fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Privacy Policy

1 – Introduction

At Privacy Ninja Pte Ltd (“www.privacy.com.sg”) and (“www.mcstdpo.sg“)we respect the privacy and confidentiality of the personal data of our Clients, Associates and others whom we interact with in the course of providing our services. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2020.

We have developed this Data Protection Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.

2 – How We Collect Your Personal Data

Personal data refers to any information that can uniquely identify an individual person (a) on its own, or (b) when combined with other information. Under the PDPA, business contact information (e.g. full name, business address, business telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.

We collect your personal data when you:

  • Enter into an agreement or contract with us to provide you (not representing any organization) with our consultancy and advisory services
  • Register for and enrol in any of the training courses and certification programmes that we conduct (including processing of your applications under any government funding programmes that we are under)
  • Respond to our electronic direct mails (EDMs) sent by us as part of our marketing or promotion campaigns through an authorised third party EDM service provider
  • Are referred to us for our services by one of our clients
  • Enquire about our range of training courses and services
  • Visit our website and leave behind your contact information through our contact form
  • Subscribe to our email mailing list
  • Communicate with us via emails or written correspondences

3 – Types of Personal Data We Collect About You

The types of personal data we may collect about you include:

  • Your contact information (Name, Email Address, Mobile number)
  • Your personal details (Name, Nationality)
  • Your NRIC last four characters for course attending taking and verification (applicable to certain courses regulated by the Government)

4 – How We Use Your Personal Data

We use the personal data you provide us for one or more of the following purposes:

  • Enrolling you onto our training programmes
  • Analyse your visits to our website
  • Provide our consultancy and advisory services
  • Conduct training courses and programmes that you have signed up for
  • Process account payables/receivables
  • Process billing, payment and other credit-related activities
  • Conduct direct marketing and lead generation activities through advertisements and EDMs on our events, seminars, workshops and services
  • Conduct joint marketing with other companies and service providers
  • Communicate with customers, members and website visitors
  • Respond to your inquiries and feedback to improve our quality of service
  • Analyse the use of our products, services or websites
  • Carry out our obligations arising from any contracts entered into between you and us (e.g employment)
  • Comply with or fulfill legal obligations and regulatory requirements

5 – Who We Disclose Your Personal Data To

We disclose some of the personal data you provide us to the following entities or organisations outside Privacy Ninja Pte Ltd in order to fulfil our services to you:

  • External educational regulators (e.g. Skillsfuture Singapore)
  • External professional service providers (Book-keepers)
  • EDM/Email Service Vendors (e.g. Mailchimp)
  • Cloud Service Providers

Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.

6 – How We Manage the Collection, Use and Disclosure of Your Personal Data

6.1       Obtaining Consent
Before we collect, use or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.

Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose, e.g. when you apply for a job with us by sending in your resume/CV containing personal information.

We may rely on exceptions to the need for consent under the PDPA for the collection, use or disclosure of your personal data under the following circumstances (only those relevant to Privacy Ninja Pte Ltd are included):

  • The personal data is publicly available
  • The personal data is disclosed by a public agency or disclosed to a public agency
  • The personal data is necessary for any investigation or proceedings
  • The personal data is necessary for evaluative purposes (e.g. determining the suitability of a job applicant for the job applied for)
  • The personal data is necessary for the purpose of managing or terminating an employment relationship
  • The personal data is necessary for a business asset transaction

6.2       Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future services offered by us.

Your request for withdrawal of consent can take the form of an email or letter to us, or through the “Unsubscribe” feature in an online service.

6.3       Use of Cookies
We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms.

Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session.

You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web applications.

6.4       Third-Party Consent
We do not get consent on behalf of another individual. We only get consent from the individual who will be dealing directly with us.

7 – How We Ensure the Accuracy of Your Personal Data

We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up-to-date.

From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data (such as a change in your mailing address).

8 – How We Protect Your Personal Data

We have implemented appropriate information security and technical measures (such as data encryption, regular vulnerability assessment and penetration testing and secure network protocols) to protect the personal data we hold about you against loss; misuse; destruction; unauthorised alteration/modification, access, disclosure; or similar risks.

We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.

When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures, and have taken reasonable steps to comply with these measures.

9 – How We Retain Your Personal Data

We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.

We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.

10 – How You Can Access and Make Correction to Your Personal Data

You may write in to us to find out how we have been using or disclosing your personal data over the past one year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.

If you find that the personal data we hold about you is inaccurate, incomplete, misleading or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.

11 – Transfer of Personal Data

Where there is a need to transfer your personal data to another country outside Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as those in Singapore.

12 – Mandatory Data Breach Notification

In the unlikely event that we suffer a data breach pertaining to unauthorised access or disclosure of personal data being stored or processed by us, we will meet the PDPA’s breach notification timelines and requirements to perform the needful, including but not limited to informing relevant authorities and affected individuals, based on the Significant Harm or Significant Scale definitions as set out by the PDPA.

13 – Contacting Us

If you have any query or feedback regarding this Notice, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at: [email protected]

Any query or complaint should include, at least, the following details:

  • Your full name and contact information
  • Brief description of your query or complaint

We treat such queries and feedback seriously and will deal with them confidentially and within reasonable time.

14 – Changes to this Data Protection Notice

We may update this Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.

Changes to this Notice take effect when they are posted on our website.

Last updated: 3rd April 2024

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us