This Policy statement was last updated on 30 April 2019.
The Institute of Banking & Finance ("we", "our", "us" or "IBF") is committed to respecting and protecting your personal data. This Personal Data Protection Policy ("Policy") sets out the basis on which we collect, use, disclose, store and/or process your personal data. It applies to personal data in our possession or under our control. Please read the following carefully to understand our practices regarding your personal data and how we handle it. By continuing to visit and use this website or our mobile application, or by continuing to participate in our programs and/or utilise our services, you confirm that you understand and consent to the terms of this Policy.
COLLECTION OF INFORMATION
1. We collect various types of personal data. As used in this Policy, "personal data" means data, whether true or not, about an individual who can be identified:
a) from that data; or
b) from that data and other information to which we (and all our affiliates, partners, subsidiaries and all relevant third parties mentioned in this Policy) have or are likely to have access 2. Personal data includes, without limitation, an individual's name; address; telephone numbers; email addresses; date of birth; gender; nationality; marital status; passport number, date and place of issue; personal identification number; driver's licence number and expiration; photographs and other audio-visual material; employment information; payment information; credit and debit card numbers; marketing preferences; preferred communication methods; and any other types of information that you choose to provide to us or that we may collect about you through your interactions with us and our affiliates, partners and subsidiaries.
3. We may collect personal data by way of the information that you provide to us on our website, our mobile application, or by any other means.
4. We may also collect your personal data from our partners and other independent third party sources (e.g. management representatives of financial institutions, IBF-accredited training providers, government agencies). In addition, we may also collect voice and video recordings of you in the course of our interactions with you and in connection with the administration of our programs and services.
COOKIES AND OTHER WEBSITE FUNCTIONALITIES
5. We may automatically collect the following information about you in connection with your visit(s) to our website:
6. When you visit our website, we may assign your computer (or any other device) with cookies (which are small text files created on your computer or device), Local Shared Objects (also known as flash cookies, which can store data more complex than simple text) and Web Beacons (tiny graphics with a unique identifier that are placed in the code of a webpage) (collectively, "Cookies"). By accessing our website, you agree that we can place Cookies on your computer or device.
USE OF PERSONAL DATA COLLECTED
9. We currently use and/or may in the future use your personal data for any purpose not prohibited by applicable law. This includes, but is not limited to, the following purposes:
(collectively, the "Purposes").
SHARING OF PERSONAL DATA
10. We may share your personal data (including your name, the organisation that you belong to, photographs, resumes, examination results, certification status and CPD status), with and among our affiliates, partners and subsidiaries, or with unaffiliated third parties including our third-party service providers, your prospective and/or current employers, recruitment agencies and relevant government agencies and/or regulatory authorities, whether in Singapore or abroad, in connection with the aforementioned Purposes. Some of your non-confidential personal data may also be posted on our website. Please contact our Data Protection Officer at the address indicated below if you wish to have your personal data removed from our website.
TRANSFERS OF PERSONAL DATA OUTSIDE SINGAPORE
11. In connection with the Purposes, your personal data may be transferred to countries outside of Singapore including to our third-party data storage service providers whose cloud servers and data centres may be located overseas. In situations where we transfer your personal data to countries outside of Singapore, we will take steps to ensure that appropriate levels of protection necessary to maintain the security and integrity of your personal data are in place.
WITHDRAWAL OF CONSENT
12. If you do not want your personal data to be collected, used, and/or disclosed by us in the aforementioned manner, you may withdraw your consent by writing to our Data Protection Officer at the address indicated below. Please note that we may not be able to continue to provide you with certain services in the event that you choose to withdraw your consent.
ACCESS TO AND CORRECTION OF YOUR PERSONAL DATA
13. If you wish to access or correct any of your personal data, please contact our Data Protection Officer at the address indicated below. For a request to access or correct your personal data, once we have sufficient information from you to deal with the request, we will seek to respond to your access or correction request within 30 days. Where we are unable to respond to you within the said 30 days, we will notify you of the soonest possible time within which we can provide you with the information requested. Please note that a reasonable administrative fee may be payable for the handing and processing of any access or correction requests made by you.
RETENTION OF PERSONAL DATA
14. Personal data may be retained by us for as long as the purpose for which the personal data was collected continues, or if the retention is necessary for our legal or business purposes, even in circumstances where you have closed your account with us. We will cease to retain personal data once we no longer have a legal or business reason for doing so.
15. We take reasonable care and have implemented technical, administrative, procedural and other measures to protect your personal data from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss. However, we cannot assume responsibility for any unauthorized use of your personal data by third parties which are wholly attributable to factors beyond our control.
CHANGES TO POLICY
16. We may update this Policy from time to time without prior notice by posting a new version on this website. You should check this page regularly to ensure that you are familiar with any changes.
17. Your continued use of our website or mobile application and continued dealings with us for the provision of our products and services, after any changes to this Policy has been made, constitutes your acceptance to such changes.
18. If you have any questions in relation to how your personal data is handled by us, please contact our Data Protection Officer at firstname.lastname@example.org.