- At Financial Alliance (“FA”) – which includes Financial Alliance Pte Ltd (“FAPL”), FAPL’s licensed financial advisory representatives (“FARs”) and authorised employees, as well as companies within the Financial Alliance Group – we are committed to our responsibilities under Singapore’s Personal Data Protection Act 2012 (the “PDPA”).
- This Data Protection Policy helps you understand how FA collects, uses, discloses and/or processes the personal data you have provided to FA. FA reserves the right to amend any part of this Data Protection Policy at FA’s discretion.
- “Personal Data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Examples include names, identification numbers, contact details, medical records, photographs and video images.
2. PURPOSES FOR COLLECTION, USE & DISCLOSURE OF PERSONAL DATA
Your personal data may be collected, used, disclosed and/or processed by FA for various purposes, depending on the circumstances for which FA may need to process your personal data, including :
- Fulfilling FA’s financial advisory engagement (“the Engagement”) with you. The Engagement is an ongoing relationship by nature and it begins when FA collects personal data to assess your financial needs and situation. As your circumstances and goals change over time, adjustments and re-alignment via new solutions might be necessary to retain relevance and purpose in this Engagement. Thus, FA may send you marketing information via postal mail, emails, voice calls, SMS/MMS and/or faxes to your current and future telephone number(s) that you may provide to FA from time to time (Note: FA’s financial advisory services encompass all aspects of personal financial planning and wealth management, including, but not limited to, the meeting of retirement, education funding, financial protection goals, wealth management goals and wealth distribution desires through advice, recommendations and the use of financial products, services and techniques.);
- Sending you marketing, advertising and/or promotional information and materials relating to events and/or services that FA may be offering from time to time via postal mail, emails, voice calls, SMS/MMS and/or faxes to your current and future telephone number(s) that you may provide to FA from time to time;
- Performing internal administrative, operational and technological tasks for the said purposes, storage and/or backup of your personal data;
- Dealing with or facilitating customer service, carrying out your instructions, or dealing with or responding to any enquiries given by you or on your behalf;
- Complying with or as required by any applicable law, governmental or regulatory requirements of any relevant jurisdiction, including meeting the requirements to make disclosure under the requirements of any law binding on FA and for the purposes of any guidelines issued by regulatory or other authorities, whether in Singapore or elsewhere, with which FA is expected to comply;
- Generating statistics and research for internal and statutory reporting and/or record-keeping requirements;
- Conducting research, analysis and development activities (including but not limited to data analytics, surveys, product and service development and/or profiling) to improve FA’s offerings to customers; and
- Any other purposes which we will notify you of at the time of obtaining your consent, unless the collection, use or disclosure of your personal data without your consent is permitted by the PDPA or other legislation.
For the avoidance of doubt, the collection of your personal data by FA may take place in various ways, including, but not limited to, electronic forms, printed forms and apps.
3. ACCURACY OF PERSONAL DATA
- FA will take reasonable efforts to ensure that your personal data is accurate and complete if your personal data is likely to be used by FAPL to make a decision that affects you, or disclosed to another organisation.
- You should also update FAPL should there be any changes to the personal data that you have previously provided to FA. FA will not be responsible for relying on inaccurate or incomplete personal data arising from your omission to do so. For further details, please refer to Section 7 below.
4. SECURITY OF PERSONAL DATA
- The personal data you provide will be stored with reasonable care and security, and will only be accessed by authorised personnel connected to the fulfilment of your Engagement with FA or to other purposes which you may be notified as the need arises.
5. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
- To fulfil the Engagement or other purposes (which would be made known to you when the need arises), FA will disclose the necessary data to relevant product-issuing and/or service-offering third parties (“Relevant Third Parties”), such as, but not limited to, insurance companies, investment platforms, fund houses, law firms and wills & trust firms. Such information may be transferred within or out of Singapore as FA may consider necessary to fulfil this Engagement. Data disclosed to Relevant Third Parties will thereafter be governed by their respective data use and protection policies. FA does not any assume responsibility for the use of your personal data by Relevant Third Parties.
- However, please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:
- cases in which the disclosure is required or authorized based on the applicable laws and/or regulations;
- cases in which the purpose of such disclosure is clearly in your interests, and if consent cannot be obtained in a timely way;
- cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual;
- cases in which the disclosure is necessary for any investigation or proceedings;
- cases in which the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer;
- cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest; and/or
- where such disclosure without your consent is permitted by the PDPA or by law; and/or
- any other cases that may be prescribed under the PDPA from time to time.
6. ACCESS OF PERSONAL DATA
- You may write in to request to know about your personal data are in FA’s possession and information about the ways in which your personal data have been or may have been used or disclosed within a year before the date of request. To process your request, we will first need to obtain sufficient information from you in order to ascertain your identity as well as the nature of your request, and also seek verification from the data subject, where applicable.
- Once we have sufficient information from you to deal with the request, we will seek to provide you with the relevant personal data within 30 days. Should we be unable to respond to you within 30 days, we will notify you of the soonest possible time within which we can provide you with the information requested.
- Please note that certain types of personal data are not open to access request. They include, but are not limited to:
- Opinion data kept solely for an evaluative purpose;
- The personal data of the beneficiaries of a private trust kept solely for the purpose of administering the trust;
- Personal data which is subject to legal privilege;
- Personal data which, if disclosed, would reveal confidential commercial information that could, in the opinion of a reasonable person, harm the competitive position of the organisation;
- Personal data collected, used or disclosed without consent, for the purposes of an investigation if the investigation and associated proceedings and appeals have not been completed;
- Any request:
- that would unreasonably interfere with the operations of the organisation because of the repetitious or systematic nature of the requests;
- if the burden or expense of providing access would be unreasonable to the organisation or disproportionate to the individual’s interests;
- for information that does not exist or cannot be found;
- for information that is trivial; or
- that is otherwise frivolous or vexatious.
- An administrative fee will be chargeable for accessing your personal data. Please note that FA will not proceed further with your access request unless the fee has been paid to FAPL.
- FA is prohibited from providing an individual access if the provision of the personal data or other information could reasonably be expected to:
- cause immediate or grave harm to the individual’s safety or physical or mental health;
- threaten the safety or physical or mental health of another individual;
- reveal personal data about another individual;
- reveal the identity of another individual who has provided the personal data, and the individual has not consented to the disclosure of his or her identity; or
- be contrary to national interest.
7. CORRECTION OF PERSONAL DATA
- You may write in to correct your personal data currently in our possession. To process your request, we will first need to obtain sufficient information from you in order to ascertain your identity as well as the nature of your request, and also seek verification from the data subject, where applicable.
- Once we have sufficient information from you to deal with the request, we will correct your personal data within 30 days (unless FA is satisfied on reasonable grounds that the correction should not be made). Where we are unable to do so within the said 30 days, we will notify you of the soonest practicable time within which we can make the correction. Please note that the PDPA exempts certain types of personal data from being subject to your correction request.
- We may send the corrected data, upon your consent, to other organisations to which the personal data had been disclosed within a year before the correction is made.
8. WITHDRAWAL OF CONSENT
- You may request to withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control in writing or by emailing us at firstname.lastname@example.org.
- To ensure that all withdrawal requests are authentic and properly recorded, we would require verification of your identity. Once we are satisfied with your identity verification, we will process your request within a reasonable time.
- Important Note: Such withdrawal, depending on its extent, would significantly reduce our ability to process your transactions and maintain our business relationship with you, thus leading to a less-than-ideal experience for you. If the withdrawal is extensive, it may be impossible for your existing relationship with us to continue.
9. RETENTION OF PERSONAL DATA
- We will cease to retain your personal data when it is no longer necessary for any business or legal purpose.