For the purposes of this Policy, in line with the provisions under the Singapore Personal Data Protection Act 2012 (No. 26 of 2012) (the “Act”), “Personal Data” shall mean data, whether true or not, about an individual who can be identified –
(a) from that data; or
(b) from that data and other information which an organisation has or is likely to have access.
Such Personal Data shall also refer to that which is already in the possession of finexis or that which shall be collected by finexis in the future.
This Policy provides information on the obligations and policies of finexis in respect of an individual customer’s Personal Data. finexis undertakes to use reasonable efforts in applying, where practicable, those principles and the processes set out in this Policy to its operations.
finexis and its representatives (including its management, staff, financial consultants, etc.) shall use reasonable endeavours to respect the confidentiality of and keep safe all Personal Data collected, stored, disclosed and used for, or on behalf of, the Organisation. finexis shall use reasonable endeavours to ensure all collection, storage, disclosure and usage of Personal Data by the Organisation shall be done in an appropriate manner and in accordance with the Act and this Policy.
This Policy supplements but neither supersedes nor replaces any other consents you may have previously provided to us in respect of your Personal Data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your Personal Data.
Contacting the Data Protection Officer
Where you legitimately request access to and/or correction of Personal Data relating to you, such Personal Data which is in the possession and control of finexis, we shall provide and/or correct that data in a reasonable time and manner in accordance with our standard procedures as stated in this Policy.
In accordance with the Personal Data Protection Act, finexis has established a process for receiving and responding to any query or complaint that may arise with respect to the application of this Act. To ensure that finexis receives your complaints and enquiries, please send the same via email or post to the Data Protection Officer (the “DPO”), of finexis:
Email address: firstname.lastname@example.org
Address: One Raffles Quay, South Tower #21-10, Singapore 048583
Please note that if your Personal Data has been provided to us by a third party (e.g. a client via a referral process), you should contact that individual to make such queries, complaints, and access and correction requests to finexis on your behalf.
Should you choose to withdraw consent previously given to finexis to use your Personal Data for any of the purposes listed in Paragraphs 3.2, or choose not to receive promotional materials from finexis, you may opt out by sending a clearly worded email or mail to the DPO via the email or post address provided in Paragraph 2.2 above. Your request shall be processed within 30 days. Please note however that this may affect our ability to attend to your needs in the event where there is already an existing business relationship.
Statement of Practices
Types of Personal Data Collected
As part of its day-to-day activities, finexis may collect from data subjects, through various means, including via referrals, introducers, road shows, seminars, personal networks and social media, and any forms (survey forms, feedback forms) used by the Organisation from time to time, the following Personal Data:
Date of birth
Phone number (including mobile)
Bank account/credit card details
Photographs and images
Other information, as may be required in the respective forms.
Purpose of Collection of Personal Data
In order to carry out the functions described below, finexis requires consent to collect and use your Personal Data. Failure to receive consent may affect our ability to provide financial solutions to you. The Personal Data mentioned in Paragraph 3.1 is collected for the following purposes:
Prospecting for potential clients through various channels stated in Paragraph 3.1;
Fact-finding of potential clients’ financial needs;
Financial planning for clients;
Developing financial plans for clients and recommending investment and/or insurance products;
Assisting clients to apply for recommended investment and/or insurance products through the relevant financial companies or institutions;
After-sales service to clients – responding to their queries and feedback, notifying them of any changes to their investment or insurance terms and conditions;
Keeping clients informed of new investment and insurance products that may be relevant to them;
Market research and analysis (using anonymised data).
Disclosure of Personal Data
In order to carry out the functions described above, finexis may, from time to time, disclose your Personal Data between its Organisational entities.
Without derogating from any of the above, finexis may also disclose your Personal Data to the following third parties:
Regulators and law enforcement officials
Financial institutions providing investment and insurance products
Third party service providers and consultants
Credit, debit and charge card companies, banks and other entities processing payment
Any agent or subcontractor acting on finexis’ behalf for the provision of the Organisation’s services.
finexis may disclose your Personal Data to the above mentioned parties also in the occurrence of any of the following events:
To the extent that the Organisation is required to do so by the law;
In connection with any legal proceedings or prospective legal proceedings;
To establish, exercise or defend the Organisation’s legal rights;
To any person and/or entity for the purpose of processing such information on the Organisation’s behalf;
To third parties who provide services to the Organisation or on its behalf;
With your consent; or
For the purposes of disaster recovery.
Optional Provision of Personal Data
In some instances, you may also be requested to provide certain Personal Data that may be used to further improve finexis’ financial planning services and/or better tailor the type of information presented to you. In most cases, this type of data is optional although, where the requested service is a personalised service, or provision of a service is dependent on your providing all requested data, failure to provide the requested data may prevent the Organisation from providing the service to you. This type of data includes, but is not limited to:
Health and medical information
Lifestyle, hobbies and leisure activities
Family and household demographics
Under certain circumstances, telephone calls made to any of finexis’ service hotlines or inquiry telephone numbers will be recorded for the purposes of training, quality control, appraisal, as well as staff management and development. In such an event, by agreeing to this Policy, you hereby give your clear and unambiguous consent for the collection, use and disclosure of such Personal Data in accordance with this Policy.
Transfer of Personal Data Overseas
Your Personal Data may be processed by finexis’ affiliates, agents, introducers and third parties providing services to organisations in jurisdictions outside of Singapore. The Organisation will comply with the terms of the Personal Data Protection Act in such events, which include, but are not limited to:
Overseas reference checks
Where possible, finexis will validate data provided using generally accepted practices and guidelines. This includes the use of checksum verification on some numeric fields such as account numbers or credit card numbers. In some instances, finexis is able to validate the data provided against pre-existing data held by the Organisation. In some cases, finexis is required to see original documentation before we may use the Personal Data such as with Personal Identifiers and/or proof of address. To assist in ensuring the accuracy of your Personal Data in the possession of the Organisation, please inform us of any updates of any parts of your Personal Data by sending a clearly worded email to the DPO at the email or postal address provided at Paragraph 2.2.
Protection of Personal Data
finexis uses commercially reasonable physical, managerial and technical safeguards to preserve the integrity and security of your Personal Data and will not knowingly allow access to this data to anyone outside the Organisation, other than to you or as described in this Policy. However, finexis cannot ensure or warrant the security of any information you transmit to us should there be any breach of the safeguards or any situation which is beyond finexis’ control at the information transmission stage. In particular, finexis cannot warrant that such information may not be accessed, altered, collected, copied, destroyed, disposed of, disclosed or modified by breach of any of the Organisation’s physical, technical or managerial safeguards.
Access and Correction of Personal Data
In accordance with Paragraph 2.1 of this Policy, you have the right to:
(a) check whether the Organisation holds any Personal Data relating to you, and if so, obtain copies of such data; and
(b) require the Organisation to correct any Personal Data relating to you which is inaccurate for the purpose for which it is being used.
finexis reserves the right to charge a reasonable administrative fee in order to meet your requests under Paragraph 6.1(a). Upon payment of the requisite fee under Clause 6.1(a) and/or receipt of your request under Clause 6.1(b), your request shall be processed within 30 days.
If you wish to verify the details you have submitted to finexis or if you wish to check on the manner in which the Organisation uses and processes your personal data, our security procedures mean that we may request proof of identity before we reveal information. This proof of identity will take the form of full details of name, contact number and NRIC or Passport or FIN number. You must therefore keep this information safe as you will be responsible for any action which finexis takes in response to a request from someone using your details.
Storage and Retention of Personal Data
finexis will delete, as reasonably possible, or otherwise anonymise any Personal Data in the event that the Personal Data is not required for any reasonable business or legal purposes of the Organisation and where the Personal Data is deleted from the Organisation’s electronic, manual, and other filing systems in accordance with the Organisation’s internal procedures and/or other agreements.
To the extent that any of the communication means which you have provided finexis with (which may include your telephone number and fax number) is/will be listed on the Do Not Call Registry (the “DNC”), by agreeing to this Policy through your signing of the Your Financial Blueprint, or by any other means of indication, you hereby grant finexis your clear and unambiguous consent to contact you using all of your communication means you have provided to the Organisation, including via voice calls, SMS, Whatsapp, MMS, fax or other similar communications applications or methods, for the purposes as stated in Paragraph 3.2.
Change of Policy
finexis reserves the right to alter any of the clauses contained in this Policy in compliance with local legislation, and for any other purpose deemed reasonably necessary by the Organisation. You should look at these terms regularly. If you do not agree to the modified terms, you should inform us as soon as possible of the terms to which you do not consent. Pending such notice, if there is any inconsistency between these terms and the additional terms, the additional terms will prevail to the extent of the inconsistency.
This Policy is governed by and shall be construed in accordance with the laws of Singapore. You hereby submit to the non-exclusive jurisdiction of the Singapore courts.
This Policy only applies to the collection and use of Personal Data by finexis. It does not cover third-party sites to which we provide links. finexis does not share your Personal Data with third-party websites. finexis is not responsible for the privacy and conduct practices of these third-party websites, so you should read their own privacy policies before disclosure of any Personal Data to these websites.