Table of Contents
PRIVACY POLICY
1 Preface
This Privacy Policy sets forth how FICOFI collects, uses and discloses personal data and the measures taken to ensure the protection of personal data pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the council of 27 April 2016 (hereinafter “GDPR”) and the Personal Data Protection Act 2012 (No. 26 of 2012) (hereinafter “PDPA”) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
2 Information about FICOFI's data processing
2.1 Data Collection
Personal Data
FICOFI is the data controller of the collection and the processing of the personal data which are provided by its clients/Members, partners and employees as well as the visitors of its website (hereinafter the “Data Subjects”).
“Personal Data”: means (1) any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; and (2) data, whether true or not, about an individual who can be identified (a) from that data, or (b) from that data and other information to which the organisation has or is likely to have access.
2.2 Purposes of personal data processing carried out by FICOFI
FICOFI collects, uses and discloses the personal data of Data Subjects in relation to several purposes including but not limited to:
- Human Resources management;
- Registration of Members at Le Club FICOFI®;
- Management of Collecting & sourcing services;
- Wine tasting experiences;
- Wine tour experiences;
- Personal advisory services;
- Cellaring & insurance services;
- Delivery services;
- Inform Members among others of events, wines’ offers and group shipments organized by FICOFI;
- To process any question and request for information sent to FICOFI;
- Safety, security and legal compliance purposes.
2.3 The lawfulness basis of the processing
FICOFI collects and processes personal data only if:
- processing is necessary for the performance of a contract to which the Data subject is party or in order to take steps at the request of the Data subject prior to entering into a contract (e.g., clients/Members and partners);
- processing is necessary for compliance with a legal obligation to which the FICOFI is subject;
- processing is necessary for the purposes of the legitimate interests pursued by FICOFI (e.g., recruitment, organisation of the activities of Le Club FICOFI®, etc.);
- the Data subject has given its consent to the Processing of his or her Personal Data for one or more specific purposes.
2.4 The recipients or categories of recipients within FICOFI
The personal data will only be accessible by a limited list of recipients on a need to know basis or where required by law, such as FICOFI’s directors, along with all Departments involved in Le Club FICOFI® management such as: Marketing, Le Club FICOFI® Service, Operations, Offers, IT, Legal, etc.
2.5 Data Storage
Personal data collected by FICOFI are kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data are processed.
More specifically, FICOFI processes the personal data as long as necessary for the business relationship (e.g., client/Member or partner), the employment relationship for employees, or any legal purposes of FICOFI as required by relevant laws. At the end of such period, the personal data are archived in accordance with the applicable statutory limitation period and then deleted with commercially reasonable and technically possible measures in accordance with the applicable laws.
2.6 Data sharing & data transfer
The personal data will not be transferred or made accessible to third parties except to FICOFI’s data processors and for the purposes it was collected as described in section 2.2, including for the management of the order of Goods, Storage and Insurance, Delivery and IT services.
In addition, FICOFI may provide personal data of its employees to public or private entities which are involved in the management of social benefits (e.g., Social Security).
FICOFI may also transfer the personal data of the Members to other FICOFI entities which may be located in countries which do not have the same level of protection of personal data under the GDPR and PDPA. In such cases, such data transfers are secured through appropriate contractual guarantees to provide a standard of protection that is comparable to that under PDPA and GDPR.
FICOFI may be obliged to communicate Personal Data to third parties, upon the request of a competent authority or to protect its rights. FICOFI shall use its best endeavours to ensure its employees, officers, agents, consultants, contractors and such other third parties mentioned above who are involved in the collection, use and disclosure of Personal Data will observe and adhere to the terms of this Privacy Policy.
3 Security measures
FICOFI has put in place appropriate and commercially reasonable technical and organizational security measures to keep Personal Data that it collects and holds confidential and to protect it against unauthorized or unlawful disclosure or access, accidental loss, destruction, alteration or damage taking into consideration the state of art of technology and the cost of implementation. FICOFI’s information systems are protected by state-of-the-art hardware and software security systems and physical and electronic safeguard procedures are implemented.
FICOFI takes appropriate measures to ensure that data processors who are given access to personal data reasonably uphold at least as stringent security measures as those applied by FICOFI.
4 Individual rights relating to collected data
Every data subject has the right to request from FICOFI access, rectification, erasure, restriction of processing or to object to processing as well as the right to receive, when applicable, the personal data concerning him or her, which he or she has provided to FICOFI, in a structured, commonly used and machine-readable format (right to data portability).
FICOFI reserves the right not to accept any request contravening any regulatory authority or law. Each data subject can exercise their right:
- by mail: writing to 541 Orchard Road, #17-02 Liat Towers, Singapore 238881
- by email: dpo@ficofi.com
Finally, for any claim, each data subject has the right to file an application with the “Commission Nationale de l’Informatique et des Libertés (CNIL)” or the “Personal Data Protection Commission Singapore” (PDPC).
5 Privacy Policy updates
The Privacy Policy may be modified by FICOFI at any time. Should FICOFI wish to use the personal data otherwise than stipulated in the identifiable Privacy Policy in force at the time of data collection, notice of any such modifications will be posted in a new version of the current Privacy Policy. Subject to applicable laws, the English version of this Privacy Policy will prevail over any version of this Privacy Policy in another language. In the event of any inconsistency in interpretation between the English version and any translation of the Privacy Policy, this Privacy Policy statement in English will prevail.
6 Questions / Contact
For any questions or comments relating to the Privacy Policy or the manner in which FICOFI collects and uses the Personal Data, please contact:
- by mail: writing to FICOFI 541 Orchard Road, #17-02 Liat Towers, Singapore 238881
- by email: dpo@ficofi.com
