This Privacy Notice (“the Notice”) sets out the basis which Mckell Risk Management Pte Ltd and its business divisions Dedomena Technologies (UEN 53444485K) and Mckell Risk Assurance Services (UEN 53488765A) (“we”, “us” or “our”) may collect, use, disclose your personal data in accordance with the Personal Data Protection Act 2012 (“the PDPA”). In this policy, “personal data” shall have the meaning ascribed to it in the PDPA.

We collect personal data from you who could be our clients, sales leads, business partners, contractors and third-party service providers in meetings, email messages, telephone conversations and via other means that may be employed from time to time in the course of our business.

This policy applies to personal data in our possession and/or control including personal data in the possession of third-party organisations engaged by us to collect, use, or process your personal data in Singapore and overseas for our business purposes.


1. Collection, Use and Disclosure of Personal Data

1.1 We collect, use or disclose your personal data for our business purposes only if there is consent or deemed consent from you and information regarding such purposes have been notified to you. We shall seek your consent before collecting additional personal data from you or/and before using your personal data already in our systems and records for a purpose which has not been notified to you. Your personal data may also be collected, used or disclosed without consent if it is permitted under applicable laws.

1.2 We collect, use and disclose your personal data to fulfil the following purposes:

o For providing our professional services as requested

o For updating your personal and contact information

o For verification of your identity

o For providing functionalities through our website including responding to your requests, enquiries and messages received from you in our contact email address as stated in the “Contact Us” page of our website

o For administrative management purposes, such as invoicing, account management and day-to-day payments processing activities

o For managing your relationship with us

o For referral purpose, such as forwarding contact details of your enquiry with regards to services, to our business partners and

o all other purposes related to our business or required by applicable laws, regulations, guidelines, industry codes of practice, notices or directions issued by any court, legal or regulatory bodies whether in Singapore or overseas.

1.3 We do not provide your personal data to third parties except when such disclosure is required by law, or when we have obtained your consent or deemed consent, or where we have engaged third parties such as data intermediaries or sub-contractors specifically to assist with our activities that necessitate the processing of your personal data. We will use our reasonable endeavor to ensure that any third parties engaged for such activities will be bound contractually to handle your personal information according to the requirements of the PDPA, or to a standard that is comparable to the PDPA if these third parties and/or other companies are handling your personal information outside of Singapore.

1.4 When we would receive unsolicited personal data via email or any other communication channels from time to time, the unsolicited personal data will be securely disposed of immediately.

1.5 We aim to comply with the Do Not Call (DNC) provisions under the PDPA and your choices with regards to you receiving promotional and marketing messages from us.


2. Withdrawal of Consent

You may withdraw your consent for the collection, use and disclosure of your personal data for any or all of the purposes listed in clause (1.2) above by submitting your written request via email to our Data Protection Officer (DPO) at the contact details provided in clause (9) of this policy.

Upon receiving your request to withdraw your consent, we will notify you of the likely consequences of the withdrawal of consent and process your request within 7 business days of receiving it.

Thereafter we will cease (and cause your personal data that are in the possession and/or control of third-party organisations engaged by us to cease) collecting, using or disclosing your personal data unless it is required or authorised under applicable laws.


3. Access to and Correction of Personal Data

Upon request, we will provide you with access to your personal data or correct an error or omission in your personal data that is in our possession or control in accordance with the requirements of the PDPA.

A reasonable fee may be charged for an access request, and we will inform you of the fee before processing your request.

All requests for access to and correction of personal data in writing or via email may be submitted to our Data Protection Officer (DPO) at the contact details provided in clause (9) in this policy.


4. Accuracy of Personal Data

Best and reasonable efforts will be rendered by us in ensuring the accuracy and completeness of all personal data collected by us. You may inform our DPO in writing or via email at the contact details provided in (9) below to update us if there are changes to your personal data.


5. Protection of Personal Data

We have implemented appropriate standards of information technology security and control measures to protect your personal data that are in our possession or control to prevent unauthorised access, misappropriation, destruction and other forms of data risks incidents. We are contractually obliged to keep your personal data confidential and only authorised persons have access to such information.


6. Retention of Personal Data

Retention of your personal data will cease as soon as when such retention is no longer necessary for legal or business purposes and it no longer serves the purpose for which your personal were collected and used.


7. Transfer of Personal Data outside of Singapore

In the event that transfer of your personal data outside of Singapore will be necessitated, we will first obtain your consent for the transfer to be made. We will use our reasonable endeavours to ensure that your personal data will be transferred and handled outside of Singapore to a standard that is comparable to the PDPA.


8. Privacy On Our Website

Our website may contain links to third parties’ websites and we are not responsible for the privacy or cookies policies of such websites. Visitors to our websites are encouraged to check the privacy policies on these third parties’ sites before providing any personal information.

This policy also applies to any personal data that may be collected by us via our website through cookies that are used to make our website work more efficiently and improve users’ navigational experience.

If you are concerned about cookies, you can modify your browser settings to disable cookies.


9. Data Protection Officer

You may contact the Data Protection Officer (DPO) for Mckell Risk Management Pte Ltd and its business divisions Dedomena Technologies and Mckell Risk Assurance Services, at contact@dedomena-tech.com.sg for any enquiries or feedback about how your personal data are being handled or with regards to this Policy, or if you would like to withdraw your consent for the collection, use and disclosure of your personal data for the purposes as stated under clause (1.2) of this Policy, at any point in time.


10. Effect of Policy and Modifications

This policy applies in conjunction with any other policies, notices, contractual clauses and consent clauses that may apply in relation to the collection, use and disclosure of personal data by us.

We reserve the right to amend this policy at any time and the last revision date will be shown at the end of this policy. To keep you updated, changes to this policy will be informed through email notifications, or other most effective and efficient means of communication that are available for our use.

Last updated on 24 January 2025