WERKDONE DATA PRIVACY NOTICE

Data Privacy
As a data intermediary party, we process the personal data of our Clients’ employees on behalf of our Clients, and of our business partners. In order to provide the highest level of data protection, WerkDone has adopted Singapore Personal Data Protection Act 2012 guidelines; Data Protection Obligation for securing, transferring and processing Client employee data and business contact data. The PDPA serve as the basis to ensure a consistent approach to privacy and data protection across Group Companies.

WERKDONE has an internal Data Privacy Policy that applies to all affiliates and associates. The Data Privacy Policy helps us ensure that personal data is handled properly. The Data Privacy Policy governs personal data collected by WERKDONE for its own purposes as well as information provided to us as a processor for our Clients. It protects information collected online as well as offline. WERKDONE is committed to protecting the privacy and security of personal data that we process in order to provide services to our Clients. We receive personal data from our Clients about their current, prospective and former employees as well as employee dependents and family members, as needed to provide benefits. This Privacy Statement explains our practices with regard to the personal data we receive from our Clients as a processor.

Data Protection
WERKDONE will collect and process your personal data only as instructed or permitted by your employer or you. WERKDONE maintains appropriate security controls to protect your information.

WERKDONE will disclose your personal data to your employer and to other entities when instructed by your employer. We may disclose your personal data to our affiliates and third-party processors as needed to provide the services that you and your employer have requested. These entities are contractually bound to limit the use of your personal data as needed to perform ONLY the services. We will also disclose personal data when required to do so by law, such as in response to a subpoena, including to law enforcement agencies and courts in the Singapore and other countries where we operate. If you have questions about your privacy rights, please contact your employer’s human resources department.

International Data Transfer
Where authorized by your employer, WERKDONE will transfer personal data pertaining to individuals located outside of Singapore to our affiliates and suppliers in the Singapore and elsewhere in the world, pursuant to applicable data protection laws. We will only transfer personal data pertaining to individuals as permitted by the WERKDONE Privacy Code for Client Data Processing Services.

Sensitive Personal Data
In the ordinary course of its business, WERKDONE processes sensitive personal data on behalf of your employer, such as personal identity numbers. WERKDONE has implemented reasonable technical, physical and administrative safeguards to help protect the sensitive personal data from unlawful use and unauthorized disclosure. All WERKDONE associates and contingent workers are required to follow these established procedures, both online and offline. Access to sensitive personal data is limited to those associates and contingent workers who have a need to access the information to perform tasks for WERKDONE. WERKDONE will only; after obtaining your employer explicit consensus, disclose sensitive personal data to those service providers, and/or advisors who are legally or contractually obligated to protect them or as required or permitted by law.

Transfer of Personal Data to Third Parties and Internal Processors
WERKDONE may transfer Personal Data to a Third Party and to Internal Processors to the extent necessary to serve the applicable Business Purposes. WERKDONE will only transfer Personal Data to a Third Party or to an Internal Processor if a written contract has been entered into with the WERKDONE Group Company ensuring that the same level of data protection will be applied as described in the WERKDONE Privacy Code for Business Data.

Data Retention
WERKDONE will only retain your information for as long as necessary for the Purposes for which the Personal Data is processed. WERKDONE has established records retention schedules for all types of Personal Data that WERKDONE processes. Personal Data is retained in accordance with the records retention schedules to ensure that records containing Personal Data are retained as needed to fulfil the applicable Business Purposes, to comply with applicable laws, or as advisable in light of applicable statutes of limitations. When the retention period has expired, records containing Personal Data will be securely deleted or destroyed, de-identified, or transferred to archive, in accordance with retention schedule and agreement with our clients.

Questions About Your Personal Data
WERKDONE is committed to transparency. We want individuals to understand how we collect and use personal data so they may interact with WERKDONE with confidence. The materials provided on this webpage may help you find the information you need about privacy at WERKDONE. If you have questions related to the content of this webpage, please contact us at Privacy@WERKDONE.com. As an employee of an WERKDONE Client, please reach out to your employer for more information regarding the collection and processing of your personal data.

WERKDONE PTE LTD
WERKDONE Data Privacy and Governance Team
2 Kallang Avenue #08-32
Singapore 339407

How To Lodge A Complaint
If you believe that WERKDONE has not handled your Personal Data properly or that it has breached its privacy obligations, under any applicable data protection laws or the WERKDONE Privacy Code for Data Privacy, you may file your complaint in writing to the address above, or via email, to the Data Privacy and Governance Team at Privacy@WERKDONE.com. The Data Privacy and Governance Team will investigate each complaint and notify the Individual within a reasonable timeframe of the outcome of the investigation.

Last Updated by:
Data Privacy and Governance
1 July 2022