PRIVACY POLICY

COMMITTED TO YOUR PRIVACY

This Personal Data Protection Policy notice for personal data (“Notice”) is issued to all our valued customers and guests of Masterminds Education Pte. Ltd. (“[Masterminds]”, “us”, “we”, “our” or “ours”), pursuant to the statutory requirements of the Personal Data Protection Act 2012 (Act 26 of 2012) (“PDPA”).

We take our responsibilities under Singapore’s PDPA seriously. We recognise the importance of the personal data entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.

In order to conduct our business operations, we may disclose the personal data you have provided us to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether located in Singapore or outside of Singapore.

Please take a moment to read our Personal Data Protection Policy (“Policy”) so that you know and understand the purposes for which we collect, use and disclose your personal data.

This Policy supplements but does not supersede nor replace any consents you may have previously provided to us in respect of your personal data, and your consents herein are additional to any rights which any of us may have at law to collect, use and/or disclose your personal data.

If you have any questions or concerns about our privacy practices, we welcome you to contact us by e-mail at ken@artistorock.com

PERSONAL DATA PROTECTION POLICY

1 INTRODUCTION TO THE PDPA

1.1 “Personal data” is defined under the PDPA to mean data, whether true or false, about an individual who can be identified from that data, or from that data and other information to which an organisation has, or is likely to have access. Common examples of personal data include names, identification numbers, contact information, medical records, photographs and video images.

1.2 Personal data is collected in accordance with the PDPA. You will be notified of the purposes for which your personal data may be collected, used, disclosed and/or processed, as well as obtain your consent for the collection, use, disclosure and/or processing of your personal data for the intended purposes, unless an exception under the law permits us otherwise.

2 COLLECTION OF YOUR PERSONAL DATA

2.1 The provision of your personal data is voluntary. However, withholding your personal data from us, will mean that we may not be able to provide you the relevant services required.

2.2 We collect personal data during the course of our everyday activities, and will only collect such personal data if it is necessary for our functions or activities.

2.3 The PDPA requires us to collect personal data about you, only from you, if it is reasonable and practical to do so. Some examples of the types of information which we may collect include:

• - Contact information such as names, addresses, telephone numbers, and email addresses
• - Unique information such as ID or passport number, photograph, contact preferences, and date of birth
• - If you are a candidate for employment, we may collect your resume, other information as set in our application or during our recruitment process. This may include information relating to your employment history, working eligibility rights, and your referee details

3 PERSONAL DATA OF CHILDREN

As our site is designed for parents and adults, we do not knowingly collect personal data from children who may visit our site, and we do not knowingly include any such information in our customer databases.

4 HOW PERSONAL DATA IS COLLECTED

4.1 Some examples of how your personal data can be collected:

• - Registration of details on our website, apps or over the counter
• - When you complete bookings, requests or applications for our services (by phone, in person, snail mail, or electronically
• - When you communicate with us directly via our customer service officers, via our co-workers (in person, by email, telephone, direct mail or any other means)
• - When you conduct certain types of transactions such as cancellations
• - When you enter, and when you interact with us during promotions, competitions, contests, lucky draws, special events, or by using devices within our stores;
• - Participate in surveys and other types of research
• - If you are a candidate for employment, when you complete forms in relation to the recruitment and selection process for the purpose of assessment. We may also collect information about you from your nominated referees with your authorisation.

5 PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA

5.1 The personal data we collect from you may be used, disclosed and/or processed for various purposes, depending on the circumstances for which we may need to process your personal data, including but not limited to:

• - To communicate with you
• - To maintain and improve customer relationship
• - To assess, process and provide products, services and/or facilities to you
• - To administer and process any payments related to products, services and/or facilities requested by you
• - To establish your identity and background
• - To respond to enquiries or complaints, and resolve issues or disputes which may arise in connection with dealings with us
• - To provide you with information and/or updates on our products, services, upcoming promotions or events organised by us and selected third parties which may be of interest to you from time to time
• - For notifications via SMS, phone call, email, fax, mail, social media and/or any other appropriate communication channels in accordance with your consent
• - To maintain and update internal record keeping
• - For internal administrative purposes
• - To administer and give effect to your commercial transactions with us
• - To process any payments related to your commercial transactions with us
• - To conduct market research or surveys, internal marketing analysis, customer profiling activities, analysis of customer patterns and choices, planning and statistical and trend analysis in relation to our products and/or services
• - To share any of your personal data with the auditor for our internal audit and reporting purposes
• - To share any of your personal data pursuant to any agreement or document which you have duly entered with us for purposes of seeking legal or for purposes of commencing legal action
• - To share any of your personal data with our business partners to jointly develop products and/or services
• - For audit, risk management and security purposes
• - For detecting, investigating and preventing fraudulent, prohibited or illegal activities
• - For enabling us to perform our obligations and enforce our rights under any agreements or documents that we are a party to
• - For meeting any applicable legal or regulatory requirements and making disclosure under the requirements of any applicable law, regulation, direction, court order, by-law, guideline, circular or code applicable to us
• - To enforce or defend our rights and yours, and to comply with, our obligations under the applicable laws, legislation and regulations
• - For other purposes required to better operate, maintain and manage our business and your relationship with us

As the purposes for which we may/will collect, use, disclose or process your personal data depend on the circumstances at hand, some purposes may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless the collection, use, disclosure or processing of your personal data without your consent is permitted under the PDPA or under any other law.

5.2 In order to conduct our business operations better, we may also disclose your personal data to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether Singapore, or outside of Singapore, for one or more of the purposes referred to in paragraph [5.1]. Such third-party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the purposes referred to in paragraph [5.1].

6 DISCLOSURES OF PERSONAL DATA TO THIRD PARTIES

6.1 Save as expressly provided in this Policy or permitted under the PDPA or under any other law, we will not share, sell, rent or release any personal data collected to any third-party individuals, companies or groups. Any personal data we collect is used for our own purposes as described in this Policy.

6.2 In order to enable us to provide a wide range of products and services to you, we may from time to time engage third-party service providers, including but not limited to:

• - Professional advisors, consultants and/or external auditors
• - Third-party service providers who provide operational services such as telecommunications, information technology, printing, postal service, marketing promotions, and relevant government regulators to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority.

6.3 The third-party service providers are only authorised to use your personal data to perform the service for which they were hired. They are required to comply with the PDPA, all other laws and any of our prevailing policies in relation thereto (including this Policy), and to take reasonable measures to ensure your personal data is secure.

6.4 We will not disclose your personal data to third parties without first obtaining your consent. However, we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:

• - Disclosure is required or authorised based on the applicable laws and/or regulations
• - Disclosure is clearly in your interests, and consent cannot be obtained in a timely way
• - Disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself, your child/children or another individual
• - Disclosure is necessary for any investigation or proceedings
• - Cases where the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation, certifying that the personal data is necessary for the purposes of the functions or duties of the officer
• - Disclosure is to a public agency and such disclosure is necessary in the public interest
• - Disclosure without your consent is permitted under the PDPA or under any other law

6.5 The instances listed above at paragraph [6.4] are not intended to be exhaustive. For more information on the exceptions, you are encouraged to refer to the Second, Third and Fourth Schedules of the PDPA which can be found at https://sso.agc.gov.sg/.

6.6 Where we disclose your personal data to third parties with your consent, we will employ our best efforts to require such third parties to protect your personal data in a manner required under the PDPA or any other law.

7 REQUEST FOR ACCESS AND/OR CORRECTION OF YOUR PERSONAL DATA

7.1 You may request to access and/or correct your personal data for the time being in our possession by submitting your request through email or in person at our front desk.

7.2 For a request to access personal data, we will provide you with the relevant personal data within thirty (30) days from the date of your request.

7.3 Where a request cannot be fulfilled within the above time frame, you will be informed of the earliest time in which we will respond.

7.4 For a request to correct personal data, we will correct your personal data as soon as possible after our receipt of such request, unless we have reasonable grounds to do otherwise.
 
7.5 Depending on the scope and nature of the work required to process an access or correction request, a fee may be charged to recover administrative costs. This will be assessed on a case-by-case basis. Where such a fee is required, you will be provided with a written estimate of the fee for your consideration. Your request will be processed once payment of the fee is received. In certain cases, we may also require a deposit from you before we process your request. You will be notified if a deposit is required, if any.

8 REQUEST TO WITHDRAW CONSENT

8.1 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession by submitting your request through email or in person at our front desk.

8.2 Your request will be processed within a reasonable time. Thereafter we will not collect, use and/or disclose your personal data in the manner stated in your request.

8.3 However, your withdrawal of consent may result in certain legal consequences arising. In this regard, depending on the extent of your withdrawal of consent for us to collect, use, disclose and/or process your personal data, it may mean discontinuing your existing relationship with us.

8.4 The collection of your personal data may be mandatory or voluntary depending on the purposes for which your personal data is collected. Where it is necessary for you to provide us with your personal data, and you fail or choose not to provide us with such personal data, or do not consent to the above or this Policy, we will not be able to provide our products and/or services (or any part thereof) to you.

9 ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA

9.1 We will take all reasonable effort to ensure that your personal data is accurate and complete, if usage of your personal data is likely to affect you. This means that you are required to update us of any changes in your personal data from time to time. We will not be responsible or liable for any consequences arising from the provision of any inaccurate or incomplete personal data to us.

9.2 We will arrange for reasonable security measures to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorised use of your personal data by third parties, or for instances attributable to factors beyond our control.

9.3 We will put in place measures to destroy and/or anonymise your personal data in our possession as soon as it is reasonable to assume that:

• - The purpose for which that personal data was collected is no longer being served
• - Retention of that personal data is no longer necessary for any other legal or business purposes

10 COMPLAINT AND GRIEVANCES

10.1 If you have any complaint or grievance regarding the handling of your personal data, or about how we are complying with the PDPA, you are welcomed to contact us through email or at our front desk.

10.2 You may also contact us through one of the following methods with your complaint or grievance:

10.3 When drafting an email or a letter, your indication at the subject header that it is a PDPA complaint will assist us in attending to your complaint expeditiously. For example, the subject header can be titled “PDPA Complaint”.

11 UPDATES ON PERSONAL DATA PROTECTION POLICY

11.1 As part of our efforts to properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.

11.2 We reserve the right to amend the terms of this Policy at our discretion. Any amended Policy will be posted on our website and can be viewed on this page.

11.3 You are encouraged to visit this page from time to time to keep updated of our latest policies in relation to personal data protection.