Privacy Statement

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including the Personal Data Protection Act 2012 of Singapore (“PDPA”), 

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: Depending on the jurisdiction you are in, you may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another data controller. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data, such as information about your race, ethnicity, religion, political opinions, trade union membership or health, may be considered “Sensitive Personal Data” under certain Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), national ID information, criminal records, biometric information and data relating to a person’s health, physical, psychological, mental, genetic or sexual information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent, whether express, deemed or implied;

(b)    the processing of your Personal Data could be necessary for legitimate interests pursued by us, or by a third party who processes Personal Data on behalf of us, and which outweigh the adverse effects (if any) on you. Such legitimate interests include general administrative, human resource, operational, legal, compliance, due diligence, auditing, safety and security purposes;

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and

(d)    the processing of your Personal Data may be necessary to protect your vital interests, such as in emergency situations that may endanger your physical safety or well-being.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(e)    request receipt or transmission to another organisation, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract; and

(f)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data.

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including but not limited to the PRC Personal Information Protection Law (“PIPL”), the Regulations on Network Data Security Management, the Cybersecurity Law, the Data Security Law and the Personal Data Protection Act 2012 of Singapore. 

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: You may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another Personal Information Handler. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data, such as information about your race, ethnicity, religion, political opinions, trade union membership or health, may be considered “Sensitive Personal Data” under Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), national ID information, criminal records, biometric information and data relating to a person’s health, physical, psychological, mental, genetic or sexual information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. We will only process your Sensitive Personal Data for the purposes mentioned in the Privacy Statement and to the extent necessary. Our processing of your Sensitive Personal Data will not have an impact on your legitimate rights and interests permitted by Applicable Data Protection Laws. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent, whether express, deemed or implied. Under certain circumstances, we will obtain your separate consent unless a lawful basis applies. These include situations where we: (1) process your Sensitive Personal Data; (2) transfer your Personal Data outside of China; (3) provide another Personal Information Handler with your Personal Data; (4) publicly disclose your Personal Data; (5) use your Personal Information that has been collected for the purpose of maintaining public security for any other purposes;

(b)    the processing of your Personal Data could be necessary for legitimate interests pursued by us, or by a third party who processes Personal Data on behalf of us, and which outweigh the adverse effects (if any) on you. Such legitimate interests include general administrative, human resource, operational, legal, compliance, due diligence, auditing, safety and security purposes;

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and

(d)    the processing of your Personal Data may be necessary in response to a public health emergency or for protecting a natural person’s life, health and property safety in an emergency

(e)    we process Personal Data to a reasonable extent in carrying out activities for public interests;

(f)    we process your Personal Data that has been published by you or otherwise has been published legitimately to a reasonable extent and in compliance with applicable laws and regulations;

(g)    other circumstances as provided by applicable laws or regulations.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We will inform you in advance and obtain your separate consent before transferring your Personal Data to another Personal Information Handler. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data,including complete the relevant transfer compliance mechanism as required by Applicable Data Protection Laws, having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either separate consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    opt-out of automated decision making for push notifications or automated decision making for any marketing purposes; for automated decisions made on matters that have an important impact on personal rights and interests, you have a right to know how they are made and you have a right to reject purely automated decisions on such matters;

(e)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(f)    request receipt or transmission to another organisation, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract; 

(g)    cancel your account and after this, we will stop providing products and services and delete your Personal Data unless otherwise stipulated by law; and 

(h)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data.

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request, which include: (1) your identity can be verified as authentic; (2) the Personal Data requested for transfer is the information that you consented to provide or that was collected based on a contract; (3) the transfer of Personal Data is technically feasible; and (4) the transfer of Personal Data does not harm the legitimate rights and interests of others. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. The circumstances include: (1) if your request is contrary to our obligations under laws and regulations; (2) if the requested data is directly related to national security or national defense security; (3) if the requested data is directly related to public safety, public health, or significant public interest; (4) if the requested data is directly related to criminal investigations, prosecutions, trials and enforcement of judgments, etc.; (5) if we have sufficient evidence of your subjective malice or abuse of rights; (6) if it is in the interest of safeguarding your or other individuals’ significant legitimate rights and interests, such as life and property, but it is difficult to obtain your authorization or consent; (7) if responding to your request to exercise your rights would result in serious harm to your or other individuals’ or organizations’ legitimate interests; (8) if the requested data involves trade secrets. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement or additional rights granted to you under Applicable Data Protection Laws beyond those described in this Privacy Policy, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    本隐私声明阐述本公司将如何遵循适用法律法规（下称 “适用数据保护法”，包括但不限于《中华人民共和国个人信息保护法》（下称 “个人信息保护法”）、《网络数据安全管理条例》、《网络安全法》、《数据安全法》及新加坡《2012 年个人数据保护法》）的要求，收集、使用、披露和保护（统称 “处理”）您的个人数据（定义见下文第 2.1 条）。

1.3.    处理您个人数据的方式。

(a)    数据收集： 根据您与本公司互动的具体情形，本公司可能向您收集多种类型的个人数据，包括联系方式、身份证明文件信息、支付数据及网络身份识别信息等。对于敏感个人数据（定义见下文第 2.2 条），本公司将予以特别保护，仅在确有必要时进行收集。

(b)    数据使用： 本公司将为履行合同义务、遵守法律要求、开展市场营销、保障安全及满足运营需求等目的使用您的个人数据，具体应用场景包括客户关系管理、招聘申请处理、租户及供应商合作往来等。

(c)    数据保护与留存： 本公司采用行业通用的安全防护措施，并遵循数据最小化原则保护您的数据安全。数据留存期限仅限于满足法定或业务所需的必要范围。

(d)    向第三方披露： 确有必要时，您的个人数据可能会披露给本公司关联方、服务提供商、业务合作伙伴及相关政府机构等各类第三方主体。进行此类披露时，本公司将确保符合适用数据保护法的相关要求

(e)    您的个人数据权利：您有权访问、更正、删除您的个人数据，有权限制或反对本公司对您个人数据的处理，有权撤回已作出的同意，亦有权要求将您的个人数据转移至其他个人信息处理者。

(f)    Cookie 及第三方链接： 本公司通过 Cookie 提升网站服务功能。敬请留意，本公司网站可能包含指向第三方网站的链接，该等网站不由本公司运营或维护，本公司对第三方网站的隐私保护措施不承担任何责任。

(g)    数据传输： 确有必要时，您的个人数据可能会在不同地区之间传输，包括进行跨境传输。进行此类数据传输前，本公司将采取合理必要的安全保障措施，并确保数据传输行为符合适用数据保护法的规定。

(h)    市场营销： 本公司仅在获得您明确同意后，才会向您推送广告、营销或商业推广信息，并同时告知您信息送达方式及免费退订机制。一旦您选择退订，本公司将立即停止向您发送任何营销信息。

(i)    联系我们： 如您就个人数据相关事宜存在疑问，或希望行使上述数据权利，请通过邮箱 [email protected]联系本公司数据保护专员。

1.4.    本隐私声明为您此前就个人数据处理向本公司作出的任何其他同意的补充文件，而非替代或废止该等同意。同时，本隐私声明不影响本公司依据法律规定，在收集、使用或披露您个人数据方面所享有的权利。

1.5.    本公司可能通过在官方网站（www.sembcorp.com）发布最新版本的方式，对本隐私声明进行更新或修改，以确保其符合未来发展趋势、行业惯例及法律监管要求的变化。本公司可通过发布公告或推送通知等适当方式，将个人数据处理方式的变更情况告知您。

1.6.    如本隐私声明不同语言版本内容存在歧义或冲突，以英文版本为准。

2.    收集的个人数据范围

2.1.    个人数据指任何(a)可单独或(b)结合其他信息，识别您身份的资料或信息。

根据您与本公司互动的具体情形，本公司可能向您收集的个人数据示例包括：

(a)    个人基本信息，如姓名、性别、出生日期、常住地址、国籍、护照或其他身份证件信息；

(b)    联系方式，如电话号码、电子邮箱地址；

(c)    支付信息，如银行账户详情、信用卡或借记卡信息；

(d)    与您相关的收付账款记录；

(e)    通过照片或视频录制形成的影像资料；

(f)    职业相关信息，如职业类型、董事任职情况、工作履历、薪资水平；  

(g)    您的个人意见反馈，如通过意见调查表收集的内容；及

(h)    与您使用本公司网站及服务相关的其他电子数据，包括 Cookie 信息、互联网协议（IP）地址、操作日志及网络身份识别信息。

2.2.    特定类别信息或 “敏感个人数据”

根据适用数据保护法的规定，部分类别的个人数据可能被认定为 “敏感个人数据”，例如种族、民族、宗教信仰、政治观点、工会会员身份或健康状况相关信息。可能构成敏感个人数据的具体类型包括支付信息（如信用卡详情、银行账户信息）、国家身份证件信息、犯罪记录、生物识别信息，以及与个人健康、生理、心理、遗传或性取向相关的数据。

一般情况下，本公司会尽量限制收集、使用或披露您敏感个人数据的情形。仅会为实现本隐私声明载明的目的，并在必要范围内处理您的敏感个人数据。本公司对敏感个人数据的处理，不会侵犯适用数据保护法赋予您的合法权益，但在以下例外情形下可能产生影响：

(a)    基于安全保障目的，或作为签订合同的必要条件（例如与您达成交易所需）；

(b)    法律法规要求监管机构必须获取该类信息；

(c)    法律规定本公司必须向您收集或向其他主体披露该类信息； 或  

(d)    您主动选择向本公司提供该类信息（或由您的授权代表代为提供）。

3.    收集个人数据的方式

3.1.    一般情况下，本公司通过以下途径收集您的个人数据：

(a)    您在本公司注册、提交与使用或购买本公司产品 / 服务相关的表单时；

(b)    您向本公司提交线上咨询，或在本公司注册线上账户时；

(c)    您通过电话、电子邮件、在线表单等方式与本公司员工或第三方服务提供商互动时（包括您提出的回电请求、订阅邮件列表需求，或您对本公司促销活动、市场调研及其他专项活动的反馈）；

(d)    您响应本公司补充收集个人数据的要求时；

(e)    您出席本公司或本公司委托的第三方机构主办 / 组织的活动，本公司或授权代表通过拍摄照片、录制视频的方式收集时；

(f)    您进入本公司安装闭路电视（CCTV）监控系统的场所时；

(g)    本公司从业务合作伙伴及第三方主体获取的推荐信或背景资料中；

(h)    您因其他任何目的主动向本公司提交个人数据时； 以及

(i)    您浏览本公司网站时（有关详情请参阅本公司Cookie 政策）。

3.2.    此外，为确保服务质量、开展员工培训、实施绩效考核及核验身份等目的，本公司可能对电话沟通内容及面向客户的服务互动过程进行监控或录音，相关操作均遵循适用数据保护法的规定。

3.3.    如您向本公司提供第三方个人数据（例如您的家属、配偶、子女及 / 或父母的相关信息，或就商业合作关系而言，您的员工 / 授权代表的相关信息），您应声明并保证该等披露行为符合适用数据保护法的要求。同时，您应确保被提供个人数据的相关主体已授权该等披露行为，并已知悉且同意本隐私声明的全部条款。

4.    使用个人数据的方式

4.1.    本公司可依据适用数据保护法允许的各类法律依据处理您的个人数据，具体包括：

(a)    基于您明示、推定或默示的同意（在特定情形下，除存在合法依据外，本公司将另行获取您的单独同意，例如：(1) 处理您的敏感个人数据；(2) 将您的个人数据传输至中国境外；(3) 向其他个人信息处理者提供您的个人数据；(4) 公开披露您的个人数据；(5) 将为维护公共安全目的收集的个人信息用于其他用途）；

(b)    为实现本公司或代表本公司处理个人数据的第三方的合法利益，且该等利益的重要性高于对您可能产生的不利影响（该等合法利益包括日常行政管理、人力资源管理、业务运营、法务合规、尽职调查、审计监督、安全保障等方面的需求）；

(c)    满足法定或合同约定的义务要求（例如应监管机构的要求处理个人数据，或为向您提供产品 / 服务而必须开展的个人数据处理行为）；

(d)    为应对突发公共卫生事件，或在紧急情况下保护自然人的生命、健康和财产安全而确有必要处理个人数据；

(e)    为履行公共利益相关活动，在合理范围内处理个人数据；

(f)    对于您自行公开或其他合法公开的个人数据，在遵守适用法律法规的前提下，于合理范围内进行处理； 以及

(g)    适用法律法规规定的其他情形。

4.2.    一般而言，在符合适用数据保护法规定且具备合法依据的前提下（包括您已向本公司作出明确同意的情形），本公司可出于以下目的使用您的个人数据：

(a)    履行与提供您所申请产品 / 服务相关的各项义务，包括根据您的订单安排产品交付；

(b)    定期向您推送本公司的业务动态、产品信息及服务内容等营销推广资料；  

(c)    开展市场营销、广告投放、调研分析及统计工作，以优化和提升本公司的产品与服务质量；

(d)    与广告商及其他第三方主体共享您的汇总信息，以便为您提供个性化的内容及广告服务；

(e)    通过即时通讯工具、电话、传真及 / 或电子邮件等方式，在适当情况下与您取得联系；

(f)    就本隐私声明、本公司各项政策、条款及条件的更新情况，以及其他管理类通知向您进行告知；

(g)    管理本公司的基础设施及业务运营，并确保符合内部政策要求；

(h)    为推动胜科集团旗下实体涉及的业务资产交易（包括但不限于合并、收购或资产出售）提供支持；

(i)    核验您的身份信息及所提供资料的真实性，并开展尽职调查，以遵守适用法律法规的要求，包括制裁合规、反洗钱及贸易管制相关法律规定；  

(j)    处理各类纠纷，开展并协助调查取证及相关法律程序；

(k)    维护和行使本公司的合法权利与合同约定的义务；

(l)    防范、监测及调查各类违法犯罪行为及商业风险，包括欺诈及洗钱活动；

(m)    在您所在司法管辖区境内或境外，对您的个人数据进行存储、托管及备份（包括用于灾难恢复等目的）；

(n)    通过门禁卡或生物识别门禁系统，管理人员进出本公司场所的权限；

(o)    满足胜科集团旗下实体在日常行政管理、内部政策执行、安全保障等方面的需求；

(p)    遵守适用的规章制度、法律法规、行业守则或监管指引的要求，或协助相关部门开展执法及调查工作；

(q)    为实现上述列明目的而产生的必要、附带或相应衍生的其他用途； 及/或

(r)    本公司在获取您同意时告知的其他用途，或依据适用数据保护法规定、除您的同意外具备其他合法依据的情形下所追求的用途， 

前提是仅在基于具体情形具备合理必要性的前提下，本公司才会为实现上述目的处理您的个人数据。

4.3.    除上述用途外（以该等用途与您和本公司的合作关系相适配为限），根据您与本公司合作关系的具体类型，本公司还可能为以下特定目的使用您的个人数据：

4.3.1.    如您已在本公司注册用户账户（例如作为 GoNetZero 或 胜科电力 用户）:

(a)    处理您的账户注册申请，并对您的用户账户进行管理维护； 以及

(b)    处理您提出的各类支付请求。

4.3.2.    如您是已订用本公司电力或供水服务的居民用户：

(a)    开展与电力 / 供水服务相关的各项管理工作（包括处理用户投诉及各类咨询请求）；

(b)    为您提供所申请的电力 / 供水服务，并完成与服务提供相关的各项配套管理工作； 以及

(c)    就供水 / 供电服务向您开具账单并收取相关费用。

4.3.3.    如您是本公司股东：

(a)    管理、维护并发展与您的合作关系，包括核验您本人及 / 或您的代理人的身份信息；

(b)    协助您行使股东权利或享受股东权益，例如向您派发股息、提供股东大会相关委托材料等； 以及

(c)    通过各类宣传材料，向您通报本公司经营业绩，包括年度业绩报告及其他相关资讯。

4.3.4.    如您是本公司的供应商、潜在供应商或承包商：

(a)    根据您与本公司的业务合作关系需求，与您或您的员工进行沟通联络（包括业务对接、应急响应、安全保障等方面的沟通）； 以及

(b)    对您为参与本公司产品 / 服务项目投标而提交的各类文件资料进行审核与评估。

4.3.5.    如您是本公司物业的潜在租户、现有租户或购买方：

(a)    准备与物业租赁、购买或出售相关的各类所需文件资料； 以及

(b)    管理相关交易事项，履行合同义务，包括收取或支付物业租赁 / 买卖相关款项。

4.3.6.    如您是到访本公司场所的访客或出席本公司组织活动的嘉宾：

(a)    办理您的场所到访登记或活动出席签到手续；

(b)    用于宣传推广目的（包括在胜科集团社交媒体平台发布相关内容、纳入企业通讯刊物等）；

(c)    用于安全保障及应急管理目的（包括要求您在进入场所前完成相关安全培训）；

(d)    协助相关政府机构完成安全审查手续。

4.3.7.    如您是向本公司投递求职申请的候选人：

(a)    处理您的求职申请，包括开展入职前背景审查；

(b)    调取或提供推荐信，以完成背景调查 / 审核工作；

(c)    评估您是否符合本公司当前或未来岗位的任职要求； 以及

(d)    核验您所提交信息的真实性，包括您在求职申请中提供的各类资质证明、学历文件及职业能力证明等资料。

（以上各项用途统称 “数据处理目的” ）。

4.4.    鉴于本公司收集、使用、披露或处理您个人数据的具体目的需结合实际情况确定，前述未列明的目的可能依然存在。在此情形下，本公司将在获取您同意时，将该等其他目的明确告知您；除非依据适用数据保护法的规定，本公司在无需获取您同意的情况下，具备处理相关数据的其他合法依据。

4.5.    为避免歧义，在符合适用数据保护法要求或允许的范围内，即使您与本公司的合作关系（例如基于合同建立的关系）发生终止或变更，上述列明的数据处理目的在合理期限内仍可继续适用。

4.6.    在向您提供这些服务和/或与您进行其他互动的过程中，本公司可能会使用人工或自动化方式，包括人工智能服务。本公司致力于确保人工智能服务的准确性和可靠性，并在必要时对输出结果进行人工验证。

5.    个人数据的披露与传输

5.1.    为实现一项或多项前述数据处理目的，本公司需与多个主体（部分主体可能位于境外）共享、处理、披露及 / 或传输您的个人数据，接收主体包括但不限于：

(a)    胜科集团旗下其他实体；

(b)    为本公司提供业务支持的代理人、承包商、第三方服务提供商、业务合作伙伴或专业顾问，包括但不限于提供行政、财务、调研、支付、运营、保险、审计、法务等服务的主体，例如信息技术服务提供商、身份核验机构、数据分析机构、培训机构、市场调研机构及数据中心等；

(c)    征信机构；或在发生欠款违约或纠纷时，向催收机构或纠纷解决中心披露相关数据；

(d)    与各类收购、出售、合并、合资、整合、重组、融资或其他商业交易相关的业务合作伙伴、投资方、受让方或承继方；  

(e)    法务顾问、执法机关、政府部门或监管机构（为遵守相关法律法规要求，或为应对威胁自然人生命、健康或财产安全的紧急情况，或为维护公共利益而确有必要披露时）；

(f)    本公司权利义务的受让方或潜在受让方（例如本公司委托第三方机构，按照本隐私声明告知您的目的，处理个人数据相关事宜）；

(g)    为实现上述列明的数据处理目的，胜科集团合理判断确有必要向其传输个人数据的其他任何主体； 以及

(h)    经您同意的任何其他主体、由您指定的主体，或本公司在后续通知中告知您的主体；或依据适用数据保护法规定，除您的同意外具备其他合法依据，从而需要向其披露或传输个人数据的任何其他主体。

5.2.    上述接收主体将代表本公司或自行出于一项或多项前述数据处理目的，对您的个人数据进行处理。本公司将在向其他个人信息处理者传输您的个人数据前，事先告知您并另行获取您的同意。本公司将尽力确保接收主体采取有效措施，保护您的个人数据免遭未授权的访问、收集、使用、披露、处理或其他类似风险，并仅在为实现前述数据处理目的所需的必要期限内留存您的个人数据。

5.3.    个人数据的跨境传输

5.3.1.    您的个人数据可能会从您与胜科互动及 / 或使用本公司产品 / 服务所在的国家、地区及城市（下称 “所在地区”），传输至其他国家、地区及城市（下称 “目标地区”）。

5.3.2.    当本公司将您的个人数据从所在地区传输至目标地区时，将遵守与您个人数据相关的各项法定及监管义务，包括按照适用数据保护法的要求完成相关传输合规程序，确保具备合法的数据传输依据，并采取适当的安全保障措施，以保证个人数据的保护水平符合适用数据保护法的规定。同时，本公司将确保目标地区的接收主体承担的个人数据保护义务，与适用法律规定的保护标准具有同等效力。

5.3.3.    本公司进行跨境数据传输的合法依据，可为您的单独同意（即本公司可在您提供个人数据时，请求您同意将该等数据从所在地区传输至目标地区），或适用数据保护法允许的其他合规保障措施。

6.    个人数据的保护与留存

6.1.    胜科将按照适用数据保护法的要求，采取合理的法律、物理、组织及技术层面的防护措施，保障您的个人数据安全。该等措施包括防止个人数据遭受未授权使用、访问或丢失的相关举措。胜科遵循 “知必所需” 原则，严格限制员工对您个人数据的访问权限。个人数据处理人员仅能以经授权的方式开展数据处理工作，并需对您的个人信息承担保密义务。

6.2.    尽管如此，数据安全无法实现绝对的保障。例如，在本公司无任何过错的情况下，仍可能因恶意攻击者采用复杂手段实施黑客攻击，导致个人数据发生未授权披露。

6.3.    本公司仅在具备业务或法定留存必要的期限内，保留您的个人数据。一旦相关留存目的已达成，本公司将按照适用数据保护法的规定，对您的个人数据进行销毁或匿名化处理。

7.    Cookie 的使用

7.1.    与多数线上服务提供商一致，本公司网站及平台会通过 Cookie 实现多种功能。Cookie 是存储在您浏览器或电子设备中的小型文件，用于保障本公司网站各项功能的正常运行，例如记录您的偏好设置及其他相关信息。

7.2.    有关本公司使用 Cookie 的详细信息，请参阅胜科 Cookie 政策。

8.    网站链接的第三方网站

8.1.    本公司网站可能包含指向第三方网站的链接。部分第三方网站可能载有与胜科集团相关的信息，但该等网站不由本公司运营或维护。本公司对该等第三方网站的隐私保护措施不承担任何责任。对于第三方网站所链接的外部网站中的内容、商品或服务，本公司不作任何形式的陈述与保证。相关链接仅为方便您查阅及参考而提供，本公司不会对该等外部网站进行监控或调查，亦不对其内容的准确性、完整性及由此产生的任何损失承担责任。外部网站所表达的任何观点，均不代表本公司的认可、推荐或立场。如您访问该等第三方网站，请仔细查阅其隐私政策。

9.    您对个人数据所享有的权利

9.1.    根据适用数据保护法的规定，您可能享有以下权利：

(a)    查询本公司处理您个人数据的方式，并要求获取本公司所持有的您的个人数据副本；

(b)    要求更正及 / 或删除您的个人数据；

(c)    要求限制或反对本公司对您个人数据的处理行为；

(d)    拒绝基于自动化决策机制推送通知信息，或拒绝将自动化决策机制用于任何市场营销目的；对于对个人权益有重大影响的自动化决策，您有权知悉决策的依据及逻辑，并有权拒绝仅依据自动化决策作出的相关决定；

(e)    如本公司处理个人数据的法律依据为您的同意，您有权撤回该等同意；

(f)    如本公司基于您的同意或为履行合同而使用您的个人数据，您有权要求本公司以机器可读格式，向您或其他指定组织提供或传输您提交的个人数据；

(g)    注销您的账户，账户注销后，本公司将停止向您提供产品 / 服务，并依法删除您的个人数据； 以及

(h)    如您的数据隐私权利受到侵害，或因个人数据被非法处理而遭受损失，您有权向相关数据隐私监管机构提起投诉。

9.2.    如您在本公司提供个人数据共享选项时选择拒绝，或后续撤回了对本公司使用数据的同意，可能导致本公司无法开展为实现第 4 条（使用个人数据的方式）所列数据处理目的所需的各项操作。即便如此，在符合适用数据保护法要求或允许的范围内，本公司仍可继续处理您的个人数据。

9.3.    本公司将对所有权利行使请求进行审查与核验。为确认您提出请求的合法授权，本公司可能要求您提供相关佐证材料，包括但不限于：(1) 您的身份信息真实有效；(2) 您请求传输的个人数据，确为您同意提供或基于合同约定收集的数据；(3) 个人数据的传输具备技术可行性；(4) 个人数据的传输不会损害他人的合法权益。经核验通过后，本公司将在适用数据保护法规定的时限内，响应并执行您的请求。

9.4.    根据适用数据保护法的允许，本公司可就处理您提出的个人数据副本获取请求，向您收取合理费用。如本公司决定收取费用，将向您提供书面的费用估算明细。请注意，在您支付相关费用前，本公司无义务响应或处理您的请求。

9.5.    根据适用数据保护法的规定，在法律要求及 / 或允许的情形下，本公司有权拒绝您的请求，具体包括：(1) 您的请求违反本公司应遵守的法律法规义务；(2) 请求获取的数据与国家安全或国防安全直接相关；(3) 请求获取的数据与公共安全、公共卫生或重大公共利益直接相关；(4) 请求获取的数据与刑事侦查、起诉、审判及判决执行等司法程序直接相关；(5) 本公司有充分证据证明您提出请求存在主观恶意或滥用权利情形；(6) 为维护您或其他自然人的重大合法权益（如生命财产安全）而确有必要处理数据，但难以取得您的授权或同意；(7) 响应您的权利行使请求，将对您或其他自然人、法人的合法权益造成严重损害；(8) 请求获取的数据涉及商业秘密。如适用数据保护法有明确要求，本公司将向您说明拒绝请求的具体理由。

10.    如何联系本公司数据保护专员？

10.1.    如您对本隐私声明存在任何疑问，或就本公司使用您个人数据的事宜需要咨询，或希望行使本隐私声明中列明的权利，以及适用数据保护法赋予您的本隐私声明未涵盖的其他权利，请通过邮箱 [email protected] 与本公司数据保护专员联系。

11.    隐私声明的修订

11.1.    胜科有权随时修改、更新或修订本隐私声明的条款内容，并通过在官方网站发布更新版本的方式予以公告。如法律有明确要求，本公司将就隐私声明的重大变更事项通知您，或根据适用数据保护法的规定，就相关修订内容另行获取您的同意。建议您定期查阅本隐私声明，以了解最新内容。

11.2.    本隐私声明最近一次更新日期为 2025 年 12 月。

1.2.    This Privacy Statement outlines how we collect, receive, handle, possess, store, use, disclose, and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including the Personal Data Protection Act 2012 of Singapore (“PDPA”), the Information Technology  Act, 2000, read with the  Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) of India  

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary. Prior to collecting such Personal Data, we will inform you of the purposes for which your Personal Data is being collected, used or disclosed. In this regard, we will obtain your consent.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to (i) such period as is necessary for (A) legal purposes, or (B) business purposes for which consent has been obtained, and (ii) such time period as is required under any other law for the time being in force.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: Depending on the jurisdiction you are in, you may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another data controller. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data, such as information about your race, ethnicity, religion, political opinions, trade union membership or health, may be considered “Sensitive Personal Data” under certain Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), national ID information, criminal records, biometric information and data relating to a person’s health, physical, psychological, mental, genetic or sexual information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent, whether express, deemed or implied;

(b)    the processing of your Personal Data could be necessary for legitimate interests pursued by us, or by a third party who processes Personal Data on behalf of us, and which outweigh the adverse effects (if any) on you. Such legitimate interests include general administrative, human resource, operational, legal, compliance, due diligence, auditing, safety and security purposes;

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and

(d)    the processing of your Personal Data may be necessary to protect your vital interests, such as in emergency situations that may endanger your physical safety or well-being.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(e)    request receipt or transmission to another organisation, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract; and

(f)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data.

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including the Personal Data Protection Act 2012 of Singapore (“PDPA”) and Law of the Republic Indonesia No. 27 of 2022 on Personal Data Protection.  

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: Depending on the jurisdiction you are in, you may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another data controller. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data, such as personal financial data, health data, children’s data, and genetic data may be considered “Sensitive Personal Data” under certain Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), national ID information, criminal records, biometric information and data relating to a person’s health, physical, psychological, mental, genetic or sexual information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent;

(b)    the processing of your Personal Data could be necessary for legitimate interests pursued by us, or by a third party who processes Personal Data on behalf of us, and which outweigh the adverse effects (if any) on you. Such legitimate interests include general administrative, human resource, operational, legal, compliance, due diligence, auditing, safety and security purposes;

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and/or

(d)    the processing of your Personal Data may be necessary to protect your vital interests, such as in emergency situations that may endanger your physical safety or well-being.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").
4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(e)    request receipt or transmission of your Personal Data to another data controller, in a machine-readable form, where the systems used are capable of secure communication in accordance with the principles of Personal Data protection under Applicable Data Protection Laws; 

(f)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data; and

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    Pernyataan Privasi ini menjelaskan bagaimana kami mengumpulkan, menggunakan, mengungkapkan, dan melindungi (secara kolektif disebut sebagai “pemrosesan”) Data Pribadi Anda (sebagaimana didefinisikan dalam Klausul 2.1 di bawah ini) sesuai dengan hukum dan peraturan yang berlaku (“Hukum Perlindungan Data yang Berlaku”), termasuk Undang-Undang Perlindungan Data Pribadi 2012 Singapura (“PDPA”) dan Undang-Undang Republik Indonesia No. 27 Tahun 2022 tentang Perlindungan Data Pribadi. 

1.3.    BAGAIMANA KAMI MEMPROSES DATA PRIBADI ANDA. 

(a)    Pengumpulan Data: Tergantung pada sifat interaksi Anda dengan kami, kami dapat mengumpulkan beberapa jenis Data Pribadi dari Anda, seperti detail kontak Anda, informasi identifikasi, data pembayaran, dan pengidentifikasi daring. Data Pribadi Sensitif (sebagaimana didefinisikan dalam Klausul 2.2 di bawah) ditangani dengan sangat hati-hati dan hanya dikumpulkan bila diperlukan. 

(b)    Penggunaan Data: Kami menggunakan Data Pribadi Anda untuk tujuan seperti memenuhi kewajiban kontraktual kami, mematuhi persyaratan hukum, pemasaran, keamanan, dan kebutuhan operasional. Kasus penggunaan spesifik meliputi pengelolaan hubungan pelanggan, lamaran pekerjaan, dan interaksi penyewa atau vendor. 

(c)    Perlindungan dan Retensi Data: Kami menerapkan pengamanan standar industri dan pendekatan minimalisasi data untuk mengamankan data Anda. Retensi dibatasi hanya pada data yang diperlukan untuk keperluan hukum atau bisnis. 

(d)    Pengungkapan kepada Pihak Ketiga: Jika diperlukan, Data Pribadi Anda dapat diungkapkan kepada berbagai pihak ketiga termasuk afiliasi kami, penyedia layanan, mitra bisnis, dan otoritas pemerintah terkait. Jika pengungkapan tersebut diperlukan, kami akan memastikan bahwa pengungkapan tersebut sesuai dengan Hukum Perlindungan Data yang Berlaku. 

(e)    Hak Anda atas Data Pribadi: Tergantung pada yurisdiksi tempat Anda berada, Anda dapat mengakses, mengoreksi, menghapus, membatasi, atau menolak pemrosesan data Anda, menarik persetujuan, atau meminta agar Data Pribadi Anda dipindahkan ke pengontrol data lain. 

(f)    Cookie dan Tautan Pihak Ketiga: Kami menggunakan Cookie untuk meningkatkan fungsionalitas situs web kami. Harap diperhatikan bahwa situs web kami mungkin berisi tautan ke situs web pihak ketiga yang tidak kami operasikan atau kelola. Kami tidak bertanggung jawab atas praktik privasi situs web pihak ketiga tersebut. 

(g)    Transfer Data: Jika diperlukan, Data Pribadi Anda dapat ditransfer dari satu lokasi ke lokasi lain, termasuk secara internasional. Jika transfer tersebut diperlukan, kami akan memastikan bahwa langkah-langkah pengamanan yang wajar dan diperlukan telah diterapkan sebelum mentransfer Data Pribadi Anda dan transfer tersebut mematuhi Hukum Perlindungan Data yang Berlaku. 

(h)    Pemasaran: Distribusi materi iklan, pemasaran, atau komersial kepada Anda akan dilakukan berdasarkan persetujuan khusus Anda. Anda akan diberitahu tentang cara penyampaian dan mekanisme gratis untuk berhenti berlangganan. Saat Anda memilih untuk berhenti berlangganan, kami akan menghentikan pengiriman aktivitas pemasaran apa pun kepada Anda 

(i)    Hubungi Kami: Untuk pertanyaan terkait Data Pribadi Anda atau untuk menggunakan hak data Anda, hubungi Petugas Perlindungan Data kami di [email protected]

1.4.    Pernyataan Privasi ini melengkapi dan tidak menggantikan atau membatalkan persetujuan lain yang mungkin telah Anda berikan kepada kami sebelumnya terkait Data Pribadi Anda. Pernyataan Privasi ini juga tidak hak apamemengaruhi pun yang mungkin kami miliki berdasarkan hukum sehubungan dengan pengumpulan, penggunaan, atau pengungkapan Data Pribadi Anda. 

1.5.    Kami dapat memperbarui atau mengubah Pernyataan Privasi ini dengan menerbitkan versi terbaru di situs web kami (www.sembcorp.com). Hal ini memastikan bahwa Pernyataan Privasi kami sesuai dengan perkembangan di masa mendatang, tren industri, dan perubahan hukum atau peraturan. Kami dapat memberi tahu Anda tentang perubahan dalam cara kami memproses Data Pribadi Anda melalui cara yang sesuai, seperti dengan memasang pemberitahuan atau mengirimkan notifikasi kepada Anda.

1.6.    Apabila terdapat ketidaksesuaian antara berbagai versi Pernyataan Privasi ini, versi bahasa Inggris yang akan berlaku. 

2.    Data Pribadi Apa yang Kami Kumpulkan 

2.1.    “Data Pribadi” mengacu pada setiap data atau informasi tentang Anda yang memungkinkan Anda diidentifikasi baik (a) hanya dari data tersebut; atau (b) dari data tersebut yang dikombinasikan dengan informasi lain.  

Tergantung pada sifat interaksi Anda dengan kami, contoh Data Pribadi yang mungkin kami kumpulkan dari Anda meliputi: 

(a)    informasi pribadi seperti nama, jenis kelamin, tanggal lahir, alamat tempat tinggal, kewarganegaraan, paspor, atau dokumen identitas pribadi lainnya;

(b)    Informasi kontak, seperti nomor telepon atau alamat email;  

(c)    Informasi pembayaran, seperti rincian rekening bank dan rincian kartu kredit atau debit;

(d)    jumlah yang harus dibayar oleh atau kepada Anda;

(e)    gambar melalui foto atau rekaman video

(f)     Rincian pekerjaan seperti jabatan, posisi direksi, riwayat pekerjaan, gaji;

(g)    pendapat pribadi Anda, misalnya melalui formulir umpan balik; dan

(h)    data elektronik lainnya yang berkaitan dengan penggunaan situs web dan layanan kami, termasuk cookie, alamat IP, log aktivitas, dan pengidentifikasi daring.

2.2.    Kategori informasi khusus atau “Data Pribadi Sensitif” 

Kategori Data Pribadi tertentu, seperti data keuangan pribadi, data kesehatan, data anak, dan data genetik, dapat dianggap sebagai “Data Pribadi Sensitif” berdasarkan Hukum Perlindungan Data yang Berlaku. Kategori Data Pribadi yang dapat dianggap sebagai Data Pribadi Sensitif meliputi informasi pembayaran Anda (misalnya detail kartu kredit, detail rekening bank), informasi identitas nasional, catatan kriminal, informasi biometrik, dan data yang berkaitan dengan kesehatan, fisik, psikologis, mental, genetik, atau informasi seksual seseorang. 

Secara umum, kami berupaya membatasi keadaan di mana kami mengumpulkan, menggunakan, atau mengungkapkan Data Pribadi Sensitif Anda. Namun, hal ini terkadang dapat terjadi karena: 

(a)    Hal ini diperlukan untuk tujuan keselamatan & keamanan atau sebagai bagian dari kebutuhan kontraktual, seperti untuk menyelesaikan transaksi dengan Anda; 

(b)    Informasi tersebut diperlukan oleh otoritas pengatur berdasarkan hukum apa pun; 

(c)    kami diwajibkan oleh hukum untuk mengumpulkan, menggunakan, atau mengungkapkan informasi tersebut dari/kepada Anda; atau 

(d)    Anda memilih untuk memberikan informasi tersebut kepada kami (atau perwakilan resmi Anda memberikan informasi tersebut). 

3.    Bagaimana Kami Mengumpulkan Data Pribadi Anda 

3.1.    Secara umum, kami mengumpulkan Data Pribadi Anda dengan cara-cara berikut: 

(a)    saat Anda membuat akun dengan kami atau mengirimkan formulir yang berkaitan dengan atau mendaftar untuk menggunakan atau membeli produk atau layanan kami;  

(b)    saat Anda mengirimkan pertanyaan online atau membuat akun online dengan kami; 

(c)    saat Anda berinteraksi dengan staf kami atau penyedia layanan pihak ketiga mana pun melalui panggilan telepon, email, formulir online termasuk permintaan Anda untuk dihubungi, dimasukkan ke dalam daftar distribusi email atau daftar surat lainnya, atau tanggapan Anda terhadap promosi, survei pasar, atau inisiatif kami lainnya; 

(d)    saat Anda menanggapi permintaan kami untuk Data Pribadi tambahan; 

(e)    melalui foto atau video yang diambil oleh kami atau perwakilan kami ketika Anda menghadiri acara yang diselenggarakan atau diorganisir oleh kami atau penyelenggara pihak ketiga mana pun yang kami tunjuk; 

(f)    saat Anda berada di dalam area kami yang menggunakan pengawasan CCTV; 

(g)    ketika kami menerima referensi dari mitra bisnis dan pihak ketiga; 

(h)    ketika Anda mengirimkan Data Pribadi Anda kepada kami karena alasan lain apa pun; dan 

(i)    Saat Anda menjelajahi situs web kami, silakan lihat Kebijakan Cookie kami untuk informasi lebih lanjut. 

3.2.    Selain itu, kami dapat memantau atau merekam panggilan telepon dan interaksi langsung dengan pelanggan untuk tujuan penjaminan mutu, pelatihan karyawan, evaluasi kinerja, dan verifikasi identitas. Pemantauan atau perekaman tersebut akan dilakukan sesuai dengan Hukum Perlindungan Data yang Berlaku. 

3.3.    Apabila Anda memberikan Data Pribadi orang lain (misalnya informasi yang berkaitan dengan tanggungan, pasangan, anak, dan/atau orang tua Anda, atau dalam kasus hubungan korporasi, informasi yang berkaitan dengan karyawan/perwakilan resmi Anda) kepada kami, Anda menyatakan dan menjamin bahwa pengungkapan tersebut kepada kami adalah sah menurut Hukum Perlindungan Data yang Berlaku. Selain itu, Anda berjanji untuk memastikan bahwa individu yang Data Pribadinya diberikan kepada kami telah mengizinkan pengungkapan tersebut, dan telah diberitahu serta menyetujui ketentuan Pernyataan Privasi ini. 

4.    Bagaimana Kami Menggunakan Data Pribadi Anda 

4.1.    Kami dapat memproses Data Pribadi Anda berdasarkan berbagai dasar hukum (sebagaimana diizinkan berdasarkan Undang-Undang Perlindungan Data yang Berlaku), termasuk hal-hal berikut: 

(a)    kami dapat memproses Data Pribadi Anda untuk satu atau lebih tujuan spesifik yang tercantum dalam Pernyataan Privasi ini berdasarkan persetujuan Anda; 

(b)    pemrosesan Data Pribadi Anda mungkin diperlukan untuk kepentingan sah yang kami kejar, atau oleh pihak ketiga yang memproses Data Pribadi atas nama kami, dan yang lebih besar daripada dampak negatif (jika ada) pada Anda. Kepentingan sah tersebut meliputi tujuan administratif umum, sumber daya manusia, operasional, hukum, kepatuhan, uji tuntas, audit, keselamatan dan keamanan; 

(c)    penggunaan Data Pribadi Anda mungkin merupakan persyaratan hukum atau kontraktual, seperti pemrosesan Data Pribadi Anda berdasarkan permintaan dari otoritas pengatur atau untuk melakukan tindakan yang diperlukan untuk menyediakan produk atau layanan kami kepada Anda; dan/atau 

(d)    pemrosesan Data Pribadi Anda mungkin diperlukan untuk melindungi kepentingan vital Anda, seperti dalam situasi darurat yang dapat membahayakan keselamatan fisik atau kesejahteraan Anda. 

4.2.    Secara umum, dengan tunduk pada Hukum Perlindungan Data yang Berlaku dan berdasarkan dasar hukum yang sesuai, termasuk jika Anda telah memberikan persetujuan khusus kepada kami, kami dapat menggunakan Data Pribadi Anda untuk tujuan berikut: 

(a)    melaksanakan segala kewajiban yang berkaitan dengan penyediaan produk atau layanan yang Anda minta, termasuk melakukan pengiriman kepada Anda untuk setiap pesanan penjualan yang Anda buat; 

(b)    memberikan Anda informasi promosi dan pemasaran tentang bisnis, produk, dan layanan kami dari waktu ke waktu;  

(c)    membantu kami melakukan pemasaran, periklanan, riset, dan analisis statistik untuk meninjau dan meningkatkan produk dan layanan kami; 

(d)    membagikan informasi agregat tentang Anda dengan pengiklan dan pihak ketiga lainnya untuk menyesuaikan konten dan iklan kami kepada Anda; 

(e)    bila perlu, kami akan menghubungi Anda melalui aplikasi perpesanan, telepon, faksimile, dan/atau email; 

(f)    untuk berkomunikasi dengan Anda mengenai perkembangan apa pun terkait Pernyataan Privasi ini, kebijakan, syarat dan ketentuan, serta informasi administratif lainnya; 

(g)    mengelola infrastruktur dan operasional bisnis kami serta mematuhi kebijakan internal; 

(h)    memfasilitasi setiap transaksi aset bisnis (yang dapat mencakup setiap penggabungan, akuisisi, atau penjualan aset) yang melibatkan entitas Grup Sembcorp mana pun;

(i)    memverifikasi identitas Anda, keakuratan informasi apa pun yang diberikan kepada kami, dan melakukan pemeriksaan uji tuntas untuk mematuhi hukum dan peraturan yang berlaku, termasuk sanksi, anti pencucian uang, dan hukum pengendalian perdagangan;   

(j)    menangani perselisihan, melakukan dan memfasilitasi investigasi dan proses hukum; 

(k)    melindungi dan menegakkan hak dan kewajiban hukum kita;  

(l)    mencegah, mendeteksi, dan menyelidiki kejahatan dan risiko komersial lainnya, termasuk penipuan dan pencucian uang;  

(m)    untuk menyimpan, menghosting, mencadangkan (baik untuk pemulihan bencana atau lainnya) Data Pribadi Anda, baik di dalam maupun di luar yurisdiksi Anda;  

(n)    mengelola akses ke tempat kami melalui kartu atau sistem akses biometric; 

(o)    untuk keperluan administrasi umum, kebijakan internal, keselamatan dan keamanan yang melibatkan entitas Grup Sembcorp mana pun; 

(p)    mematuhi semua peraturan, hukum, ketentuan, kode praktik, atau pedoman yang berlaku, atau membantu penegakan hukum dan investigasi oleh pihak berwenang terkait; 

(q)    untuk tujuan lain apa pun yang diperlukan, tambahan, atau konsekuensial terhadap tujuan yang disebutkan di atas; dan/atau 

(r)    tujuan lain apa pun yang kami beritahukan kepada Anda pada saat memperoleh persetujuan Anda, atau yang mungkin kami andalkan berdasarkan dasar hukum yang sesuai selain persetujuan Anda sesuai dengan Hukum Perlindungan Data yang Berlaku, 

dengan ketentuan bahwa Data Pribadi Anda hanya akan diproses untuk tujuan yang secara wajar sesuai dengan keadaan yang ada. 

4.3.    Selain tujuan-tujuan di atas (jika berlaku untuk hubungan kami dengan Anda), bergantung pada sifat hubungan kami dengan Anda, kami dapat menggunakan Data Pribadi Anda untuk tujuan tambahan berikut: 

4.3.1.    Jika Anda memiliki akun pengguna dengan kami (misalnya sebagai pengguna [GoNetZero atau Sembcorp Power]): 

(a)    memproses permohonan Anda dan mengelola akun pengguna Anda bersama kami; dan 

(b)    memproses permintaan pembayaran yang mungkin telah Anda ajukan. 

4.3.2.    Jika Anda adalah pelanggan perumahan yang telah berlangganan layanan pasokan listrik atau air kami: 

(a)    melakukan segala hal yang diperlukan untuk mengelola penyediaan layanan listrik atau air (termasuk menyelesaikan keluhan dan menangani permintaan serta pertanyaan); 

(b)    untuk menyediakan layanan listrik atau air yang Anda minta dan untuk melakukan semua hal yang diperlukan untuk mengelola pasokan tersebut; dan 

(c)    menagih dan mengumpulkan biaya layanan untuk pasokan air/listrik.

4.3.3.    Jika Anda adalah pemegang saham perusahaan kami: 

(a)    mengelola, mendukung, dan memelihara hubungan kami dengan Anda, termasuk verifikasi identitas Anda dan/atau identitas perwakilan Anda;  

(b)    memungkinkan Anda untuk menggunakan hak Anda atau memperoleh manfaat sebagai pemegang saham, seperti menerima pembayaran dividen atau materi kuasa sehubungan dengan rapat pemegang saham; dan 

(c)    memberikan informasi terbaru mengenai kinerja kami, termasuk laporan kinerja tahunan dan informasi terkait lainnya melalui media kepada Anda. 

4.3.4.    Jika Anda adalah vendor, calon vendor, atau kontraktor: 

(a)    berkomunikasi dengan Anda atau karyawan Anda sebagaimana diperlukan mengingat hubungan bisnis yang Anda miliki dengan kami, termasuk untuk keperluan penghubung bisnis, keadaan darurat, keselamatan, atau keamanan; dan 

(b)    meninjau dan mengevaluasi semua dokumen yang telah Anda kirimkan kepada kami sebagai bagian dari proposal layanan atau produk Anda. 

4.3.5.    Jika Anda adalah calon penyewa atau pembeli properti kami: 

(a)    menyiapkan semua dokumentasi yang relevan yang mungkin diperlukan sehubungan dengan sewa, pembelian, atau penjualan properti; dan 

(b)    mengelola transaksi untuk memenuhi kewajiban kami, termasuk melakukan pembayaran keuangan atau menagih pembayaran keuangan berdasarkan perjanjian sewa atau pembelian properti. 

4.3.6.    Jika Anda adalah pengunjung di lokasi Sembcorp atau menghadiri kegiatan atau acara yang diselenggarakan oleh Sembcorp: 

(a)    untuk mendaftarkan kunjungan Anda di tempat tersebut atau kehadiran Anda dalam kegiatan atau acara tersebut; 

(b)    untuk keperluan publisitas termasuk posting di platform media sosial dan publikasi buletin Sembcorp; 

(c)    untuk tujuan keselamatan, keamanan, dan keadaan darurat, termasuk penyelesaian pelatihan yang relevan sebelum izin masuk ke lokasi diberikan; dan 

(d)    untuk mendapatkan izin keamanan dari otoritas pemerintah terkait. 

4.3.7.    Jika Anda mengajukan lamaran kepada kami sebagai kandidat untuk pekerjaan: 

(a)    memproses lamaran Anda termasuk pemeriksaan pra-perekrutan; 

(b)    memberikan atau mendapatkan referensi untuk pemeriksaan/ verifikasi latar belakang; 

(c)    menilai dan mengevaluasi kesesuaian Anda untuk peran apa pun yang ada atau yang akan datang di dalam organisasi; dan 

(d)    memverifikasi keakuratan informasi Anda, termasuk sertifikasi, transkrip pendidikan, atau kompetensi kerja yang diajukan sebagai bagian dari lamaran Anda. 

(secara kolektif, “Tujuan”). 
4.4.    Karena tujuan pengumpulan, penggunaan, pengungkapan, atau pemrosesan Data Pribadi Anda bergantung pada keadaan yang ada, tujuan tersebut mungkin tidak tercantum di atas. Namun, kami akan memberi tahu Anda tentang tujuan lain tersebut pada saat memperoleh persetujuan Anda, kecuali pemrosesan data yang berlaku tanpa persetujuan Anda diizinkan oleh atau berdasarkan dasar hukum lain yang sesuai berdasarkan Undang-Undang Perlindungan Data yang Berlaku. 

4.5.    Untuk menghindari keraguan dan sejauh yang dipersyaratkan atau diizinkan oleh Hukum Perlindungan Data yang Berlaku, tujuan yang tercantum di atas dapat terus berlaku bahkan dalam situasi di mana hubungan Anda dengan kami (misalnya, berdasarkan kontrak) telah diakhiri atau diubah dengan cara apa pun, untuk jangka waktu yang wajar setelahnya. 

4.6.    Dalam menyediakan layanan ini kepada Anda dan/atau dalam interaksi kami dengan Anda, kami dapat menggunakan cara manual atau otomatis, termasuk layanan AI. Kami berupaya untuk memastikan keakuratan dan keandalan layanan AI kami, dan bila perlu, kami dapat memverifikasi hasilnya secara manual.

5.    Pengungkapan dan Transfer Data Pribadi 

5.1.    Kami perlu menggunakan, memproses, mengungkapkan, dan/atau mentransfer Data Pribadi Anda kepada berbagai pihak (beberapa di antaranya mungkin berlokasi di negara lain) untuk satu atau lebih Tujuan yang disebutkan di atas. Penerima termasuk, namun tidak terbatas pada: 

(a)    entitas lain dalam Grup Sembcorp; 

(b)    agen, kontraktor, penyedia layanan pihak ketiga, mitra bisnis, atau penasihat profesional yang kami gunakan untuk mendukung bisnis kami. Ini termasuk, tetapi tidak terbatas pada, pihak-pihak yang menyediakan layanan administratif, keuangan, riset, pembayaran, operasional, asuransi, audit, hukum, atau layanan lain kepada kami seperti teknologi informasi, verifikasi identitas, analisis data, pelatihan, riset pasar, dan pusat data; 

(c)    Biro Kredit, atau dalam hal terjadi wanprestasi atau perselisihan, lembaga penagihan utang atau pusat penyelesaian sengketa mana pun; 

(d)    setiap mitra bisnis, investor, penerima pengalihan atau penerima transfer sehubungan dengan akuisisi, penjualan, penggabungan, usaha patungan, konsolidasi, restrukturisasi, keuangan atau jenis transaksi bisnis lainnya; 

(e)    penasihat hukum, petugas penegak hukum, otoritas pemerintah atau regulator untuk mematuhi hukum atau peraturan apa pun, atau jika diperlukan untuk menanggapi keadaan darurat yang mengancam jiwa, kesehatan, atau keselamatan seseorang; atau jika diperlukan demi kepentingan umum; 

(f)    siapa pun kepada siapa kami mengalihkan atau mungkin mengalihkan hak dan kewajiban kami, termasuk, misalnya, ketika kami memperoleh layanan dari pihak ketiga. organisasi untuk menangani setiap aspek pemrosesan Data Pribadi Anda untuk tujuan yang telah diberitahukan kepada Anda sesuai dengan Pernyataan Privasi ini; 

(g)    pihak lain mana pun yang secara wajar dibutuhkan oleh Grup Sembcorp untuk mentransfer Data Pribadi guna memenuhi Tujuan yang disebutkan di atas; dan 

(h)    pihak lain mana pun sebagaimana disetujui oleh Anda, ditentukan oleh Anda, atau diberitahukan kepada Anda oleh kami dalam pemberitahuan selanjutnya, atau di mana penggunaan, pengungkapan, atau pengalihan Data Pribadi Anda didasarkan pada dasar hukum yang sesuai selain persetujuan Anda sesuai dengan Hukum Perlindungan Data yang Berlaku. 

5.2.    Pihak penerima tersebut akan memproses Data Pribadi Anda baik atas nama kami atau sebaliknya, untuk satu atau lebih Tujuan yang disebutkan di atas. Kami berupaya memastikan bahwa pihak penerima tersebut menjaga Data Pribadi Anda tetap aman dari akses, pengumpulan, penggunaan, pengungkapan, pemrosesan yang tidak sah atau risiko serupa dan hanya menyimpan data pribadi Anda selama data pribadi Anda dibutuhkan untuk Tujuan yang disebutkan di atas. 

5.3.    Transfer Data Pribadi Internasional 

5.3.1.    Data Pribadi Anda dapat ditransfer dari negara, provinsi, dan kota (“Negara Asal”) tempat Anda berada saat berinteraksi dengan Sembcorp dan/atau menggunakan produk dan layanan kami ke negara, provinsi, dan kota lain (“Negara Alternatif”).  

5.3.2.    Saat kami mentransfer Data Pribadi Anda dari Negara Asal Anda ke Negara Alternatif, kami akan mematuhi kewajiban hukum dan peraturan kami terkait Data Pribadi Anda, termasuk memiliki dasar hukum untuk mentransfer Data Pribadi dan menerapkan pengamanan yang tepat untuk memastikan tingkat perlindungan yang memadai bagi Data Pribadi sesuai dengan Hukum Perlindungan Data yang Berlaku. Kami juga akan memastikan bahwa penerima di Negara Alternatif berkewajiban untuk melindungi Data Pribadi Anda dengan standar perlindungan yang setara dengan perlindungan berdasarkan hukum yang berlaku. 

5.3.3.    Dasar hukum kami adalah persetujuan (yaitu kami dapat meminta persetujuan Anda untuk mentransfer Data Pribadi Anda dari Negara Asal Anda ke Negara Alternatif pada saat Anda memberikan Data Pribadi Anda) atau salah satu perlindungan yang diizinkan oleh Hukum Perlindungan Data yang Berlaku. 

6.    Perlindungan dan Penyimpanan Data Pribadi 

6.1.    Sembcorp akan mengambil langkah-langkah hukum, fisik, organisasi, dan teknis yang wajar sesuai dengan Hukum Perlindungan Data yang Berlaku untuk memastikan bahwa Data Pribadi Anda terlindungi. Ini termasuk langkah-langkah untuk mencegah Data Pribadi digunakan, diakses, atau hilang secara tidak sah. Sembcorp membatasi akses ke Data Pribadi Anda hanya kepada karyawan kami berdasarkan prinsip kebutuhan untuk mengetahui. Mereka yang memproses Data Pribadi Anda hanya akan melakukannya dengan cara yang sah dan diwajibkan untuk merahasiakan informasi Anda. 

6.2.    Namun, tidak dapat dipungkiri bahwa tidak ada jaminan keamanan absolut, misalnya, tetapi tidak terbatas pada, ketika terjadi pengungkapan tanpa izin akibat peretasan yang jahat dan canggih oleh pihak yang tidak bertanggung jawab tanpa kesalahan dari pihak kami. 

6.3.    Kami menyimpan Data Pribadi Anda selama kami memiliki tujuan bisnis atau tujuan hukum untuk melakukannya. Setelah tujuan tersebut terpenuhi, kami mengambil langkah-langkah untuk menghapus atau menganonimkan Data Pribadi Anda sesuai dengan Hukum Perlindungan Data yang Berlaku. 

7.    Penggunaan Cookie 

7.1.    Seperti kebanyakan layanan online, situs web dan platform kami menggunakan cookie untuk berbagai tujuan. Cookie adalah file yang disimpan di peramban web atau perangkat elektronik Anda. Cookie digunakan untuk mengaktifkan fungsi tertentu di situs web kami, seperti mengingat preferensi Anda dan informasi lainnya. .

7.2.    Untuk informasi lebih lanjut mengenai penggunaan hal-hal di atas, silakan merujuk pada Kebijakan Cookie Sembcorp.

8.    Situs web pihak ketiga yang kami tautkan 

8.1.    Situs web kami mungkin berisi tautan ke situs web pihak ketiga. Beberapa situs web pihak ketiga ini mungkin berisi informasi yang berkaitan dengan Grup Sembcorp, meskipun kami tidak mengoperasikan atau memeliharanya. Kami tidak bertanggung jawab atas praktik privasi situs web tersebut. Kami juga tidak memberikan pernyataan apa pun mengenai kualitas, kesesuaian, fungsionalitas, atau legalitas materi di situs web eksternal yang ditautkan dari situs web pihak ketiga, atau barang atau jasa apa pun yang tersedia dari situs web eksternal tersebut. Tautan hanya disediakan untuk kepentingan dan kenyamanan Anda. Kami tidak memantau atau menyelidiki situs-situs web eksternal tersebut dan kami tidak bertanggung jawab atas kerugian apa pun yang timbul dari konten atau keakuratan materi di dalamnya, dan pendapat apa pun yang diungkapkan di situs web eksternal tersebut tidak boleh dianggap sebagai dukungan, rekomendasi, atau pendapat kami. Jika Anda mengunjungi situs web pihak ketiga ini, Anda harus meninjau kebijakan privasi mereka. 

9.    Hak Anda Terkait Data Pribadi Anda 

9.1.    Sesuai dengan Hukum Perlindungan Data yang Berlaku, Anda mungkin berhak atas: 

(a)    menanyakan tentang cara kami memproses Data Pribadi Anda dan mendapatkan salinan Data Pribadi Anda yang kami simpan;  

(b)    meminta koreksi dan/atau penghapusan Data Pribadi Anda; 

(c)    meminta pembatasan atau keberatan terhadap pemrosesan Data Pribadi Anda; 

(d)    mencabut persetujuan Anda atas pemrosesan Data Pribadi Anda yang berada dalam kepemilikan atau kendali kami (jika dasar hukum untuk pemrosesan tersebut didasarkan pada persetujuan Anda); 

(e)    meminta penerimaan atau pengiriman Data Pribadi Anda kepada pengontrol data lain, dalam bentuk yang dapat dibaca mesin, di mana sistem yang digunakan mampu melakukan komunikasi yang aman sesuai dengan prinsip-prinsip perlindungan Data Pribadi berdasarkan Hukum Perlindungan Data yang Berlaku; 

(f)    mengajukan pengaduan kepada otoritas perlindungan data yang relevan jika hak privasi data Anda dilanggar, atau jika Anda menderita kerugian akibat pemrosesan Data Pribadi Anda yang melanggar hukum; dan 

9.2.    Jika Anda diberi pilihan untuk membagikan Data Pribadi Anda kepada kami dan Anda memilih untuk tidak melakukannya, atau kemudian menarik persetujuan Anda untuk penggunaan data tersebut oleh kami, ini dapat berarti bahwa kami mungkin tidak dapat melakukan tindakan yang diperlukan untuk mencapai Tujuan pemrosesan yang disebutkan di atas sebagaimana dijelaskan dalam Klausul 4 (Bagaimana Kami Menggunakan Data Pribadi Anda). Meskipun demikian, kami mungkin tetap melanjutkan pemrosesan Data Pribadi Anda sejauh yang dipersyaratkan atau diizinkan oleh Hukum Perlindungan Data yang Berlaku. 

9.3.    Kami akan menyeleksi dan memverifikasi semua permintaan. Untuk memverifikasi kewenangan Anda dalam mengajukan permintaan, kami mungkin meminta Anda untuk memberikan informasi atau dokumentasi pendukung untuk menguatkan permintaan tersebut. Setelah diverifikasi, kami akan memproses permintaan Anda dalam jangka waktu yang ditentukan oleh Hukum Perlindungan Data yang Berlaku. 

9.4.    Jika diizinkan berdasarkan Hukum Perlindungan Data yang Berlaku, kami dapat mengenakan biaya yang wajar kepada Anda untuk menangani dan memproses permintaan Anda untuk mendapatkan salinan Data Pribadi Anda. Jika kami memilih untuk mengenakan biaya, kami akan memberikan perkiraan biaya tertulis yang akan kami kenakan. Harap dicatat bahwa kami tidak wajib menanggapi atau menangani permintaan Anda kecuali Anda telah membayar biaya tersebut. 

9.5.    Kami berhak untuk menolak permintaan Anda sesuai dengan Hukum Perlindungan Data yang Berlaku, jika hukum tersebut mewajibkan dan/atau memberi wewenang kepada suatu organisasi untuk menolak permintaan tersebut. Jika diwajibkan oleh Hukum Perlindungan Data yang Berlaku, kami akan memberi tahu Anda alasan penolakan kami. 

10.    Bagaimana cara menghubungi Petugas Perlindungan Data kami? 

10.1.    Jika Anda memiliki pertanyaan tentang Pernyataan Privasi ini atau pertanyaan apa pun terkait penggunaan Data Pribadi Anda oleh kami, atau ingin menggunakan hak-hak Anda yang tercantum dalam Pernyataan Privasi ini, silakan hubungi Petugas Perlindungan Data kami di [email protected].

11.    Perubahan pada Pernyataan Privasi 

11.1.    Sembcorp berhak untuk mengubah, memperbarui, atau memperbaiki ketentuan Pernyataan Privasi ini kapan saja dengan menempatkan Pernyataan Privasi yang diperbarui di situs webnya dan, jika diwajibkan oleh hukum, kami akan memberi tahu Anda tentang perubahan material apa pun atau meminta persetujuan Anda jika diwajibkan oleh Hukum Perlindungan Data yang Berlaku. Kami menyarankan Anda untuk mengunjungi kembali pernyataan ini secara berkala untuk melihat versi terbaru. 

11.2.    Pernyataan Privasi ini terakhir diperbarui pada Desember 2025. 

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including the Personal Data Protection Act 2012 of Singapore (“PDPA”), the Philippine Data Privacy Act of 2012 (”DPA”) and its Implementing Rules and Regulations (“DPA-IRR”).

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: Depending on the jurisdiction you are in, you may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another data controller. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

“Sensitive Personal Data” refers to personal information: (1) about an individual’s race, ethnic origin, marital status, age, color, and religious, philosophical or political affiliations; (2) about an individual’s health, education, genetic or sexual life of a person, or to any proceeding for any offense committed or alleged to have been committed by such person, the disposal of such proceedings, or the sentence of any court in such proceedings; (3) issued by government agencies peculiar to an individual which includes, but not limited to, social security numbers, previous or current health records, licenses or its denials, suspension or revocation, and tax returns; and (4) specifically established by an executive order or an act of Congress to be kept classified.

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Information. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

In these cases, we shall obtain your consent prior to the processing of your Sensitive Personal Information, unless some other lawful criteria or basis is applicable as provided under Applicable Data Protection Laws. 

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent, whether express, deemed or implied;

(b)    the processing of your Personal Data could be necessary for legitimate interests pursued by us, or by a third party who processes Personal Data on behalf of us, and which outweigh the adverse effects (if any) on you. Such legitimate interests include general administrative, human resource, operational, legal, compliance, due diligence, auditing, safety and security purposes;

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and

(d)    the processing of your Personal Data may be necessary to protect your vital interests, such as in emergency situations that may endanger your physical safety or well-being.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(e)    request receipt or transmission to another organisation, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract; and

(f)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data; or seek indemnity for damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained, or unauthorized use of your personal data, taking into account any violation of your rights and freedom.

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including but not limited to the Law on Personal Data Protection No. 91/2025/QH15 passed by the National Assembly of the Socialist Republic of Vietnam on 26th June 2025 and Decree No. 13/2023/ND-CP dated 17th April 2023 of the Government of Vietnam on personal data protection (as applicable) and the Personal Data Protection Act 2012 of Singapore (“PDPA”). 

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: You have such rights in respect of your Personal Data as specified in Clause 9 (Your Rights with Respect to your Personal Data). 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites. We shall not be held liable for the accuracy, integrity, quality or reliability of such third-party websites. You further acknowledge and agree that you access and rely on such third-party websites at your own risk. We do not in any way endorse or support the views or ideas expressed in any third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use, transfer or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you and obtain your consent (if required) of material changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, marital status, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings;

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data may be considered “Sensitive Personal Data” under the Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), national ID information, criminal records, biometric information and data relating to a person’s health, physical, psychological, mental, genetic or sexual information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your consent or otherwise in accordance with the Applicable Data Protection Laws. 

4.2.    In general, subject to Applicable Data Protection Laws, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes permitted by the Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, contract execution, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties, premises operation; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted or recording of your footages in our CCTV surveillance system at Sembcorp premises; and

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    We will be the data controller in respect of the Personal Data that we collect from you in accordance with this Privacy Statement or, in cases in which we also directly processes your Personal Data, the data controller and processor.

4.7.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, or where the use, disclosure or transfer of your Personal Data is permitted without your consent in accordance with Applicable Data Protection Laws. 

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations under the Applicable Data Protection Laws in relation to your Personal Data, including having a lawful basis for transferring Personal Data.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    to be informed of the activities of processing Personal Data;

(b)    to agree or disagree or request withdrawal of consent to the Personal Data processing;

(c)    to view, modify, or request modification of your Personal Data;

(d)    to request the provision, deletion, and restriction of Personal Data processing; to submit requests to object to the processing of your Personal Data;

(e)    to complain, denounce, initiate lawsuits, or request compensation in accordance with the law; and

(f)    to request the competent authorities or agencies, organisations, or individuals relevant to Personal Data processing to adopt solutions and measures to protect your Personal Data in accordance with the law

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

9A.    Your obligations as a data subject

You have the following obligations as a data subject under the Applicable Data Protection Laws

(a)    to self-protect your Personal Data;

(b)    to respect and protect the personal data of others;

(c)    to fully and accurately provide your Personal Data in accordance with the law, contracts, or upon agreement to the processing of Personal Data; and

(d)    to comply with personal data protection laws and participate in the prevention and combat against personal data infringement;

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    Bản Tuyên Bố Về Quyền Riêng Tư này mô tả cách thức mà chúng tôi thu thập, sử dụng, tiết lộ, chuyển giao và bảo vệ (gọi chung là “xử lý”) Dữ Liệu Cá Nhân của bạn (như được định nghĩa tại Điều 2.1 dưới đây) theo quy định pháp luật áp dụng (“Luật Bảo Vệ Dữ Liệu Áp Dụng”), bao gồm nhưng không giới hạn Luật Bảo Vệ Dữ Liệu Cá Nhân số 91/2025/QH15 được Quốc Hội nước Cộng Hòa Xã Hội Chủ Nghĩa Việt Nam thông qua ngày 26/6/2025; Nghị định số 356/2025/NĐ-CP ngày 31/12/2025 của Chính Phủ về bảo vệ dữ liệu cá nhân và Luật Bảo Vệ Dữ Liệu Cá Nhân năm 2012 của Singapore (“PDPA”). 

1.3.    CÁCH THỨC CHÚNG TÔI XỬ LÝ DỮ LIỆU CÁ NHÂN CỦA BẠN.

(a)    Thu Thập Dữ Liệu: Tùy theo bản chất tương tác giữa bạn với chúng tôi, chúng tôi có thể thu thập các loại Dữ Liệu Cá Nhân từ bạn, ví dụ như thông tin liên hệ, thông tin định danh, dữ liệu thanh toán và các định danh trực tuyến. Dữ Liệu Cá Nhân Nhạy Cảm (như được định nghĩa tại Điều 2.2 dưới đây) được xử lý với mức độ cẩn trọng đặc biệt và chỉ được thu thập khi thực sự cần thiết.

(b)    Sử Dụng Dữ Liệu: Chúng tôi sử dụng Dữ Liệu Cá Nhân của bạn cho các mục đích như thực hiện nghĩa vụ theo hợp đồng, tuân thủ quy định pháp luật, hoạt động tiếp thị, an ninh và các nhu cầu vận hành. Các trường hợp sử dụng cụ thể bao gồm quản lý quan hệ khách hàng, hồ sơ tuyển dụng và tương tác với khách thuê hoặc nhà cung cấp.

(c)    Bảo Vệ và Lưu Trữ Dữ Liệu: Chúng tôi áp dụng các biện pháp bảo mật theo tiêu chuẩn ngành và phương pháp tối thiểu hóa dữ liệu nhằm bảo vệ dữ liệu của bạn. Việc lưu trữ chỉ giới hạn trong phạm vi cần thiết cho mục đích pháp lý hoặc kinh doanh.

(d)    Tiết Lộ Cho Bên Thứ Ba: Khi cần thiết, Dữ Liệu Cá Nhân của bạn có thể được tiết lộ cho các bên thứ ba, bao gồm công ty liên kết, nhà cung cấp dịch vụ, đối tác kinh doanh và cơ quan nhà nước có thẩm quyền. Khi có yêu cầu tiết lộ, chúng tôi sẽ đảm bảo rằng việc tiết lộ đó tuân thủ Luật Bảo Vệ Dữ Liệu Áp Dụng.

(e)    Quyền Đối Với Dữ Liệu Cá Nhân Của Bạn: Bạn có các quyền đối với Dữ Liệu Cá Nhân của mình theo quy định tại Điều 9 (Quyền Của Bạn Đối Với Dữ Liệu Cá Nhân).

(f)    Cookies và Liên Kết Đến Trang Web Bên Thứ Ba: Chúng tôi sử dụng Cookies để cải tiến chức năng của trang thông tin điện tử. Vui lòng lưu ý trang thông tin điện tử của chúng tôi có thể chứa các liên kết đến các trang thông tin điện tử của bên thứ ba mà chúng tôi không vận hành hoặc quản lý. Chúng tôi không chịu trách nhiệm đối với việc thực hiện quyền riêng tư của các trang thông tin điện tử đó và không chịu trách nhiệm về tính chính xác, toàn vẹn, chất lượng hoặc độ tin cậy của các trang thông tin điện tử đó. Bạn xác nhận và đồng ý rằng bạn hoàn toàn tự chịu rủi ro đối với việc truy cập và sử dụng các trang thông tin điện tử của bên thứ ba. Chúng tôi không xác nhận hoặc ủng hộ bất kỳ quan điểm hay nội dung nào được thể hiện tại các trang thông tin điện tử của bên thứ ba.

(g)    Chuyển Giao Dữ Liệu: Khi cần thiết, Dữ Liệu Cá Nhân của bạn có thể được chuyển giao giữa các địa điểm, bao gồm chuyển giao quốc tế. Khi việc chuyển giao như vậy được thực hiện, chúng tôi đảm bảo tuân thủ Luật Bảo Vệ Dữ Liệu Áp Dụng.

(h)    Tiếp Thị: Việc phân phối tài liệu quảng cáo, tiếp thị hoặc tài liệu thương mại cho bạn sẽ được thực hiện trên cơ sở sự đồng ý cụ thể của bạn. Bạn sẽ được thông báo về phương thức gửi và cơ chế từ chối nhận thông tin tiếp thị không tính phí. Khi bạn chọn hủy đăng ký, chúng tôi sẽ ngừng tất cả hoạt động tiếp thị gửi đến bạn.

(i)    Liên Hệ: Đối với các yêu cầu liên quan đến Dữ Liệu Cá Nhân của bạn hoặc để thực hiện quyền dữ liệu, vui lòng liên hệ Nhân Viên Bảo Vệ Dữ Liệu của chúng tôi tại [email protected]

1.4.    Bản Tuyên Bố Về Quyền Riêng Tư này bổ sung và không thay thế hoặc hủy bỏ bất kỳ sự đồng ý nào trước đây mà bạn đã cung cấp cho chúng tôi liên quan đến Dữ Liệu Cá Nhân của bạn. Bản Tuyên Bố Về Quyền Riêng Tư này cũng không ảnh hưởng đến bất kỳ quyền nào theo pháp luật mà chúng tôi có liên quan đến việc thu thập, sử dụng, chuyển giao hoặc tiết lộ Dữ Liệu Cá Nhân của bạn.

1.5.    Chúng tôi có thể cập nhật hoặc sửa đổi Bản Tuyên Bố Về Quyền Riêng Tư này bằng cách công bố phiên bản mới nhất trên trang thông tin điện tử của chúng tôi (www.sembcorp.com). Điều này nhằm đảm bảo rằng Bản Tuyên Bố Về Quyền Riêng Tư của chúng tôi phù hợp với sự phát triển, xu hướng ngành và thay đổi pháp lý hoặc quy định trong tương lai. Chúng tôi có thể thông báo và có được sự đồng ý của bạn (nếu cần thiết) đối với những thay đổi quan trọng trong cách thức chúng tôi Xử Lý Dữ Liệu Cá Nhân, thông qua các phương thức phù hợp như đăng thông báo hoặc gửi thông báo trực tiếp.

1.6.    Trong trường hợp có bất kỳ sự không thống nhất nào giữa các phiên bản của Bản Tuyên Bố Về Quyền Riêng Tư này, phiên bản tiếng Anh sẽ được ưu tiên áp dụng.

2.    Những Loại Dữ Liệu Cá Nhân Chúng Tôi Thu Thập

2.1.    “Dữ Liệu Cá Nhân” là bất kỳ dữ liệu hoặc thông tin nào về bạn mà từ đó bạn có thể được định danh, (a) từ chính dữ liệu đó; hoặc (b) từ dữ liệu đó kết hợp với thông tin khác.

Tùy thuộc vào bản chất tương tác giữa bạn với chúng tôi, các ví dụ về Dữ Liệu Cá Nhân mà chúng tôi có thể thu thập từ bạn bao gồm:

(a)    thông tin cá nhân như họ tên, giới tính, ngày sinh, địa chỉ cư trú, quốc tịch, tình trạng hôn nhân, hộ chiếu hoặc giấy tờ định danh cá nhân khác;

(b)    thông tin liên hệ như số điện thoại hoặc địa chỉ thư điện tử; 

(c)    thông tin thanh toán như số tài khoản ngân hàng, số thẻ tín dụng hoặc thẻ ghi nợ; 

(d)    các khoản phải thu hoặc phải trả liên quan đến bạn;

(e)    hình ảnh qua ảnh chụp hoặc video;

(f)    thông tin nghề nghiệp như chức danh, chức vụ quản lý, lịch sử việc làm, mức lương;  

(g)    ý kiến cá nhân của bạn, ví dụ thông qua các biểu mẫu phản hồi; và

(h)    dữ liệu điện tử liên quan đến việc bạn sử dụng trang thông tin điện tử và dịch vụ của chúng tôi, bao gồm cookies, địa chỉ IP, nhật ký hoạt động và các định danh trực tuyến.

2.2.    Các loại thông tin đặc thù hoặc “Dữ Liệu Cá Nhân Nhạy Cảm”

Một số loại Dữ Liệu Cá Nhân có thể được xem là “Dữ Liệu Cá Nhân Nhạy Cảm” theo Luật Bảo Vệ Dữ Liệu Áp Dụng. Các loại Dữ Liệu Cá Nhân có thể được xem là Dữ Liệu Cá Nhân Nhạy Cảm bao gồm: thông tin thanh toán (ví dụ: số thẻ tín dụng, số tài khoản ngân hàng), thông tin định danh quốc gia, lý lịch tư pháp, dữ liệu sinh trắc học và dữ liệu liên quan đến sức khỏe, thể chất, tâm lý, tinh thần, di truyền hoặc đời sống tình dục của một cá nhân.

Nhìn chung, chúng tôi cố gắng giới hạn các trường hợp chúng tôi thu thập, sử dụng hoặc tiết lộ Dữ Liệu Cá Nhân Nhạy Cảm. Tuy nhiên, việc thu thập, sử dụng hoặc tiết lộ Dữ Liệu Cá Nhân Nhạy Cảm này có thể xảy ra trong một số trường hợp, chẳng hạn như:

(a)    dữ liệu được yêu cầu cho mục đích an toàn & an ninh hoặc là cần thiết theo hợp đồng, ví dụ để hoàn tất giao dịch với bạn;

(b)    dữ liệu được yêu cầu bởi cơ quan quản lý theo quy định pháp luật;

(c)    chúng tôi phải thu thập, sử dụng hoặc tiết lộ dữ liệu từ/đến bạn theo yêu cầu của pháp luật; hoặc 

(d)    bạn tự nguyện cung cấp dữ liệu đó cho chúng tôi (hoặc người đại diện được ủy quyền của bạn cung cấp dữ liệu đó).

3.    Cách Chúng Tôi Thu Thập Dữ Liệu Cá Nhân Của Bạn

3.1.    Chúng tôi thường thu thập Dữ Liệu Cá Nhân của bạn thông qua các cách sau:

(a)    khi bạn tạo tài khoản với chúng tôi, gửi biểu mẫu, đăng ký sử dụng hoặc mua sản phẩm/dịch vụ của chúng tôi;

(b)    khi bạn gửi yêu cầu trực tuyến hoặc tạo tài khoản trực tuyến với chúng tôi;

(c)    khi bạn tương tác với nhân viên của chúng tôi hoặc nhà cung cấp dịch vụ qua điện thoại, cuộc gọi, thư điện tử, biểu mẫu trực tuyến, bao gồm yêu cầu liên hệ, đăng ký nhận thư điện tử/bản tin, tham gia chương trình khuyến mại, khảo sát thị trường hoặc các hoạt động khác;

(d)    khi bạn phản hồi yêu cầu cung cấp thêm Dữ Liệu Cá Nhân của chúng tôi;

(e)    thông qua hình ảnh hoặc video do chúng tôi hoặc đại diện của chúng tôi ghi lại tại các sự kiện do chúng tôi tổ chức hoặc do bên thứ ba thay mặt chúng tôi tổ chức;

(f)    khi bạn có mặt trong mặt bằng của chúng tôi – nơi có sử dụng hệ thống camera giám sát (CCTV);

(g)    khi chúng tôi nhận thông tin giới thiệu từ đối tác kinh doanh hoặc bên thứ ba;

(h)    khi bạn cung cấp Dữ Liệu Cá Nhân cho chúng tôi vì bất kỳ lý do nào khác; và

(i)    khi bạn truy cập trang thông tin điện tử của chúng tôi; vui lòng tham khảo Chính Sách Cookie để biết thêm thông tin.

3.2.    Ngoài ra, chúng tôi có thể giám sát hoặc ghi âm cuộc gọi và các tương tác trực tiếp với khách hàng nhằm đảm bảo chất lượng dịch vụ, đào tạo nhân viên, đánh giá hiệu quả và xác minh danh tính. Việc giám sát và ghi âm này được thực hiện phù hợp với Luật Bảo Vệ Dữ Liệu Áp Dụng.

3.3.    Khi bạn cung cấp Dữ Liệu Cá Nhân của người khác cho chúng tôi (ví dụ: thông tin của người phụ thuộc, vợ/chồng, con cái và/hoặc cha mẹ; hoặc trong quan hệ tổ chức, thông tin của nhân viên hoặc người đại diện được ủy quyền của bạn), bạn cam đoan và đảm bảo rằng việc cung cấp dữ liệu này cho chúng tôi là hợp pháp theo Luật Bảo Vệ Dữ Liệu Áp Dụng. Ngoài ra, bạn cũng có trách nhiệm đảm bảo rằng cá nhân có Dữ Liệu Cá Nhân được cung cấp đã cho phép cung cấp và được thông báo và đồng ý đối với Bản Tuyên Bố Về Quyền Riêng Tư này.

4.    Cách Chúng Tôi Sử Dụng Dữ Liệu Cá Nhân Của Bạn

4.1.    Chúng tôi có thể xử lý Dữ Liệu Cá Nhân của bạn cho một hoặc nhiều mục đích cụ thể được nêu trong Bản Tuyên Bố Về Quyền Riêng Tư này dựa trên sự đồng ý của bạn hoặc theo quy định của Luật Bảo Vệ Dữ Liệu Áp Dụng.

4.2.    Nhìn chung, tùy thuộc vào Luật Bảo Vệ Dữ Liệu Áp Dụng, chúng tôi có thể sử dụng Dữ Liệu Cá Nhân của bạn cho các mục đích sau:

(a)    thực hiện bất kỳ nghĩa vụ nào liên quan đến việc cung cấp sản phẩm hoặc dịch vụ theo yêu cầu của bạn, bao gồm giao hàng tới bạn cho các đơn đặt hàng bạn đã đặt;

(b)    cung cấp cho bạn thông tin quảng cáo và tiếp thị về hoạt động kinh doanh, sản phẩm và dịch vụ của chúng tôi theo từng thời điểm;

(c)    hỗ trợ chúng tôi thực hiện các hoạt động tiếp thị, quảng cáo, nghiên cứu và phân tích thống kê nhằm đánh giá và nâng cao sản phẩm, dịch vụ;

(d)    chia sẻ thông tin tổng hợp về bạn với nhà quảng cáo hoặc bên thứ ba nhằm tùy chỉnh nội dung và quảng cáo phù hợp với bạn;

(e)    liên hệ với bạn qua ứng dụng nhắn tin, điện thoại, fax và/hoặc thư điện tử, nếu phù hợp;

(f)    thông báo cho bạn về các sửa đổi đối với Bản Tuyên Bố Về Quyền Riêng Tư này, các chính sách, điều khoản và điều kiện hoặc các thông tin quản trị khác;

(g)    quản lý cơ sở hạ tầng, hoạt động kinh doanh và tuân thủ chính sách nội bộ của chúng tôi;

(h)    hỗ trợ bất kỳ giao dịch tài sản doanh nghiệp nào (bao gồm sáp nhập, mua bán hoặc chuyển nhượng tài sản) liên quan đến bất kỳ đơn vị nào thuộc Tập Đoàn Sembcorp;

(i)    xác minh danh tính của bạn, xác nhận tính chính xác của thông tin bạn cung cấp và thực hiện các kiểm tra thẩm định nhằm tuân thủ quy định pháp luật, bao gồm luật về trừng phạt, chống rửa tiền và kiểm soát thương mại;

(j)    xử lý tranh chấp, tiến hành và hỗ trợ điều tra và các thủ tục liên quan;

(k)    bảo vệ và thực thi quyền và nghĩa vụ pháp lý của chúng tôi;

(l)    ngăn chặn, phát hiện và điều tra tội phạm hoặc rủi ro thương mại khác, bao gồm gian lận và rửa tiền;

(m)    lưu trữ, lưu giữ, sao lưu (bao gồm cho mục đích khôi phục thảm họa hoặc mục đích khác) Dữ Liệu Cá Nhân của bạn, dù trong hay ngoài lãnh thổ của bạn;

(n)    quản lý việc tiếp cận mặt bằng của chúng tôi thông qua hệ thống thẻ hoặc sinh trắc học;

(o)    phục vụ mục đích quản trị chung, chính sách nội bộ, an toàn và an ninh liên quan đến bất kỳ đơn vị nào thuộc Tập Đoàn Sembcorp;

(p)    tuân thủ nguyên tắc, luật, quy định pháp luật, quy tắc ứng xử, hướng dẫn áp dụng hoặc hỗ trợ thi hành pháp luật và công tác điều tra của cơ quan có liên quan;

(q)    phục vụ bất kỳ mục đích nào khác cần thiết, liên quan hoặc phát sinh từ các mục đích nêu trên; và/hoặc

(r)    bất kỳ mục đích nào khác được phép theo Luật Bảo Vệ Dữ Liệu Áp Dụng, 

với điều kiện Dữ Liệu Cá Nhân của bạn chỉ được xử lý cho các mục đích hợp lý và phù hợp trong từng hoàn cảnh cụ thể.

4.3.    Ngoài các mục đích nêu trên (phù hợp với mối quan hệ của bạn với chúng tôi), tùy thuộc vào bản chất quan hệ giữa bạn và chúng tôi, Dữ Liệu Cá Nhân của bạn có thể được sử dụng cho các mục đích bổ sung sau:

4.3.1.    Nếu bạn có tài khoản người dùng với chúng tôi (ví dụ: là người dùng của GoNetZero hoặc Sembcorp Power):

(a)    xử lý hồ sơ đăng ký tài khoản và quản lý tài khoản người dùng của bạn với chúng tôi; và

(b)    xử lý các yêu cầu thanh toán mà bạn đề nghị.

4.3.2.    Nếu bạn là khách hàng cư trú đã đăng ký dịch vụ cung cấp điện hoặc nước của chúng tôi:

(a)    thực hiện mọi công việc cần thiết để quản lý việc cung cấp dịch vụ điện hoặc nước (bao gồm giải quyết khiếu nại và xử lý yêu cầu, thắc mắc);

(b)    cung cấp cho bạn dịch vụ điện hoặc nước theo yêu cầu và thực hiện mọi công việc cần thiết để quản lý việc cung cấp điện hoặc nước đó; và

(c)    lập hóa đơn và thu phí dịch vụ cho việc cung cấp điện/nước.

4.3.3.    Nếu bạn là cổ đông của chúng tôi:

(a)    quản lý, hỗ trợ và duy trì mối quan hệ với bạn, bao gồm việc xác minh danh tính của bạn và/hoặc danh tính người được ủy quyền;

(b)    tạo điều kiện để bạn thực hiện quyền hoặc nhận lợi ích với tư cách cổ đông, chẳng hạn như nhận cổ tức được chia hoặc tài liệu ủy quyền liên quan đến họp cổ đông; và

(c)    cập nhật cho bạn về tình hình hoạt động của chúng tôi, bao gồm báo cáo kết quả hoạt động hàng năm và các thông tin liên quan khác thông qua tài liệu truyền thông.

4.3.4.    Nếu bạn là nhà cung cấp, nhà cung cấp tiềm năng hoặc nhà thầu:

(a)    liên hệ với bạn hoặc nhân viên của bạn khi cần thiết theo mối quan hệ kinh doanh với chúng tôi, bao gồm cho mục đích liên lạc công việc, thực hiện hợp đồng, khẩn cấp, an toàn hoặc an ninh; và

(b)    xem xét và đánh giá các tài liệu bạn đã gửi cho chúng tôi như một phần của đề xuất dịch vụ hoặc sản phẩm.

4.3.5.    Nếu bạn là khách thuê hoặc người mua tiềm năng hoặc hiện tại đối với bất động sản của chúng tôi:

(a)    chuẩn bị các tài liệu liên quan theo yêu cầu liên quan đến việc thuê, mua hoặc bán bất động sản, vận hành mặt bằng; và

(b)    quản lý các giao dịch để thực hiện nghĩa vụ của chúng tôi, bao gồm thực hiện hoặc thu các khoản thanh toán tài chính theo hợp đồng thuê hoặc mua bất động sản.

4.3.6.    Nếu bạn là khách đến mặt bằng của Sembcorp hoặc tham dự một hoạt động hoặc sự kiện do Sembcorp tổ chức:

(a)    đăng ký buổi tham quan tại mặt bằng của Sembcorp hoặc tham dự hoạt động hoặc sự kiện của bạn;

(b)    cho mục đích truyền thông, bao gồm đăng tải trên các nền tảng mạng xã hội của Sembcorp và các bản tin;

(c)    cho mục đích an toàn, an ninh và khẩn cấp, bao gồm hoàn thành các khóa đào tạo liên quan trước khi được phép vào mặt bằng hoặc ghi hình bạn trong hệ thống giám sát CCTV tại cơ sở của Sembcorp; và

(d)    cho mục đích kiểm tra an ninh với các cơ quan chính phủ có thẩm quyền.

4.3.7.    Nếu bạn nộp hồ sơ ứng tuyển cho chúng tôi với tư cách là ứng viên:

(a)    xử lý hồ sơ ứng tuyển của bạn, bao gồm kiểm tra trước khi tuyển dụng;

(b)    cung cấp hoặc thu thập thông tin tham chiếu để kiểm tra lý lịch;

(c)    đánh giá và xem xét mức độ phù hợp của bạn cho bất kỳ vị trí hiện tại hoặc tiềm năng trong tổ chức; và

(d)    xác minh tính chính xác của thông tin bạn cung cấp, bao gồm chứng chỉ, bảng điểm hoặc năng lực công việc được nộp trong hồ sơ ứng tuyển.

(được gọi chung là “Các Mục Đích”).

4.4.    Do các mục đích mà chúng tôi sẽ/có thể thu thập, sử dụng, tiết lộ hoặc xử lý Dữ Liệu Cá Nhân của bạn phụ thuộc vào từng hoàn cảnh cụ thể, nên có thể một số mục đích không được liệt kê ở trên. Tuy nhiên, chúng tôi sẽ thông báo cho bạn về mục đích khác tại thời điểm lấy sự đồng ý của bạn, trừ khi việc xử lý dữ liệu đó không cần sự đồng ý theo quy định của Luật Bảo Vệ Dữ Liệu Áp Dụng.

4.5.    Để tránh nghi ngờ và trong phạm vi được yêu cầu hoặc được phép theo Luật Bảo Vệ Dữ Liệu Áp Dụng, các mục đích nêu trên có thể tiếp tục áp dụng ngay cả khi mối quan hệ của bạn với chúng tôi (ví dụ: theo hợp đồng) đã chấm dứt hoặc thay đổi dưới bất kỳ hình thức nào, trong một khoảng thời gian hợp lý sau đó.

4.6.    Chúng tôi sẽ là bên kiểm soát dữ liệu đối với Dữ Liệu Cá Nhân mà chúng tôi thu thập từ bạn theo Bản Tuyên Bố Về Quyền Riêng Tư này hoặc, trong trường hợp chúng tôi cũng trực tiếp xử lý Dữ Liệu Cá Nhân của bạn, sẽ là bên kiểm soát và xử lý dữ liệu.

4.7.    Trong quá trình cung cấp các dịch vụ này cho bạn và/hoặc trong các tương tác khác với bạn, chúng tôi có thể sử dụng các phương tiện thủ công hoặc tự động, bao gồm cả dịch vụ trí tuệ nhân tạo (AI). Chúng tôi nỗ lực đảm bảo độ chính xác và tin cậy của các dịch vụ AI, và bất cứ khi nào cần thiết, chúng tôi có thể kiểm tra thủ công các kết quả đầu ra.

5.    Công Bố và Chuyển Giao Dữ Liệu Cá Nhân

5.1.    Chúng tôi cần sử dụng, xử lý, tiết lộ và/hoặc chuyển giao Dữ Liệu Cá Nhân của bạn cho nhiều bên (một số bên có thể ở quốc gia khác) cho một hoặc Các Mục Đích đã nêu ở trên. Các bên nhận bao gồm nhưng không giới hạn:

(a)    các pháp nhân khác trong Tập Đoàn Sembcorp;

(b)    đại lý, nhà thầu, nhà cung cấp dịch vụ, đối tác kinh doanh hoặc cố vấn chuyên môn mà chúng tôi sử dụng để hỗ trợ hoạt động kinh doanh bao gồm nhưng không giới hạn bên cung cấp dịch vụ hành chính, tài chính, nghiên cứu, thanh toán, vận hành, bảo hiểm, kiểm toán, pháp lý hoặc các dịch vụ khác cho chúng tôi như công nghệ thông tin, xác minh danh tính, phân tích dữ liệu, đào tạo, nghiên cứu thị trường và trung tâm dữ liệu;

(c)    Trung tâm Thông Tin Tín Dụng hoặc trong trường hợp vi phạm nghĩa vụ hoặc tranh chấp, bất kỳ cơ quan thu hồi nợ hoặc cơ quan giải quyết tranh chấp nào;

(d)    bất kỳ đối tác kinh doanh, nhà đầu tư, bên nhận chuyển nhượng hoặc bên được chuyển giao liên quan đến các giao dịch mua bán, sáp nhập, liên doanh, hợp nhất, tái cấu trúc, tài chính hoặc bất kỳ loại giao dịch kinh doanh nào khác;

(e)    bất kỳ cố vấn pháp lý, cơ quan thực thi pháp luật, cơ quan chính phủ hoặc cơ quan quản lý để tuân thủ pháp luật hoặc quy định, hoặc khi cần thiết để ứng phó với tình huống khẩn cấp đe dọa tính mạng, sức khỏe hoặc an toàn của một người; hoặc khi cần thiết vì lợi ích công cộng;

(f)    bất kỳ bên nào mà chúng tôi chuyển giao hoặc có thể chuyển giao quyền và nghĩa vụ của mình, bao gồm, ví dụ, khi chúng tôi thuê một tổ chức bên thứ ba xử lý bất kỳ khía cạnh nào liên quan đến Dữ Liệu Cá Nhân của bạn cho các mục đích đã được thông báo cho bạn theo Bản Tuyên Bố Về Quyền Riêng Tư này;

(g)    bất kỳ bên nào khác mà Tập Đoàn Sembcorp yêu cầu chuyển giao Dữ Liệu Cá Nhân một cách hợp lý để thực hiện Các Mục Đích đã nêu ở trên; và

(h)    bất kỳ bên nào khác theo sự đồng ý của bạn hoặc khi việc sử dụng, tiết lộ hoặc chuyển giao Dữ Liệu Cá Nhân của bạn được phép thực hiện mà không cần sự đồng ý của bạn theo Luật Bảo Vệ Dữ Liệu Áp Dụng.

5.2.    Các bên nhận này sẽ xử lý Dữ Liệu Cá Nhân của bạn thay mặt chúng tôi hoặc theo cách khác cho một hoặc Các Mục Đích đã nêu ở trên. Chúng tôi nỗ lực đảm bảo rằng các bên nhận này bảo vệ Dữ Liệu Cá Nhân của bạn khỏi việc truy cập, thu thập, sử dụng, công bố, xử lý trái phép hoặc các rủi ro tương tự và chỉ lưu giữ dữ liệu cá nhân của bạn trong thời gian cần thiết cho Các Mục Đích đã đề cập.

5.3.    Chuyển Giao Dữ Liệu Cá Nhân Xuyên Biên Giới

5.3.1.    Dữ Liệu Cá Nhân của bạn có thể được chuyển từ quốc gia, bang hoặc thành phố nơi bạn đang hiện diện khi tương tác với Sembcorp và/hoặc sử dụng sản phẩm, dịch vụ của chúng tôi (“Quốc Gia Gốc”) sang một quốc gia, bang hoặc thành phố khác (“Quốc Gia Khác”).

5.3.2.    Khi chúng tôi thực hiện việc chuyển Dữ Liệu Cá Nhân của bạn từ Quốc Gia Gốc sang Quốc Gia Khác, chúng tôi sẽ tuân thủ đầy đủ các nghĩa vụ pháp lý và quy định theo Luật Bảo Vệ Dữ Liệu Áp Dụng, bao gồm việc đảm bảo có cơ sở pháp lý cho việc chuyển giao.

6.    Bảo Vệ và Lưu Trữ Dữ Liệu Cá Nhân

6.1.    Sembcorp sẽ áp dụng các biện pháp pháp lý, vật lý, tổ chức và kỹ thuật hợp lý theo yêu cầu của Luật Bảo Vệ Dữ Liệu Áp Dụng để đảm bảo Dữ Liệu Cá Nhân của bạn được bảo vệ. Các biện pháp này bao gồm ngăn chặn việc sử dụng, truy cập hoặc mất dữ liệu một cách trái phép. Sembcorp giới hạn quyền truy cập Dữ Liệu Cá Nhân của bạn cho nhân viên của chúng tôi trên cơ sở cần-được-biết. Những người xử lý Dữ Liệu Cá Nhân sẽ chỉ thực hiện theo cách được ủy quyền và phải bảo mật thông tin của bạn.

6.2.    Tuy nhiên, chúng tôi không thể đảm bảo an ninh tuyệt đối, ví dụ như trong trường hợp tiết lộ trái phép do hành vi tấn công độc hại và tinh vi của các đối tượng xấu mà không phải lỗi của chúng tôi.

6.3.    Chúng tôi lưu trữ Dữ Liệu Cá Nhân của bạn trong thời gian chúng tôi có mục đích kinh doanh hoặc pháp lý và cần lưu trữ Dữ Liệu đó. Khi các mục đích này đã được đáp ứng, chúng tôi sẽ thực hiện các bước để hủy hoặc ẩn danh Dữ Liệu Cá Nhân của bạn theo quy định của Luật Bảo Vệ Dữ Liệu Áp Dụng.

7.    Sử Dụng Cookies

7.1.    Giống như hầu hết các dịch vụ trực tuyến, trang thông tin điện tử và nền tảng của chúng tôi sử dụng cookie cho nhiều mục đích khác nhau. Cookie là các tệp được lưu trữ trên trình duyệt hoặc thiết bị điện tử của bạn, giúp kích hoạt một số chức năng trên trang thông tin điện tử, chẳng hạn như ghi nhớ tùy chọn và thông tin của bạn.

7.2.    Để biết thêm thông tin, vui lòng tham khảo Chính Sách Cookie của Sembcorp.

8.    Trang Thông Tin Điện Tử Của Bên Thứ Ba Được Liên Kết

8.1.    Trang thông tin điện tử của chúng tôi có thể chứa liên kết đến các trang thông tin điện tử của bên thứ ba. Một số trang thông tin điện tử này có thể chứa thông tin liên quan đến Tập Đoàn Sembcorp, dù chúng tôi không vận hành hoặc quản lý chúng. Chúng tôi không chịu trách nhiệm về việc thực hiện bảo mật của các trang thông tin điện tử đó và không đảm bảo về chất lượng, tính phù hợp, chức năng hoặc tính hợp pháp của nội dung hoặc hàng hóa, dịch vụ từ các trang thông tin điện tử bên ngoài. Các liên kết này chỉ nhằm mục đích cung cấp thông tin và thuận tiện cho bạn. Chúng tôi không giám sát hoặc kiểm tra các trang thông tin điện tử này và không chịu trách nhiệm về bất kỳ tổn thất nào phát sinh từ nội dung hoặc độ chính xác của chúng và bất kỳ ý kiến nào được thể hiện trên các trang thông tin điện tử này không được coi là sự tán thành, khuyến nghị hoặc ý kiến của chúng tôi. Nếu bạn truy cập các trang thông tin điện tử bên thứ ba, bạn nên xem xét chính sách bảo mật của họ.

9.    Quyền Đối Với Dữ Liệu Cá Nhân Của Bạn

9.1.    Theo quy định của Luật Bảo Vệ Dữ Liệu Áp Dụng, bạn có quyền:

(a)    được thông báo về các hoạt động xử lý Dữ Liệu Cá Nhân;

(b)    đồng ý hoặc không đồng ý, hoặc yêu cầu rút lại sự đồng ý đối với việc xử lý Dữ Liệu Cá Nhân;

(c)    xem, chỉnh sửa hoặc yêu cầu chỉnh sửa Dữ Liệu Cá Nhân của bạn;

(d)    yêu cầu cung cấp, xóa bỏ hoặc hạn chế việc xử lý Dữ Liệu Cá Nhân; gửi yêu cầu phản đối việc xử lý Dữ Liệu Cá Nhân của bạn;

(e)    khiếu nại, tố cáo, khởi kiện hoặc yêu cầu bồi thường theo quy định pháp luật; và

(f)    yêu cầu cơ quan có thẩm quyền hoặc các tổ chức, cá nhân liên quan đến việc xử lý Dữ Liệu Cá Nhân áp dụng giải pháp và biện pháp bảo vệ Dữ Liệu Cá Nhân của bạn theo quy định pháp luật.

9.2.    Nếu bạn được lựa chọn chia sẻ Dữ Liệu Cá Nhân với chúng tôi nhưng bạn từ chối hoặc sau đó rút lại sự đồng ý cho việc sử dụng dữ liệu này, điều đó có thể dẫn đến việc chúng tôi không thể thực hiện các hành động cần thiết để đạt được Các Mục Đích xử lý đã nêu tại Điều 4 (Cách Chúng Tôi Sử Dụng Dữ Liệu Cá Nhân). Tuy nhiên, chúng tôi vẫn có thể tiếp tục xử lý Dữ Liệu Cá Nhân Của Bạn trong phạm vi được yêu cầu hoặc được Luật Bảo Vệ Dữ Liệu Áp Dụng cho phép.

9.3.    Chúng tôi sẽ rà soát và xác minh tất cả các yêu cầu. Để xác minh quyền hạn của bạn trong việc đưa ra yêu cầu, chúng tôi có thể yêu cầu bạn cung cấp thông tin hoặc tài liệu chứng minh. Sau khi xác minh, chúng tôi sẽ thực hiện yêu cầu của bạn trong thời hạn được quy định bởi Luật Bảo Vệ Dữ Liệu Áp Dụng.

9.4.    Trong trường hợp Luật Bảo Vệ Dữ Liệu Áp Dụng cho phép, chúng tôi có thể thu phí hợp lý cho việc xử lý yêu cầu cung cấp bản sao Dữ Liệu Cá Nhân của bạn. Nếu áp dụng thu phí, chúng tôi sẽ cung cấp cho bạn báo giá bằng văn bản. Lưu ý rằng chúng tôi không có nghĩa vụ phản hồi hoặc xử lý yêu cầu của bạn cho đến khi bạn thanh toán khoản phí này.

9.5.    Chúng tôi có quyền từ chối yêu cầu của bạn theo quy định của Luật Bảo Vệ Dữ Liệu Áp Dụng, trong trường hợp pháp luật yêu cầu hoặc cho phép tổ chức từ chối yêu cầu đó. Khi Luật Bảo Vệ Dữ Liệu Áp Dụng yêu cầu, chúng tôi sẽ thông báo cho bạn lý do từ chối.

9A.    Nghĩa Vụ Của Bạn Với Tư Cách Là Chủ Thể Dữ Liệu

Bạn có các nghĩa vụ sau theo Luật Bảo Vệ Dữ Liệu Áp Dụng:

(a)    tự bảo vệ Dữ Liệu Cá Nhân của mình;

(b)    tôn trọng và bảo vệ Dữ Liệu Cá Nhân của người khác;

(c)    cung cấp đầy đủ và chính xác Dữ Liệu Cá Nhân theo quy định pháp luật, hợp đồng hoặc khi đồng ý cho việc xử lý Dữ Liệu Cá Nhân;
 
(d)    tuân thủ pháp luật về bảo vệ dữ liệu cá nhân và tham gia phòng ngừa, chống hành vi xâm phạm dữ liệu cá nhân.

10.    Liên Hệ Với Nhân Sự Bảo Vệ Dữ Liệu

10.1.    Nếu bạn có bất kỳ câu hỏi nào về Bản Tuyên Bố Về Quyền Riêng Tư này hoặc thắc mắc liên quan đến việc chúng tôi sử dụng Dữ Liệu Cá Nhân của bạn, hoặc muốn thực hiện các quyền được nêu trong Bản Tuyên Bố Về Quyền Riêng Tư này, vui lòng liên hệ với Nhân Sự Bảo Vệ Dữ Liệu của chúng tôi qua thư điện tử: [email protected]. 

11.    Thay Đổi Bản Tuyên Bố Về Quyền Riêng Tư

11.1.    Sembcorp có quyền sửa đổi, cập nhật hoặc điều chỉnh các điều khoản của Bản Tuyên Bố Về Quyền Riêng Tư này bất kỳ lúc nào bằng cách đăng bản cập nhật trên trang thông tin điện tử của Sembcorp và, khi pháp luật yêu cầu, chúng tôi sẽ thông báo cho bạn về những thay đổi quan trọng hoặc xin ý kiến chấp thuận nếu Luật Bảo Vệ Dữ Liệu Áp Dụng yêu cầu. Chúng tôi khuyến nghị bạn thường xuyên truy cập để xem phiên bản mới nhất.

11.2.    Bản Tuyên Bố Về Quyền Riêng Tư này được cập nhật gần nhất vào tháng 12 năm 2025.

1.2.    This Privacy Statement outlines how we collect, use, disclose and protect (termed collectively as “processing”) your Personal Data (as defined in Clause 2.1 below) in compliance with applicable laws and regulations (“Applicable Data Protection Laws”), including the Personal Data Protection Act 2012 of Singapore (“PDPA”), the Personal Data Protection Law (RD 6/2022) (“Oman PDPL”) and the Executive Regulations of the PDPL (MD 34/2024) (“Oman ER” and together with Oman PDPL referred to as “Oman DPL”). 

1.3.    HOW WE PROCESS YOUR PERSONAL DATA.

(a)    Data Collection: Depending on the nature of your interactions with us, we may collect several types of Personal Data from you, such as your contact details, identification information, payment data, and online identifiers. Sensitive Personal Data (as defined in Clause 2.2 below) is handled with special care and collected only when necessary.

(b)    Data Usage: We use your Personal Data for purposes such as fulfilling our contractual obligations, complying with legal requirements, marketing, security, and operational needs. Specific use cases include managing customer relationships, employment applications, and tenant or vendor interactions. 

(c)    Data Protection and Retention: We implement industry-standard safeguards and a data minimization approach to secure your data. Retention is limited to what is necessary for legal or business purposes.

(d)    Third-Party Disclosure: Where necessary, your Personal Data may be disclosed to various third parties including our affiliates, service providers, business partners, and relevant government authorities. Where such disclosure is required, we will ensure that the disclosure complies with Applicable Data Protection Laws.

(e)    Your Personal Data Rights: Depending on the jurisdiction you are in, you may access, correct, delete, restrict or object to the processing of your data, withdraw consent, or request for your Personal Data to be ported to another data controller. 

(f)    Cookies and Third-Party Links: We use Cookies to enhance our website functionality. Do take note that our website may contain links to third-party websites which we do not operate or maintain. We are not responsible for the privacy practices of such third-party websites.

(g)    Data Transfers: Where necessary, your Personal Data may be transferred from one location to another, including internationally. Where such transfers are required, we will ensure that reasonably necessary safeguards are in place before transferring your Personal Data and such transfers comply with Applicable Data Protection Laws.

(h)    Marketing: Distribution of advertising, marketing, or commercial material to you will be pursuant to your specific consent. You will be informed of the means of delivery and the free-of-charge mechanism for opting out. When you choose to unsubscribe, we shall immediately cease transmission of any marketing activities to you.

(i)    Contact Us: For inquiries relating to your Personal Data or to exercise your data rights, contact our Data Protection Officer at [email protected]

1.4.    This Privacy Statement supplements and does not supersede or replace any other consents you may have previously provided to us in respect of your Personal Data. This Privacy Statement also does not affect any rights which we may have at law in connection with the collection, use or disclosure of your Personal Data. 

1.5.    We may update or change this Privacy Statement by publishing the latest version on our website (www.sembcorp.com). This ensures that our Privacy Statement conforms with future developments, industry trends, and legal or regulatory changes. We may inform you of changes in how we process your Personal Data through appropriate means, such as by posting a notice or sending you a notification.

1.6.    In the event of any inconsistency between different versions of this Privacy Statement, the English version shall prevail.

2.    What Personal Data We Collect

2.1.    “Personal Data” refers to any data or information about you from which you can be identified either (a) from that data alone; or (b) from that data combined with other information. 

Depending on the nature of your interaction with us, examples of Personal Data which we may collect from you include: 

(a)    personal particulars such as your name, gender, date of birth, residential address, nationality, passport or other personal identification documents;

(b)    contact information, such as phone number or email address;

(c)    payment information, such as bank account details and credit or debit card details;

(d)    amounts due from or to you;

(e)    images through photographs or video recordings (excluding images and video of the face);

(f)    employment details such as occupation, directorships, employment history, salary;

(g)    your personal opinions such as through feedback forms; and

(h)    other electronic data relating to your use of our websites and services, including cookies, IP addresses, activity logs and online identifiers.

2.2.    Special categories of information or “Sensitive Personal Data”

Certain categories of Personal Data, such as information about your race, ethnicity, religion, political opinions, trade union membership, genetics or health, may be considered “Sensitive Personal Data” under certain Applicable Data Protection Laws. Categories of Personal Data which may constitute Sensitive Personal Data include your payment information (e.g. credit card details, bank account details), personal identification number, biometric information (images of the face), genetic information and health information. 

Generally, we try to limit the circumstances where we collect, use or disclose your Sensitive Personal Data. However, this may occasionally occur because: 

(a)    it is required for safety & security purposes or as a matter of contractual necessity, such as to conclude a transaction with you;

(b)    such information is required by regulatory authorities under any law;

(c)    we are required under any law to collect, use or disclose such information from/to you; or

(d)    you choose to provide such information to us (or your authorised representative provides such information).

3.    How We Collect Your Personal Data

3.1.    Generally, we collect your Personal Data in the following ways:

(a)    when you create an account with us or submit forms relating to or register to use or purchase our products or services;

(b)    when you submit any online queries to or establish any online accounts with us;

(c)    when you interact with any of our staff or any third party service provider via telephone calls, emails, online forms including your requests to be contacted, to be included in an email distribution list or other mailing list or your response to our promotions, market surveys or other initiatives;

(d)    when you respond to our request for additional Personal Data;

(e)    via photographs or videos taken by us or by our representatives when you attend events hosted or organised by us or any third party organiser we appoint;

(f)    when you are within our premises which use CCTV surveillance;

(g)    when we receive references from business partners and third parties;

(h)    when you submit your Personal Data to us for any other reason; and

(i)    when you browse our website; please refer to our Cookie Policy for more information.

3.2.    In addition, we may monitor or record phone calls and customer-facing interactions for quality assurance, employee training, performance evaluation, and identity verification purposes. Such monitoring or recording will be done in accordance with Applicable Data Protection Laws.

3.3.    Where you provide the Personal Data of another person (e.g. information relating to your dependent, spouse, children and/or parents or in the case of a corporate relationship, information relating to your employee/authorised representative) to us, you represent and warrant that such disclosure to us is lawful under Applicable Data Protection Laws. In addition, you undertake to ensure that the individual whose Personal Data is supplied to us has authorised such disclosure, and is informed of and agrees to the provisions of this Privacy Statement.

4.    How We Use Your Personal Data

4.1.    We may process your Personal Data pursuant to various legal basis (as may be permitted under the Applicable Data Protection Laws), including the following:

(a)    we may process your Personal Data for one or more of the specific purposes in this Privacy Statement based on your express consent;

(b)    the processing of your Personal Data is undertaken pursuant to an exclusion set out in Article 3 of Oman PDPL; 

(c)    the use of your Personal Data may be a statutory or contractual requirement, such as the processing of your Personal Data pursuant to a request by a regulatory authority or to perform acts which are necessary to provide our products or services to you; and

(d)    the processing of your Personal Data may be necessary to protect your vital interests, such as in emergency situations that may endanger your physical safety or well-being.

4.2.    In general, subject to Applicable Data Protection Laws and based on the appropriate lawful basis, including where you have provided us with specific consent, we may use your Personal Data for the following purposes:

(a)    performing any obligations in connection with the provision of products or services requested by you including making deliveries to you for any sales orders made by you;

(b)    providing you with promotional and marketing information about our business, products and services from time to time;

(c)    help us conduct marketing, advertising, research and statistical analytics to review and enhance our products and services;

(d)    share aggregated information about you with advertisers and other third parties to customise our content and advertising to you;

(e)    where appropriate, to contact you by messaging applications, telephone, facsimile and/or email;

(f)    to communicate with you on any developments to this Privacy Statement, any of our policies, terms and conditions and other administrative information;

(g)    manage our infrastructure and business operations and comply with internal policies;

(h)    facilitate any business asset transaction (which may extend to any merger, acquisition or asset sale) involving any Sembcorp Group entity;

(i)    verifying your identity, the accuracy of any information provided to us and conducting due diligence checks to comply with applicable laws and regulations, including sanction, anti-money laundering and trade control laws;

(j)    handle disputes, conduct and facilitate investigations and proceedings;

(k)    protect and enforce our legal rights and obligations;

(l)    prevent, detect and investigate crime and other commercial risks, including fraud and money-laundering;

(m)    to store, host, back up (whether for disaster recovery or otherwise) of your Personal Data, whether within or outside of your jurisdiction;

(n)    managing access to our premises via a card or biometrics access system;

(o)    for general administrative, internal policy, safety and security purposes involving any Sembcorp Group entity;

(p)    comply with any applicable rules, laws, regulations, codes of practice or guidelines or assist in law enforcement and investigations by relevant authorities;

(q)    for any other purposes necessary, ancillary or consequential to the above specified purposes; and/or

(r)    any other purposes which we notify you of at the time of obtaining your consent, or which we may rely on based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws,

provided always that your Personal Data will only be processed for purposes which are reasonably applicable given the circumstances.

4.3.    In addition to the above purposes (where applicable to our relationship with you), depending on the nature of our relationship with you, we may use your Personal Data for the following additional purposes:

4.3.1.    If you have a user account with us (for example as a user of GoNetZero or Sembcorp Power):

(a)    process your application for and administer your user account with us; and

(b)    process payment requests which you may have requested for.

4.3.2.    If you are a residential customer who has subscribed to our electricity or water supply services:

(a)    do all things necessary to administer the provision of electricity or water services (including resolving any complaints and handle request and enquiries);

(b)    to supply you the requested electricity or water services and to do all things necessary to administer the supply; and

(c)    bill and collect service fees for the supply of water / electricity.

4.3.3.    If you are a shareholder of our shares:

(a)    administer, support and maintain our relationship with you, including the verification of your identity and/or the identity of your proxy;

(b)    enable you to exercise your rights or obtain the benefits as a shareholder, such as receiving dividend payments or proxy materials in connection with shareholder meetings; and

(c)    update you on our performance, including our annual performance report and other related information through media material.

4.3.4.    If you are a vendor, prospective vendor, or contractor:

(a)    communicate with you or your employees as necessary given the business relationship you have with us, including for business liaison, emergency, safety or security purposes; and

(b)    review and evaluate any documents you have submitted to us as part of your service or product proposal to us.

4.3.5.    If you are a prospective or current tenant or buyer of our properties:

(a)    prepare any relevant documentation as may be required in relation to the lease, purchase or sale of properties; and

(b)    administer the transactions to fulfil our obligations including making financial or collecting financial payments under the lease or purchase of properties.

4.3.6.    If you are a visitor at a Sembcorp premises or attending an activity or event organised by Sembcorp:

(a)    to register your visit at the premises or attendance at the activity or event;

(b)    for publicity purposes including posting on any of Sembcorp’s social media platforms and newsletter publications;

(c)    for safety, security and emergency purposes, including completion of relevant trainings before entrance to the premises can be granted;

(d)    for security clearance with the relevant government authorities.

4.3.7.    If you submit an application to us as a candidate for employment:

(a)    process your application including pre-hiring checks;

(b)    provide or to obtain references for background screening / vetting;

(c)    assess and evaluate your suitability for any current or prospective role within the organisation; and

(d)    verifying the accuracy of your information, including any certifications, educational transcripts or job competencies submitted as part of your application.

(collectively, the "Purposes").

4.4.    As the purposes for which we will/may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of the applicable data without your consent is permitted by or based on another appropriate lawful basis under Applicable Data Protection Laws.

4.5.    For the avoidance of doubt and to the extent required or otherwise permitted by Applicable Data Protection Laws, the purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

4.6.    In providing you with these services and/or otherwise in the course of our interactions with you, we may use manual or automated means, including AI services. We strive to ensure the accuracy and reliability of our AI services, and whenever necessary, we may manually verify the outputs.

5.    Disclosure and Transfer of Personal Data

5.1.    We need to use, process, disclose and/or transfer your Personal Data with various parties (some of which may be located in another country) for one or more of the above-stated Purposes. The recipients include, without limitation:

(a)    other entities within the Sembcorp Group;

(b)    our agents, contractors, third party service providers, business partners or professional advisors who we use to support our business. These include but are not limited to those parties which provide administrative, financial, research, payment, operational, insurance, audit, legal or other services to us such as information technology, identity verification, data analytics, training, market research, and data centres;

(c)    the Credit Bureau, or in the event of default or disputes, any debt collection agencies or dispute resolution centres;

(d)    any business partner, investor, assignee or transferee in connection with any acquisitions, sales, mergers, joint ventures, consolidation, restructuring, financial or any other type of business transactions;

(e)    any legal advisors, law enforcement officials, governmental or regulatory authorities to comply with any laws or rules and regulations, or whether it is necessary to respond to an emergency that threatens the life, health or safety of a person; or where it is necessary in the public interest;

(f)    anyone to whom we transfer or may transfer our rights and obligations, including, for example, where we obtain the services of a third party organisation to handle any aspect of the processing of your Personal Data for the purposes notified to you in accordance with this Privacy Statement;

(g)    any other party which the Sembcorp Group reasonably requires to transfer the Personal Data to in order to fulfil the above-stated Purposes; and

(h)    any other party as consented by you, specified by you or notified to you by us in subsequent notices, or where the use, disclosure or transfer of your Personal Data is based on the appropriate lawful basis other than your consent in accordance with Applicable Data Protection Laws.

5.2.    Such recipients would be processing your Personal Data either on our behalf or otherwise, for one or more of the above-stated Purposes. We endeavour to ensure that such recipients keep your Personal Data secure from unauthorised access, collection, use, disclosure, processing or similar risks and retain your personal data only for as long as your personal data is needed for the above-mentioned Purposes.

5.3.    International Transfers of Personal Data

5.3.1.    Your Personal Data may be transferred from the country, state and city (“Home Country”) in which you are present while interacting with Sembcorp and/or using our products and services to another country, state and city (“Alternate Country”).

5.3.2.    When we transfer your Personal Data from your Home Country to the Alternate Country, we will comply with our legal and regulatory obligations in relation to your Personal Data, including having a lawful basis for transferring Personal Data and putting appropriate safeguards in place to ensure an adequate level of protection for the Personal Data in accordance with the Applicable Data Protection Laws. We will also ensure that the recipient in Alternate Country is obliged to protect your Personal Data at a standard of protection comparable to the protection under applicable laws.

5.3.3.    Our lawful basis will be either consent (i.e. we may ask for your consent to transfer your Personal Data from your Home Country to the Alternate Country at the time you provide your Personal Data) or one of the safeguards permissible by Applicable Data Protection Laws.

6.    Protection and Retention of Personal Data

6.1.    Sembcorp will take reasonable legal, physical, organisational and technical measures as required by Applicable Data Protection Laws to ensure that your Personal Data is protected. This includes measures to prevent Personal Data from being used, accessed or lost in an unauthorised way. Sembcorp limits access to your Personal Data to our employees on a need-to-know basis. Those processing your Personal Data will only do so in an authorised manner and are required to treat your information with confidentiality.

6.2.    However, there can inevitably be no guarantee of absolute security such as but not limited to when unauthorised disclosure arises from malicious and sophisticated hacking by malcontents through no fault of ours.

6.3.    We retain your Personal Data for as long as we have a business purpose or legal purpose to do so. Once these purposes are satisfied, we take steps to destroy or anonymise your Personal Data in compliance with Applicable Data Protection Laws.

7.    Use of Cookies

7.1.    Like most online services, our websites and platforms use cookies for various purposes. Cookies are files stored on your web browser or electronic device. They are used to enable certain functions on our website, such as remembering your preferences and other information.

7.2.    For more information on our use of the above, please refer to Sembcorp’s Cookie Policy.

8.    Third-party websites we link to

8.1.    Our website may contain links to third-party websites. Some of these third-party websites may contain information related to the Sembcorp Group, even if we do not operate or maintain them. We are not responsible for the privacy practices of such websites. We also make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked from the third-party websites, or of any goods or services available from such external websites. The links are only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the materials thereon, and any opinion expressed in such external websites should not be taken as our endorsement, recommendation or opinion. If you visit these third-party websites, you should review their privacy policies.

9.    Your Rights with Respect to your Personal Data

9.1.    In accordance with Applicable Data Protection Laws, you may be entitled to:

(a)    inquire about the manner which we process of your Personal Data and be provided with a copy of your Personal Data held by us;

(b)    request the correction and/or deletion of your Personal Data;

(c)    request the restriction of or object to the processing of your Personal Data;

(d)    withdraw your consent to the processing of your Personal Data within our possession or control (if the legal basis for such processing is based on your consent);

(e)    request receipt or transmission to another organisation, in a machine-readable form, of the Personal Data that you have provided to us where we are using your Personal Data based on consent or performance of a contract;

(f)    complain to the relevant data privacy authority if your data privacy rights are violated, or if you have suffered detriment as a result of unlawful processing of your Personal Data; and

(g)    request processing of your personal data to be suspended; and

(h)    notification of any breach in case of any violation or hacking of your personal data.

9.2.    If you are given the option to share your Personal Data with us and you choose not to, or subsequently withdraw your consent for our use of it, this could mean that we may be unable to perform the actions necessary to achieve the above-stated Purposes of processing described in Clause 4 (How We Use Your Personal Data). We may be nonetheless continue to process your Personal Data to the extent required or otherwise permitted by Applicable Data Protection Laws.

9.3.    We will screen and verify all requests. In order to verify your authority to make the request, we may require you to provide supporting information or documentation to corroborate the request. Once verified, we will give effect to your request within the timelines prescribed by Applicable Data Protection Laws.

9.4.    Where permitted under Applicable Data Protection Laws, we may charge you a reasonable fee for the handling and processing of your requests to be provided with a copy of your Personal Data. If we so choose to charge, we will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to or deal with your request unless you have paid the fee.

9.5.    We reserve the right to refuse your requests in accordance with Applicable Data Protection Laws, where they require and/or entitle an organisation to refuse such requests. Where required under Applicable Data Protection Laws, we will inform you of the reasons for our refusal.

10.    How to get in touch with our Data Protection Officer?

10.1.    Should you have any questions about this Privacy Statement or any queries relating to our use of your Personal Data, or would like to exercise your rights set out in this Privacy Statement, please contact our Data Protection Officer at [email protected].

11.    Changes to the Privacy Statement

11.1.    Sembcorp shall have the right to modify, update or amend the terms of this Privacy Statement at any time by placing the updated Privacy Statement on its website and where required by law, we will notify you of any material changes or seek your consent if required by Applicable Data Protection Laws. We recommend that you revisit it on occasion to see the latest version.

11.2.    This Privacy Statement was last updated in December 2025.

1.2.    If you are residing in the United Kingdom or if the data protection laws of the United Kingdom apply to you, please refer instead to our United Kingdom Privacy Notice available here: https://www.sembcorp.com/media/lpyarxs3/privacy-and-personal-data-protection-policy-oct-2019-external-use.pdf.