All personal data processed by us is in compliance with the European General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”).
The controller who processes all of the personal data is Arch Group B.V., located in Singapore at 6 Battery Road #11-06, Singapore (049909) and registered at the Chamber of Commerce in the Netherlands with the number 63899906 and its group companies.
2. Personal Data Processed
2.1 Project enquiries and subscriptions through our Website
We process information from visitors of our Website, including when you register for project enquiries, subscribe to our newsletter or receive information from us through either the form on our Website or by email with your request for information or quote. In the form on our Website, we may ask you to provide your name, e-mail, company name, phone number, and message.
We dispatch regularly e-mail marketing about our Products, Services, news and updates from our industry, community or partners, and other content that is relevant to professionals and organisations working in or with (but not limited to) the same industries. For these services, we request your country of residence, name, company details, and e-mail address in order to further customise the content, track performance of our e-mail marketing service, and improve the relevance of our content.
We deliver webinars, events and networking events throughout the world. These events require the registration of participants. Accordingly, we request from event registrants data such as company details, name, job title, industry of employment, country, and e-mail address in order to provide essential practical details about the event being attended, to track performance of our event services and improve the relevance of our event programmes for you, and provide to our sponsors and partners details to track the performance of their investments into our event services.
2.2 Data automatically generated
When you use our Website, we may process and register your IP address. Your IP address will be stored in a temporary log file. We may share information regarding your use of our Website with our trusted subsidiaries, affiliates, and partners, as described further in Section 3.2 and 3.3 below.
3. Purposes and Ground for Processing
3.1 We process your personal data, as described in Section 2.1, for the following purposes and on the following grounds:
to fulfil our obligations to provide you with our Products or other requests you may make (based on contract according to art. 6(1)(b) GDPR);
to contact you regarding follow-up Services, to answer your questions, and provide requested information or advice (based on consent according to art. 6(1)(a) GDPR);
to secure your order information (based on contract according to art. 6(1)(b) GDPR);
to secure our business goals (based on legitimate interest according to art. 6(1)(f) GDPR);
for analysis of personal data (e.g. purchase history, shipping country and/or city, language) to provide personalised Products and Services (based on consent and legitimate interest according to art. 6(1)(a) and (f) GDPR):
to send you our newsletter with offers and information about Products and Services. Please note that you can always object to such use, via the ‘unsubscribe’ link in our email newsletters (based on consent according to art. 6(1)(a) GDPR);
to comply with various legal obligations (based on compliance with a legal obligation according to art. 6(1)(c) GDPR; and
if you respond to or participate in a survey, contest, event, or a marketing communication in order to inform you about our activities, campaigns, events and other marketing initiatives (based on contract according to art. 6(1)(b) GDPR).
3.2 We may provide your personal data, as described in Section 2.1, to our subsidiaries, affiliates, and partners, in connection with marketing and promotional materials related to our Products and Services. If you would prefer to opt out of any such communications, please send an email to (email@example.com).
3.3 We will only make personal data available to third parties that are involved in the execution of your order. These third parties process personal data according to our instructions and any such use shall be our full responsibility. We do not pass on your personal data to other third parties unless we are legally obliged to do so.
3.4 We use the automatically generated information, as described in Section 2.2, and your company data and personal data, as described in Section 2.1, to conduct aggregated analyses for internal research and statistical and strategic purposes ("Aggregated Information"). We use the Aggregated Information to optimize our Website, Products and Services and learn more about the use of our Website, Products and Services so we can improve them.
4.1 We shall process the personal data for a period as long as legally required or necessary and allowed for the purpose(s) for which it was obtained. Immediately after these periods we will destroy the personal data and/or anonymise them.
4.2 The criteria used to determine our retention periods include but may not be limited to: (i) the duration of our ongoing relationship with you and the Products and Services we offer you; (ii) whether or not we are subject to any legal obligation(s); and (iii) any other legal necessity (such as applicable limitation period(s), litigation, or internal or external investigations).
4.3 Notwithstanding Section 4.1, we may process the personal data for a longer period (i) if you ask us to retain data for another two (2) year period, (ii) in order to comply with statutory retention periods (such as those required by tax legislation), or (iii) in order to prove compliance with applicable statutory obligations (such as the GDPR or email marketing legislation).
4.4 If you request deletion of your personal data by contacting us through the process described in Section 7, all of your personal data collected through your use of our Website shall be deleted, unless we are obligated to retain such information, whether by law, to provide the Products and Services for which the information was processed, or for internal use.
5. Data Protection
Any personal data we process is treated as confidential. As such, we shall take appropriate technical and organizational measures to safeguard and protect the personal data against any accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access or against any other unlawful or unauthorized processing of such personal data. These measures guarantee an appropriate level of security given the risks related to processing and the nature of the data.
6. Sharing Personal Data
Without prejudice to Section 3, we don’t transfer any personal data to any third party without your explicit permission, unless we are legally obliged to.
7. Your Rights
7.1 You have the right to obtain our confirmation as to whether or not we process your personal data, on request. The personal details you provide when registering with us a client can be viewed and altered by yourself by sending (firstname.lastname@example.org) a request to receive such information. Furthermore, you are entitled to send (email@example.com) a request to access, receive, transfer, rectify, erase your personal or withdraw your consent for processing your personal data in those cases there the processing is based on consent. We will process your request immediately and in accordance with the GDPR.
7.2 You are entitled to object to our processing of your personal data. Upon any such objection, we shall no longer process your personal data, unless we demonstrate 1) compelling legitimate grounds for the processing which override your interests, rights and freedoms, or 2) to establish, exercise, or defend any legal claim(s). We will send you a response in accordance with the GDPR. You are also entitled to file a complaint with the relevant supervising authority regarding our processing of your personal data.
7.3 If you have any complaints regarding our data processing or your previous requests, you can contact us at (firstname.lastname@example.org).
8. Cross-border Transfer
Because we are a global company, your personal data may be stored and processed in every country where we have facilities or service providers. We may transfer your personal data worldwide and to countries with comprehensive data protection laws. We will ensure that the personal data is transferred in accordance with the applicable laws on data protection. Specifically, we use a variety of contractual, organizational and technical protections as appropriate for such transfers, including data protection agreements/standard contractual clauses (available upon your request).
9. Third-party Websites