Privacy Statement

Information about how we protect the personal data we process and control relating to your data and which rights you have in relation to the processing of your data.

Below is information about how Serica Technology Group PTE LTD and/or its affiliates, and subsidiaries (“Serica”; “we”) protect the personal data we process and control relating to you (“your personal data”; “your data”) and which rights you have in relation to the processing of your personal data. Any Serica entity located outside the European Union will for the purposes of compliance with data privacy laws be represented by Serica Technology Group PTE LTD. This privacy statement is effective as of August 17th, 2022. Please note that this privacy statement will regularly be updated to reflect any changes in the way we handle your personal data or any changes in applicable laws.

Below, we first give a general description of how Serica protects your personal data. Further below, we also include specific information on the following:

  • How do we use personal data when you visit a Serica website?
  • How do we use cookies (and other tracking technologies)?
  • How do we use personal data for marketing purposes?

1. How does Serica protect your personal data?

Serica attaches great importance to your right to privacy and the protection of your personal data. We want you to feel secure that when you deal with Serica, your personal data are in good hands.

Serica protects your personal data in accordance with applicable laws and our data privacy policies. In addition, Serica maintains the appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto.

The following sections provide further details as to how Serica processes your personal data:

  • Which categories of personal data do we collect and how do we process such personal data?
  • For which purposes and on which legal basis do we use your personal data?
  • Will we share your personal data with third parties?
  • What about sensitive data?
  • What about data security?
  • Where will your personal data be processed?
  • How long will your personal data be retained by us?
  • Which rights do you have with respect to the processing of your personal data?

Which categories of personal data do we collect and how do we process such personal data?

We collect personal data of our employees, potential employees, clients, potential clients, suppliers, business contacts, shareholders, and website users. If the data we collect is not listed in this privacy statement, we will give individuals (when required by law) appropriate notice of which other data will be collected and how they will be used.

The personal data we collect include the categories of personal data described in the sections “How do we use personal data when you visit Serica websites?”, “How do we use cookies (and other tracking technologies)?”, “How do we use personal data when you visit our offices?” and “How do we use personal data for marketing purposes?”, as well as any other categories of personal data referred to in this privacy statement or in other statements you have received.

Below is also a chart describing the categories of personal data we collect:

Category of personal information Types of personal information captured
Personal details, contact details, and identifiers Name, pronoun, all types of identifiers and contact details (such as e-mail, phone numbers, physical address), and occasionally, when necessary for specific purposes, gender, date of birth, age, place of birth.
Commercial information History and records of the products and services you have obtained from Serica.
Correspondence between you and us when it is sent to a dedicated mailbox or via other electronic communication means (including communication channels supported by artificial intelligence), for the purpose of processing account receivable payments and commercial follow-ups.
Marketing and research information a. Identifiers – the IP address, social media handle, or other online identifiers of a person, e-mail address/mobile number if used for direct marketing, and name and address
b. Demographic data – (e.g. income, family status, age bracket, gender, interests, pets, home ownership, health, current service providers)
c. Browser/web history data and preferences expressed through selection/viewing/purchase of goods, services, and content, information about your mobile device including (where available) type of device, device identification number, mobile operating system.
d. Social media content – blogs, posts, and anything posted by an individual online or which mentioned/references an individual.
e. Analytics and profiles of the individuals based on the data collected on them
f. Voice-enabled services (Speech-to-Text engines for search requests) without being recorded or stored by the mobile device
Sensitive data and biometric information Serica may also collect certain types of sensitive information when permitted by local law or with your consent, such as health/medical information (including disability status and dietary requirements/allergies in the framework of the events we organize/sponsor) or biometric information, for example as when you elect to use fingerprint authentication.
Audiovisual materials Photograph, and images/footage captured/recorded on CCTV or other audio, video and related security/monitoring systems or captured during marketing/public filming events/sessions (including recording of virtual or live workshops or similar events/sessions), voice search functionality to enable a voice command feature that allows you to ask a question and see results (functionality enabled for mobile applications only).
Position and professional or employment-related information Professional or employment-related information, such as descriptions of current positions, job titles, employers, locations, and Serica contact(s).
System and application access data and Internet and electronic network activity information Where you are provided with access to Serica’s systems, Serica may collect information required to access such Serica systems and applications such as System ID, LAN ID, e-mail account, instant messaging account, mainframe ID, system passwords, and internet or other electronic network activity information, including access logs, activity logs, and electronic content produced using Serica systems.
Cookies and geolocation data As described below, we also may collect geolocation data in some circumstances. Please see our Cookies Policy for more details regarding our use of cookies.

In addition, for recruitment/employment purposes, Serica may process the personal information set out in the below table.

Additional personal details, contact details, and identifiers In addition to the personal details listed above, Serica may collect additional personal details for recruitment/employment purposes, such as national identification number, social security number, insurance information, marital/civil partnership status, domestic partners, dependents, emergency contact information, and military history; professional/personal calendar availability/scheduling information for meeting/communication purposes.
Education information and professional or employment-related information Serica may collect information about your education and professional or employment-related information, such as your employment history.
Sensitive data for recruitment purposes Serica may collect certain types of sensitive information when permitted by local law or with your consent, such as health/medical information (including disability status), trade union membership information, religion, race or ethnicity, minority flag, and information on criminal convictions and offenses. Serica collects this information for specific purposes, such as health/medical information in order to accommodate a disability or illness (subject to legal limits on the timing of collection of such information and other applicable limitations) and to provide benefits; background checks, and diversity-related personal information (such as race or ethnicity) in order to comply with legal obligations and internal policies relating to diversity and anti-discrimination.
Documentation required under immigration laws Serica may collect data on citizenship, passport data, and details of residency or work permit (a physical copy and/or an electronic copy).
Financial information for payroll/benefits purposes Your banking and other relevant financial details we need for payroll/benefits purposes.
Talent management information Information necessary to complete a background check, details on performance decisions and outcomes, performance feedback and warnings, e-learning/training programs, performance and development reviews (including information you provide when asking for/providing feedback, creating priorities, updating your input in relevant tools), driver’s license and car ownership information, and information used to populate biographies.
Requested recruitment information Information requested to provide during the recruitment process, to the extent allowed by applicable law.
Recruitment information you submit Information that you submit in résumés / CVs, letters, writing samples, or other written materials (including photographs).
Information generated by us during recruitment Information generated by interviewers and recruiters related to you, based on their interactions with you or basic Internet searches where allowed under applicable law.
Recruitment information received from third parties Information related to you provided by third-party placement firms, recruiters, or job-search websites, where applicable.
Audiovisual materials Photograph, and images/audio/footage captured/recorded on CCTV or other video systems when visiting our office or captured in the course of recruitment events or video recruitment interviews or during any other virtual and live events (including recordings during virtual workshops or similar events).
Recommendations Recommendations related information provided on your behalf by others.
Immigration Documentation and related information required under immigration laws.
Employment history and background checks Information about your prior employment, education, and where applicable and allowed by applicable law, credit history, criminal records or other information revealed during background screenings.
Diversity related information Information about race / ethnicity / religion / disability / gender and self-identified LGBT status, for purposes of government reporting where required by law, as well as to understand the diversity characteristics of the Serica workforce, subject to legal limits.
Assessment information Information generated by your participation in psychological, technical or behavioral assessments. You will receive more information about the nature of such assessments before your participation in any of them.

Except for certain information that is required by law or by Serica policies (including management of an employment relationship with Serica), your decision to provide any personal data to us is voluntary. You will therefore not be subject to adverse consequences if you do not wish to provide us with your personal data. However, please note that if you do not provide certain information, we may not be able to accomplish some or all of the purposes outlined in this privacy statement, and you may not be able to use certain tools and systems which require the use of such personal data.

If you provide us with personal data of another person (for instance, a potential employee/referral), you are responsible for ensuring that such person is made aware of the information contained in this privacy statement and that the person has given you their consent for sharing the information with Serica.

The above-mentioned categories of personal data have been obtained either directly from you (for example, when you provide information to sign up for a newsletter or register to comment on a forum website) or indirectly from certain third parties (for example, through our website’s technology). Such third parties include our affiliates, public authorities, public websites, and social media, suppliers, and vendors.

For which purposes and on which legal basis do we use your personal data?

Serica uses your personal data only where required for specific purposes. Please view the table below for (i) a list of the purposes for which Serica uses your personal data and (ii) an overview of the legal basis for each such purpose.

Purpose Legal Basis
Managing our contractual and/or employment relationship with you. Necessary for the performance of a contract to which you are a party.
Recruitment. Justified on the basis of our legitimate interests for ensuring that we recruit the appropriate employees.
Facilitating communication with you (including facilitating meetings; communication in case of emergencies, and to provide you with requested information). Justified on the basis of our legitimate interests for ensuring proper communication and emergency handling within the organization.
Operating and managing our business operations including or being part of the provision of our services to our clients and their employees/contractors and their customers, for example in collecting their data as part of surveys, data analytics, marketing research or other purposes. Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
Complying with legal requirements. Necessary for the compliance with a legal obligation to which we are subject.
Monitoring your use of our systems (including monitoring the use of our website and any apps and tools you use). Justified on the basis of our legitimate interests of avoiding non-compliance and protecting our reputation.
Social listening
(Identifying and assessing what is being said about Serica and our clients on social media (only publicly accessible content) to understand sentiment, intent, mood, and market trends and our stakeholders’ needs and thereby improving our services. We do this through keyword searches and our goal is to gain insights into conversation trends over a specified period and not to identify an individual. To achieve this, we analyze and monitor conversation streams and monitor publicly available opinions, statements, or other interactions on social media channels.)
Justified on the basis of our legitimate interest of protecting our assets and our brand on social media
Improving the security and functioning of our website, networks, and information. Justified on the basis of our legitimate interests for ensuring that you receive an excellent user experience and that our networks and information are secure.
Undertaking data analytics, i.e. applying analytics to business operations and data to describe, predict and improve business performance within Serica and/or to provide a better user experience. This includes marketing analytics and analytics related to the organization of events/meetings. (more details on how we run analytics on our website can be found in our Cookies Policy). Justified on the basis of our legitimate interests for ensuring the proper functioning of our business operations.
Marketing our products and services to you (unless you objected against such processing, as further described in the section “How do we use personal data for marketing purposes?” below). Justified on the basis of our legitimate interests for ensuring that we can conduct and increase our business.
For audio/video captured during live/recorded events (including virtual events/webinars): to inform interested stakeholders about the content of such events/recordings (including online publication of such recordings for marketing purposes). Based on your informed consent obtained prior to the event.
Specific Recruitment Purposes Legal Basis
Assess your suitability for employment for the role for which you are applying, as well as future roles that may become available. Justified on the basis of Serica’s legitimate interests of ensuring that it recruits the appropriate employees.
Manage your application. Justified on the basis of Serica’s legitimate interests of ensuring that it recruits the appropriate employees.
Facilitate communication with you. Justified on the basis of Serica’s legitimate interests of ensuring proper communication within the organization and with you.
Perform administrative functions (e.g. reimburse you for interview-related expenses). Justified on the basis of Serica’s legitimate interests of ensuring that it recruits the appropriate employees.
Perform data analytics, including analysis of our applicant pool in order to better understand who is applying to positions at Serica and how to attract and keep top talent. Justified on the basis of Serica’s legitimate interests of ensuring that it continually improves its recruitment processes.
In some cases, record your online interview for review by additional recruiters and hiring managers. Justified on the basis of Serica’s legitimate interests of ensuring that it recruits the appropriate employees.
Administration of employee benefits Justified on the basis of Serica’s legitimate interests of ensuring that our employees receive the applicable benefits.
Perform any legally required reporting and respond to legal process. Compliance with a legal obligation.

Where the above table states that we rely on our legitimate interests for a given purpose, we are of the opinion that our legitimate interests are not overridden by your interests, rights, or freedoms, given (i) the transparency we provide on the processing activity, (iii) our regular privacy reviews and (iv) the rights you have in relation to the processing activity. If you wish to obtain further information on this balancing test approach, please contact Serica’s Data Privacy Officer.

We will process your personal data for the purposes mentioned above based on your prior consent, to the extent such consent is mandatory under applicable laws.

To the extent you are asked to click on/check “I accept”, “I agree” or similar buttons/checkboxes/functionalities in relation to a privacy statement, doing so will be considered as providing your consent to process your personal data, only in the countries where such consent is required by mandatory law. In all other countries, such action will be considered as a mere acknowledgment and the legal basis of the processing of your personal data will not be your consent but any other applicable legal basis.

We will not use your personal data for purposes that are incompatible with the purposes of which you have been informed, unless it is required or authorized by law, or it is in your own vital interest (e.g. in case of a medical emergency) to do so.

Will we share your personal data with third parties?

We may transfer personal data to our service providers, professional advisors, public and governmental authorities, or third parties in connection with a (potential) corporate or commercial transaction. Such third parties may be located in other countries. Before we do so, we shall take the necessary steps to ensure that your personal data will be given adequate protection as required by relevant data privacy laws and Serica’s internal policies. Serica may also transfer your personal data to any of its global affiliates/partners in furtherance of any visits to our Serica locations.

For example, we may disclose personal information to third parties for other business purposes as follows:

  • We share your information with third-party service providers that provide services to us, including billing, payment processing, customer service, email deployment, advertising and marketing, security and performance monitoring, maintaining or servicing accounts, processing or fulfilling orders and transactions, verifying customer information, research, data hosting, auditing, and data processing;
  • To protect and defend the legal rights, safety, and security of Serica, our affiliates, users, or the public, including to protect against fraud and malicious activity; and
  • For other business purposes described in this privacy statement or for any other purpose disclosed to you at the time we collect the information or pursuant to your consent.

We may also share your information in connection with a substantial corporate transaction, such as the sale of a website, a merger, consolidation, asset sale, initial public offering, or in the unlikely event of a bankruptcy.

Unless you are otherwise notified, any transfers of your personal data from within the European Economic Area (EEA) to third parties outside the EEA will be based on an adequacy decision or are governed by the standard contractual clauses (a copy of which can be obtained through the contact information included below). Any other non-EEA related transfers of your personal data will take place in accordance with the appropriate international data transfer mechanisms and standards.

What about sensitive data?

We do not generally seek to collect sensitive data (also known as special categories) through this site or otherwise. In the limited cases where we do seek to collect such data, we will do this in accordance with data privacy law requirements and/or ask for your consent.

The term “sensitive data” refers to the various categories of personal data identified by data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent from you. These categories include racial or ethnic origin, political opinions, religious, philosophical, or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offenses (including information about suspected criminal activities).

What about data security?

We maintain organizational, physical, and technical security arrangements for all the personal data we hold. We use various software and hosting such as Hostinger, Microsoft, Google, Slack, DocuSign, HubSpot, and Monday.com which are all GDPR compliant. We would encourage you to visit their respective websites to learn more about their technology, security protocols, and compliance policies.

Where will your personal data be processed?

As a global organization with offices and operations throughout the world, the personal data we collect may be transferred or be accessible internationally throughout Serica’s global business and between its entities and affiliates. Any such transfers throughout Serica’s global business take place in accordance with the applicable data privacy laws.

What are the sources we get your personal information from?

If we do not obtain your personal information directly from you, we may obtain it from the following sources: publicly available sources (registers or the internet), Serica employees, contractors, (prospective) members of the board of directors, shareholders, Serica’s affiliates, subsidiaries and newly acquired businesses, employers of our contractors, public authorities, public websites and social media, previous employers, educational institutions, suppliers and vendors (including third-party data providers).

In Section 4, you can find more information on the sources of your personal information for marketing purposes.

How long will your personal data be retained by us?

We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures so that personal data are deleted after a reasonable time according to the following retention criteria:

  • We retain your data as long as we have an ongoing relationship with you (in particular, if you hire us or are employed by us).
  • We will only keep the data while your account is active or for as long as needed to provide services to you.
  • We retain your data for as long as needed in order to comply with our global legal and contractual obligations.

Which rights do you have with respect to the processing of your personal data?

You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:

  • Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
  • Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
  • Object to the processing of your personal data: this right entitles you to request that Serica no longer processes your personal data.
  • Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
  • Request the restriction of the processing of your personal data: this right entitles you to request that Serica only processes your personal data in limited circumstances, including with your consent.
  • Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used, and machine-readable format) of personal data that you have provided to Serica, or request Serica to transmit such personal data to another data controller.

To exercise any of these rights, contact us at dataprivacycontoller@serica-group.com. Please note that this will not affect Serica’s right to process personal data obtained prior to the withdrawal of your consent, or its right to continue parts of the processing based on other legal bases than your consent.

We may need to ask for proof of identification before your request can be processed. We will let you know if we need to verify your identity and the documents we require.

We will normally respond to a request within twenty-eight (28) days from the date your request is received. In some cases, for example, where a large amount of personal data is being processed, we may respond within three (3) months of the date your request is received. We will write to you within twenty-eight (28) days of receiving your original request if this is the case.

If your request is manifestly unfounded or excessive, we are not obliged (to the maximum amount permitted by law) to comply with it.

If, despite our commitment and efforts to protect your personal data, you believe that your data privacy rights have been violated, we encourage and welcome individuals to come to Serica first to seek resolution of any complaint. You have the right at all times to register a complaint directly with the relevant supervisory authority or to make a claim against Serica with a competent court (either in the country where you live, the country where you work, or the country where you deem that data privacy law has been infringed).

Contact us to exercise any of your rights.

2. How do we use personal data when you visit a Serica website?

In addition to the information set out above, the following sections describe how we use personal data when you visit a Serica website:

  • Which personal data do we gather?
  • Do we include (links to) websites and programs of third parties?
  • How do we use personal data that we collect from our websites?

Which personal data do we gather?

Serica collects personal data at its websites in two ways: (1) directly (for example, when you provide personal data to sign up for a newsletter or register to comment on a forum website); and (2) indirectly (for example, through our website’s technology).

We may collect and process the following personal data:

  • Personal data that you provide by filling in forms on our website. This includes registering to use the website, subscribing to services, newsletters, and alerts, registering for an event, booking a consultation, or requesting further information. Pages that collect this type of personal data may provide further information as to why your personal data are needed and how it will be used. It is completely up to you whether you want to provide it.
  • If you contact us, we may keep a record of that correspondence.
  • We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • Any postings, comments, or other content that you upload or post to a Serica website.
  • Our website or mobile applications can collect personal data about your computer or your mobile device, including (where available) your IP address, operating system, type of device, device identification number, mobile operating system, and browser type, for system administration, to filter traffic, to look up user domains and to report on statistics.
  • Details of your visits to our website, the pages you view, and resources you access or download, including but not limited to, traffic data, location data, weblogs, and other communication data. Please see the Cookies section below for more information.

Do we include (links to) websites and programs of third parties?

Our websites may include:

  • Links to and from the sites of our partner networks, advertisers, and affiliates.
  • Certain programs (widgets and apps) of third parties. Where this is the case, note that such third parties may process your personal data collected through such programs for their own purposes.

We do not accept any responsibility or liability for such third parties’ sites or programs. Please check such third parties’ terms of use, privacy statements, and cookie policies before using and providing any information to such third parties’ sites and programs.

How do we use personal data that we collect from our websites?

We use personal data for the purposes described in the section.

“For which purposes and on which legal basis do we use your personal data?” above, as well as to provide you with information you request, process online job applications, prospective client inquiries, and for other purposes which we would describe to you at the point where it is collected. For example:

  • Links to and from the sites of our partner networks, advertisers, and affiliates.
  • Certain programs (widgets and apps) of third parties. Where this is the case, note that such third parties may process your personal data collected through such programs for their own purposes.

We analyze your IP and browser information to determine what is most effective about our website, to help us identify ways to improve it and make it more effective. Please see the Cookies section below for more information.

3. How do we use cookies (and other tracking technologies)?

In addition to the information set out above, this section describes how we use cookies and other tracking technologies. We analyze your IP and browser information to determine what is most effective about our website, to help us identify ways to improve it, and, eventually, to determine how we can tailor our website to make it a more positive and relevant user experience. Please see our Cookies Policy for more details including information about your choices with respect to advertising and social media cookies and for access to our cookie consent manager.

4. How do we use personal data for marketing purposes?

In addition to the information set out above, the following sections describe how we use personal data for marketing purposes:

  • What are the sources of marketing data?
  • Do we send targeted e-mails?
  • Do we maintain Customer Relationship Management(CRM) databases?
  • Do we combine and analyze personal data?
  • Do we share personal data with third parties?
  • What are your rights regarding marketing communications?

What are the sources of marketing data?

The bulk of the personal data we collect and use for marketing purposes relates to individual employees of our clients and other companies with which we have an existing business relationship. We may also obtain contact information from public sources, including content made public on social media websites, to make an initial contact with a relevant individual at a client or other company.

Do we send targeted e-mails?

We send commercial e-mails to individuals at our client or other companies with whom we want to develop or maintain a business relationship in accordance with applicable marketing laws. Our targeted e-mail messages typically include web beacons, cookies, and similar technologies that allow us to know whether you open, read, or delete the message, and links you may click. When you click a link in a marketing e-mail you receive from Serica, we will also use a cookie to log what pages you view and what content you download from our websites, even if you are not registered at or signed into our site.

Targeted e-mails from Serica may include additional data privacy information, as required by applicable laws.

Do we maintain Customer Relationship Management (CRM) databases?

Like most companies, Serica uses customer relationship management (CRM) database technology to manage and track our marketing efforts. Our CRM databases include personal data belonging to individuals at our client and other companies with whom we already have a business relationship or want to develop one. The personal data used for these purposes includes relevant business information, such as: contact data, publicly available information (e.g. board membership, published articles, press releases, your public posts on social media sites if relevant for business purposes), your responses to targeted e-mail (including web activity following links from our e-mails), website activity of registered users of our website, and other business information included by Serica professionals based on their personal interactions with you.

Do we combine and analyze personal data?

We may combine data from publicly available sources, and from our different e-mail, website, and personal interactions with you (this includes information collected across our different websites such as our careers and corporate sites, and information collected when you sign-up or log on to our sites or connect to our sites using your social media credentials (such as LinkedIn). We combine this data to better assess your experience with Serica and to perform the other activities described throughout our privacy policy.

Do we share personal data with third parties?

In addition to the third parties mentioned in the section “Will we share your personal data with third parties?” above, we may share your personal data with marketing agencies or relevant partners from marketing-related events and activities.

What are your rights regarding marketing communications?

You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilizing opt-out mechanisms in e-mails we send to you. In such cases, we will retain minimum personal data to note that you opted out in order to avoid contacting you again.

5. Contact us

Please contact us here if:

  • You have a general question about how Serica protects your personal data.
  • You wish to exercise your rights in relation to your personal data rights (as set out in the sections “Which rights do you have with respect to the processing of your personal data?” and “Your rights regarding marketing communications”).
  • You wish to make a complaint about Serica’s use of your data.

You can also contact Serica as the data controller of your personal data via our Data Privacy Officer (preferably electronically) or via post, clearly marked for the attention of the Data Privacy Officer, at this address: Serica Technology Group PTE LTD, #02-01, CBD, Raffles Place, 049422, Singapore.