This Privacy Statement sets out the basis which Longevity & Lifestyle Medical Pte. Ltd. (UEN 202244817Z) and Morrow Health Pte. Ltd. (UEN 201943415D) (collectively referred to as “we”, “our” or “us”), which are part of the Morrow Group, may collect, use, disclose or otherwise process personal data of our customers in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”).
This Privacy Statement applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
This Privacy Statement sets out the basis which Longevity & Lifestyle Medical Pte. Ltd. (UEN 202244817Z) and Morrow Health Pte. Ltd. (UEN 201943415D) (collectively referred to as “we”, “our” or “us”), which are part of the Morrow Group, may collect, use, disclose or otherwise process personal data of our customers in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”).
This Privacy Statement applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
This Privacy Statement sets out the basis which Longevity & Lifestyle Medical Pte. Ltd. (UEN 202244817Z) and Morrow Health Pte. Ltd. (UEN 201943415D) (collectively referred to as “we”, “our” or “us”), which are part of the Morrow Group, may collect, use, disclose or otherwise process personal data of our customers in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”).
This Privacy Statement applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
1. Scope
1. Scope
1. Scope
This Privacy Statement applies to you, if you fall into any of the following categories:
Visitors to our websites including any social media platforms and text messaging platforms (“websites”);
Individuals who access or use our products or services (whether in-person or online) (“services”);
Users of our applications (“applications”); and/or
Persons who submit any personal data through our websites, applications and services.
By visiting our premises, websites, services and applications or by submitting any personal data to us, you are accepting and consenting to the terms of this Privacy Statement as amended from time to time.
This Privacy Statement does not apply to individuals who only provide business contact information in the course of business, such as vendors or suppliers.
This Privacy Statement applies to you, if you fall into any of the following categories:
Visitors to our websites including any social media platforms and text messaging platforms (“websites”);
Individuals who access or use our products or services (whether in-person or online) (“services”);
Users of our applications (“applications”); and/or
Persons who submit any personal data through our websites, applications and services.
By visiting our premises, websites, services and applications or by submitting any personal data to us, you are accepting and consenting to the terms of this Privacy Statement as amended from time to time.
This Privacy Statement does not apply to individuals who only provide business contact information in the course of business, such as vendors or suppliers.
This Privacy Statement applies to you, if you fall into any of the following categories:
Visitors to our websites including any social media platforms and text messaging platforms (“websites”);
Individuals who access or use our products or services (whether in-person or online) (“services”);
Users of our applications (“applications”); and/or
Persons who submit any personal data through our websites, applications and services.
By visiting our premises, websites, services and applications or by submitting any personal data to us, you are accepting and consenting to the terms of this Privacy Statement as amended from time to time.
This Privacy Statement does not apply to individuals who only provide business contact information in the course of business, such as vendors or suppliers.
2. Personal Data We Collect
2. Personal Data We Collect
2. Personal Data We Collect
“Personal data” means data, whether true or not, about a customer who can be identified: from that data, or from that data and other information to which we have or are likely to have access. Other terms used in this Privacy Statement shall have the meanings given to them in the PDPA (where the context so permits).
Depending on the nature of your interaction with us, some examples of personal data we collect from you include the following:
(a) Websites’ visitors
Name, if provided
Email address, if provided via forms
IP address, browser or device type, cookies
(b) Users of services
Full name, email address, mobile number, postal address
Date of birth, gender
Identification numbers (e.g. NRIC/FIN/Passport numbers) where required by law or where it is necessary to accurately verify identity for safety, operational accuracy or service fulfilment. This includes, for example, identification for laboratory requests and specimen labelling to ensure correct matching of results
Information such as questionnaires, results, relevant data
Booking and payment details
(c) Users of applications
All applicable customer information set out above
Device ID, usage data
Optional self-reported wellness metrics or wearable data, if provided
(d) Transactional data
Service bookings and history
Payment method, stored only in tokenised form
Invoices and receipts
We generally do not collect your personal data unless:
it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes; or
where the collection and use of personal data without consent is permitted or required by the PDPA or other laws.
We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
“Personal data” means data, whether true or not, about a customer who can be identified: from that data, or from that data and other information to which we have or are likely to have access. Other terms used in this Privacy Statement shall have the meanings given to them in the PDPA (where the context so permits).
Depending on the nature of your interaction with us, some examples of personal data we collect from you include the following:
(a) Websites’ visitors
Name, if provided
Email address, if provided via forms
IP address, browser or device type, cookies
(b) Users of services
Full name, email address, mobile number, postal address
Date of birth, gender
Identification numbers (e.g. NRIC/FIN/Passport numbers) where required by law or where it is necessary to accurately verify identity for safety, operational accuracy or service fulfilment. This includes, for example, identification for laboratory requests and specimen labelling to ensure correct matching of results
Information such as questionnaires, results, relevant data
Booking and payment details
(c) Users of applications
All applicable customer information set out above
Device ID, usage data
Optional self-reported wellness metrics or wearable data, if provided
(d) Transactional data
Service bookings and history
Payment method, stored only in tokenised form
Invoices and receipts
We generally do not collect your personal data unless:
it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes; or
where the collection and use of personal data without consent is permitted or required by the PDPA or other laws.
We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
“Personal data” means data, whether true or not, about a customer who can be identified: from that data, or from that data and other information to which we have or are likely to have access. Other terms used in this Privacy Statement shall have the meanings given to them in the PDPA (where the context so permits).
Depending on the nature of your interaction with us, some examples of personal data we collect from you include the following:
(a) Websites’ visitors
Name, if provided
Email address, if provided via forms
IP address, browser or device type, cookies
(b) Users of services
Full name, email address, mobile number, postal address
Date of birth, gender
Identification numbers (e.g. NRIC/FIN/Passport numbers) where required by law or where it is necessary to accurately verify identity for safety, operational accuracy or service fulfilment. This includes, for example, identification for laboratory requests and specimen labelling to ensure correct matching of results
Information such as questionnaires, results, relevant data
Booking and payment details
(c) Users of applications
All applicable customer information set out above
Device ID, usage data
Optional self-reported wellness metrics or wearable data, if provided
(d) Transactional data
Service bookings and history
Payment method, stored only in tokenised form
Invoices and receipts
We generally do not collect your personal data unless:
it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes; or
where the collection and use of personal data without consent is permitted or required by the PDPA or other laws.
We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
3. How We Use Your Personal Data
3. How We Use Your Personal Data
3. How We Use Your Personal Data
We may collect and use your personal data for the following purposes:
To provide services to you including verifying your identity, performing obligations in the course of or in connection with our provision of the goods and/or services requested by you
To manage your relationship with us
To personalise recommendations, programmes or services
To process bookings and payments including processing payment or credit card transactions
To handle customer support requests including responding to, handling, and processing queries, requests, applications, complaints, and feedback from you
For internal analytics, service improvement and quality assurance
To send service-related communications
To contact you via telephone, SMS/text, WhatsApp, email, and/or other communication channels to provide marketing messages including information about our products and services, and those of our related companies and affiliates, including new offerings, promotional offers, and other relevant packages that you may choose to sign up for or purchase through the relevant channels, where you have given consent
To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
Any other purposes for which you have provided the information
To transmit to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes
Any other incidental business purposes related to or in connection with the above
In compliance with the PDPA, we may collect, use or disclose your personal data without your consent for our legitimate interests or another person. In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect. In line with the legitimate interests’ exception, we will collect, use or disclose your personal data for the following purposes:
Fraud detection and prevention;
Monitoring, detection and prevention of misuse of services;
Network analysis to prevent fraud and financial crime, and perform credit analysis; and
Supporting research and development purposes, including innovation in our services, subject to appropriate oversight and safeguards.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.
We may collect and use your personal data for the following purposes:
To provide services to you including verifying your identity, performing obligations in the course of or in connection with our provision of the goods and/or services requested by you
To manage your relationship with us
To personalise recommendations, programmes or services
To process bookings and payments including processing payment or credit card transactions
To handle customer support requests including responding to, handling, and processing queries, requests, applications, complaints, and feedback from you
For internal analytics, service improvement and quality assurance
To send service-related communications
To contact you via telephone, SMS/text, WhatsApp, email, and/or other communication channels to provide marketing messages including information about our products and services, and those of our related companies and affiliates, including new offerings, promotional offers, and other relevant packages that you may choose to sign up for or purchase through the relevant channels, where you have given consent
To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
Any other purposes for which you have provided the information
To transmit to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes
Any other incidental business purposes related to or in connection with the above
In compliance with the PDPA, we may collect, use or disclose your personal data without your consent for our legitimate interests or another person. In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect. In line with the legitimate interests’ exception, we will collect, use or disclose your personal data for the following purposes:
Fraud detection and prevention;
Monitoring, detection and prevention of misuse of services;
Network analysis to prevent fraud and financial crime, and perform credit analysis; and
Supporting research and development purposes, including innovation in our services, subject to appropriate oversight and safeguards.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.
We may collect and use your personal data for the following purposes:
To provide services to you including verifying your identity, performing obligations in the course of or in connection with our provision of the goods and/or services requested by you
To manage your relationship with us
To personalise recommendations, programmes or services
To process bookings and payments including processing payment or credit card transactions
To handle customer support requests including responding to, handling, and processing queries, requests, applications, complaints, and feedback from you
For internal analytics, service improvement and quality assurance
To send service-related communications
To contact you via telephone, SMS/text, WhatsApp, email, and/or other communication channels to provide marketing messages including information about our products and services, and those of our related companies and affiliates, including new offerings, promotional offers, and other relevant packages that you may choose to sign up for or purchase through the relevant channels, where you have given consent
To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority
Any other purposes for which you have provided the information
To transmit to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes
Any other incidental business purposes related to or in connection with the above
In compliance with the PDPA, we may collect, use or disclose your personal data without your consent for our legitimate interests or another person. In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect. In line with the legitimate interests’ exception, we will collect, use or disclose your personal data for the following purposes:
Fraud detection and prevention;
Monitoring, detection and prevention of misuse of services;
Network analysis to prevent fraud and financial crime, and perform credit analysis; and
Supporting research and development purposes, including innovation in our services, subject to appropriate oversight and safeguards.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.
4. Disclosure of Personal Data
4. Disclosure of Personal Data
4. Disclosure of Personal Data
We may share your personal data with
Our related companies and affiliates;
Service providers, agents and other organisations we have engaged such as IT hosting, payment processing, analytics and marketing platforms to perform any of the functions with reference to the above-mentioned purposes;
Professional advisers including legal, accounting and compliance professionals;
Governmental or regulatory authorities, if required by any of the above-mentioned purposes;
Partners who support or contribute to the delivery, improvement, or advancement of our services; and
Other third parties where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).
We may collect or use your personal data, or disclose existing personal data for secondary purposes that differ from the primary purpose which it had originally collected for. If we intend to rely on deemed consent by notification for such secondary purposes, we will notify you of the proposed collection, use or disclosure of his personal data through appropriate mode(s) of communication. You will be given a reasonable period to inform us if you wish to opt-out of the collection, use and disclosure of your personal data for such purposes. After the lapse of the opt-out period, you may notify us that you no longer wish to consent to the purposes for which your consent was deemed by notification by withdrawing your consent for the collection, use or disclosure of your personal data in relation to those purposes.
We do not sell your personal data. Any sharing with third parties is subject to PDPA-compliant safeguards and appropriate oversight.
We may share your personal data with
Our related companies and affiliates;
Service providers, agents and other organisations we have engaged such as IT hosting, payment processing, analytics and marketing platforms to perform any of the functions with reference to the above-mentioned purposes;
Professional advisers including legal, accounting and compliance professionals;
Governmental or regulatory authorities, if required by any of the above-mentioned purposes;
Partners who support or contribute to the delivery, improvement, or advancement of our services; and
Other third parties where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).
We may collect or use your personal data, or disclose existing personal data for secondary purposes that differ from the primary purpose which it had originally collected for. If we intend to rely on deemed consent by notification for such secondary purposes, we will notify you of the proposed collection, use or disclosure of his personal data through appropriate mode(s) of communication. You will be given a reasonable period to inform us if you wish to opt-out of the collection, use and disclosure of your personal data for such purposes. After the lapse of the opt-out period, you may notify us that you no longer wish to consent to the purposes for which your consent was deemed by notification by withdrawing your consent for the collection, use or disclosure of your personal data in relation to those purposes.
We do not sell your personal data. Any sharing with third parties is subject to PDPA-compliant safeguards and appropriate oversight.
We may share your personal data with
Our related companies and affiliates;
Service providers, agents and other organisations we have engaged such as IT hosting, payment processing, analytics and marketing platforms to perform any of the functions with reference to the above-mentioned purposes;
Professional advisers including legal, accounting and compliance professionals;
Governmental or regulatory authorities, if required by any of the above-mentioned purposes;
Partners who support or contribute to the delivery, improvement, or advancement of our services; and
Other third parties where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you.
The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).
We may collect or use your personal data, or disclose existing personal data for secondary purposes that differ from the primary purpose which it had originally collected for. If we intend to rely on deemed consent by notification for such secondary purposes, we will notify you of the proposed collection, use or disclosure of his personal data through appropriate mode(s) of communication. You will be given a reasonable period to inform us if you wish to opt-out of the collection, use and disclosure of your personal data for such purposes. After the lapse of the opt-out period, you may notify us that you no longer wish to consent to the purposes for which your consent was deemed by notification by withdrawing your consent for the collection, use or disclosure of your personal data in relation to those purposes.
We do not sell your personal data. Any sharing with third parties is subject to PDPA-compliant safeguards and appropriate oversight.
5. Storage and Cross-Border Transfers
5. Storage and Cross-Border Transfers
5. Storage and Cross-Border Transfers
We generally do not transfer your personal data to countries outside of Singapore. However, there may be circumstances which necessitate this, in which case you consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
For disaster recovery purposes, certain personal data may be securely stored in overseas servers such as in the USA. In such cases, we ensure the recipient provides a standard of protection comparable to that under the PDPA.
We generally do not transfer your personal data to countries outside of Singapore. However, there may be circumstances which necessitate this, in which case you consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
For disaster recovery purposes, certain personal data may be securely stored in overseas servers such as in the USA. In such cases, we ensure the recipient provides a standard of protection comparable to that under the PDPA.
We generally do not transfer your personal data to countries outside of Singapore. However, there may be circumstances which necessitate this, in which case you consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
For disaster recovery purposes, certain personal data may be securely stored in overseas servers such as in the USA. In such cases, we ensure the recipient provides a standard of protection comparable to that under the PDPA.
6. Retention of Personal Data
6. Retention of Personal Data
6. Retention of Personal Data
We retain personal data as long as necessary to fulfil the purposes for which it was collected and to comply with applicable legal, operational and safety obligations. In some cases, data may be retained longer when needed to support follow-up services, long-term records, or research, subject to appropriate safeguards.
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
We retain personal data as long as necessary to fulfil the purposes for which it was collected and to comply with applicable legal, operational and safety obligations. In some cases, data may be retained longer when needed to support follow-up services, long-term records, or research, subject to appropriate safeguards.
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
We retain personal data as long as necessary to fulfil the purposes for which it was collected and to comply with applicable legal, operational and safety obligations. In some cases, data may be retained longer when needed to support follow-up services, long-term records, or research, subject to appropriate safeguards.
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
7. Your Rights
7. Your Rights
7. Your Rights
Under the PDPA, you have the right to
Access your personal data
Correct your personal data
Withdraw consent for our use or disclosure of your personal data
Access
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) business days after receiving your request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Correct
We generally rely on you (or your authorised representative) for the accuracy of your personal data. In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
Withdraw
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the
processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
For all other enquiries, we aim to respond within (30) business days. Certain requests may be subject to a reasonable administrative fee or lawful exceptions.
Under the PDPA, you have the right to
Access your personal data
Correct your personal data
Withdraw consent for our use or disclosure of your personal data
Access
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) business days after receiving your request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Correct
We generally rely on you (or your authorised representative) for the accuracy of your personal data. In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
Withdraw
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the
processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
For all other enquiries, we aim to respond within (30) business days. Certain requests may be subject to a reasonable administrative fee or lawful exceptions.
Under the PDPA, you have the right to
Access your personal data
Correct your personal data
Withdraw consent for our use or disclosure of your personal data
Access
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) business days after receiving your request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Correct
We generally rely on you (or your authorised representative) for the accuracy of your personal data. In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
Withdraw
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the
processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
For all other enquiries, we aim to respond within (30) business days. Certain requests may be subject to a reasonable administrative fee or lawful exceptions.
8. Cookies and Tracking Technologies
8. Cookies and Tracking Technologies
8. Cookies and Tracking Technologies
We use cookies and similar technologies to operate our website, analyse traffic and improve your experience. You can adjust your browser settings to block or delete cookies, but some features may not function as intended.
We use cookies and similar technologies to operate our website, analyse traffic and improve your experience. You can adjust your browser settings to block or delete cookies, but some features may not function as intended.
We use cookies and similar technologies to operate our website, analyse traffic and improve your experience. You can adjust your browser settings to block or delete cookies, but some features may not function as intended.
9. Security of Personal Data
9. Security of Personal Data
9. Security of Personal Data
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as:
Minimised collection of personal data
Encryption of data in transit and at rest where appropriate
Access controls and authentication measures
Advanced technical safeguards, including endpoint threat protection, risk-based vulnerability remediation, and secure media disposal
Staff training on data protection obligations
Regular review of security practices
We also follow best practices such as prompt software updates, controlled access to sensitive data, regular backups, incident preparedness, secure data disposal and periodic security reviews.
While we strive to protect your personal data, no method of storage or transmission is completely secure.
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as:
Minimised collection of personal data
Encryption of data in transit and at rest where appropriate
Access controls and authentication measures
Advanced technical safeguards, including endpoint threat protection, risk-based vulnerability remediation, and secure media disposal
Staff training on data protection obligations
Regular review of security practices
We also follow best practices such as prompt software updates, controlled access to sensitive data, regular backups, incident preparedness, secure data disposal and periodic security reviews.
While we strive to protect your personal data, no method of storage or transmission is completely secure.
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as:
Minimised collection of personal data
Encryption of data in transit and at rest where appropriate
Access controls and authentication measures
Advanced technical safeguards, including endpoint threat protection, risk-based vulnerability remediation, and secure media disposal
Staff training on data protection obligations
Regular review of security practices
We also follow best practices such as prompt software updates, controlled access to sensitive data, regular backups, incident preparedness, secure data disposal and periodic security reviews.
While we strive to protect your personal data, no method of storage or transmission is completely secure.
10. Changes to This Privacy Statement
10. Changes to This Privacy Statement
10. Changes to This Privacy Statement
We may amend or update this Privacy Statement at any time by publishing the updated Privacy Statement on our website, with the “last updated” date clearly indicated. We encourage you to check our website regularly to ensure that you are aware of the updated version of the Privacy Statement.
Your continued use of our websites, applications and services after any changes means you accept and consent to the revised Privacy Statement.
We may amend or update this Privacy Statement at any time by publishing the updated Privacy Statement on our website, with the “last updated” date clearly indicated. We encourage you to check our website regularly to ensure that you are aware of the updated version of the Privacy Statement.
Your continued use of our websites, applications and services after any changes means you accept and consent to the revised Privacy Statement.
We may amend or update this Privacy Statement at any time by publishing the updated Privacy Statement on our website, with the “last updated” date clearly indicated. We encourage you to check our website regularly to ensure that you are aware of the updated version of the Privacy Statement.
Your continued use of our websites, applications and services after any changes means you accept and consent to the revised Privacy Statement.
11. Contact Us
11. Contact Us
11. Contact Us
You may contact our Data Protection Officer if you wish to make any request, please do so in the following manner:
Attention to: Data Protection Officer
Email: DPO@morrowmedical.sg
If you have any enquiries or feedback on our personal data protection policies and procedures, please submit a direct enquiry to DPO@morrowmedical.sg.
You may contact our Data Protection Officer if you wish to make any request, please do so in the following manner:
Attention to: Data Protection Officer
Email: DPO@morrowmedical.sg
If you have any enquiries or feedback on our personal data protection policies and procedures, please submit a direct enquiry to DPO@morrowmedical.sg.
You may contact our Data Protection Officer if you wish to make any request, please do so in the following manner:
Attention to: Data Protection Officer
Email: DPO@morrowmedical.sg
If you have any enquiries or feedback on our personal data protection policies and procedures, please submit a direct enquiry to DPO@morrowmedical.sg.