This Privacy Policy (the “Policy”) applies to the collection, use and disclosure of an individual customer’s Personal Data (hereinafter defined) arising from goods and/or services offered by MiRXES Pte. Ltd. its related corporations and affiliates, and their respective successors in title (collectively referred to as “MiRXES”).

1. General

1.1: This Policy statement provides information on the obligations and policies of MiRXES in respect of an individual customer’s Personal Data. MiRXES undertakes to use reasonable efforts in applying, where practicable, those principles and the processes set out herein to its operations.

1.2: MiRXES’s officers, management, and members of staff shall use reasonable endeavours to respect the confidentiality of and keep safe any and all Personal Data collected and/or stored and/or disclosed and/or used for, or on behalf of, MiRXES. MiRXES shall use reasonable endeavours to ensure that all collection and/or storage and/or disclosure and/or usage of Personal Data by MiRXES shall be done in an appropriate manner and in accordance with the Act and this Policy.

1.3: By interacting with us, submitting information to us, or signing up for any products or services offered by us, you agree and consent to MiRXES as well as to its respective representatives and/or agents (“Representatives”) (collectively referred to herein as “MiRXES”, “us”, “we” or “our”) collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to MiRXES’s authorised service providers and relevant third parties in the manner set forth in this Privacy Statement.

1.4: This Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your Personal Data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your Personal Data.

1.5: For the purposes of this Policy, in line with the provisions under the Singapore Personal Data Protection Act 2012 (No. 26 of 2012) (the “Act”), “Personal Data” shall mean data, whether true or not, about an individual customer who can be identified — from that data; or from that data and other information which an organisation has or is likely to have access. Such Personal Data shall also refer to that which is already in the possession of MiRXES or that which shall be collected by MiRXES in future.

2. Contacting the Data Protection Officer

2.1: Where you legitimately request access to and/or correction of Personal Data relating to you, such Personal Data which is in the possession and control of MiRXES, MiRXES shall provide and/or correct that data within 30 days and in a manner in accordance with its standard procedures as stated hereinafter.

2.2: In accordance with the Act, MiRXES has established a process for receiving and responding to any query or complaint that may arise with respect to the application of this Act. To ensure that MiRXES receives your complaints and enquiries, please send the same via email to the Data Protection Officer (the “DPO”) of MiRXES at the following email address: [email protected].

2.3: Please note that if your personal data has been provided to us by a third party (e.g. a member via a referral process), you should contact that individual to make such queries, complaints, and access and correction requests to MiRXES on your behalf.

2.4: Should you not wish MiRXES to use your Personal Data for any of the purposes listed in Clauses 3.2 to 3.4, or not to receive promotional materials from MiRXES, you may opt out by sending a clearly worded email to the DPO via the email address provided in Clause 2.2. Your request shall be processed within 30 days. Please note however that this may affect our ability to attend to your needs in the event where there is already an existing business relationship.

3. Statement of Practices

Types of Personal Data Collected:

3.1: As part of its day-to-day activity, MiRXES may collect from you, through various means, including via our websites, smart phone applications, marketing events such as road shows and any forms used by MiRXES from time to time, some or all of the following Personal Data:

  • Name (first and surname);
  • Postal Address;
  • Phone number (including mobile);
  • Office number;
  • Fax number;
  • Email address;
  • Bank account/credit card details;
  • Gender;
  • Personal Data of your emergency contacts;
  • IP addresses; and
  • Photographs and images.

Cookies

We use cookies on our websites to track website visitorship and experience. Most web browsers are designed to accept cookies. If you do not wish to receive any cookies, you may set your browser to refuse it.

Purpose of Collection of Personal Data

3.2: The above Personal Data mentioned in Clause 3.1 is collected for the purposes of processing your application and to ascertain if you are eligible for discounts, privileges or benefits or other related purposes; to conduct market research and analysis; for direct marketing through voice calls; text messages; email; direct mail and facsimile messages; for payment and/or credit control purposes; to notify you of any changes to our policies or services which may affect you; to respond to queries and feedback; for identification and informing you of new developments, services, promotions of MiRXES and other third parties which we are associated with.

Disclosure of Personal Data

3.3: In order to carry out the functions described above, MiRXES may, from time to time, disclose your Personal Data between MiRXES’s related corporations and affiliates.

3.4: Without derogating from any of the above, MiRXES may also disclose your Personal Data to the following third parties:

  • Regulators and law enforcement officials;
  • Lawyers;
  • Auditors;
  • Third party service providers and consultants;
  • Credit, debit and charge card companies, banks and other entities processing payment;
  • Potential buyers or investors of MiRXES or any of MiRXES’s companies; and
  • Any agent or subcontractor acting on MiRXES’s behalf for the provision of MiRXES’s services.

3.5: MiRXES may disclose your Personal Data to the above mentioned parties also in the occurrence of any of the following events:

  • To the extent that MiRXES is required to do so by the law;
  • In connection with any legal proceedings or prospective legal proceedings;
  • To establish, exercise or defend MiRXES’s legal rights;
  • To the purchaser (or prospective purchaser) of any business or asset which MiRXES is (or is contemplating) selling;
  • To any person and/or entity for the purpose of processing such information on MiRXES’s behalf;
  • To third parties who provide services to MiRXES or on its behalf;
  • To any third party that purchases MiRXES or MiRXES’s business or any part of MiRXES or MiRXES’s business;
  • With your consent; and
  • For the purposes of disaster recovery.

Optional Provision of Personal Data

3.6: In some instances, you may also be requested to provide certain Personal Data that may be used to further improve MiRXES’s products and services and/or better tailor the type of information presented to you. In most cases, this type of data is optional although, where the requested service is a personalised service, or provision of a product or dependent on your providing all requested data, failure to provide the requested data may prevent MiRXES from providing the service to you. This type of data includes, but is not limited to:

  • Your age;
  • Gender;
  • Salary range and employment details;
  • Education and Profession;
  • Hobbies and leisure activities;
  • Other related products and services subscribed to; and
  • Family and household demographics.

3.7: Under certain circumstances, telephone calls made to any of MiRXES’s related corporations and affiliates to order and/or service hotlines and/or inquiry telephone numbers are recorded for the purposes of quality control, appraisal, as well as staff management and development. In such an event, by agreeing to this Policy, you hereby give your consent for the collection, use and disclosure of such Personal Data for the purposes of our records, following up with your enquiry and/or transaction, and for quality control and training purposes.

4. Transfer of Personal Data Overseas

Your Personal Data may be processed by MiRXES, its affiliates, agents and third parties providing services to MiRXES, in jurisdictions outside of Singapore. In this event MiRXES will comply with the terms of the Act.

5. Accuracy of Personal Data

Where possible, MiRXES will validate data provided using generally accepted practices and guidelines. This includes the use of check sum verification on some numeric fields such as account numbers or credit card numbers. In some instances, MiRXES is able to validate the data provided against pre-existing data held by MiRXES. In some cases, MiRXES is required to see original documentation before we may use the Personal Data such as with Personal Identifiers and/or proof of address. To assist in ensuring the accuracy of your Personal Data in the possession of MiRXES, please inform us of any updates of any parts of your Personal Data by sending a clearly worded email to the DPO at the email address provided at Section 2.2.

6. Protection of Personal Data

MiRXES uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Data and will not knowingly allow access to this data to anyone outside MiRXES, other than to you or as described in this Policy. However, MiRXES cannot ensure or warrant the security of any information you transmit to MiRXES and you do so entirely at your own risk. In particular, MiRXES does not warrant that such information may not be accessed, altered, collected, copied, destroyed, disposed of, disclosed or modified by breach of any of MiRXES’s physical, technical, or managerial safeguards.

7. Access and Correction of Personal Data

7.1: In accordance with Clause 2.1 of this Policy, you have the right to:

  1. check whether MiRXES holds any Personal Data relating to you and, if so, obtain copies of such data; and
  2. require MiRXES to correct any Personal Data relating to you which is inaccurate for the purpose for which it is being used.

7.2: MiRXES reserves the right to charge a reasonable administrative fee in order to meet your requests under Clause 7.1(a). Upon payment of the requisite fee under Clause 7.1(a) and/or receipt of your request under Clause 7.1(b), your request shall be processed within 30 days.

7.3: If you wish to verify the details you have submitted to MiRXES or if you wish to check on the manner in which MiRXES uses and processes your personal data, MiRXES’s security procedures mean that MiRXES may request proof of identity before we reveal information. This proof of identity will take the form of full details of name and NRIC or Passport or Fin number. You must therefore keep this information safe as you will be responsible for any action which MiRXES takes in response to a request from someone using your details.

8. Storage and Retention of Personal Data

MiRXES will delete, as reasonably possible, or otherwise anonymise any Personal Data in the event that the Personal Data is not required for any reasonable business or legal purposes of MiRXES and where the Personal Data is deleted from MiRXES’s electronic, manual, and other filing systems in accordance with MiRXES’s internal procedures and/or other agreements.

9. Contacting you

To the extent that any of the communication means which you have provided MiRXES with (which may include, your telephone number and fax number) is/will be listed on the Do Not Call Registry (the “DNC”), by any other means of indication, you hereby grant MiRXES your clear and unambiguous consent to contact you using all of your communication means you have provided to MiRXES including using via voice calls, SMS, WhatsApp, fax or other similar communications applications or methods, for the purposes as stated above in Paragraph 3.2.

10. Change Policy

MiRXES reserves the right to alter any of the clauses contained herein in compliance with local legislation, and for any other purpose deemed reasonably necessary by MiRXES. You should look at these terms regularly. If you do not agree to the modified terms, you should inform us as soon as possible of the terms to which you do not consent. Pending such notice, if there is any inconsistency between these terms and the additional terms, the additional terms will prevail to the extent of the inconsistency.

11. Governing Law

This Policy is governed by and shall be construed in accordance with the laws of Singapore. You hereby submit to the non-exclusive jurisdiction of the Singapore courts.

12. Miscellaneous

12.1: This Policy only applies to the collection and use of Personal Data by MiRXES. It does not cover third party sites to which we provide links, even if such sites are co-branded with our logo. MiRXES does not share your Personal Data with third party websites. MiRXES is not responsible for the privacy and conduct practices of these third-party websites, so you should read their own privacy policies before disclosure of any Personal Data to these websites.

12.2: MiRXES will not sell your personal information to any third party without your permission, but we cannot be responsible or held liable for the actions of third-party sites which you may have linked or been directed to MiRXES’s website.

12.3: MiRXES’s websites do not target and are not intended to attract children under the age of 18 years old. MiRXES does not knowingly solicit personal information from children under the age of 18 years old or send them requests for personal data.