Who Processes Your Data?
For all matters related to privacy and the collection, disclosure, processing, use and storage of your personal data, please contact the IDC Privacy Team at firstname.lastname@example.org.
For more information about IDC, please refer to here.
Purposes for which we Collect, Use and Disclose your Personal Data
We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection, use and disclosure of your personal data for those purposes, or (b) collection, use or disclosure of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using or disclosing your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
Depending on the product or/and service involved, IDC may collect, use or disclose various data types for distinct purposes. Below, you will find more information on the data collected, used or disclosed in relation to the products and services IDC provide:
Syndicated Research: IDC may use your name and email address, business phone number, information about your organization, your job title, and other information provided by you at the time of registering with idc.com to deliver the Syndicated Research services and products ordered by you or your organization as part of a corporate account. We may also use your contact details to communicate with you when producing reports and other Syndicated Research services and products. In addition, we may log your IP address for legitimate interests such as security purposes.
In order to enhance our services and in particular, to improve user experience, prevent misuse of IDC services and user accounts, or to provide feedback and usage statistics to our clients, we may track your usage of our services (such as search history). Corporate administrators (hereinafter as "Corporate Administrators") at our client organizations have access to usage statistics for their organization’s account base. If your user account, including personal data, is part of a corporate account, then a Corporate Administrator at your organization may request your user data containing personal data and usage information. Corporate Administrators can access user information only for individuals within their organization’s corporate profile.
Custom Solution Services: IDC may use your name and email address, business phone number, information about your organization, and your job title to provide Custom Solution Services (e.g. consulting and advisory services) ordered by you or your organization. In some cases, IDC may collect additional personal data if required due to the nature of the Custom Solution project.
Events Organization: When organizing conferences, webcasts, networking events, and other events, we may collect the name, email address, job title, company, and business phone number of each participant during the registration process. Alternatively, event participants may be asked to register through the idc.com general registration form as described in Section 2.2.1 above. In addition, we may collect details pertaining to professional profiles, including photos and information from social media profiles, as well as the names and email addresses of contacts from event partners (including sponsors). We may also collect any feedback or information that participants, speakers, and/or partners have volunteered to provide to us via questionnaires submitted prior to, during or after events. We will use such data to organize and market such events, manage event participation, and present details about speakers and sponsors in the programs and/or promotional materials of such events, as well as on our website and via social media. We may share information on participants and speakers other than their contact details with our event partners, as listed on the event website, to prepare, improve, and organize the event, including the collection and review of event statistics, and to ensure that the event's content is relevant to and customized for the event audience.
Some public IDC events may be recorded by means of photographs, audio recordings, and/or videos. Such photographs and recordings may subsequently appear on the respective event website, other relevant website, on social media, in the press, or in promotional materials (such as IDC promotional videos or program guides). All events to be thus documented will be clearly indicated as such. IDC may separately seek your consent prior to recording if you are to feature predominantly in the planned recording (e.g. speakers and participants in interviews).
Based on participants' and speakers’ consent, we may share their contact details with our event partners, as listed on the event website, for follow-up communication, including marketing. We may ask you for such consent during your event registration and/or during the course of the event. The consent you grant to IDC to share your contact details with event partners is unrelated to any consent that you may grant directly to any event partner during event networking, including by allowing an event partner to scan your electronic business card.
Certain Events Organization services may be provided in cooperation with IDC’s parent company, International Data Group (IDG) and your data may be shared with an IDG company to provide the services to you.
If you request us to arrange additional event-related services for you, such as booking accommodation and/or flight tickets, we will also use your personal data to secure the requested arrangements.
Networking tools at events: IDC may provide specific tools during the event to enhance your networking opportunities — in particular, a networking application and electronic business cards, as described below.
Mobile application: An event mobile app may include your name, company, and job title (along with your photo, profile, and social media information, as provided by you) and may be visible to all other event participants. Opting for "private mode” will ensure that your name and contact details do not appear in the application.
Ancillary Services: To provide services related to updates on industry developments, IDC may use your name and email address to deliver these updates to you or your organization. Such services may include newsletters, market updates, market snapshots, and other value-added services or features provided by IDC, whether for remuneration or free of charge.
Irrespective of whether IDC provides its services to you or your organization, we may also process your name and email address and personal data that you provide to us when we ask for your insight in relation to a specific industry or topic (e.g. when you fill out a survey form that we sent to you).
IDC may also collect, disclose and use your personal data to inform you about IDC news, services, features, and special offers and to invite you to our events that we believe may be of interest to you, including the provision of marketing communication within the limits prescribed by law.
- Your marketing communication preferences may be changed at any time. If you would like to unsubscribe from receiving marketing emails, please follow the "unsubscribe" link and/or instructions which is placed at the foot of every IDC email.
- Please note, however, that we may occasionally send you important information (including via email) about the IDC services you are using or have used, including changes to applicable terms and conditions, and/or other communication or notifications, as may be required to fulfil our legal and contractual obligations. Such communication is not affected by your marketing communication preferences.
IDC may also collect, use or disclose your personal data for the following purposes:
- To carry out any applicable contractual obligations that we have to you or third parties, or in connection with our provision of the goods and services requested by you or your organization;
- To verify your identity;
- To process any payments that you or your organization makes to us;
- To process and confirm your applications and registrations;
- To respond to your inquiries, or fulfil your requests;
- For quality control, appraisal, as well as staff management, training and development;
- To conduct market research and analysis;
- To enable you to provide us with further information;
- If you contact us, to keep a record of your contact information and correspondence to use when responding to you;
- To notify you about important information regarding changes to our terms, conditions and policies;
- To analyse use of our goods and services to help us improve, and to detect problems, identify usage trends and improve user experience;
- To protect against fraudulent or illegal activity or imminent harm;
- To comply with any applicable laws, regulations, codes of practice, guidelines, or rules, legal processes or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
- In connection with any legal proceedings or prospective legal proceedings;
- To establish, exercise, enforce or defend the legal rights of IDC, including in connection with corporate restructuring, such as a merger or business acquisition, or in connection with an insolvency situation;
- To ensure the security and operability of our network and services;
- To update our records of your details, including contact and marketing details, where we identify that they are inaccurate or incomplete; and
- Any other incidental business purposes related to or in connection with the above.
For How Long Do We Store Your Data?
- We will store your personal data for as long as is necessary to fulfil the purposes we have collected it for, for any other legal or business purposes (including any accounting or reporting requirements), or for as long as we are legally obligated or permitted by applicable laws.
- We will store photographs and video and audio recordings from each event for a period of 3 years from the end of the respective event.
- You have the right to withdraw your consent at any time. For more details on the withdrawal of your consent, please see the Your Rights section below.
Reliance on the Legitimate Interest Exception
- In certain instances, we may also process your personal data without your consent based on the legitimate interests of IDC or another person.
- In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on the individual and determine that the legitimate interest outweigh any adverse effect.
- In line with the legitimate interests’ exception, IDC may collect, use or disclose your personal data for the following purposes: delivering our products and services to business customers, exchanging professional knowledge about the industry, exercising our legal rights, detecting or preventing fraud or imminent harm, detecting and preventing misuse of services and user accounts, performing credit analysis, and ensuring the security and operability of our network and services such as network analysis to prevent fraud and financial crime and to prevent data loss on company-issued devices. In specific cases, we process your data based on consent or other permitted legal bases.
Cookies; web analytics
How Do We Secure Your Data When It Is Disclosed to and Collected, Processed, Used, and Stored by Our Suppliers and Affiliates?
- We share your data with our trusted business partners, who process your data as our vendors and data processors on our behalf and pursuant to our instructions. We strive to select our vendors carefully and ensure they are able to provide adequate data protection and security safeguards.
- In this regard, where your personal data is transferred by IDC out of Singapore, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to the PDPA.
In relation to the above, we may share your data with the following third parties:
- Suppliers that provide IT support to IDC;
- Suppliers that support our marketing activities;
- Other professional service providers.
IDC shares your personal data with non-affiliated third parties when necessary, which may include:
- Regulators and law enforcement officials;
- Credit, debit and charge card companies, banks and other entities processing payment;
- Potential buyers or investors of IDC or any of IDC’s companies;
- A third party to whom disclosure is necessary for the performance of obligations in the course of or in connection with our provisions of the goods and services requested by your or your organization.
What Are Your Rights?
You have the following rights:
The Right to Access: Upon your request, we will provide you with access to the personal data in our possession or under our control and information about the ways in which such personal data has been or may have been used or disclosed by IDC within a year before the date of the request. , We will send you a copy of that data as soon as reasonably possible from the time the request is received.
The Right to Receive Information: You may contact us at any time with a request to receive more information regarding the following:
- the purposes for which we have used or disclosed, or may have used or disclosed, your personal data;
- the recipients of your personal data; and
- your rights as a data subject.
The Right to Portability: You have the right to receive a copy of your personal data from us in a structured and commonly used machine-readable format. You may also request us to transfer such data to another data controller.
- Additionally, you have the right to lodge a complaint with the competent Data Protection Authority if you believe your rights regarding our use of your personal data have been violated.
- IDC strives to ensure its security measures are reasonable and in line with the industry’s best practices to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks and the loss of any storage medium or device on which personal data is stored. We strive to ensure the ongoing confidentiality, integrity, availability, and resilience of our processing systems and services and will aim to restore the availability of personal data and access thereto in a timely manner in the event of a physical or technical incident. We employ various security measures to protect the information we collect, as appropriate to the type of information, including encryption, firewalls, and access controls. IDC further ensures that all individuals who have access to your data and are involved in the collection, processing, use, and/or storage thereof are bound by appropriate confidentiality obligations and have appropriate training.
- You are responsible for keeping confidential any passwords that we give you (or you choose) that enable you to access certain parts of our website. For security reasons, such passwords must not be shared with anyone.
Links to Other Sites
- We may provide references and/or links to other companies, organizations, and/or public institutions on our website that enable you to access their websites directly from ours. The websites of these entities are governed by the entities' own privacy policies. Please note that we are not responsible for the content of such websites and cannot accept responsibility for any issues arising in connection with such third parties' use of your personal data. If you have any queries concerning the way your personal data is processed, used, or stored by such entities, we recommend referring to the privacy policies on the relevant websites.
For all matters related to privacy and the collection, processing, use and storage of your personal data, please contact the IDC Privacy Team at email@example.com.