PDPA Policy

iHRos Personal Data Protection Policy

This Personal Data Protection Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.

iHRos Pte Ltd respects your privacy and recognizes that your personal data is important to you.

The purpose of this document is to inform you of how iHRos Pte Ltd, manages Personal Data which is subject to the Singapore Personal Data Protection Act 2012 (the “PDPA”). By interacting with us, submitting information to us, or signing up for any Products and Services offered by us, you agree and consent to iHRos Pte Ltd processing personal data on behalf of you for the purpose described in our contractual agreement. Any documentation received by iHRos Pte Ltd from its clients containing personal data, iHRos Pte Ltd shall be deemed to receive such personal data solely in the capacity of a data intermediary. As a Data Intermediary, iHRos Pte Ltd will be subjected to the Data Protection Provisions relating to the protection of personal data (later referred to as the “Protection Obligation”) and the retention of personal data (later referred to as the “Retention Limitation Obligation).in the manner set forth in this Policy. This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to iHRos Pte Ltd in respect of your Personal Data, and your consents herein are additional to any rights which may have at law to collect, use or disclose your Personal Data.  

Introduction of the PDPA

“Personal Data" is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organization has or is likely to have access. Common examples of personal data could include names, identification numbers, contact information, medical records, photographs and video images.


Within iHRos , access to personal information is limited to those employees of iHRos and its affiliates who need it to fulfill their business transactions and responsibilities. Vendors and other outside contractors we engage are subject to contractual requirements to ensure personal information is safeguarded. We will disclose personal information in response to a lawful request issued by a court, government agency or regulatory authority with jurisdiction to make that request. Administrative, Physical and Technical measures have been put in place to protect and safeguard your personal information.

Information Security: How We Protect Your Privacy

iHRos is committed to implementing the highest standards of information security to protect the privacy and confidentiality of your personal information. We limit access to your personal information to authorized iHRos employees. We also maintain physical, electronic, and procedural safeguards to protect the information against loss, misuse, damage or modification and unauthorized access or disclosure.

Some of the other central features of our Protection measures include:

  • Ensuring that computer networks are secure
  • Adopting appropriate access controls (e.g. considering stronger authentication measures where appropriate)
  • The use of specialized technology such as firewalls
  • Testing of the security and operability of products and services , as well as on-going scanning for publicly-known vulnerabilities in the technology
  • Monitoring of our systems infrastructure to detect weaknesses and potential intrusions
  • Implementing controls to identify, authenticate and authorize access to various systems or sites
  • Protecting non-public communications through encryption or other means


In the event that retention of your personal information is no longer necessary for legal or business purposes or when the purpose for which your personal information was collected is no longer being served by the retention of your personal information, iHRos will remove, destroy your personal information.

iHRos will retain the information for as long as it reasonably considers necessary for the purposes listed above.

If you, at any time, have any queries on this policy or any other queries in relation to how we may process, protect and/or retain your personal data, please do not hesitate to contact our Data Protection Officer (the “DPO”) at:

iHRos Pte Ltd – privacy@ihros.com or +65 6206 5020