隐私政策

EASEFLOW CONSULTANCY PTE. LTD.

Effective Date: 26 May 2025
Last Updated: 26 May 2026
Company Registration No: 202511345K

1. INTRODUCTION

EaseFlow Consultancy Pte. Ltd.("EaseFlow", "we", "us", "our") iscommitted to protecting and respecting your privacy. This Privacy Policyexplains how we collect, use, disclose, and protect your personal data in accordancewith Singapore's Personal Data Protection Act 2012 ("PDPA") and itssubsequent amendments.

This Privacy Policy applies to all personaldata collected by EaseFlow from:

• Clients and potential clients
• Employees, directors, and company officers
• Job seekers and employment candidates
• Visitors to our premises and website
• Business partners and vendors
• Any other individuals who interact with EaseFlow

By providing your personal data to EaseFlowor using our services, you acknowledge that you have read, understood, andagree to this Privacy Policy.

2. DEFINITIONS

Personal Data means data about an individual who can be identified from thatdata, or from that data and other information to which we have or are likely tohave access.

Data Subjectrefers to the individual to whom the personal data relates.

Processingincludes any operation performed on personal data, including collection,recording, holding, organization, adaptation, alteration, retrieval,consultation, use, disclosure, dissemination, making available, alignment,combination, blocking, erasure, or destruction.

 

3. TYPES OF PERSONAL DATA WE COLLECT

3.1 Client Personal Data

We collect the following categories ofpersonal data from our clients:

Basic Information:

• Full name, NRIC/Passport number, nationality
• Contact details (email address, mobile number, residential     address)
• Date of birth, marital status
• Employment details and occupation

Financial Information:

• IRAS income tax assessments
• CPF statements and contribution history
• Bank statements and loan details
• Credit reports and credit scores
• Property ownership documents and valuations
• Property tax bills and assessments
• Monthly payslips and employment contracts
• HDB statements and grants received
• Investment portfolios and assets

Family Information:

• Spouse's personal and financial information
• Dependent children's details
• Next-of-kin information

Property and Mortgage Information:

• Current mortgage arrangements
• Property purchase intentions
• Loan application details
• Bank preferences and requirements
     

3.2 Employee Personal Data

• Personal identification details (NRIC/ passport)
• Contact information and emergency contacts
• Educational qualifications and work experience
• Employment history and references
• Salary, benefits, and performance records
• Medical certificates and health information
• Banking details for salary payments
• Photographs for identification purposes

3.3 Job Seeker Personal Data

• Resume and curriculum vitae
• Educational certificates and transcripts
• Professional qualifications and licenses
• Employment history and references
• Interview notes and assessments
• Salary expectations and availability

3.4 Visitor Personal Data

• Name and contact details
• Company affiliation and purpose of visit
• CCTV footage and security records
• Vehicle registration numbers
• Entry and exit timestamps

4. HOW WE COLLECT PERSONAL DATA

We collect personal data through variousmeans:

4.1 Direct Collection

• Application forms and questionnaires
• Face-to-face meetings and consultations
• Phone calls and video conferences
• Email correspondence
• Online forms and digital platforms
• Document submissions and uploads

4.2 Indirect Collection

• Third-party service providers and business partners
• Public records and databases
• Credit bureaus and financial institutions
• Government agencies (with consent)
• Referrals from existing clients
• Social media platforms (publicly available information)

4.3 Automated Collection

• Website cookies and analytics
• CCTV surveillance systems
• Access control systems
• Communication monitoring systems

5. PURPOSES OF PROCESSING PERSONAL DATA

5.1 Client Services

• Mortgage Advisory Services:     Assessing current mortgage arrangements, providing mortgage comparisons,     facilitating loan applications
• Financial Analysis: Evaluating     financial capacity, creditworthiness assessment, risk profiling
• Documentation Processing: Preparing     and submitting loan applications, liaising with financial institutions
• Ongoing Support: Providing updates     on application status, post-completion services
• Compliance Requirements: Meeting     regulatory obligations, anti-money laundering checks, know-your-customer     procedures

5.2 Business Operations

• Account Management: Maintaining     client relationships, service delivery, billing and payment processing
• Marketing and Communications:     Sending service updates, promotional materials, newsletters, event     invitations
• Customer Service: Responding to     inquiries, handling complaints, providing technical support
• Business Development: Analyzing     market trends, improving services, developing new products
• Legal Compliance: Meeting statutory     requirements, regulatory reporting, audit purposes

5.3 Employment Purposes

• Recruitment: Evaluating job     applications, conducting interviews, background checks
• Employment Management: Payroll     processing, performance management, training and development
• Workplace Safety: Maintaining     health and safety records, emergency contact information
• Legal Obligations: Tax reporting,     CPF contributions, work pass applications

5.4 Security and Safety

• Premises Security: CCTV monitoring,     access control, visitor management
• Data Security: Identity     verification, fraud prevention, system security
• Emergency Response: Contact     emergency services, medical assistance

6. DISCLOSURE OF PERSONAL DATA

We may disclose your personal data to thefollowing parties:

6.1 Financial Institutions

• Banks and lending institutions for loan processing
• Credit bureaus for credit assessment
• Insurance companies for mortgage protection
• Valuation companies for property assessment

6.2 Professional Service Providers

• Legal advisors and law firms
• Accounting and audit firms
• IT service providers and system vendors
• Marketing and communication agencies

6.3 Regulatory Bodies

• Monetary Authority of Singapore (MAS)
• Accounting and Corporate Regulatory Authority (ACRA)
• Inland Revenue Authority of Singapore (IRAS)
• Central Provident Fund Board (CPF)
• Housing & Development Board (HDB)

6.4 Business Partners

• Real estate agencies and property developers
• Insurance brokers and agents
• Investment advisory firms
• Other mortgage advisory companies (with explicit consent)

6.5 Legal Requirements

• Courts of law and legal proceedings
• Law enforcement agencies
• Government authorities as required by law
• Liquidators, receivers, or administrators

We will only disclose personal data where:

• You have provided explicit consent
• It is necessary for the performance of our services
• It is required by law or regulation
• It is necessary to protect our legitimate interests
• It is in the public interest

7. DATA RETENTION

7.1 Retention Periods

• Client Records: 7 years from     completion of services or termination of relationship
• Employment Records: 5 years from     termination of employment
• Job Application Records: 2 years     from application date
• Visitor Records: 1 year from visit     date
• CCTV Footage: 30 days unless     required for investigation
• Financial Records: As required by     applicable laws and regulations

7.2 Retention Criteria

We determine retention periods based on:

• Legal and regulatory requirements
• Business and operational needs
• Contractual obligations
• Potential legal claims or disputes
• Data subject rights and interests

7.3 Secure Disposal

When personal data is no longer required,we will securely dispose of it by:

• Permanent deletion from electronic systems
• Secure destruction of physical documents
• Overwriting of storage media
• Certification of destruction where appropriate

8. DATA SECURITY MEASURES

8.1 Technical Safeguards

• Encryption: Data encryption in     transit and at rest
• Access Controls: Multi-factor     authentication, role-based access
• Network Security: Firewalls,     intrusion detection systems, secure networks
• System Monitoring: Continuous     monitoring, regular security audits
• Backup and Recovery: Secure backup     systems, disaster recovery procedures

8.2 Administrative Safeguards

• Staff Training: Regular privacy and     security training programs
• Policy Compliance: Written policies     and procedures, regular updates
• Background Checks: Screening of     employees with access to personal data
• Incident Response: Data breach     response procedures, notification protocols
• Vendor Management: Due diligence on     third-party service providers

8.3 Physical Safeguards

• Premises Security: Secure     facilities, access controls, CCTV monitoring
• Document Security: Locked storage,     clean desk policy, secure disposal
• Device Security: Laptop encryption,     mobile device management
• Environmental Controls: Fire     suppression, climate control, power backup

9. INTERNATIONAL DATA TRANSFERS

9.1 Transfer Restrictions

We generally process personal data withinSingapore. However, we may transfer personal data outside Singapore in thefollowing circumstances:

• With your explicit consent
• To jurisdictions with adequate data protection laws
• Under binding corporate rules or standard contractual clauses
• Where necessary for the performance of our services

9.2 Safeguards for InternationalTransfers

When transferring personal datainternationally, we ensure:

• The receiving jurisdiction has adequate protection laws
• Contractual safeguards are in place
• Technical and organizational security measures are maintained
• Data subject rights remain protected

10. YOUR RIGHTS UNDER THE PDPA

10.1 Right of Access

You have the right to:

• Request information about how we process your personal data
• Obtain a copy of your personal data in our possession
• Understand the purposes for which we use your data

10.2 Right of Correction

You may request correction of:

• Inaccurate or incomplete personal data
• Personal data that is misleading
• Data that requires updating

10.3 Right to Withdraw Consent

• You may withdraw consent for processing at any time
• Withdrawal does not affect prior processing based on consent
• We will inform you of consequences of withdrawal

10.4 Right to Limit Processing

You may request limitation of processing incertain circumstances:

• While accuracy of data is being verified
• Where processing is unlawful but you oppose deletion
• Where we no longer need the data but you require it for legal     claims

10.5 Making Data Protection Requests

To exercise your rights:

• Submit requests in writing to our Data Protection Officer
• Provide sufficient information to verify your identity
• Specify the nature of your request clearly
• We will respond within 30 days of receiving a complete request

11. COOKIES AND WEBSITE ANALYTICS

11.1 Types of Cookies We Use

• Essential Cookies: Necessary for     website functionality
• Performance Cookies: Analytics and     usage statistics
• Functional Cookies: Enhanced user     experience features
• Marketing Cookies: Advertising and     marketing communications

11.2 Cookie Management

You can manage cookies through:

• Browser settings and preferences
• Third-party cookie management tools
• Opting out of specific analytics services
• Contacting us directly for assistance

11.3 Analytics and Tracking

We use analytics tools to:

• Monitor website performance and usage
• Improve user experience
• Measure marketing effectiveness
• Generate business insights

12. CHILDREN'S PRIVACY

We do not knowingly collect personal datafrom children under 13 years of age without parental consent. If we becomeaware that we have collected such data without consent, we will take steps todelete it promptly.

For children between 13-18 years of age, wemay collect personal data only with:

• Parental or guardian consent
• Clear understanding of the purposes
• Appropriate safeguards in place

13. THIRD-PARTY WEBSITES AND SERVICES

Our website may contain links tothird-party websites and services. This Privacy Policy does not apply to suchexternal sites. We encourage you to review the privacy policies of anythird-party sites you visit.

We are not responsible for:

• Privacy practices of third-party websites
• Content or security of external links
• Data collection by third-party services

14. DATA BREACH NOTIFICATION

14.1 Incident Response

In the event of a data breach, we will:

• Contain and investigate the incident immediately
• Assess the risk to affected individuals
• Notify the Personal Data Protection Commission (PDPC) if     required
• Inform affected individuals without undue delay
• Take steps to prevent future incidents

14.2 Notification Requirements

We will notify you of a data breach when:

• There is a high risk to your rights and freedoms
• The breach involves sensitive personal data
• Required by law or regulation
• We determine notification is appropriate

15. UPDATES TO THIS PRIVACY POLICY

15.1 Policy Changes

We may update this Privacy Policy from timeto time to:

• Reflect changes in our business practices
• Comply with new legal requirements
• Improve data protection measures
• Address new risks or technologies

15.2 Notification of Changes

We will notify you of material changes by:

• Posting updates on our website
• Sending email notifications to registered users
• Providing notice during service interactions
• Publishing announcements as appropriate

15.3 Continued Use

Your continued use of our services afterpolicy updates constitutes acceptance of the revised terms.

16. CONTACT INFORMATION

16.1 Data Protection Officer

Name: Gea,Ban Peng
Title: Data Protection Officer
Email: privacy@easeflowsg.com
Phone: +65 8788 1099
Address: 100 Peck Seah Street #08-014, Singapore 079333

16.2 General Inquiries

For general privacy questions or concerns: Email:info@easeflowsg.com
Phone: +65 8788 1099

17. GOVERNING LAW

This Privacy Policy is governed by the lawsof Singapore, including the Personal Data Protection Act 2012 and itssubsequent amendments. Any disputes arising from this policy will be subject tothe exclusive jurisdiction of Singapore courts.

18. ACKNOWLEDGMENT

By providing personal data to EaseFlow orusing our services, you acknowledge that:

• You have read and understood this Privacy Policy
• You consent to the collection, use, and disclosure of your     personal data as described
• You understand your rights and how to exercise them
• You will notify us of any changes to your personal data

This Privacy Policy was last updated on[26 MAY 2025] and is effective immediately.

EaseFlow Consultancy Pte. Ltd.
Company Registration No: 202511345K
100 Peck Seah Street #08-014, Singapore 079333
Tel: +65 8788 1099
Email: info@easeflowsg.com
Website: www.easeflowsg.com

 

‍