COLLECTION OF PERSONAL DATA
Your Best Practices
Make sure you collect and store personal data only when needed.
Be cautious about saving the personal details as image files (metadata)
Check on the accuracy of the data collected
How Reach helps
Reach collects minimal Personal Data
Collects NRIC Numbers only where necessary
Prefers collecting data through Input instead of automatically importing it.
NOTIFICATION OF PURPOSE & DATA PROTECTION & ACCURACY
Your Best Practices
Explain the purpose of the collection
Appoint a DPO who can address your customers doubts on data protection
Ensure data is maintained accurately
Provide the users with an option to update their own data
GETTING CONSENT FOR USERS’ PERSONAL DATA
Your Best Practices
If you intend to use the personal data for marketing messages, take prior consent
Keep a record of the consent given
Allow users to withdraw their consents
How Reach helps
If you are a retail business, You can send an email or SMS from Reach once you add personal details asking content to use his details for future marketing
DATA PROTECTION & ACCESS CONTROL
Your Best Practices
Protect your password from unauthorized access
Do not provide access to personal data to other users unless required.
Change your password frequently
How Reach helps
Uses a Bank level 256 bit encryption
Uses Web Application Firewalls
Scans User Uploaded files for Malware
Stores data in Secure AWS Servers
Limits the number of failed logins
Allows the use of OTP for non-admin logins
Has IP based user access restrictions
Has set password complexity rules
USER DEVICE SECURITY & TESTING
Your Best Practices for employee devices
Having policies to govern device usage
Adopting mobile device management (e.g. remote wiping)
Encrypting data on the device
Implementing secure erasure of data
Using of anti-malware software
Minimizing storage of personal data on the device
Mandating login to the device
Activating screen lock upon inactivity
How Reach helps
Conducts Vulnerability test
Conducts Penetration testing
Avoids loading production data to test environments
DATA EXPORT
Your Best Practices
Monitor Data Export
Take precautions in sending user data over email
How Reach helps
Encrypts exported data
Provides audit trails to monitor data exports
Recent Comments