Data privacy information
I. Name and address of the controller
The controller in the sense of the General Data Protection Regulation and other national data protection laws of the Member States as well as other provisions pertaining to data privacy and protection laws is:
Singaporean-German Chamber of Industry and Commerce
25 International Business Park #03-105; Singapore 609916
Tel: +65 6433 5330
Email: info@sgc.org.sg
Website: www.sgc.org.sg
II. Name and address of the data protection officer
The data protection officer of the controller is:
Singaporean-German Chamber of Industry and Commerce
25 International Business Park #03-105
Singapore 609916
Tel: +65 6433 5330
Email: dataprotection(at)sgc.org.sg
Website: www.sgc.org.sg
III. General information regarding data processing
1. Scope of processing of personal data
In principle, we collect and use personal data of our users only to the extent it is required to provide a functioning website as well as for our content and services. The processing of personal data of our users is carried out regularly only after consent is given by our users. An exception applies in cases in which a previous obtaining of a consent is not possible for actual reasons and where the processing of data is permitted on the basis of statutory provisions.
2. Legal basis for the processing of personal data
To the extent that we obtain consent from the data subject for the processing of personal data, Section 6 Subsection 1 lit. a EU General Data Protection Regulation (GDPR) serves as legal basis for the processing of personal data. For the processing of personal data required to execute a contract whose contractual party is the data subject, Section 6 Subsection 1 lit. b GDPR serves as legal basis. This also applies to processing that is required for the execution of pre-contractually measures. If such processing is required to maintain a legitimate interest of our company or a third party, and if the interests, basic rights and fundamental freedoms of the data subject do not outweigh the former interest, Section 6 Subsection 1 lit. f GDPR serves as legal basis for such processing.
3. Data deletion and duration of storage
Personal data of the data subject will be deleted or blocked as soon as the purpose for storing such data no longer applies. Storage beyond such a period can be affected if such storage is prescribed by the European or national legislative body in provisions pertaining to European Union law or other provisions the data subject is subject to. Blocking or deletion of data is also affected if a storage period expires that is prescribed by the cited standards, unless there is a requirement for further storage of such data to enter into a contract or to execute a contract.
IV. Provisioning of website and creation of logfiles
1. Description and scope of data processing
Any time our web page is visited, our system collects data and information in an automated fashion from the computer system of the accessing computer. The following data is collected in the process: IP address; date & time of access; time difference to Greenwich Mean Time (GMT); content of access (accessed pages); Access status/HTTP status code; amount of data transferred in each case; website from which the request originates; browser; operating system and its interface; language and version of the browser software; Internet service provider (ISP).
2. Legal basis for the processing of data
Legal basis for the temporary storage of data and the logfiles is Section 6 Subsection 1 lit. f GDPR. Our legitimate interest is to ensure the correct delivery, stability and security of our website.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to facilitate delivery of the website to the computer of the user. To do so, the IP address of the user must remain stored for the duration of the session.
Storing of logfiles is effected to ensure the functionality of the website. In addition, such data helps us to optimize the website and to ensure the security of our information technology systems. An analysis of such data for marketing purposes will not be carried out in this context.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection. In the event of collection of data for the provisioning of the website this is the case whenever the respective session ends.
In the event of storing of data in logfiles this is after seven days the case at the latest. Storage to exceed such a period is not possible. In such a case, the IP addresses of the users are deleted or redacted so that an allocation of the accessing client is no longer possible.
5. Option for objection and removal
Collection of data for the provisioning of the website and storing of data in logfiles is required for the operation of the web page. Consequently, the user has no possibility to object.
V. Use of cookies
1) Description and scope of data processing
We use cookies to make our website more user-friendly. Some elements of our web page require that the accessing browser can also be identified when the user moves from one page to the next. No personal data is collected, but it may be personally identifiable.
We use cookies to store information about fonts, CSS files and for statistical analysis in order to improve the content and quality of the website.
2) Legal basis for the processing of data
Legal basis for the processing of personal data while using technically required cookies is Section 6 Subsection 1 lit. f GDPR.
Legal basis for the processing of personal data while using cookies for analytical purposes is Section 6 Subsection 1 lit. a GDPR if the respective consent of the user is on hand.
3) Purpose of data processing
The purpose of using technically required cookies is the simplification of use of websites for the users. Some functions or our web page cannot be provided without the use of cookies. For such it is necessary that the browser is also recognized when the user moves from one page to the next.
4) Duration of storage, option for objection and removal
Cookies are stored on the computer of the user and transmitted from such to our website. This is why you as the user have full control of the use of cookies. By changing your browser’s settings, you may disable or limit the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done in an automated fashion. If cookies are disabled for our website, it is possible that not all functions of the website may be used to the full extent.
VI. Newsletter
1. Description and scope of data processing
On our web page, there is the option to subscribe to a free newsletter. Our newsletter may include news, promotions and events, held by SGC and its partners and invitation for participation on business surveys. During the registration for the newsletter, data from the input mask added by iFrame is transmitted to the service provider commissioned by us for email marketing software providers.
The following data is collected: Title, First name(s); Last name; Company; Address; E-Mail; Telephone
Furthermore, the following data is collected upon registration: Date and time of registration
For the processing of data, in line with the registration process, we obtain your consent and refer to this data privacy information. In connection with the processing of data for the sending of newsletters, except for the provider of email marketing software, data is not forwarded to third parties. Such data is only used for the newsletter to be sent to you.
We may use a double opt-in procedure to subscribe to our newsletter. In these cases, after your registration we will send you an Email to the specified E-mail address in which we ask you to confirm that you would like the newsletter to be sent. If you do not confirm your registration, your information will be automatically deleted. The purpose of the process is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
2. Legal basis for the processing of data
Legal basis for the processing of data after registration for the newsletter by the user is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand.
To the extent this pertains to the sending of a newsletter in line with membership to registered data of our database, legal basis is Section 6 Subsection 1 lit. b GDPR.
3. Purpose of data processing
Collection of the email address of the user is done to deliver the newsletter.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection. The email address of the user is therefore stored for as long as the newsletter subscription is active.
5. Newsletter tracking
To optimize our newsletter offer, we use personalized newsletter tracking. In this context, besides the email address, we also collect activities connected to the newsletters (click behavior including opening rates, click rates and bounce rate at the individual level in order to improve our email campaigns). We engage the services of third party providers to deliver or send our newsletter to you. Additionally, the third-party service providers may process personal data to pursue its legitimate interest, in particular relating to risk management and the evaluation of the mailing lists (e.g. to avoid risks of spam, phishing or fraud) for the purpose of establishing a reliability score.
6. Option for objection and removal
A newsletter subscription may be cancelled by the respective user at any time. A special link is provided in every newsletter for this purpose. Alternatively, you may also send an email to: SGC.Membership@sgc.org.sg
VII Membership inquiry on website and registration through membership reg form
1. Membership Inquiry
1.1 Description and scope of data processing
On our website, we give our users the option to inquiry about our membership programs (“Membership Inquiry”) while providing personal data. In the process, data is entered into an input mask, transmitted and stored.
The following data is collected in line with the registration and inquiry process:
First name and last name, job title, company name. The collection of your work and mobile phone number may be made optional.
At the time of inquiry the following data is stored: Date and time of registration; Used browser; Operating system.
For the processing of data in line with the inquiry about our membership, we obtain your consent and refer to this data privacy information.
1.2. Legal basis for the processing of data
The legal basis for the processing of data is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand. If the registration serves the execution of a contract whose contractual party is the user, or the execution of pre-contractual measures, the additional legal basis for the processing of data is Section 6 Subsection 1 lit. b GDPR.
1.3. Purpose of data processing
A registration of the user is required for the execution of a contract with the user, or for the execution of pre-contractual measures. Your registration may be an application for membership.
2. Membership application form
2.1 Description and scope of data processing
Users have the option to apply to our membership program by filling out a membership application form (“Membership Application”). The Membership Application may be sent to interested parties after you contacted SGC e.g. through the Membership Inquiry form on our website. Different membership categories are available in accordance with our Constitution.
The following data is collected in the membership application form:
first name(s), last names, title, E-mail, telephone number of the individual member or the member representative as well as the company name, address and company profile. You have the option in the application form to consent and provide us with your photograph and date of birth.
2.2 Legal basis for the processing of data for membership application
As the registration serves the execution of a contract whose contractual party is the user, or the execution of pre-contractual measures, the legal basis for the processing of data is Section 6 Subsection 1 lit. b GDPR- contract. Legal basis for the processing of data is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand.
2. 3 Purpose of data processing in membership application
The personal data in the membership application form is required for the administration, maintenance, management and termination of a membership contract with the member, or for the execution of pre-contractual measures.
In accordance with the membership benefits under the membership agreement and where you have given us consent, we process the personal data currently for:
(1) inclusion in our SGC membership directory (available in physical and electronic forms through the membership app)
(2) inclusion in our publications including our newsletter, business magazines, marketing material and on SGC’s website and social media platforms such as LinkedIn
(3) to send greeting cards (such as birthday and holiday cards), business magazines, surveys and invitations to events organized by SGC and its partners to you.
3. Duration of storage
Data is deleted as soon as it is no longer required to fulfil the purpose of its collection. This is the case for data collected during the registration and application process for the execution of a contract or for the execution of pre-contractual measures if such data is no longer required for the execution of the contract. Even after having entered into a contract, the requirement to store personal data of the contractual partner may remain in existence to fulfil contractual or statutory requirements.
4. Option for objection and removal
As user, you have at any time the option to terminate your membership in accordance with the membership terms. Your stored personal data can be amended at any time. To amend or delete your data, please contact: SGC.Membership@sgc.org.sg
If the data is required for the execution of a contract or the execution of pre-contractual measures, a premature deletion of such data is only possible to the extent that contractual or statutory requirements do not preclude deletion.
VIII. Events Registration and Conduct
1. Description and scope of data processing
Events may include, for example panels, discussions, symposiums, functions, business matchings and delegation trips (“Events”).
1.1 Online form
We may give our users the option to register online for our Events while providing personal data.
In the process, data is entered into an input mask, transmitted and stored.
The following data is collected in line with the registration process:
First name and Last name, Job title, E-Mail address. Providing work and cell phone numbers are optional. In case we organize an event, and a meal is served, we collect your dairy restrictions.
At the time of registration, the following data is stored: Date and time of registration; Used browser; Operating system. In line with the registration process, consent is obtained from the user for processing of such data.
1.2 Electronic Form
Alternatively we may give our users the option to register through an electronic form by Email for our events while providing personal data.
The following data is collected in line with the registration process:
First name and Last name, Job title, E-Mail address. Providing work and cell phone numbers are optional. In case we organize an event and a meal is served we collect your dairy restrictions. In line with the registration process, consent is obtained from the user for processing of such data.
Third party events venues (e.g. ministries, ports, factories) might require identity verification such as visitor passport or ID number, date and place of issuing of the identification document by the venue owner. We may facilitate the collection of the identification documentation and share the information with the venue.
2. Legal basis for the processing of data
Legal basis for the processing of data is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand. If the registration serves the execution of a contract whose contractual party is the user, or the execution of pre-contractual measures, the additional legal basis for the processing of data is Section 6 Subsection 1 lit. b GDPR- contract.
3. Purpose of data processing
A registration of the user is required for the execution of a contract with the user, or for the execution of pre-contractual measures. Your registration may be an event registration.
3.1 Event registration
For administering the online registration process, we may use an online event registration platform. For more information, please see also section XI No 6 of this document.
SGC may organize joint events in collaboration with third party co-organisator(s) or participate in third party events and project. We may participate in projects of the DIHK, DIHK Service GmbH or DIHK DE International GmbH and this involves the transmission of personal data of project participants to the DIHK, DIHK Service GmbH or DIHK DE International GmbH and German and Singaporean ministries and government agencies.In these cases the personal data provided during the registration process will be shared between SGC and the parties to organize and manage the event.
3.2. Conduct of the Events
3.2.1 Physical Events
Please note that photos will be taken and/or videos filmed at the event for the purpose of release, publication and reproduction in SGCs publication (print, online, social media).
Legal basis for the processing of data is Section 6 Subsection 1 lit. a GDPR- consent, if the consent of the user is on hand. If the use of photos and / or cinematic images of your person for SGC publications (print media, online, social media) is in our legitimate interest, the legal basis for the processing of data is Section 6 Subsection 1 lit. f GDPR.
3.2.2 Online Events
We use Microsoft Teams for online events. In the process, your personal data in the form of video or audio as well as the login data are processed. You can decide for yourself whether the camera and microphone are switched on or off. In addition, you have the option to share content. If you participate in the chat function, we process your personal data contained in the chat texts, and the other participants also have knowledge of this content. As a matter of principle, we do not record online events. If exceptionally a recording is made the participants will be notified of this in advance.
In the case of the use of Microsoft Teams, your personal data will be transferred to the service provider. For details on data processing by Microsoft, please refer to Microsoft's privacy policy at https://privacy.microsoft.com/de-de/privacystatement. When using Microsoft services, personal data may also be processed in the USA.
Your data will be processed on the basis of Section 6 Subsection 1 lit. b GDPR– contract.
3.2.3 Recording of the online event
Insofar as a recording is made, we have obtained consent from you in advance. In this regard, the data is processed on the basis of Section 6 Subsection 1 lit. a GDPR – consent.
3.2.4 Networking
Where you have given us your consent, we may share your personal data such as your name, your company’s name and Email address with other members, clients and participants and attendees who attend an event organized by SGC and its partners together with you so that you may continue to communicate with them and vice versa. The legal basis for the processing is Section 6 Subsection 1 lit. a GDPR – consent.
If at any time, you do not wish to have your information shared, you may submit your request by email to the Membership Department at SGC.Membership@sgc.org.sg (if you are a member of SGC) or to the named organizer at the SGC CT or DE International department or at info@sgc.org.sg (if you are a client of SGC) as the case may be.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection. This is the case for data collected during the registration process for the execution of a contract or for the execution of pre-contractual measures if such data is no longer required for the execution of the contract. Even after having entered into a contract, the requirement to store personal data of the contractual partner may remain in existence to fulfill contractual or statutory requirements.
5. Option for objection and removal
As user, you have at any time the option to cancel the event registration and to revoke consent for the processing of personal data. In such cases the event participation may not be continued.
Your stored personal data can be amended at any time. To amend or delete your data, please contact the respective department organizing the event (1) the membership department under SGC.Membership@sgc.org.sg for member events of SGC or (2) info@sgc.org.sg for other events.
If the data is required for the execution of a contract or the execution of pre-contractual measures, a premature deletion of such data is only possible to the extent that contractual or statutory requirements do not preclude deletion.
IX. Contact form and email contact
1. Description and scope of data processing
On our web page, there is a contact form that can be used to contact us electronically. If a user utilizes this option, data entered into the input mask is transmitted to us and stored.
At the time the message is sent, also the following data is stored: Date and time of registration, Used browser, Operating system.
For the processing of data in line with the sending of the message, we obtain your consent and refer to this data privacy information.
As an alternative, you may also contact us via the provided email address.
In such a case, the personal data of the user transmitted via email is stored. In this context, such data is not forwarded to third parties. Such data is only used for the processing of the conversation.
2. Legal basis for the processing of data
Legal basis for the processing of data is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand. Legal basis for the processing of data transmitted in line with the sending of an email is Section 6 Subsection 1 lit. f GDPR.
If the purpose of the contact via email is the entering into a contract, the additional legal basis for processing is Section 6 Subsection 1 lit. b GDPR.
3. Purpose of data processing
The processing of personal data from the input mask only helps us to process the contact that was established and the communication that was sent by you. If contact is established via email, our required legitimate interest is also in the processing of such data. Other personal data processed during the sending process only serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection. This is the case for personal data from the input mask of the contact form and for data sent via email if the respective conversation with the user is finished. The conversation is finished if it can be deduced from the circumstances that the respective matter is clarified in a concluding fashion. Other personal data collected during the sending process will be deleted after a period of three months at the latest.
5. Option for objection and removal
The user has the option to revoke his consent for the processing of personal data. If the user contacts us via email, he may object at any time to the storing of his personal data. In such a case, the conversation cannot be continued. You may send your revocation of consent and objection to storage in writing via email to Info@sgc.org.sg. All personal data stored in the process of establishing contact will be deleted in such a case.
X. Map service
1. Description and scope of data processing
We use the Google Maps map service (via iframe) to provide an interactive map on our website. Google Maps is operated by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. The map display is accessed with the user's consent. When accessing and using the Google Map maps, a connection is established to the servers of the Google.
The following data may be transmitted to Google Maps. Google Map may store cookies in your browser or use comparable recognition technologies for this purpose.
Data collected may include (IP address; date and time of the request; content of the request (specific pages called up); access status/HTTP status code; amount of data transferred in each case; website from which the request comes; browser; operating system and its interface; language and version of the browser software, Internet service provider).
2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given his consent.
3. Purpose of the data processing
The processing serves to display a map for the purpose of location display and route planning.
4. Duration of storage
We have no influence on data processing by GoogleMap. We are not responsible for this data processing. All information on the handling of your data can be found in Google’s data protection information, see here: https://policies.google.com/privacy
5. Possibility of objection and removal
The user has the option to withdraw their consent to the processing of personal data at any time by deleting the underlying cookie in the browser or withdrawing it via the consent management.
XI. Forwarding of personal data to third parties
1. Website operators / Hosting
In line with processing, personal data is forwarded to the agency commissioned to run the website as well as to the technical service provider. Such is regulated via a corresponding agreement with the service provider.
2. Third-party content
If you have given your consent to the display of third-party content in the consent management, we will integrate content from other websites and providers on our website, each of which is responsible for the data processing thereby taking place in accordance with Art. 4 No. 7 DSGVO. Your end device establishes a direct connection to the server of the respective provider, whereby the provider at least collects and processes your IP address to establish the connection and play out the content. Insofar as this is a process requiring permission under data protection law, the legal basis is your consent to the display of the content. We have no knowledge of whether and, if so, to what extent further processing takes place. The providers may, for example, monitor your behaviour and create usage profiles, possibly also outside the EEA. You can decide at any time not to display third-party content in the future ("revocation") by setting the corresponding setting in the consent management.
3. Social media sharing button
General notice: Social media plugins usually lead to the fact that every visitor to a website is immediately captured by such services by means of his IP address and that his subsequent browser behavior is logged. This can also occur if you do not press the button. To prevent this, we use the Shariff method. Here, our social media buttons only establish direct contact between the social network and you only if you click on the respective sharing button. This way, you may publish our content in social networks without such networks being able to compile complete surfing profiles.
3.1 LinkedIn
Our website uses the LinkedIn share plugin of the social network LinkedIn, LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. By clicking the button, your browser connects to LinkedIn to carry out the functions of the plugin. In this context, no personal data is stored by LinkedIn, and your use is also not recorded via a cookie. More information can be found in the data privacy information of LinkedIn at www.linkedin.com/legal/privacy-policy. Regarding the general handling with and the disabling of cookies, we also always refer to our general description in this data privacy information.
3.2 Instagram
Our website uses the Instagram share plugin of the social network Instagram, 1 Hacker Way, Menlo Park, CA 94025, USA. By clicking the button, your browser connects to Instagram to carry out the functions of the plugin. In this context, no personal data is stored by Instagram, and your use is also not recorded via a cookie. More information can be found in the data privacy information of Instagram at https://privacycenter.instagram.com/policy. Regarding the general handling with and the disabling of cookies, we also always refer to our general description in this data privacy information.
3.3 YouTube
In some instances, we have embedded YouTube videos on our website that are stored on the servers of the provider YouTube and that are playable by our website via such embedding. Embedding of the videos is carried out with the activated option for advanced data privacy settings. If you play these videos, YouTube cookies and DoubleClick cookies are stored on your computer, and data is potentially transmitted to Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, as the operator of YouTube.
When playing videos stored by YouTube, according to current information, at the very minimum the following data is transmitted to Google Inc. as operator of YouTube and operator of the DoubleClick network: IP address and cookie ID, the specific address of our accessed page, system date and time of access, your browser ID. Transmission of such data is carried out independent of whether you have a Google user account via which you are logged in or you do not have a user account. If you are logged in, such data is potentially directly allocated to your account by Google. If you do not want such allocation to your profile, you have to log out prior to activating the playback button for the video.
YouTube or Google Inc. store such data as usage profiles and, if applicable, use such for purposes of marketing, market research and/or for the demand-driven design of their websites. Such an analysis is carried out in particular (also for users who are not logged in) to provide demand-driven advertising and to inform other users about your activities on our website. You have the right to object to the creation of such usage profiles; to exercise your right, you will have to contact Google as the operator of YouTube.
4. Website Analysis with Piwik PRO
We use Piwik PRO Analytics Suite as our website/app analytics software and consent management tool. We collect data about website visitors based on cookies. The collected information may include a visitor’s IP address, operating system, browser ID, browsing activity and other information. See the scope of data collected by Piwik PRO.
We calculate metrics like bounce rate, page views, sessions and the like to understand how our website/app is used. We may also create visitors’ profiles based on browsing history to analyze visitor behavior, show personalized content and run online campaigns.
We host our solution on Microsoft Azure in Germany, and the data is stored for 25 months.
The purpose of data processing: analytics and conversion tracking based on consent. Legal basis: Art. 6 (1)(a) GDPR.
Piwik PRO does not send the data about you to any other sub-processors or third parties and does not use it for its own purposes. For more, read Piwik PRO’s privacy policy.
5. Event Management Tool
We use Eventbrite to administer the registration of our events. We use the data provided as described under Events. We have knowledge of any subsequent potentially collection and use of your data and have no influence on such. For more information read Eventbrite privacy policy: https://www.eventbrite.sg/help/en-sg/articles/460838/eventbrite-privacy-policy. Regarding the general handling with and the disabling of cookies, we also always refer to our general description in this data privacy information.
XII. Job Application
1. Description and scope of data processing
We advertise job openings on our SGC website and selected, external recruitment websites. Applicants can submit their applications to SGC through the Email address specified in the recruitment advertisement.
The following data is collected in the process:
(a) first and last name, gender, date, country and city of birth, nationality;
(b) telephone numbers, email address and other contact details;
(c) employment visa status, if required
(d) resume, educational qualifications, professional qualifications and certifications and employment references;
(e) employment and training history;
We do not ask you to provide us with special categories of personal data (i.e. information about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sexual orientation or your photograph) as part of personal data unless explicitly required or permitted by law in a given case. In case you provide us with special categories of personal data, you hereby explicitly consent to the processing of these data as described herein.
2. Legal basis for the processing of data
Legal basis for the processing of data of data subjects targeted in the EU is Section 6 Subsection 1 lit. a GDPR if the consent of the user is on hand or national laws.
Processing of personal data of data subjects located in Singapore, the legal basis for data processing is consent.
3. Purpose of data processing
Data, knowingly and voluntarily provided in connection with a job application will be collected and used by us for the following purposes (a) assessing and evaluating your suitability for employment for the advertised position within SGC and the organizations of our members and clients; and (b) verifying your identity and the accuracy of your personal details and other information provided.
In order to manage the application, the personal data will be shared internally with the person responsible for the recruitment including HR and the hiring manager.
If SGC acts as a licensed recruitment agency for a third-party employer, your personal data will also be shared with this named employer.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection.
We initially store your personal data for the duration of the application process. If we do not fill the vacancy with you, we will delete your data three months after the position is filled, unless you have consented to further storage.
5. Option for objection and removal
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. If you are a job applicant, you may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to the Email address of the Deputy General Manager or the Recruiting Manager at the contact details listed on our website. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and extent of your request, we may not be able to process your job application (as the case may be).
XIII. Performance of Service
1. Description and scope of data processing
Where you have engaged us to provide our services to you, including recruitment services, business matching services, event organization and trade fair services, we will use your personal data to carry out our obligations arising from any contracts entered into between you and SGC and to provide you with information on the services.
The following data is collected: First name and Last name, Job title, E-Mail address and work and cell phone numbers. If meals are provided as part of the service will also disclose any dietary restrictions that you provided to us to the catering companies to ensure that your dietary restrictions are met.
2. Legal basis for the processing of data
The processing serves the execution of a contract or the execution of pre-contractual measures, the legal basis for the processing of data is Section 6 Subsection 1 lit. b GDPR- contract.
3. Purpose of data processing
Personal data is required for the execution of a contract, or for the execution of pre-contractual measures.
4. Duration of storage
Data is deleted as soon as it is no longer required to fulfill the purpose of its collection. This is the case for data collected for the execution of a contract or for the execution of pre-contractual measures if such data is no longer required for the execution of the contract. Even after having entered into a contract, the requirement to store personal data of the contractual partner may remain in existence to fulfill contractual or statutory requirements.
5. Option for objection and removal
As a contracting party, you have at any time the option to terminate the contract in accordance with the respective termination clause. Your stored personal data can be amended any time and in accordance with the contractual terms.
If the data is required for the execution of a contract or the execution of pre-contractual measures, a premature deletion of such data is only possible to the extent that contractual or statutory requirements do not preclude deletion.
XIV. Rights of the data subject
As a subject of the processing of personal data, you have the following rights. You are entitled to:
- According to Art. 15 GDPR, a right to information about the data processed by us
- According to Art. 16 GDPR, a right to rectification if we process incorrect data about you
- According to Art. 17 GDPR, a right to erasure, unless there are exceptions as to why we still store the data, e.g. retention obligations or limitation periods
- According to Art. 18 GDPR, a right to restriction of processing,
- In accordance with Art. 19 GDPR, the right to notification of rectification, erasure or restriction of processing of your personal data. We will inform you as the data subject if you request this.
- In accordance with Art. 20 GDPR, a right to data portability if we are to transfer your data to another controller and this is technically feasible.
- In accordance with Art. 21 GDPR, a right to object to processing in public or legitimate interest, i.e. on the basis of Art. 6 (1) sentence 1 (e) or (f) GDPR. We will no longer process your data if we cannot demonstrate compelling legitimate grounds. In the case of direct marketing or profiling, you do not have to justify your objection (Art. 21 para. 2 GDPR), otherwise a justification arising from your person is necessary.
- According to Art. 7 para. 3 GDPR, you have the right to withdraw your consent at any time without giving reasons and with effect for the future if the data processing is based on consent (Art. 6 para. 1 lit. a GDPR).
You may contact the competent supervisory authority pursuant to Art. 77 DSGVO or in accordance with the PDPA if you find that we are not processing your data properly.
Last updated June 2025