Changes to This Policy
Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and transparently.
Purpose limitations: We collect and use personal data for specified, explicit, and legitimate purposes.
Data minimization: We Only collect the personal data that is necessary for the purpose of the business function.
Accuracy: We keep personal data accurate and current. All necessary steps are taken to achieve this. No inaccurate data shall be kept and any errors in data shall be rectified as soon as they become known.
Storage limitation: We do not retain the data if we no longer require it for the purposes defined and agreed for processing. We securely remove the data when it is no longer necessary. We do not store personal data that we no longer use.
Integrity and confidentiality: Integrity, confidentiality, and availability are fundamental to information security. The confidentiality and integrity of the personal data are always be maintained. Access is also controlled to achieve this.
We maintain lawfulness in our personal data collection & processing. This means that:
Your consent is the pre-dominantly essential for collection and processing of your personal data
Contractual necessity is a primary lawful basis for processing
Lawful processing remains on the ground of compliance with legal obligations
The protection of the ‘vital interests’ of a natural person is another ground for lawful processing
Public interest forms a basis for lawful processing. In other words “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”.
Legitimate interests as a legal basis for processing
Information from your Use of the Service: We may get information about how and when you use the Services. This information may include your IP address, time, date, browser used, and actions taken by you within the application[b1] .
Cookies: When you register to use our Services, we store "cookies," which are strings of code, on your computer. We use those cookies to collect information about when you visit our Website, when you use the Services, your browser type and version, your operating system (operating system of the ‘Services’ you use), and other similar information. You may turn off cookies that have been placed on your computer by following the instructions on your browser, but if you block our cookies, it may be more difficult (and maybe even impossible) to use the Services.
Customer Data: Through use of the KBAT Diver Medic app, you, your colleagues, your Organization, and other users, will directly provide or submit information to KBAT ("Customer Data"). Customer Data includes, for example:
Contact information, such as full name, mobile number and email address;
Username and password;
Work title, department information, and other information related to your work or Organization;
All content that you create, in audio, video, text, images, and other media or software files that you provide on or through the Services, or that are provided on your behalf, including information in or about the content you provide, such as the location of a photo or the date a file was created;
User communications, feedback, suggestions, and ideas sent to us;
Your mobile device id
Information you provide us when you or your Organization contact or engage us for support regarding the Services.
Note: We process personal data where identification is required, as mentioned above [non-applicability of GDPR#11]
If the content or information that you store on KBAT apps contains personal information of other individuals, you must be legally permitted to share the personal information with KBAT.
Sensitive Personal Data: Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. Those personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Health and genetic data
Racial or ethnic data
criminal convictions and offences
Information of the minors/ children [non-applicability of GDPR#8]
and Disclosure of Your Personal Information
We will use information we collect to provide, develop, and improve the Services on your Organization’s behalf and in accordance with any other instructions from your Organization. Examples of such use include:
Communicate with users and administrators regarding their use of the Services;
Enhance the security and safety of the Services for your Organization and other users;
Personalize your and your Organization’s experiences as part of our provision of the Services;
Develop new tools, products, or services for your Organization;
Associate activity on our Services across different devices operated by the same individual to improve the Service which we provide to your Organization;
Associate activity on our Services across different devices operated by the same individual;
Conduct data and system analytics, including research to improve the Services. In these circumstances KBAT shall, to the extent possible, use de-identified or aggregated data.
We use and disclose your personal Information only as follows:
To promote use of our Services - For example, if you leave your Personal Information when you visit our Website and don’t sign up for any of the Services, we may send you an email asking whether you want to sign up. And if you use any of our Services, and we think you might benefit from using another Service we offer, we may send you an email telling you about it.
For R&D of our products and services - For example, our systems will analyse your data provided when you use our products and services to improve them, develop new, secure, maintain and provide stable operations consistently.
To bill and collect money owed to us - This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number.
To provide customer support. This may include providing project level support from a representative from the company who can access your project data upon your approval.
To protect the rights and safety of our Members and third parties, as well as our own.
To meet legal requirements like complying with court orders and valid subpoenas. [GDPR#6]
To provide information to representatives and advisors, like such as attorneys and accountants, to help us comply with legal, accounting, or security requirements. [GDPR#6]
To prosecute and defend a court, arbitration, or similar proceeding. [GDPR#6]
To support and improve the Services we offer.
To communicate with you about your account for informational, not promotional, reasons.
To send you informational and promotional content that you may choose (or "opt in") to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
Collaboration and Sharing Features
The Service offers collaboration features or other integrated tools, through which your User Content may be shared through the Service. As a function of the collaborative nature of the Service and based on the permissions and settings you choose and/or the terms of the user guide for the Service, the use of such features enables the sharing of User Content with other people you collaborate with. For more information about such collaboration and sharing features, please review the applicable instructions provided in the Service and information provided in the user guide for the Service, if any.
If the Service permits a user to post or submit to the Service any User Content that is to be made publicly available and you submit User Content in such manner, you automatically grant (or warrant that the owner of such materials expressly grants) KBAT and its affiliates a world-wide, perpetual, royalty-free, irrevocable and non-exclusive right and license to use, copy, store, adapt, transmit, communicate publicly display and perform, distribute and create compilations and derivative works from such User Content and to use such content for promotional and marketing purposes. Such license will apply with respect to any form, media, or technology, now known or later developed. In addition, you warrant that all “moral rights” in such materials have been waived. You will be solely responsible for your own submissions and the consequences of posting or publishing them through the Service, and you agree to indemnify and defend KBAT for any cost and action resulting from any such submission.
Disclaimer: We understand that the security of your personal data is paramount. We provide reasonable administrative, technical, and physical security controls to protect your personal information. However, despite our efforts, no security controls are 100% effective and KBAT cannot ensure or warrant the security of your personal information.
Notice of Breach of Security: Nobody’s safe from hackers. If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your collaboration Lists, then KBAT will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information:
We do not capture any credit card information at this point and the site uses no SSL certification at this moment. When we begin processing credit card information, to protect your information, our credit card processing vendor will use the latest 128/256-bit Secure Socket Layer (SSL) technology for secure transactions. Our vendor is certified as compliant with card association security initiatives, like the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).
The KBAT Diver Medic app accounts require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Because the information in your account is so sensitive, account passwords are encrypted, which means we can’t see your passwords. We can’t resend forgotten passwords either. We’ll only reset them.
Safe Harbor Certification
The KBAT Diver Medic App complies with the Singapore’s Personal Data Protection Act (pdpa) which is overseen by the Government of Singapore. We certify that we follow the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. In light of a recent European Court of Justice ruling users may request an updated data processing agreement which incorporates the Standard Contractual Clauses here.
Accuracy of Data, Transparency, and Choice
We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do that. If your data changes (like a new email address), then you’re responsible for notifying us of those changes.
We only store data about you for as long as it’s reasonably required to fulfill the purposes that gave us the right to access it in the first place. We keep some data indefinitely, relating to when and where emails were sent, which bounced, which resulted in a complaint, and similar information, because we use it to help us screen out people who violate SPAM laws, and for other reasons explained in this policy.
We’ll give you access to any Personal Information about you that we hold within 30 days of any request for that information you make by contacting us on firstname.lastname@example.org. Unless it’s prohibited by law, we’ll remove any Personal Information about you from our servers at your request.
you are only browsing our website (https://www.kbatraining.org/), we
do not capture data that allows us to identify you
KBAT does not collect any personal information about users, except which is knowingly and specifically supplied to us by the user. KBAT is committed to ensuring the privacy of your personal information and complying with the Privacy Act.
“Cookies” are used within our website to improve the quality of the site. Aggregate information may be collected about the use of this website, including page hits, number of visitors, clickstream, etc. KBAT reserves the right to use this information for the purpose of enhancing the usability of this website.
Account Information & Retention
We will retain your information for as long as your account is active or as needed to provide the Service to you and/or your collaborator(s). We will retain and use your information to comply with our legal obligations, exercise our rights, resolve disputes and enforce our agreements.
Promotional and Newsletter Communications
You may opt out of receiving promotional and newsletter emails from KBAT by following the opt-out instructions provided in those emails. You may also opt-out of receiving promotional emails and other promotional communications from us at any time by emailing email@example.com with your specific request. If you opt-out, we may still send you non-promotional communications, such as security alerts and notices related to your access to or use of the Service or those about your online account or our ongoing business relations.
web browsers are set to accept cookies by default. If you prefer, you
can usually choose to set your browser to remove or reject browser
cookies or to prompt you before accepting such a cookie. Please note
that, if you choose to remove or reject browser cookies, this could
affect the availability or functionality of the Service.
You can delete cookies already stored on your computer – for example: In Chrome (version 29), you can delete all cookies by accessing the “Customize and control” menu, and clicking “Settings,” “Show advanced settings,” and “Clear browsing data,” and then selecting “Delete cookies and other site and plug-in data” before clicking “Clear browsing data.”
You can opt out of KBAT’s disclosure of your personal information to third parties for direct marketing purposes. If you choose to opt out at any time after granting approval email firstname.lastname@example.org.
We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name.
Links to Third Party Websites
We may place links on the Service. When you click on a link to a third party website from our website, your activity and use on the linked website is governed by that website’s policies, not by those of KBAT. We do not endorse and are not responsible for the privacy practices of these Third Party Websites. We encourage you to visit their websites and review their privacy and user policies.
Adherence to Privacy Shield Principles
KBAT adheres to the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, Switzerland, Iceland, Liechtenstein and Norway as to personal data submitted by KBAT Diver Medic customers or collected by KBAT through its service.
KBAT is committed to subjecting all personal data received from the EU, Switzerland, Iceland, Liechtenstein and Norway in reliance on the Privacy Shield Principles, to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access and recourse, enforcement, and liability.
To learn more about the Privacy Shield program please visit https://www.privacyshield.gov/EU-US-Framework, and to view our certification, please visit https://www.privacyshield.gov/list.
Accountability for Onward Transfer
Pursuant to the Privacy Shield Principles, KBAT remains accountable for Personal Data that it receives under the Privacy Shield and subsequently transfers to third party vendors, consultants and other service providers.
In particular, KBAT remains responsible and liable under the Privacy Shield Principles if third-party vendors, consultants or other service providers that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless KBAT proves that it is not responsible for the event giving rise to the damage.
Recourse, Enforcement and Liability
If your complaint was not resolved by KBAT, KBAT commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (Commissioner) and comply with the advice given by the DPA and Commissioner, with regard to data transferred from the EU, Switzerland, Iceland, Liechtenstein and Norway.
In addition, if your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
The U.S. Federal Trade Commission has jurisdiction over KBAT’s compliance with the Privacy Shield.
If you have any privacy-related questions, suggestions, unresolved problems, or complaints you may contact us via email@example.com.