ABOUT THIS NOTICE
Elevandi Limited (herein be referred as “Elevandi”, “us”, “we” or “our”) is committed to safeguarding your privacy. When you interact with us, you may share information with us that allows identification of you as an individual (“Personal Data”). We may gather such information when reach out to us and/or join any of our certification progammes.
This Data Protection and Privacy Notice (“Notice”) describes how we manage Personal Data in this context. This Notice also describes your data protection rights, including a right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out under "How to access and control your Personal Data” below.
Elevandi acts in accordance with the Personal Data Protection Act (No. 26 of 2012) of Singapore (“PDPA”), the European Union General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”),the UK Data Protection Act of 2018 (“UK GDPR”) and the Personal Information Protection Law of the People’s Republic of China (“PIPL”).
The relevant data controller of Personal Data is Elevandi for the purpose of data subjects from the UK and the EU.
WHO WE ARE
Elevandi (which means to lift up or raise up) is a non-profit organisation set up by the Monetary Authority of Singapore (MAS). Elevandi is running a series of certification programmes in collaboration with universities in Singapore to harness FinTech for growth and development in the new digital economy(together referred to as “Services”).
WHO WE COLLECT PERSONAL DATA FROM
In the context of the Services provided by us, we collect Personal Data from:
The individuals about whom we collect Personal Data shall herein be referred to as “you” in this Notice.
HOW WE COLLECT PERSONAL DATA
We collect Personal Data from and about you in the following ways:
WHAT PERSONAL DATA WE COLLECT
Generally, we will seek to reduce the collection of Personal Data to what is needed to complete the respective function or service. We may collect, use, process, store and transfer different kinds of Personal Data about you when you participate in our events or engage us for our Services. The
Personal Data collected includes but is not limited to the following:
HOW DO WE USE YOUR PERSONAL DATA
We use your Personal Data in the following ways:
Please note that if you choose not to provide us with your Personal Data or choose not to consent or to object to our processing of your Personal Data, we may not be able to provide some or all our Services to you or respond to your other requests.
These purposes may continue to apply even in situations where your relationship with us has been terminated or altered in any way. In such cases, we may still retain Personal Data relating to you and use or disclose such information for legal or business purposes, including for compliance with the PDPA, UK GDPR, GDPR and/or other applicable laws.
THIRD PARTIES THAT WE MAY SHARE YOUR PERSONAL DATA WITH
Where and when required, your Personal Data may be shared with third parties in certain circumstances. The third parties include:
● Our partners
We may share Personal Data with our collaboration partners, and any third-party business partners who work with us, whether jointly with us or independently.
● Our service providers
We use other companies, agents or contractors to perform services on our behalf or to assist us with the provision of our Services, we may share your Personal Data with the following categories of service provider(s):
We may, where you consent, share some of your Personal Data with the sponsors and exhibitors so that they can send you information about products, content and services that might interest you and for internal analytical and business development purposes. You can withdraw this consent at any time. Please note that the sponsors and exhibitors have their own privacy policies, you should check their privacy policies or opt-out from their communications directly with the respective organisations.
In certain circumstances, we may be required to disclose or share Personal Data in order to comply with legal obligations from regulatory or supervisory authorities (e.g. police, regulators, government agencies or to judicial or administrative authorities). We may also disclose Personal Data to third parties where disclosure is both legally permissible and necessary to protect or defend our rights, matters of national security, law enforcement, to enforce our contracts or protect your rights or those of the public.
We may transfer Personal Data to third parties in connection with a reorganisation, restructuring, merger, acquisition or transfer of assets, provided that the receiving party agrees to treat your Personal Data in a manner consistent with this Notice.
Please note that our websites may, from time to time, contain links to and from the websites of our partners or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we have no control over how they may use your Personal Data. You should check the privacy policies of these third-party websites before you submit any Personal Data to them.
THE LEGAL BASIS FOR INDIVIDUAL PROCESSING
We process your Personal Data for the following purposes:
To fulfil a contract, or take steps linked to a contract: this is relevant where you agree to attend an event we run. This includes:
· verifying your identity, this also includes collecting your age or storing an image of you;
· taking payments;
· communicating with you; and
· providing customer services and arranging the provision of Services.
To conduct our business and pursue our legitimate interests, in particular:
· we monitor and analyse use of our websites and online services, and use your information to help us monitor, improve and protect our Services and websites;
· we use information you provide to personalise our websites or Services for you;
· if you provide a credit or debit card as payment, we also use third parties to process that payment and check the validity of the card number you submit in order to prevent fraud (see data sharing below);
· we use information you provide to investigate any complaints received from you or from others, about our websites or our Services;
· Images and audio and video recordings may be used for marketing future events, this especially applies to you if you are a speaker or member of a panel; and
· we will use data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation).
We have carried out balancing tests for all the data processing we carry out based on our legitimate interests, which we have described above.
Where you give us consent:
· we may send you direct marketing in relation to our Services;
· where we provide our sponsors or exhibitors with some of your Personal Data so they can contact you before or after an event in order to provide you with further information that you may be interested in;
· we place Cookies and use similar technologies in accordance with our Cookies Policy and the information provided to you when those technologies are used; and
· on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time;
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above.
For purposes which are required by law:
· we will process information in order to comply with portability requirements under (UK) GDPR; and
· we will provide data in response to requests by government or law enforcement authorities conducting an investigation.
We implement appropriate technical and organisation measures to protect your Personal Data against accidental, unauthorized or unlawful use, disclosure, access, destruction, loss, change or damage. Access to your Personal Data is strictly limited to persons on a “need-to-know” basis.
However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that, for example, no harmful code (e.g. viruses, bugs, trojan horses, spyware or adware) will enter our websites. You should be aware of the risks associated with using websites.
While we strive to protect your Personal Data, we cannot ensure the security of the information you transmitted to us via the Internet.
TRANSFER TO OTHER COUNTRIES
In the provision of our Services, the Personal Data we collect may be transferred to and processed by us or third parties in countries outside the EU, the UK or the People’s Republic of China. In all such instances, we shall ensure that the transfer of your Personal Data is carried out in accordance with any applicable laws and that appropriate safeguards (e.g. contractual, technical and organisational measures) are put in place before such transfer takes place.
COOKIES AND WEBSITE
If you wish to disable any Cookies associated with these technologies, you may do so by changing the settings on your browser or manually select “Decline” when first visiting our websites. However, please note that once Cookies has been disabled, you may still continue to use our websites but with limited functionality.
HOW TO ACCESS AND CONTROL YOUR PERSONAL DATA
You have the following rights where applicable:
Withdrawing Consent. You may withdraw your consent for us to process your Personal Data at any time, free of charge. This includes cases where you wish to opt-out from marketing messages that you receive from us. Individuals are given rights in relation to their Personal Data pursuant to the applicable law.
If you are based in the EU or the UK, you may have the right to complain to your competent data protection supervisory authority (e.g. the Information Commissioner’s Office for data subjects in the UK).
You have the right to not be subject to a decision based solely on automated decision-making where the decision would have a legal effect on you or produce a similarly significant effect. If we send you electronic marketing messages based on your consent or as otherwise permitted by applicable law, you may, at any time, respectively withdraw such consent or declare your objection at no cost. The electronic marketing messages you receive from us will also include an “unsubscribe” option within the message itself to enable you to manage your Personal Data. Please note that if you opt-out of receiving direct marketing materials, we may still send you non-promotional messages, such as receipts or information about the Services we are providing to you.
In order to enable you to exercise these rights with ease and to record your preferences in relation to how we use your Personal Data, you may manage your privacy preferences at any time by contacting Elevandi at [email protected].
CHANGES TO THIS NOTICE
We reserve the right to change this Notice from time to time.
If you have any questions about your privacy, your privacy rights, or how to exercise them, please feel free to contact Elevandi at [email protected]. We will respond to your request within 5 days upon verification of your identity, if applicable.
This Notice was updated on 15 Mar 2023 and is effective as of that date.