Last Updated: 10 September 2018
This Data Protection Policy (the “Policy”) applies to the collection, registration, organization, storage, conservation, modification, blocking and suppression, use and disclosure of an individual’s Personal Data (hereinafter defined) arising from service offerings including, but not limited to, events, trainings, products and programs offered by Cengage Learning Asia Pte Ltd “Cengage”).
1.1 This Policy statement provides information on the obligations and policies of Cengage in respect of an individual’s Personal Data. Cengage undertakes to use reasonable efforts in applying, where practicable, those principles and the processes set out herein to its operations.
1.2 In order for Cengage to be able to treat your personal data, you should sign a previous written, informed and clear consent on behalf of Cengage to collect, store, use, transfer and disclose your personal data, in accordance what is stated in the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”) and the Singapore Personal Data Protection Act 2012 (“PDPA”).
1.3 Cengage’s officers, management, and members of staff shall use reasonable endeavours to respect the confidentiality of and keep safe any and all Personal Data collected and/or stored and/or disclosed and/or used for, or on behalf of, Cengage around the world. Cengage shall use reasonable endeavours to ensure that all collection and/or storage and/or disclosure and/or usage of Personal Data by Cengage shall be done in an appropriate manner and in accordance with the GDPR, PDPA, and this Policy.
1.4 By interacting with us, registering as a member with us, submitting information to us, or signing up for service offerings including, but not limited to, events, trainings and programs offered by us, you agree and consent to Cengage as well as to its respective representatives and/or agents, collecting, using, disclosing and sharing amongst themselves and any affiliates and subsidiaries of Cengage. Your Personal Data, and disclosing such Personal Data to Cengage’s authorised service providers and relevant third parties in the manner set forth in this Policy.
1.5 This Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your Personal Data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your Personal Data.
1.6 For the purposes of this Policy, in line with the provisions under the GDPR,“Personal Data” shall mean any information relating to an identified or identifiable natural person, that is to say one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Such Personal Data shall also refer to that which is already in the possession of Cengage or that which shall be collected by Cengage in future.
2. Contacting the Data Protection Officer
2.1 Where you legitimately request access to Personal Data relating to you, such Personal Data which is in the possession and control of Cengage, Cengage shall provide that data without undue delay, but in any case within one month of receipt of the request, and in a manner in accordance with the GDPR and PDPA.
2.2 Where you legitimately request correction of Personal Data relating to you, such Personal Data which is in the possession and control of Cengage, Cengage shall correct that data without undue delay and in a manner in accordance with the GDPR and PDPA.
2.3 In accordance with the GDPR and PDPA, Cengage has established a process for receiving and responding to any query or complaint that may arise with respect to the application of this law. To ensure that Cengage receives your complaints and enquiries, please send the same via email to the Data Protection Officer (the “DPO”) of Cengage at the following email address: email@example.com.
2.4 Should you not wish Cengage to use your Personal Data for any of the purposes listed in Clauses 3.2 to 3.4, or not to receive materials or communications from Cengage, you may opt out by sending a clearly worded email to the DPO via the email address provided in Clause 2.3. Your request shall be processed without undue delay and in a manner in accordance with the GDPR and PDPA. Please note however that this may affect our ability to attend to your needs with respect to the details that we have previously requested you to submit.
3. Statement of Practices
Types of Personal Data Collected:
3.1 As a part of its daily activities, Cengage may collect Data that you directly send to us, through various means, including registrations, websites, forms, questionnaires, emails and any forms used by Cengage from time to time. Cengage may also collect your Data when you contact our customer service or talk to us. Data may be stored in servers or cloud servers where Cengage decides to keep and store such information under safe conditions. The Personal Data may include:
- Name (first and surname);
- Postal Address;
- Country of birth;
- City of residence;
- Phone number (including mobile);
- Office number;
- Fax number;
- Email address;
- Date of birth;
- Preferred language;
- Photographs, images;
- Bank account/credit card details;
- IP addresses; and
We use HTTP cookies on our websites to track website visitorship and experience. Most web browsers are designed to accept HTTP cookies. If you do not wish to receive any cookies, you may set your browser to refuse it.
Purpose of Collection of Personal Data
3.2 The above Personal Data mentioned in Clause 3.1 is collected for the purposes of processing your application and registration of your membership and to ascertain if you are eligible for discounts, privileges or benefits or other related purposes; to provide you with any services which you may require; to conduct market research and analysis; for direct communications through voice calls; text messages; email; direct mail and facsimile messages; to notify you of any changes to our policies or services which may affect you; to respond to queries and feedback; for identification and centre access; maintaining and updating your membership details; and informing you of new developments, services, promotions of Cengage and other third parties which we are associated with.
Disclosure of Personal Data
3.3 In order to carry out the functions described above, Cengage may, from time to time, disclose your Personal Data between Cengage’s entities around the world.
3.4 Without derogating from any of the above, and with your consent, Cengage may also disclose your Personal Data to the following third parties:
- Regulators and law enforcement officials;
- Third party service providers and consultants including web hosting and membership portal vendors;and
- Any agent or subcontractor acting on Cengage’s behalf for the provision of Cengage’s services.
3.5 Cengage may disclose your Personal Data to the abovementioned parties also in the occurrence of any of the following events:
- To the extent that Cengage is required to do so by the law;
- In connection with any legal proceedings or prospective legal proceedings;
- To establish, exercise or defend Cengage’s legal rights;
- To any person and/or entity for the purpose of processing such information on Cengage’s behalf;
- To third parties who provide services to Cengage or on its behalf; with your consent and;
- For the purposes of disaster recovery.
Optional Provision of Personal Data
3.6 In some instances, you may also be requested to provide certain Personal Data that may be used to further improve Cengage’s service offerings, including but not limited to, events, trainings and programs and/or better tailor the type of information presented to you. In most cases, this type of data is optional although, where the requested service is a personalised service, or provision of a product or dependent on your providing all requested data, failure to provide the requested data may prevent Cengage from providing the service to you. This type of data includes, but is not limited to:
- Marital Status;
- Date of birth
- Salary range and employment details;
- Education and Profession;
- Hobby and leisure activity preference;
- Other related products and services subscribed to; and
- Family and household demographics without person data.
3.7 Under certain circumstances, telephone calls made to Cengage’s centre(s) and/or service hotlines and/or inquiry telephone numbers are recorded for the purposes of quality control, appraisal, as well as staff management and development. In such an event, by agreeing to this Policy, you hereby give your consent for the collection, use and disclosure of such Personal Data for the purposes of our records, following up with your enquiry and/or transaction, and for quality control and training purposes.
4. Transfer of Personal Data Overseas
Your Personal Data will be processed by Cengage, its affiliates, agents and third parties providing services to Cengage, in jurisdictions outside of Singapore, as well as the country which you are residing in.
5. Accuracy of Personal Data
Where possible, Cengage will validate data provided using generally accepted practices and guidelines. In some instances, Cengage is able to validate the data provided against pre-existing data held by Cengage. In some cases, Cengage is required to see original documentation before we may use the Personal Data such as with Personal Identifiers and/or proof of address. To assist in ensuring the accuracy of your Personal Data in the possession of Cengage, please inform us of any updates of any parts of your Personal Data by sending a clearly worded email to the DPO at the email address provided at Section 2.3.
6. Protection of Personal Data
Cengage uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Data and will not knowingly allow access to this data to anyone outside Cengage, other than to you or as described in this Policy.
7. Access and Correction of Personal Data
7.1 In accordance with Clauses 2.1 and 2.2 of this Policy, you have the right to:
- check whether Cengage holds any Personal Data relating to you and, if so, obtain copies of such data; and
- require Cengage to correct any Personal Data relating to you which is inaccurate for the purpose for which it is being used.
7.2 Cengage shall meet your requests under Clause 7.1 for free, and under the terms established in the GDPR and PDPA.
7.3 If you wish to verify the details you have submitted to Cengage or if you wish to check on the manner in which Cengage uses and processes your personal data, Cengage’s security procedures mean that Cengage may request proof of identity before we reveal information. This proof of identity will take the form of full details of name, student account number and relevant identification number. You must therefore keep this information safe as you will be responsible for any action which Cengage takes in response to a request from someone using your student account details. We would strongly recommend when you login to your online account in our websites that you do not use the browser's password memory function as that would permit other people using your terminal to access your personal information.
8. Storage and Retention of Personal Data
Cengage will delete, as reasonably possible, or otherwise anonymise any Personal Data in the event that the Personal Data is not required for any reasonable business or legal purposes of Cengage and where the Personal Data is deleted from Cengage’s electronic, manual, and other filing systems in accordance with Cengage’s internal procedures and/or other agreements or as required by relevant laws.
9. Governing Law
This Policy is governed by and shall be construed in accordance with the laws of Singapore and the GDPR and PDPA. You hereby submit to the jurisdiction of the competent courts of Singapore.
10.1 This Policy only applies to the collection and use of Personal Data by Cengage. It does not cover third party sites to which we provide links, even if such sites are co-branded with our logo. Cengage does not share your Personal Data with third party websites. Cengage is not responsible or liable for the privacy and conduct practices of these third party websites, so you should read their own privacy policies before disclosure of any Personal Data to these websites.
10.2 Cengage will not sell your personal information to any third party without your permission and consent, but we cannot be responsible or held liable for the actions of third party sites which you may have linked or been directed to Cengage’s website.
10.3 In cases where personal data of a minor is involved, Cengage will seek the relevant consent from the minor’s parent/guardian.
10.4 The personal data is also protected in accordance with the laws of Singapore (where the website is hosted).