Epitome Global Pte Ltd (“we”, “us”, “our”) is committed to protecting the personal data of our customers, employees, partners, and stakeholders in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore.

This Data Protection Policy explains how we collect, use, disclose, and protect your personal data.

1. Personal Data

“Personal Data” refers to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access.

This may include (but is not limited to):

  • Name
  • Identification numbers (e.g. NRIC, passport)
  • Contact details (email address, phone number, address)
  • Employment and education information
  • IP address and device information
  • Behavioral and assessment data (e.g. profiling results)

2. Collection of Personal Data

We may collect personal data in the following ways:

  • When you visit our website or use our services
  • When you submit forms or applications
  • When you communicate with us via email, phone, or other channels
  • When you enter into agreements with us
  • Through third-party integrations (e.g. LinkedIn or other platforms, where authorized)

We only collect personal data that is necessary for our business purposes.

3. Purpose of Collection, Use and Disclosure

We may use and disclose your personal data for purposes including:

  • Providing and improving our products and services
  • Processing applications, transactions, or requests
  • Identity verification and authentication
  • Recruitment, talent management, and HR services
  • Analytics, research, and product development
  • Compliance with legal and regulatory requirements
  • Responding to inquiries, feedback, or complaints

We will not use your personal data for purposes beyond those stated without your consent, unless required or permitted by law.

4. Consent

By providing your personal data to us, you consent to our collection, use, and disclosure of your personal data as described in this Policy.

You may withdraw your consent at any time by contacting our Data Protection Officer (DPO). Please note that withdrawing consent may affect our ability to provide services to you.

5. Disclosure of Personal Data

We may disclose personal data to:

  • Our employees and authorized representatives
  • Service providers and vendors (e.g. cloud hosting, analytics, recruitment tools)
  • Business partners and clients where necessary
  • Regulatory authorities or law enforcement agencies where required

All third parties are required to protect personal data in accordance with applicable laws and our policies.

6. Protection of Personal Data

We implement reasonable security arrangements to protect personal data, including:

  • Role-Based Access Control (RBAC)
  • Encryption of sensitive data at rest and in transit
  • Secure authentication and authorization mechanisms
  • Monitoring and logging of access activities

Behavioral and profiling data (e.g. assessment results) are:

  • Protected via access control mechanisms
  • Not shared without consent or exposed publicly

7. Retention of Personal Data

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law.

When personal data is no longer needed, we will securely delete or anonymize it.

8. Accuracy of Personal Data

We strive to ensure that personal data is accurate and complete. You may request corrections to your personal data by contacting us.

9. Access and Correction Requests

You have the right to:

  • Request access to your personal data
  • Request correction of your personal data

Requests may be subject to verification and applicable administrative fees.

10. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to:

  • Enhance user experience
  • Analyze website traffic and usage patterns
  • Support security and authentication

You can manage cookie preferences through your browser settings.

11. International Data Transfers

Where personal data is transferred outside Singapore, we ensure that the receiving parties provide a standard of protection comparable to the PDPA.

12. Updates to this Policy

We may update this Data Protection Policy from time to time. Updates will be published on our website with the effective date.

13. Contact Us

If you have any questions, feedback, or requests regarding this Policy or your personal data, please contact:

Data Protection Officer (DPO)

Epitome Global Pte Ltd

Email: dpo@epitome.global