We will collect, use or disclose personal data for reasonable business purposes only if there is consent or deemed consent from the individual and information on such purposes have been notified. We may also collect, use or disclose personal data if it is required or authorised under applicable laws.
We collect personal data from clients, customers, business contacts, partners, personnel, contractors and other individuals. Such personal data may be provided to us in forms filled out by individuals, face to face meetings, email messages, telephone conversations, through our websites or provided by third parties. If you contact us, we may keep a record of that contact.
We collect these personal data when it is necessary for business purposes or to meet the purposes for which you have submitted the information.
We will only collect, hold, process, use, communicate and/or disclose such personal data, in accordance with this policy. If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party (such as a friend, a colleague, an employee etc), you undertake that you are an authorised representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, processing, use and disclosure by us of their personal data. Because we are collecting the third party’s data from you, you undertake to make the third party aware of all matters listed in this policy preferably by distributing a copy of this policy to them or by referring them to our website.
We use personal data for the following purposes:
You may choose to unsubscribe from mailing lists, registrations, or elect not to receive further marketing information from us by contacting our Data Protection Officer, Julien Juttet, at firstname.lastname@example.org.
We do not disclose personal data to third parties except when required by law, when we have your consent or deemed consent or in cases where we have engaged the third party such as data intermediaries or subcontractors specifically to assist with our firm’s activities. Any such third parties whom we engage will be bound contractually to keep all information confidential.
Upon request, we will provide the individual with access to their personal data or other appropriate information on their personal data in accordance with the requirements of the PDPA.
Upon request, we will correct an error or omission in the individual’s personal data that is in our possession or control in accordance with the requirements of the PDPA.
We may charge for a request for access in accordance with the requirements of the PDPA.
Upon reasonable notice being given by an individual of his withdrawal of any consent given or deemed to have been given in respect of our collection, use or disclosure of his personal data, we will inform the individual of the likely consequences of withdrawing his consent. We will cease (and cause any of our data intermediaries and agents to cease) collecting, using or disclosing the personal data unless it is required or authorised under applicable laws.
We will make a reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete.
We have implemented generally accepted standards of technology and operational security to protect the personal data in our possession or under our control and to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.
We will cease to retain personal data, as soon as it is reasonable to assume that the purpose for collection of such personal data is no longer being served by such retention, and such retention is no longer necessary for legal or business purposes.
We will ensure that any transfers of personal data to a territory outside of Singapore will be in accordance with the PDPA so as to ensure a standard of protection to personal data so transferred that is comparable to the protection under the PDPA.
This Policy also applies to any personal data we collect via our websites.
"Phishing" is the most common type of cyber-attack that affects organizations like Anchanto. Phishing attacks can take many forms, but they all share a common goal – getting you to share sensitive information such as login credentials, credit card information, or bank account details. Although we maintain controls to help protect our networks and computers from cyber threats, we rely on everyone to be the first line of defence. At Anchanto we have outlined a few different types of phishing attacks to watch out for:
Phishing: In this type of attack, hackers impersonate a real company to obtain your login credentials. You may receive an e-mail asking you to verify your account details with a link that takes you to an imposter login screen that delivers your information directly to the attackers.
Spear Phishing: Spear phishing is a more sophisticated phishing attack that includes customized information that makes the attacker seem like a legitimate source. They may use your name and phone number and refer to Anchanto in the e-mail to trick you into thinking they have a connection to you, making you more likely to click a link or attachment that they provide.
Whaling: Whaling is a popular ploy aimed at getting you to transfer money or send sensitive information to an attacker via email by impersonating a real company executive. Using a fake domain that appears similar to ours, they look like normal emails from a high-level official of the company, typically the CEO or COO, and ask you for sensitive information (including usernames and passwords).
Shared Document Phishing: You may receive an e-mail that appears to come from file-sharing site like SharePoint alerting you that a document has been shared with you. The link provided in these e-mails will take you to a fake login page that mimics the real login page and will steal your account credentials.
To avoid these phishing schemes, please observe the following best practices:
Do not click on links or attachments from senders that you do not recognize. Be especially wary of .zip or other compressed or executable file types.
Do not provide sensitive personal information (like usernames and passwords) over email.
Watch for email senders that use suspicious or misleading domain names
Inspect URLs carefully to make sure they are legitimate and not imposter sites.
Do not try to open any shared document that you are not expecting to receive.
If you cannot tell if an email is legitimate or not, please contact your Customer Success Manager or other direct point of contact at Anchanto.
Be especially cautious when opening attachments or clicking links if you receive an email containing a warning banner indicating that it originated from an external source.
If you believe that information we hold about you is incorrect or out of date, or if you have concerns or further queries about how we are handling your personal data, or any problem or complaint about such matters, please contact our Data Protection Officer Julien Juttet, at email@example.com.
This agreement shall be governed in all respects, including validity, interpretation and enforcement, by the Laws of Singapore. Any dispute between the Parties regarding this agreement shall be submitted to the exclusive jurisdiction of the competent courts of Singapore.
We reserve the right to modify or amend this Policy at any time. The effective date will be displayed at the beginning of this Policy. To keep you informed, we will notify changes to this Policy by prominently identifying the alteration for a period of not less than two weeks on our home page.