1000 Steps PTE Ltd is incorporated in Singapore under company number 201930930Z and has a registered office at Singapore Business Federation Centre, 160 Robinson Road, Singapore 068914. As a business with global reach and resources all significant decisions about data processing and policy implementation will be made using the Personal Data Protection Commission Singapore (PDPC) & relevant data protection laws in the country we operate, and data is processed in. This notice is set out to help you understand the types of data that we collect or process on your behalf and and how that data processed and stored.
Commitment
1000 Steps are committed to protecting the privacy and security of your personal data. We continually monitor compliance through implementing policies & procedures to safeguard data and by setting regular reviews to manage these policies and procedures.
Data Processing
1000 Steps acts as data controller ,processor, & sub processor depending on the role and services we are providing. In most circumstances we process personal data on the instructions of our clients as a data processor and not as a data controller. This is defined by contractual or data processing agreements with our customers. We provide sales consultancy, corporate training, motivational courses, sales & marketing as a service, we are also a reseller for CRM software, our services are aimed at connecting people to promote organisations & provide opportunities for brand, business activities. & delivering sales & marketing campaigns.
Information we collect
Website
1000 Steps collects personal data from web forms submitted requesting information in the form of general enquiries or to register for the training events and services provided by 1000 Steps. This comprises the name, email address, company name, subject & message of the person making the enquiry. 1000 Steps may also collect personal data from our website using Google Analytics to track how users interact with our site. This involves installing Google Analytics code on our website in the form of a ‘cookie’. Cookies contain an ID number which is assigned to a user and provides us with the following information:
- Your IP address (An IP address does not provide identifiable personal information)
- Your visits to our website
- The time of your visits and the length of time you spent on our website
- The pages that you visited
- Your location (although this might be influenced by the location of your server)
- The browser you are using
- Type of operating system
- The device you are using (e.g., desktop, tablet or mobile)
- Referral source (how you arrived on our site, e.g., search engine, direct URL, social media, or third-party website).
‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service. It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our websites If you would like to opt-out of Google Analytics monitoring your behaviour on our website, please use this link (https://tools.google.com/dlpage/gaoptout/)
Online Training Events & Webinars
We collect and process the following information:
|
|
Sales & Marketing as a Service
We collect and process as a data processor the following information in our clients CRMS & social media platforms:
|
|
How we use your information
1000 Steps collects processes & stores personal data for the following reasons:
- To respond, provide support, make assessments and recommendations around products and services we provide.
- Provide reporting statistical analysis, identify customer trends and measuring effectiveness of marketing campaigns. Service quality, improvements & identify training requirements.
- To advertise, create, monitor & support attendance at networking events globally.
- To introduce signpost & promote businesses and their brand products. Through media interactions.
- The tracking of website behaviour is to provide 1000 Steps with statistical information which is collated in aggregate form to help us improve user experience of our website and for marketing purposes.
- To host webinar events on behalf of stakeholder(s), Collect feedback on events and services we provide & to sign post similar future events.
Who are our Stakeholders
We operate in a business-to-business environment our clients are Micro, Small Medium & Large enterprise businesses, We also communicate with Media Outlets, Associates, Delegates, Supporting Organisations, Suppliers, Statutory & Regulatory Bodies to deliver our services on our client’s behalf.
3rd Parties
Our websites & information we share around training events & involving stakeholders may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website. In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Social Media
1000 Steps can be found on social media platforms such as Facebook, Twitter and LinkedIn, Eventbrite & Meetup. These platforms are an important part of our business efforts, so you may be presented with a retargeting ads & emails in future following a visit to our pages We may target ads at audiences that we believe match the profile of our target audience and would therefore be interested in our services. We will also regularly tag or mention you where we are carrying out business promotion on your behalf or to raise your professional profile. These platforms are run by commercial companies and 1000 Steps is not the Data Controller of your social/professional media profile. You should contact these social media platforms directly if you have concerns over how your personal data is being used and stored by them.
International
1000 Steps are a global business working with professional services firms and software firms. We provide detailed consulting and tailored training and development programmes. Attendees may be from countries from around the world.
All significant decisions about data processing and policy implementation will be made using the relevant data protection laws in the country the client is registered. We take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
Sharing Information
We sometimes share your personal data with trusted third parties. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- IT companies who support our website and other business systems
- Third-party suppliers
- Third-party credit checks
- Photographers or independent consultants (project-based)
We use third party hosting for this website and associated data processed is conducted only to provide you with user friendly functionality.
We may share names email addresses pictures, job roles and organisational information as part of business-to-business networking events & with organisations & contractors commissioned to assist & co-ordinate these events.
Pre & post training event/webinar management will include grouped online communications such as meeting invites in meeting chats and document sharing. Others attending may see your name email address and may see conversation responses and questions you may ask.
Where we have been commissioned by an organisation to host a webinar or event, your registration & attendance information & any feedback you provide will be shared with this organisation.
We use contractors & associates to manage various business processes, we will share your information with them to conduct this function.
We may be required to transfer your information to a third party as part of a sale of some or all our business assets to third party as part of any business restructuring or reorganization.
We may also be required to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our supporters and customers. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Lawful Basis
We consider and apply the EU/UK GDPR & Singapore PDPR principles to all personal & Sensitive data that we hold or process
1) Processed lawfully, fairly and in a transparent manner in relation to individuals.
2) Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes.
3) Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
4) Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay.
5) Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
6) Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
Children
We do not anticipate providing services directly to children, however we do understand that if this change occurs, we will make provisions to verify age. We will also make further provisions to gain parental or guardian consent for data processing activity where required.
Protecting your personal information
1000 Steps will continue to look for new ways to protect data, however, in the event of a data breach we will collaborate with our clients to notify the relevant regulatory data protection authority of the country the data breach occurs.
Your data protection rights
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
Your right to Object to automated decision making – You have the right not to be subject to the use of entirely automated decisions which produce legal effects or significantly affect you. We do not use these in relation to Personal Data and neither do any of our third parties.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Where we act as a data processor, we will forward any request you make to the relevant data controller.
Please contact us at [email protected] if you wish to make a request. Or in writing at: Singapore Business Federation Centre, 160 Robinson Road, Singapore 068914.
Regulatory Information
The PDPC address:
Personal Data Protection Commission Singapore
Personal Data Protection Commission Singapore | PDPC
Address: 10 Pasir Panjang Road,
#03-01 Mapletree
Business City Singapore 117438
Main Line: +65 6377 3131
Fax: +65 6577 3888