Introduction

Roy Chong (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.roychong.com and use our services.

This policy complies with Singapore’s Personal Data Protection Act 2012 (PDPA) and applies to all personal data collected through our website and consultation services.

Information We Collect

Personal Information You Provide

When you book a consultation or contact us, we may collect:

  • Contact Information: Name, email address, phone number
  • Property Information: Current property ownership status, property preferences, budget range, and property goals
  • Consultation Details: Preferred consultation date and time, specific questions or concerns
  • Communication Records: Content of emails, messages, or consultation notes

Automatically Collected Information

When you visit our website, we may automatically collect:

  • Device Information: IP address, browser type, operating system
  • Usage Data: Pages visited, time spent on pages, referring website
  • Cookies and Tracking Technologies: See our Cookie Policy below

How We Use Your Information

We use your personal data for the following purposes:

  1. Consultation Services: To schedule and conduct your free 45-minute property consultation
  2. Communication: To respond to your inquiries and provide follow-up property advice
  3. Service Improvement: To understand how our website is used and improve user experience
  4. Market Analysis: To provide relevant property market insights and updates (with your consent)
  5. Record Keeping: To maintain records of our consultations and services provided
  6. Legal Compliance: To comply with legal obligations and protect our legal rights

Legal Basis for Processing (PDPA Compliance)

Under Singapore’s PDPA, we collect, use, and disclose your personal data based on:

  • Consent: You have provided clear and informed consent for us to collect, use, or disclose your personal data for the specific purposes stated in this policy
  • Deemed Consent: In certain circumstances permitted by law, consent may be deemed (e.g., when you voluntarily provide your information for an obvious purpose)
  • Legitimate Interests Exception: Where permitted by law, we may process your data for legitimate business purposes that do not override adverse effects on you
  • Other Legal Exceptions: As permitted under the PDPA for purposes such as investigation, legal proceedings, or emergency situations

How We Share Your Information

We do not sell, trade, or rent your personal data to third parties. We may share your information only in the following circumstances:

  • PropNex Realty: As an agent with PropNex Realty, certain information may be shared with our brokerage for compliance and administrative purposes
  • Service Providers: We may share data with trusted third-party service providers (e.g., booking systems, email services) who assist in operating our website and conducting our business, under strict confidentiality agreements
  • Legal Requirements: We may disclose your information if required by law, court order, or governmental authority
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred (you will be notified in advance)

Data Breach Notification

In accordance with Singapore’s PDPA, we have implemented measures to detect, prevent, and respond to data breaches.

If a data breach occurs that:

  • Results in, or is likely to result in, significant harm to affected individuals (such as identity theft, financial loss, or damage to reputation), or
  • Is of significant scale (affecting 500 or more individuals)

We will:

  1. Notify the PDPC within 3 calendar days of assessing that the breach meets the notification criteria
  2. Notify affected individuals as soon as practicable if the breach is likely to result in significant harm to them
  3. Provide information about the breach, its likely impact, and steps being taken to address it

We maintain detailed incident response procedures to ensure prompt and appropriate action in the event of any data breach.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure data transmission (SSL encryption)
  • Password-protected systems
  • Limited access to personal data by authorized personnel only
  • Regular security assessments and audits
  • Employee training on data protection practices

However, no method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Your Rights Under PDPA

Under Singapore’s Personal Data Protection Act, you have the following rights:

  1. Right to Access: Request access to your personal data in our possession and information about how it has been used or disclosed within the past year
  2. Right to Correction: Request correction of inaccurate or incomplete personal data
  3. Right to Withdraw Consent: Withdraw your consent for the collection, use, or disclosure of your personal data at any time (subject to legal or contractual restrictions and reasonable notice)
  4. Right to Request Deletion: Request deletion of your personal data when it is no longer needed for the purposes it was collected (subject to legal retention requirements)
  5. Right to Data Portability: Once implemented under PDPA amendments, you may request that your data be transmitted to another organization

Important Notes:

  • We may charge a reasonable fee for responding to access requests
  • We will respond to your requests as soon as reasonably possible, typically within 30 days
  • Some requests may be refused in circumstances permitted by law (e.g., where disclosure would reveal confidential commercial information, pose a threat to safety, or be contrary to national interest)

To exercise any of these rights, please contact us using the details provided below.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Typically:

  • Consultation Records: Retained for up to 7 years for business and legal compliance purposes
  • Marketing Communications: Retained until you unsubscribe or request deletion
  • Website Analytics: Anonymized data may be retained indefinitely

When personal data is no longer needed, we will cease to retain it or remove the means by which it can be associated with you, in accordance with our data retention policies.

Accuracy of Personal Data

We make reasonable efforts to ensure that personal data in our possession or control is accurate and complete. If you believe any personal data we hold about you is inaccurate, incomplete, or out-of-date, please contact us immediately. We will take reasonable steps to correct the data as soon as practicable.

Purpose Limitation

We will only collect, use, or disclose your personal data for purposes:

  • That a reasonable person would consider appropriate in the circumstances
  • That you have been informed of and have consented to
  • That are required or authorized by law

If we wish to use your personal data for a new purpose not previously notified to you, we will seek your consent before doing so, unless the new purpose is required or authorized by law.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies are small data files stored on your device.

Types of Cookies We Use:

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Help us understand how visitors use our website (e.g., Google Analytics)
  • Functional Cookies: Remember your preferences and settings

You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.

Third-Party Links

Our website may contain links to third-party websites (e.g., PropNex Realty, social media platforms). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

Marketing Communications

With your consent, we may send you:

  • Property market updates and insights
  • New launch property information
  • Investment opportunities
  • Educational content about property wealth building

Do Not Call (DNC) Registry Compliance:
In accordance with Singapore’s PDPA, we comply with the national Do Not Call Registry. We will not send marketing messages via voice calls, text messages, or fax to Singapore telephone numbers registered on the DNC Registry unless:

  • You have provided us with clear and unambiguous consent, or
  • We have an ongoing relationship with you and you have not opted out

How to Opt Out:
You can unsubscribe from marketing communications at any time by:

  • Clicking the “unsubscribe” link in our emails
  • Replying “STOP” to SMS messages
  • Contacting us directly to opt out
  • Registering your number on the national DNC Registry at www.dnc.gov.sg

We will process your opt-out request promptly and stop sending marketing communications within the timeframe required by law.

Children’s Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the updated policy on our website with a new “Last Updated” date
  • Sending an email notification (if you’ve provided your email address)

We encourage you to review this policy periodically.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Roy Chong
Senior Associate Branch District Director, PropNex Realty

For Data Protection Matters:
Please clearly state “PDPA Request” or “Data Protection Inquiry” in your subject line or message to ensure prompt attention to your privacy-related queries.

As required under the Personal Data Protection Act, Roy Chong (or the designated Data Protection Officer) is responsible for ensuring compliance with the PDPA and addressing all data protection inquiries and requests.

Accountability and Compliance

We take our obligations under the PDPA seriously. As part of our accountability:

  • We have designated a Data Protection Officer responsible for PDPA compliance
  • We maintain written policies and procedures for handling personal data
  • We conduct regular reviews and audits of our data protection practices
  • We provide training to staff on data protection requirements
  • We have implemented processes to handle complaints and data protection inquiries

Your Right to Lodge a Complaint:
If you believe we have not handled your personal data in accordance with the PDPA, you have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore.

PDPC Contact Information:
Personal Data Protection Commission
10 Pasir Panjang Road, #03-01 Mapletree Business City, Singapore 117438
Website: www.pdpc.gov.sg
Email: info@pdpc.gov.sg

However, we encourage you to contact us first so we can address your concerns directly.

Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of Singapore. Any disputes arising from this policy shall be subject to the exclusive jurisdiction of the Singapore courts.

Consent

By using our website and services, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you book a consultation or submit your information through our contact form, you consent to the collection, use, and disclosure of your personal data as described in this policy.

If you do not agree with this Privacy Policy, please do not use our website or services.

Your trust is important to us. We are committed to protecting your privacy and handling your personal data responsibly.