We personal data in order to provide our services to you, or if we need to comply with a legal obligation. Our legal ground of processing this data is your explicit consent.
We will use your non-sensitive personal data to
(i) register you as a new client,
(ii) manage payment,
(iii) collect and recover monies owed to us
(iv) to manage our relationship with you,
(v) send you details of our goods and services.
Our legal grounds for processing your data are in relation to the above points are for performance of a contract with you, and in relation to (iii) and (v) above, necessary for our legitimate interests to develop our products/services and grow our business and to recover monies owed.
We will not share your details with third parties for marketing purposes except with your express consent.
2. Disclosure of your personal data
We may have to share your personal and sensitive data with
(i) service providers who provide IT and system administration support including software providers for accounting, marketing and practice management solutions,
(ii) professional advisors including other healthcare professionals, lawyers, accountants, bankers, auditors and insurers
(iii) HMRC and other regulatory authorities
(iv) third parties to whom we sell, transfer or merge parts of our business or our assets and/or
(v) to other professionals for the purposes of delivering our service to you.
We require all of these third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. They are only allowed to process your personal data on our instructions.
3. International transfers
Some of our third-party providers are businesses outside of Singapore and the EEA, in countries which do not always offer the same levels of protection for your personal data.
We do our best to ensure a similar degree of security by ensuring that contracts, codes of conduct or certification are in place which give your personal data the same protection it has within Singapore and Europe.
If we are not able to do so, we will request your explicit consent to the transfer and you can withdraw this consent at any time.
4. Data security
We have security measures in place to prevent your personal and sensitive data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We also limit access to your personal and sensitive data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal and sensitive data on our instructions and are subject to a duty of confidentiality.
We have procedures to deal with suspected personal data breaches and will notify you and any applicable regulator where we are legally required to do so.
In certain circumstances, you can ask us to delete your data. See the section entitled ‘your rights’ below for more information.
We may anonymise your personal and sensitive data (so that you can no longer be identified from such data) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
5. Data retention
We will only keep your personal data for as long as is necessary to fulfil the purposes for which we collected it. We may retain your data to satisfy any legal, accounting, or reporting requirements. For example we need to keep certain information about you for 6 years after you cease to be a client for tax purposes.
You have the right to ask us to delete the data we hold about you in certain circumstances. See section 6.
You can request that we inform you of the data we hold about you and how we process it. We will not charge a fee for responding to this request unless your request is unfounded, repetitive or excessive. In this case we may charge a reasonable fee or decline to respond. To make such a request, please email [email protected] marked for the attention of the Data Protection Officer.
We will, in most cases, reply within one month of the date of the request unless your request is complex or you have made a large number of requests in which case we will notify you of any delay and will in any event reply within 3 months.
7. Keeping your data up to date
We have a duty to keep your personal and sensitive data up-to-date and accurate so from time to time we will contact you to ask you to confirm that your personal data is still accurate and up-to-date. If there are any changes to your personal data (such as a change of address) please let us know as soon as possible by writing to or emailing the addresses set out in section 6 above.