At Straits Interactive Pte Ltd and/or Data Protection Excellence Network (“DPEX”) (collectively “Straits”) we respect the privacy and confidentiality of the personal data of our Customers, Associates and others whom we interact with in the course of providing our services. Being Data Protection Trustmark (DPTM) certified, we are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2012.
We have developed this Data Protection Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.
For information on how we collect, use, disclose, process, protect and retain your personal data in relation to our Capabara suite of capability-as-a-platform services (“Capabara”), please refer to: https://capabara.com/privacy_notice/.
Personal data refers to any information that can uniquely identify an individual person (a) on its own, or (b) when combined with other information. Under the PDPA, business contact information (e.g. full name, business address, business telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.
We generally collect personal data that you knowingly and voluntarily provide:
The types of personal data we collect about you include (but are not limited to) the following:
We use the personal data you provide us for one or more of the following purposes:
Enrolling you into government funded programmes
Please note that if you send us feedback or a complaint regarding a particular individual within Straits or associated with Straits, we may have to disclose your identity, as well as your feedback or complaint, to the individual concerned in order for us to carry out our investigations. If you do not wish for such information to be made known to the individual, please state so explicitly in your communications with us. However, please be aware that if you choose not to allow such information to be disclosed to the individual concerned, then it may hamper our investigations, and we may not be able to effectively resolve the issues raised by you. This paragraph does not apply in instances of whistleblowing.
We disclose some of the personal data you provide us to the following entities or organisations outside Straits in order to fulfil our services to you:
Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
Before we collect, use or disclose your personal data, we will notify you of the purpose(s) why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.
Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you apply for a job with us using our job application forms or when you attend our events and knowingly allow us to take your photographs or videos after being notified of the same.
We may rely on exceptions to the need for consent under the PDPA for the collection, use or disclosure of your personal data under the following circumstances (only those relevant to Straits are included):
In circumstances where we collect the personal data of our minors (such as students, for our competitions), we will also request for the contact information of an authorised adult (such as a parent or a school teacher). This is an additional safeguard to ensure that an authorised adult is aware of the provision of information by the minors.
You have choices regarding our collection, use or disclosure of your personal data. If you choose not to provide us with the personal data described in this Notice, we may not be in a position to process your required services. You have the right to withdraw your consent in the manner described in this section 6.2.
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us. For any competitions that we conduct, a request for the withdrawal of your consent to the processing of your personal data will also amount to a request for your withdrawal from the competition.
Your request for withdrawal of consent can take the form of an email or letter to us, or through the “UNSUB” feature in an online service.
We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.
Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session.
You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions on our websites or Capabara platform.
We do not obtain consent on behalf of another individual. We only obtain consent from the individual who will be dealing directly with us.
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date.
From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data (such as a change in your mailing address).
We have implemented appropriate information security and technical measures (such as data encryption, firewalls and secure network protocols) to protect the personal data we hold about you against loss, misuse, destruction, unauthorised alteration/modification, access, disclosure, or similar risks. These are governed by our internal data protection and information security policies, and other relevant SOPs.
We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons and third parties on a ‘need to know’ basis.
When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.
We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.
You may write in to us to find out how we have been using or disclosing your personal data over the past one year. Before we accede to your request, we may need to verify your identity by sighting your NRIC or other legal identification documents. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
If you find that the personal data we hold about you is inaccurate, incomplete, misleading or not up-to-date, you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.
Where there is a need to transfer your personal data to another country outside Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as those in Singapore.
If you have any query or feedback regarding this Policy, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at: dpo@straitsinteractive.com.
Any query or complaint should include, at least, the following details:
We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.
We may update this Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.
Changes to this Notice take effect when they are posted on our website.
DPEX Network is a Community Initiative of Straits Interactive.
Copyright © 2025 Straits Interactive Pte Ltd. All Rights Reserved.
All intellectual property rights to logos and brands featured on this website remain the property of their respective owners.