GIFT Portal – SCI Privacy Policy
1. Introduction
1.1 Singapore College of Insurance (“SCI”, “we”, “us”, “our”) is committed to protecting your personal data and ensuring your data privacy.
1.2 This Privacy Policy (“Policy”) describes how we collect, use, disclose, store, transfer, and protect your personal data when you use the GIFT Portal for submission of resumes, job applications, and related services.
1.3 We comply with Singapore’s Personal Data Protection Act 2012 (as amended) (the “PDPA”) and relevant guidelines issued by the Personal Data Protection Commission (“PDPC”).
1.4 By using the Portal and/or submitting your data, you agree to this Policy.
2. Definitions
- Personal Data / Personal Information: any data, whether true or not, about an individual who can be identified (or from which identity could be ascertained).
- You / Your: the user or candidate submitting data via the Portal.
- Purpose(s): the purposes for which we collect, use or disclose your data (see Section 4).
- Third Party / Partner: external organisations (e.g. partner insurers, recruitment agencies) to whom we may disclose data under certain circumstances.
3. Types of Personal Data Collected
We may collect (where applicable) the following categories of personal data from you:
- Basic identity: name, date of birth, nationality, photo, gender
- Contact information: telephone number(s), email address, postal address
- Education and qualifications: academic transcripts, certifications, institution names, grades
- Employment history: employer names, periods of service, roles, responsibilities
- Skills, competencies, languages, training, professional memberships
- Resume, CV, cover letters, reference letters, portfolios
- Additional data you choose to provide (e.g. personal statement, video introduction)
- System / technical data: IP address, browser type, device identifiers, usage logs
- Other data required for verification or compliance (e.g. identity documents, proof of eligibility)
4. Purposes of Collection, Use, and Disclosure
We may collect, use and disclose your personal data for the following purposes (collectively, the “Purposes”):
4.1 to assess your job candidacy, match you with employer partners, and manage recruitment and selection processes;
4.2 to contact or communicate with you (e.g. notifications, interview scheduling, status updates);
4.3 to detect, prevent, and investigate fraudulent or malicious activity or misuse of the Portal;
4.4 to comply with legal or regulatory obligations (e.g. audits, internal investigations, reporting);
4.5 to analyse, aggregate or anonymise data for planning, research, reporting, and statistics;
4.6 to perform administrative, system, security, and support functions;
4.7 to share with third-party partners (e.g. insurers, agencies, recruiters) for recruitment matching, only with your consent or as otherwise permitted;
4.8 for other purposes incidental or reasonably related to the above.
We will notify you of the purpose(s) before or at the time of collection, or as soon as practicable thereafter.
5. Consent
5.1 Where required, we will obtain your consent (express or deemed) before collecting, using or disclosing your personal data for the Purposes.
5.2 You may withdraw consent at any time, subject to legal or contractual restrictions. If you withdraw consent, we may not be able to continue providing certain features.
5.3 Withdrawal of consent does not affect the lawfulness of use of data before withdrawal.
6. Access, Correction, and Data Portability
6.1 You have the right to request (i) access to your personal data held by us, (ii) correction of inaccurate data, (iii) deletion of data (where no longer needed), and (iv) data portability (to the extent technically feasible).
6.2 To request, please contact our Data Protection Officer (see Section 13).
6.3 We may charge a reasonable fee (if allowed by PDPA) for processing access requests.
6.4 We will respond to your request within a reasonable time (typically 30 days, unless extended for justifiable reasons).
7. Accuracy
We will take reasonable efforts to ensure that personal data collected is accurate, complete, up-to-date, and not misleading. You should update us if your data changes (e.g. changes in contact, qualifications, employment).
8. Retention and Disposal
8.1 We retain personal data only as long as necessary to fulfil the Purposes, or as required or permitted by law.
8.2 Once data is no longer required, we will securely delete or anonymise it, or remove identifying elements, in a secure manner.
9. Protection of Personal Data
9.1 We take appropriate technical, administrative, and physical security measures (access controls, encryption, network security, backups, internal procedures) to protect your personal data against unauthorised access, disclosure, alteration or destruction.
9.2 Only authorised personnel and service providers who need access to fulfill the Purposes will have access to your personal data.
9.3 In the event of a data breach, we will comply with the PDPA’s breach notification obligations (e.g. notifying affected individuals and PDPC if required).
10. Transfer / Disclosure of Personal Data
10.1 Within Singapore: we may disclose data to partner organisations (insurers, recruiters, educational institutions) and service providers (IT, cloud, analytics) under confidentiality obligations.
10.2 Overseas transfers: we may transfer data outside Singapore (for example, to regional partners or cloud servers). We will ensure that the recipient applies protection standards comparable to PDPA (e.g. via contractual safeguards, consent).
10.3 We may disclose data if required by law, court order, regulatory authority, or in protection of our rights, safety or security.
11. Cookies and Tracking
11.1 We may use cookies, log files, analytics or similar technologies to collect technical and usage information (e.g. IP address, browser, pages visited) to improve the Portal’s performance, security, and user experience.
11.2 You may disable certain cookies in your browser settings, but this may limit functionality of the Portal.
11.3 We do not use such technologies to collect personally identifying data beyond what is described here.
12. Third-Party Links and Services
The Portal may integrate or link to third-party services (e.g. job board APIs, analytics tools). Their data practices are governed by their own privacy policies, and we are not responsible for them.
13. Data Protection Officer / Contact
If you have any questions, feedback, or requests (access, correction, withdrawal), please contact our Data Protection Officer:
Data Protection Officer – GIFT Portal
Singapore College of Insurance
Address: 9 Temasek Boulevard #14-01/02/03, Suntec Tower Two, Singapore 038989
14. Changes to Policy
We may update this Privacy Policy from time to time (for legal, operational or technical reasons). The “Last Updated” date will indicate the current version. We may notify you of material changes (e.g. via email or notice on Portal). Continued use of the Portal after changes constitutes acceptance of the updated Policy.
15. Other Rights / Miscellaneous
15.1 You may lodge a complaint with the PDPC if you believe your data protection rights are breached.
15.2 If any provision is invalid or unenforceable under applicable law, the remainder remains effective.
15.3 No waiver of any right is effective unless made in writing.
15.4 These Terms and this Policy (together with any other policies or notices) constitute the entire agreement between you and SCI in relation to the Portal and your personal data.