2)   Company employees’ personal data
This data is limited to Full name, NRIC / FIN number, Phone number, Team name and E-mail address. We collect this data from the person’s employer or their representative, including but not limited to Safety Officer, Human Resource representative and Office/Building Manager. This data is kept in the Safe workplace system and only serves the purpose of providing our services. We require this data in order to verify each person’s identity with a high level of accuracy.

Specific note about collecting NRIC / FIN number and Phone number: Part of our service offer is to act as a third-party connection with Singapore Government Technology Agency (GovTech) SafeEntry. SafeEntry service consists in checking people in and out of a property in order to trace Covid-19 potential contact cases. For more information on SafeEntry, visit https://www.safeentry.gov.sg/. The use of SafeEntry in office premises has been made mandatory, even for companies which already have an existing attendance management system in place. For more information, visit https://covid.gobusiness.gov.sg/.
We provide a single check-in/check-out system to both our service and SafeEntry through the official GovTech NDI API service. All calls to the NDI API service are encrypted with their public key and signed with our own private key, in compliance with the guidelines available at https://www.ndi-api.gov.sg/. The two personal data elements required by SafeEntry to register people are NRIC / FIN number and Phone number, thus our need to collect them.

Apart from the data exchange occurring with GovTech SafeEntry service, we do not disclose or share this data with anyone.

How long we retain personal data

The time during which we retain personal data depends on the aforementioned categories:

1)   Company representative personal data
This data is kept for as long as needed for the purpose of which it is collected or for the duration required to comply with applicable laws, whichever is longer.

2)   Company employees’ personal data
We retain this data for as long as the person is using our service. Should this person be removed from the list of users, all records containing their data will be automatically deleted within 6 business days. It is the responsibility of the company to notify us when one of their employees is not using the service anymore, or to remove them directly through the “Control Center” application.
If the company decides to terminate the service, we will delete all Employees personal data within 6 business days after we receive the notification of termination or the last day of service, whichever is later.

Withdrawal of consent

In compliance with PDPA, we will process and effect a withdrawal of consent request within 10 business days after receiving the notice. Since all data we collect only serve operational purposes, it is understood that withdrawing consent may prevent us from providing our services.

Access and Modification of personal data

In compliance with PDPA, we will respond to an access or modification request within 30 days after receiving such a request.

Protection of personal data

We have two categories of measures to protect our clients’ and users’ personal data:

1)   Administrative measures
We have put in place a Data Protection Management set of procedures and rules. For instance, access to personal data is strictly restricted to people with an operational reason or need to do so. These people are identified by name in a list. Our Data Protection Officer (DPO) keeps and maintains this list every quarter.

2)   Technical measures
Personal data is stored on a secured server with a world-renowned Cloud service provider. We implement cybersecurity measures to protect all our data such as encryption, intrusion detection and firewalls. We conduct a full review of our technical setup regarding cybersecurity twice a year.

Changes to this policy

We may from time to time amend this policy by uploading a revised document at https://safeworkplace.today/privacy. We commit to communicate directly to our users on all changes we make via direct e-mails and notifications through the different platforms.

Contact us

Should you have any questions related to our services, you can contact us at contact@safeworkplace.today.

For queries or complaints specifically related to personal data protection, please send an e-mail to dpo@alterang.com, or write to:
 ALTERANG PTE. LTD.
 Data Protection Officer
 160 Robinson Road
 #14-04, SBF Centre
 Singapore 068914