PDPA policy


1) DEFINITIONS

“NMT” - Neu Media Technology LLP which is the service provider governing this PDPA policy

“Client” - Customer that engages NMT services

“Services” - services that are provided to Clients that may include project management and subscription services. 



2) APPLICATION

2.1 This Privacy Policy applies to personal data collected, used, disclosed, and otherwise processed which client provides to NMT when they engage our Services. By engaging these services, the client has given consent for NMT to manage the data. Such personal data will be processed in accordance with local data protection legislations and guidelines issued by the local data protection regulator. 

2.2 Services are defined as: 

- Project implementation (includes project scoping, solution proposal, technical documentations, deploying the solution on staging and production servers, user acceptance testing etc.);
- Training (preparation of training materials);
- Server Hosting service
- Support subscription services (resolving helpdesk tickets via emails, communication channels);

 

3) PERSONAL DATA

3.1 The types of personal data provided by clients may include but not limited to:

- Name; 
- Mailing address(es); 
- Telephone number(s);
- Email address(es); 
- Account & Contact Data when a client subscribes to one of our Services; 


4) HOW WE USE THIS INFORMATION

4.1 NMT only uses the personal data to fulfill our obligations to our clients for Services. 

4.2 The personal data will be used for the following purposes:


- Project development where the personal data is needed by the client in eg. personnel or customer profiles used in the standard modules or customised functions;
- For testing of the deployed system during the implementation period where such personal data are used in the client’s business processes;
- For communications with clients via email, post or telephone where appropriate;
- For support services to answer client’s tickets, queries, comments and feedback, or provide client with assistance in any other way;
- To identify the causes of problems arising at web servers and to resolve these problems;  



5) LIMITATIONS

5.1 Client databases on cloud servers. When a completed project has gone live and the Client has subscribed to NMT Cloud services, any information or content the Client submit or upload into your database is your own, and you control it fully. This data will often include personal information, for example: your list of employees, your contacts and customers, your messages, pictures, videos, etc. NMT only collects this information on your behalf, and you always retain ownership and full control on this data.


6) REQUEST FOR DELETION OF PERSONAL DATA 
6.1 Client has the right to request that NMT delete any of your personal data that we collected from you and retained. We will process such a request within a reasonable time and it may take up to thirty (30) days for this to be reflected in our systems. Once this is complete, we will no longer retain, use and/or disclose your personal data, except for compliance, regulatory or other legal purposes. In that regard, please note that the deletion of your personal data from our database may result in us not being able to provide you with the products or services that you have requested from us.


7) DATA RETENTION
7.1 NMT will only retain such data as long as necessary for the purpose for which it was collected, as laid out in this policy, including any legal retention period, or as long as necessary to carry out our Services.

7.2 NMT shall not retain any Personal Data longer than is necessary for the fulfilment of the Services and to the extent permitted under the PDPA.

7.3 NMT shall upon receiving a written request from the Client to, as soon as possible, delete, correct an error or omission in the Personal Data on or about the individual that is in the possession or under our control.



8) SECURITY

8.1 NMT shall ensure that all Personal Data is used, processed and disclosed is only for the purpose of fulfilling its obligations for the contractual duration of the Services.

8.2 We ensure that all Personal Data received from clients are segregated from those of other clients and shall protect all Personal Data by making reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks. 

8.3 NMT will take reasonable precautions to protect your data and process it securely. Such measures include, but are not limited to passwords, firewalls, and other standardized industry practices. Where you have chosen a password to access your server instance, you are responsible for keeping your password confidential. Do not share your password with anyone. Nevertheless, we strive to protect the security of your information, 

8.4. NMT shall ensure that it has in place and shall maintain throughout the Services appropriate personnel, technical and organizational measures (including but not limited to security practices and systems) to safeguard against any unauthorized or unlawful processing,

8.5 No Personal Data shall be exported outside of Singapore without the prior written consent from the client, provided that the NMT may transfer Personal Data to a recipient outside Singapore for the purposes of NMT’s business continuity planning or disaster recovery planning. 

8.6 NMT shall ensure that all its employees who receive or have access to any Personal Data are properly trained and competent in handling Personal Data and are aware of the obligations.

8.7 NMT shall ensure that only those of its employees that need to have access to Personal Data are given access to the extent necessary to provide the Services.



9) NOTIFICATION

9.1 NMT shall, promptly notify the Customer of any incident or complaint relating to non-compliance with the PDPA (including actual or suspected data breaches) where such incident, complaint relates to Personal Data or Data breach.

 


10) THIRD PARTY SERVICE PROVIDERS

10.1 In order to support our operations we rely on several Cloud Hosting Service Providers. 

Whenever we share data with these Service Providers, we make sure that they use it in compliance with Data Protection legislation, and that the processing they carry out for us is limited to our specific purpose.


11) AMENDMENTS

11.1 We reserve the right to amend this Privacy Policy at any time. Changes may be necessary and in accordance with updated requirements from the Personal Data Protection Act governed by PDPC Singapore.