1. Preamble

This Privacy Policy (“Policy”) is promulgated by Adept Academy (hereinafter referred to as “we”, “us”, “our”, or “the Academy”) in compliance with the Personal Data Protection Act 2012 (No. 26 of 2012) (“PDPA”) of Singapore, including its latest updates and guidelines.

This Policy delineates the principles and procedures governing the collection, use, disclosure, and protection of personal data in our possession or under our control, specifically in the context of our educational and training services.

2. Definitions

For the purposes of this Policy, the following terms shall have the meanings ascribed to them:

  1. “Personal Data” refers to data, whether true or not, about an individual who can be identified from that data or from that data and other information to which the Academy has or is likely to have access.
  2. “Learner” refers to any individual enrolled in or applying for any course, programme, or training offered by the Academy.
  3. “Processing” in relation to Personal Data, means carrying out any operation or set of operations in relation to the Personal Data.

3. Collection of Personal Data

3.1 Categories of Personal Data

The Academy may collect, use, and disclose the following categories of Personal Data:

  1. Identification Information: Including but not limited to name, NRIC, passport number, or other identification numbers
  2. Contact Information: Including but not limited to residential address, email address, telephone number
  3. Financial Information: Including but not limited to payment details for course fees
  4. Educational Information: Including but not limited to academic qualifications, transcripts, certifications, and course progress
  5. Demographic Information: Including but not limited to age, gender, nationality
  6. Technical Data: Including but not limited to IP address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices used to access our services
  7. Usage Data: Including but not limited to information about how the Learner uses our website, e-learning platforms, and services

3.2 Methods of Collection

The Academy employs various methods to collect Personal Data, including but not limited to:

  1. Direct interactions with the Learner (e.g., application forms, registration processes)
  2. Automated technologies or interactions (e.g., e-learning platforms, online assessments)
  3. Third parties or publicly available sources (e.g., referrals, partner institutions)

4. Purposes of Collection, Use, and Disclosure

The Academy collects, uses, and discloses Personal Data for the following purposes:

  1. To process course applications and learner registrations
  2. To provide educational services, including course delivery, assessment, and certification
  3. To manage learner records and academic progress
  4. To communicate with Learners about courses, schedules, and Academy-related information
  5. To process payments and manage financial records
  6. To conduct research for educational and institutional improvement purposes
  7. To comply with legal and regulatory obligations applicable to educational institutions
  8. To respond to queries, feedback, or complaints from Learners or their authorised representatives
  9. To prevent, detect, and investigate academic misconduct or other violations of Academy policies

5. Consent

5.1 Obtaining Consent

The Academy shall obtain the consent of the Learner for the collection, use, or disclosure of Personal Data, except in circumstances where such consent is not required under the PDPA or other applicable laws.

5.2 Withdrawal of Consent

The Learner may withdraw consent for the collection, use, or disclosure of Personal Data by providing reasonable notice to the Academy. Upon receipt of such notice, the Academy shall inform the Learner of the likely consequences of withdrawing consent and cease collection, use, or disclosure of the Personal Data, unless otherwise permitted or required under the PDPA or other applicable laws.

6. Disclosure of Personal Data

The Academy may disclose Personal Data to the following categories of recipients:

  1. Affiliated educational institutions and partners
  2. Service providers who assist in our operations (e.g., e-learning platform providers, assessment services)
  3. Professional advisors, including accreditation bodies, auditors, and legal counsel
  4. Government authorities and regulatory bodies as required by law
  5. Potential partners or investors in the event of a merger, acquisition, or other business transaction involving the Academy

7. Cross-border Data Transfers

In the event that Personal Data is transferred outside of Singapore (e.g., for online courses or international programmes), the Academy shall take appropriate steps to ensure that the recipient of the Personal Data is bound by legally enforceable obligations to provide to the Personal Data transferred a standard of protection that is comparable to that under the PDPA.

8. Data Protection and Retention

8.1 Security Measures

The Academy implements appropriate technical and organisational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include, but are not limited to:

  1. Encryption of sensitive Personal Data
  2. Implementation of access controls and authentication mechanisms for educational platforms
  3. Regular security assessments and audits of our IT systems
  4. Staff training on data protection and security practices in an educational context

8.2 Retention Period

The Academy shall cease to retain Personal Data or remove the means by which the Personal Data can be associated with particular Learners as soon as it is reasonable to assume that:

  1. The purpose for which the Personal Data was collected is no longer being served by retention of the Personal Data; and
  2. Retention is no longer necessary for legal, academic, or administrative purposes.

9. Rights of the Learner

Under the PDPA, the Learner has the following rights:

  1. Right of Access: The right to request access to Personal Data held by the Academy
  2. Right to Correction: The right to request the correction of inaccurate or incomplete Personal Data
  3. Right to Withdraw Consent: The right to withdraw consent for the collection, use, or disclosure of Personal Data
  4. Right to Data Portability: The right to receive Personal Data in a structured, commonly used, and machine-readable format

To exercise these rights, the Learner may contact our Data Protection Officer using the contact details provided in Section 13.

10. Use of Cookies and Similar Technologies

The Academy utilises cookies and similar technologies to enhance user experience on our website and e-learning platforms, analyse trends, administer the website, track users’ movements around the website, and gather demographic information about our learner base as a whole.

The Learner can control the use of cookies at the individual browser level, but if cookies are disabled, it may limit the use of certain features or functions on our website or e-learning platforms.

11. Third-Party Links and Services

Our website and e-learning platforms may contain links to third-party websites or services that are not owned or controlled by the Academy. This Policy applies only to our website and services. We strongly advise the Learner to review the privacy policies of any third-party websites or services that may be accessed through our platforms.

12. Amendments to this Policy

The Academy reserves the right to modify this Policy at any time. Any changes to this Policy will be posted on our website with the updated effective date. Continued use of our services following the posting of changes constitutes acceptance of those changes.

13. Contact Information

For any queries, concerns, or requests regarding this Policy or our data protection practices, please contact our Data Protection Officer:

14. Governing Law and Jurisdiction

This Policy shall be governed by and construed in accordance with the laws of the Republic of Singapore. Any dispute arising out of or in connection with this Policy, including any question regarding its existence, validity, or termination, shall be referred to and finally resolved by the courts of Singapore, and the parties hereby submit to the exclusive jurisdiction of the Singapore courts.

15. Severability

If any provision of this Policy is held to be invalid or unenforceable, such provision shall be struck and the remaining provisions shall be enforced to the fullest extent under law.

The interpretation and application of this Policy shall be at the sole discretion of Adept Academy, subject to applicable laws and regulations.

16. Commitment to Data Security

In alignment with the Government’s efforts to strengthen data security, as highlighted in the Fifth Update on the Government’s Personal Data Protection Efforts, we are committed to:

  1. Minimising data collection, retention, access, and downloads to reduce the surface area of potential attacks.
  2. Enhancing our logging and monitoring of data transactions to detect high-risk or suspicious activity.
  3. Implementing advanced technical measures to protect stored and distributed data.
  4. Regularly reviewing and enhancing our data security audit framework.
  5. Conducting thorough checks on vendors who handle our data.

We strive to maintain a robust data security regime and will continue to review the effectiveness of our existing measures regularly, introducing enhancements or new measures when necessary.