Privacy Policy

Privacy Policy for Website and Learning Management System (Web & Mobile App)
Updated: 2 January 2024

  1. We at VitamindzTM Education Pte Ltd (“VE”), take your personal data and privacy seriously. This policy explains how we manage your personal data in compliance with Singapore’s Personal Data Protection Act 2012 (“PDPA”).
  1. Personal data refers to data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. Examples of personal data which you may provide to us include your name, billing address, email address, contact number, residential address, login data, profile data, username and password, and video, image or audio recordings of you. For the avoidance of doubt, data that has been anonymised by the removal of personally identifiable information shall not be regarded as personal data.
  1. This policy applies to all personal data which we may collect from you, your family member, or your authorised representative through our classes, website, web services, online services, mobile applications, learning management systems, and any other software provided by VE (the “Services”) or from any other form of interaction with you, your family member, or your authorised representative, or from third parties.

CHANGES TO THIS PRIVACY POLICY

  1. This Privacy Policy may be changed over time. Any changes will become effective when we post the revised Privacy Policy on our website, mobile application, and/or learning management system.

COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA

  1. We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
  1. We may collect your personal data in the following ways:
    6.1. when you access or use the Services;
    6.2. when you create an account on the Services;
    6.3. when you subscribe to any of our mailing lists or newsletters;
    6.4. when you make a transaction regarding any of our products or services;
    6.5. when you communicate with us whether through our website’s online form, email, text, phone, face-to-face interaction, or any other means;
    6.6. when you participate in any promotion, activity, campaign, or survey;
    6.7. when you log in to your account or otherwise interact with us via an external service or application;
    6.8. when you interact with any of our agents, officers, contractors or employees;
    6.9. when we receive personal data from third parties such as vendors, suppliers, business partners or customers;
    6.10. when you purchase of any product(s) from us;
    6.11. when you provide your personal data to us for any other reason.
  1. The type of personal data we may collect from you includes the following:

    7.1. When you register for or use any of the Services, we may ask for details of you and your family members, including name, email address, residential address, contact numbers (home and mobile number), your contact preferences.

    7.2. When you purchase any product(s) from us, we may ask for any or all of the following details in the course of or in connection with your purchase of the product(s) and the delivery of the same: (i) your name for the delivery of the product to be addressed to; (ii) your specified delivery address; (iii) your financial and bank information, including but not limited to your credit or debit card numbers, your name, your bank account information; and (iv) your email(s) and phone number(s).

    7.3. We will collect information about how and where you access and use the Services. Such information may include electronic device information, internet protocol (“IP”) addresses, log information, browser type, and preferences, location information, online identifiers to enable cookies and similar technologies. We collect information on any of your orders, interactions or requests including data regarding (i) class enrolments, transfers, replacements, or withdrawals, (ii) specific products or services you use, interact with or request, and (iii) the time and place of your use.

    7.4. To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information by way of customer experience surveys and feedback channels.

    7.5. When you visit our website, information is automatically collected by the technology platforms providing the experience. For example, your web browser or mobile device may share certain data with us as those devices interact with our website. This data includes device ID, network access, storage information and battery information, cookies, IP addresses, referrer headers, data identifying your web browser and version, web beacons and events.

    7.6. When you apply to work for us, we will collect your contact details, resume, and any other information you elect to provide us. We use these details to evaluate your application and to communicate with you regarding that open role.

    7.7. We may also collect video, image, photography or audio recordings of you in the course of any class, programme, lesson, event or the performance of any other service.

    7.8. We may also collect personal data that may be collected or used without consent as permitted or required under the PDPA or any other applicable laws. We shall seek a person’s consent before collecting any additional personal data and before using a person’s personal data for a purpose which has not been notified to a person (except where permitted, authorised or required by law).

  1. If you choose to interact with us through social media, your personal data (such as your name and the fact that you are interested in VE) will also be visible to all the visitors of your personal account or page on such social media platform, according to your privacy settings on the social media services. VE is not responsible for the processing of such personal data or the privacy policy of such social media websites. When you communicate with us through social media (for example, when you post a comment, upload media, send a personal message or by clicking the “Like” button), we may receive personal data about you (such as your username, profile photo, your location, and your email address). We will use the data received from social media in accordance with this Privacy Policy.
  1. You should ensure that all personal data submitted to us is complete, accurate, true and correct. Any failure on your part to do so may result in our inability to provide you with the products and services you have requested. We shall have the right to request for documentation and carry out the necessary checks to verify the personal data provided by you as part of our user verification processes or as required under law.
  1. The collection of personal data may be done directly by us, automatically through the our website, through your authorised representatives, or through third parties, or any publicly available sources.
  1. VE processes your personal data for the following:

    11.1. to facilitate your use or our provision of the Services;
    11.2. to facilitate your purchase and receipt of any product(s);
    11.3. to administer your account with us, including account and identity verification;
    11.4. to process enrolments or applications for our products or services;
    11.5. to provide you with any of our products or services, including providing related learning or educational material;
    11.6. to personalise the provision of our services to you;
    11.7. to better serve you by matching your preferences or needs with our products or services;
    11.8. to communicate with you regarding our website, products, services, campaigns, promotions, and surveys, including changes to our terms and conditions and policies;
    11.9. to provide you with information we think you may find useful or which you have requested from us;
    11.10. to provide you with information on select third parties’ websites, products, services, programs or events which we think may be of interest to you;
    11.11. to respond to your queries or requests or provide customer support;
    11.12. to manage our business operations;
    11.13. to develop or improve any of the Services or our business, website, products, services, or programmes;
    11.14. to carry out research, data analysis, or surveys relating to the Service, our business or any of our products or services;
    11.15. to investigate or process any wrongdoing, complaints, feedback, enforcement action or legal action in relation to our business or the Services;
    11.16. for legal purposes, including obtaining legal advice, managing disputes and risks, complying with any laws, regulations, legal obligations or law enforcement requests;
    11.17. to conduct audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
    11.18. to store, host, back up data, including personal data;
    11.19. to prevent a threat to life, health or safety, if necessary;
    11.20. any other purposes relating to the above purposes.

    The purposes listed in this clause may continue to apply even in situations where your relationship with us has been terminated or altered in any way, for a reasonable period thereafter.

  1. We may disclose or permit the disclosure of your personal data or transfer your personal data to third parties for the above-mentioned purposes. These third parties, which may be located in or outside your jurisdiction, include but are not limited to: service providers in respect of research and development, data analytics, market or consumer research, marketing, customer service, information technology and website hosting, professional services, and their service providers and related companies.
  1. We may share your personal data with third party service providers for them to provide services to you if you choose to use such third party services. Your acceptance or use of the third party service provider’s services shall be subject to terms and conditions as may be agreed between you and the third party service provider. Upon your acceptance of the third party service provider’s service, the collection, use, disclosure, storage, transfer and processing of your data (including your personal data and any data disclosed by us to such third party service provider) shall be subject to the applicable privacy policy of the third party service provider, who shall be deemed the data controller of such data. You agree that any queries, issues or complaints relating to your acceptance or use of the third party service provider’s services shall be directed to the third party service provider in accordance with their applicable privacy policy.
  1. We may share your personal data with a competent public authority, government, law enforcement or regulatory agency as permitted or required by applicable law or regulations.
  1. We may share your personal data with any person to whom VE proposes to transfer any of its rights and/or duties, including in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock.
  1. We will make reasonable arrangements to ensure that the third parties, whom your Personal Data is being disclosed to, will provide an undertaking or undertake contractual obligations to provide a standard of protection, or are by the applicable law required to provide a standard of protection, for the transferred Personal Data that is comparable to that of the PDPA. If your personal data is transferred out of Singapore, we will take make reasonable arrangements to ensure that the recipients are bound by legally enforceable obligations (such as laws, contracts, binding corporate rules or any other legally binding instrument), so that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. However, we do not provide any warranty or take any responsibility on the manner or care in which these third parties maintain, protect or utilise your Personal Data, or any misuse by such third parties.
  1. We may transfer or permit the transfer of your personal data outside of the jurisdiction for any of the purposes set out in this Privacy Policy. However, we will not transfer or permit the transfer of any of your personal data outside of such jurisdiction unless the transfer is in compliance with applicable laws.
  1. You should rest assured that we do not sell your personal data to any third party. Our employees and any third parties engaged by us are contractually obligated to protect the privacy and confidentiality of your information.
  1. If you have provided to us any third party’s personal data, you shall be deemed to have obtained that party’s consent for the relevant purpose of providing the personal data to us.
  1. Additionally, we may disclose your personal data to third parties if we believe that we are required by law to so disclose or that such disclosure is reasonably necessary to protect the rights, property or safety of our customers, the public or us.

REVIEWING AND CHANGING YOUR ACCOUNT INFORMATION; WITHDRAWAL OF CONSENT; ACCESS OR CORRECTIONS

  1. You may withdraw your consent to any collection, use or disclosure of your personal data for any of the purposes set out in this Privacy Policy, or request for access, or make corrections, to your personal data held by us, or make a complaint to us about any possible breach of the PDPA or this Privacy Policy on our part, at any time. We may charge a fee in relation to any request to access, or make corrections, to your personal data held by us. In order to facilitate processing of your request, it may be necessary for us to request further information relating to your request. To the extent permissible under law, we may refuse such requests if deemed unreasonable.
  1. You may request:

    22.1. access to your personal data held by us;
    22.2. correction or deletion of your personal data (but only where it is no longer required for a legitimate business purpose);
    22.3. that you no longer receive marketing communications;
    22.4. that the processing of your personal data is restricted; and/or
    22.5. that certain personal data that you have provided to us in a structured, digital form be transmitted to another party, if this is technically feasible.
  1. If you would like to request access to, correction or deletion of your personal data, or request that the processing of your personal data be restricted, or opt out of marketing communications, you may (as applicable), (a) follow the instructions in the applicable communication, or (b) email us at beeleng@vitamindzedu.com.
  1. If you make a specific request, the request must:

    24.1. provide enough information for us to be able to verify you are the person whose personal data we hold or are an authorised representative of that person. We cannot respond to your request unless we can verify your identity or authority to make the request. If possible, this can be done by making the request via your password protected account. If not, we will aim to verify your identity based on personal data we already hold about you. If we need to request further information from you in order to verify your identity, we will only use that personal data for the purposes of identifying you or that you have authorized the request;

    24.2. describe your request in enough detail so that we can properly locate the personal data the request relates to.
 
  1. To the extent permissible under law, we may refuse such requests if deemed unreasonable
  1. We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) business days after receiving your request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
  1. If your personal data has been provided to us by a third party, you should contact that third party to make such queries, complaints or access and correction requests to us on your behalf.
  1. You should note that if you withhold or withdraw your consent to the collection, use or disclosure of your personal data for any purpose, we may not be able to provide or continue providing any of our products and services to you or you may not be able to access certain parts or functions of the website. It is also possible that by doing so, you may breach your contractual obligations to us.
  1. If you have any issues, queries, or complaints regarding the processing of your personal data, please contact us at beeleng@vitamindzedu.com.

SECURITY OF YOUR PERSONAL DATA

  1. We have implemented technology and policies with the objective of protecting your personal data from unauthorized access and improper use. In particular, we will use encryption and apply authentication and verification processes for access to our digital services, and we regularly test, assess and evaluate the effectiveness of our security measures. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Request” section above.
  1. We do not represent or warrant that our Site and App are free of errors, infection by computer viruses, and/or other harmful or corrupting code, program, macro and such other unauthorized software. We do not assume responsibility for any unauthorised use of your Personal Data by third parties, which are wholly attributable to factors beyond our control.

RETENTION OF YOUR PERSONAL DATA

  1. We will retain your personal data for as long as we are required or permitted to by law or as relevant for the purposes for which it was collected. We will cease to retain your personal data, or render anonymous or remove such data which can identify you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data was collected, and is no longer necessary for any legal or business purpose.

COOKIES AND SIMILAR TECHNOLOGIES

  1. A cookie is a small piece of information that is placed on your computer when you visit certain websites. VE uses cookies and similar technologies that collect and store information when you visit our website or use our application. This is to enable VE to identify your internet browser and collect data on your use of our website, which pages you visit, the duration of your visits, and identify these when you return so that we can improve your experience. You can control and set your cookie preferences by adjusting your browser settings to disable cookies or to alert you when cookies are being sent to your device. However, please note that if you decide to disable cookies, you may not be able to access certain functions of our website(s).
  1. Please also note that when you visit our website, information is automatically collected by the technology platforms providing the experience. For example, your web browser or mobile device may share certain data with us as those devices interact with our website. This data includes device ID, network access, IP addresses, referrer headers, data identifying your web browser and version, web beacons and events.
  1. The Site may contains links to other websites. We are not responsible for the privacy policies and practices of third parties or third-party websites to which links are provided. You should check the privacy policies on these sites before providing any Personal Data to any other party.

MISCELLANEOUS

  1. To the maximum extent permitted by law, VE shall not be liable in any event for any special, exemplary, punitive, indirect, incidental or consequential damages of any kind or for any loss of reputation or goodwill, whether based in contract, tort (including negligence), equity, strict liability, statute or otherwise, suffered as a result of unauthorised or unintended use, access or disclosure of your personal data.
  1. This Privacy Policy, our privacy practices and your use of the Service shall be governed by Singapore law. We make no representation that this Privacy Policy and our privacy practices comply with the laws of any other country. If you are not residing in Singapore, your use of our website shall be deemed to mean that you will not hold us responsible for any non-compliance with the laws of your residence to the extent that such laws are applicable. Further, by your continued use of our website, you consent to the transfer and use of your personal data outside your jurisdiction.
  1. Any questions you may have regarding your personal data or this Privacy Policy should be directed via email to beeleng@vitamindzedu.com.

DATA BREACH NOTIFICATION & DATA PROTECTION OFFICER

  1. In the event of a data breach that is a notifiable data breach under the PDPA, we will notify the affected individuals and/or the Commission in accordance with the PDPA’s requirements. We will use reasonable efforts to communicate with the affected individuals using the contact information provided to us or through other appropriate means where necessary. Our communication may include text messages, WhatsApp messages, Telegram messages, messages on any messaging platform, email, or phone calls.
  1. You may contact our Data Protection Officer if you have any enquiries or feedback on our data protection policies and procedures, or if you wish to make any request, by way of email to beeleng@vitamindzedu.com or a call at +65 6440 3323 during our operating hours as listed on our website at www.vitamindzedu.com.

EFFECT OF NOTICE AND CHANGES TO NOTICE

  1. This Notice applies in conjunction with any other notices, agreements, and contractual clauses that apply in relation to the collection, use, disclosure, transfer, and processing of your personal data by us. In the event of any inconsistency between this Notice and any other notices, agreements, and contractual clauses, this Notice shall prevail.
  1. We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Any revisions or changes shall become effective from the time the revised Notice is made available for your access at https://www.vitamindzedu.com/policies-and-disclosures/. Your continued use of our Services, or your application as a prospective user of our Services, or your continued employment or engagement with us constitutes your acknowledgement and acceptance of such changes.