⚡ Exciting news! Introducing WorkShiftly 2.0 with a whole new look.

HomePrivacy and Data Protection Policy

Privacy and Data Protection Policy

This Privacy and Data Protection Policy sets out the practices that Kerner Norland Pte Ltd (“Kerner Norland”, “we”, “our”, “us”) follows with respect to the collection, use maintenance, transfer and disclosure of information collected when you use and or access the website as well as any other media form including but not limited to, WorkShiftly software, media channel, mobile website or mobile application, desktop application related or connected thereto (collectively referred to as “WorkShiftly Portal”)  provided by the Company. 

We respect and value the privacy of each person (“you” or “your”) who enter WorkShiftly Portal and we commit towards maintaining the highest standards required in order to protect any personal information you consent to share with us in accordance with the Singapore’s Personal Data Protection Act 2012 (the “PDPA”). This Privacy Policy applies only to information we collect from the WorkShiftly Portal and does not apply to any other application, website or business activity of Kerner Norland.  

The purpose of this policy is to provide you with an understanding of how we collect, handle and use your personal data. 

We reserve the right to revise this Privacy Policy at anytime, without prior notice, and the changes will be effective subsequent to posting the changes to the WorkShiftly Portal. Please check the WorkShiftly Portal frequently to be updated on the changes. By accessing the content and services made available on the WorkShiftly Portal and by providing your personal data to us, you acknowledge and agree that you have fully read and understood this policy, and consent to the collection, use, processing, and disclosure of your personal data as described in this policy. If you do not want Kerner Norland to collect, use, store, transmit or display collected data, please do not install, subscribe or use the WorkShiftly Portal. 

Kerner Norland collects personal data about you when you (1) register for WorkShiftly on the WorkShiftly Portal, (2) use our products, (3) subscription, (5) communicates with us through any mode of communication including, but not limited to, chat, phone and email.  

1. The personal data we collect

When you register with us through the WorkShiftly Portal, it will prompt you to provide us with information such as your login credentials (e.g. your name, company name, designation, email address and/or password), geographic region. Customer service telephone calls, emails, and other communications with us, may collect information such as the identity of the caller or sender of the email, the date and time of the call or email, and the subject and resolution of the issue.  

2. Information collected when you use the WorkShiftly Portal

(1) unique identifiers relating to your device(s) and their components; (2) performance of the WorkShiftly Portal; (3) configurations of your device(s), the WorkShiftly Portal and the software applications, contents and peripheral devices that interact with the WorkShiftly Portal; (4) use and frequency of use of the functions of the WorkShiftly Portal, and the software applications, contents and peripheral devices that interact with the WorkShiftly Portal; and (5) the time zone.  

Payment information. 

Payments made through the WorkShiftly Portal are processed through a third-party payment processor. Information to administer, manage, and fulfill the purchases and subscriptions you make, may be collected by us or on our behalf. Such information may include payment information credit card number, account authentication information, and contact information including your full name, billing and shipping address and email address.  

Usage Information 

We may collect “usage information” anytime you visit, view and/or interact with our WorkShiftly Portal.  We may collect your computer’s IP address, browser type, operating system version, geolocation information, and information regarding your browsing activities (e.g., parts of the website visited, items clicked on). We may associate this information with your personally identifiable information. 

3. How We Use Your Information

Kerner Norland collects personal data for some or all of the following reasons. 
  1. Provide and maintain the services- to process and fulfill your purchases and subscriptions, send you confirmation emails of your purchase and subscription status and allow you to pay for subscriptions.
  2. Improve, personalize, and develop the services-We use the information collected to; improve and personalize customer experience, perform data analysis and testing, collect feedback to help improve our programs, features or/and services, produce certification, enhance the online experience of using our Portals as further described in the section ‘Use of Cookies’.
  3. Communicate with you-To alert you about products upgrades and revisions, respond to you when you contact us, and promote new features or products that we feel may be of interest you to assist in addressing your inquiries and troubleshooting, about our products and services. To notify you about changes to our products and services and provide you with information that is relevant to your use of the service. 

4. Disclosure to Third-Party

We do not sell, trade or otherwise transfer to third parties your personally identifiable information. Any information provided to the WorkShiftly Portal will be protected from loss, misuse, unauthorized access or disclosure, alteration or destruction.  

However, we share your personal information with authorized third parties who assist us in operating the WorkShiftly Portal, conducting our business or servicing you including, but not limited to, credit card payments and online support, as long as these parties are compliant with applicable data protection laws.  

We may choose to retain your personal information to the full extent of any period provided by law and statute. We may also choose to delete your personal information from our databases after a required number of years and/or if the intended purposes for which we have collected your information is completed or is no longer relevant. We may release your information when we are required to comply with the law, enforce our policies, or protect Kerner Norland’s and other third-party rights, property or safety. However, non-personally identifiable information may be provided by Kerner Norland to third parties for marketing, advertising, or other uses. 

5. Cookies and Tracking Codes

The WorkShiftly Portal may also use “cookies” and other technologies enabling us to recognize users and customize their experience and obtain information regarding the use of the WorkShiftly Portal. A cookie which is a small text file that a website’s server places on a user’s computer, mobile phone or other device enables to transmit information back to the website’s server regarding the browsing activities of the computer user on the WorkShiftly PortalThis may also include information such as pages and content viewed, the time and duration of visits and whether the user clicked on an advertisementCookies are also used to recognize users and maintain data related to a particular individualIf you prefer not to accept cookies from the WorkShiftly Portal, you can modify the settings on your web browser.   The types of Cookies we use 
  1. Necessary cookies: Necessary cookies enable you to use our Portals and all it’s features, such as enabling access to secure areas of the Portals. Without these cookies you may not be able to use all the features of our Portals. 
  2. Performance cookies: Performance cookies collect information about how you use our Portals so we can improve them for you in future. For example, they collect information on which pages you visit most often and any error messages you may get. The information collected by these cookies is anonymous. They do not collect any information that can identify you personally.
  3. Functionality cookies: We use functional cookies to provide enhanced functionality and personalization, to remember your preferences, to diagnose server and software errors, and in cases of abuse, track and mitigate the abuse. The information these cookies collect is anonymous. They cannot track your browsing activity on other websites.
  4. Targeting/advertising cookies: We and our service providers may use advertising cookies to deliver ads that we believe are relevant to you and your interests. For example, we may use targeting or advertising cookies to customize the advertising and content you receive on our Portals, to limit the number of times you see the same ad on our Portals and to help measure the effectiveness of our advertising campaigns.
  5. Social media cookies: Our Portals uses third-party cookies from social media sites such as Facebook and LinkedIn to enable in-depth campaign reporting and to track social network users when they visit our Portals, by using a tagging mechanism provided by those social networks. These cookies can also be used for event tracking and remarketing purposes. Any data collected with these tags will be used in accordance with our Privacy Policy and with the social network’s privacy policies. 
 Third Party Cookies  Third Party cookies we use include but not limited to Google Analytics, Facebook Inc., HotJar, Mix Panel, Pendo.  How do you change cookie preferences or block cookies?   For the performance cookies and targeting cookies when starting a new session on our portals, you can choose to opt-out of these. It is possible that any advertising you receive will be less targeted as a result, but the portals should function correctly.  If you wish to disable the strictly necessary cookies, then within your browser you can choose whether you want to accept cookies or not. Different browsers make different controls available to you. Generally, your browser will offer you the choice to accept, refuse or delete all cookies, third-party cookies, or specific website cookies. Each browser’s website should contain instructions on how you can do this.  If you block these cookies on our portals, certain features and services may not function properly. 

6. Company policy towards minors

Our Portals are for a general audience.  We do not intentionally collect personally identifiable information from users of this Site who are under the age of 13. 

7. Threat Assessment and Protection

We have standardized enterprise-wide analysis of software-related threats within the organization and have prioritized proactive improvement of threat coverage throughout the organization to ensure that there are no leaks of the data we collect. 

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure we have put in place the following suitable physical, electronic and managerial procedures to secure the information.  

  1. Implement strong access controls, including strong passwords, input validations, multi-factor authentication, and role-based access permissions.
  2. Use secure protocols (SSL/TLS version 1.2 and higher) for data transmission and avoid transmitting sensitive data over unsecured networks. 
  3. Establish clear data retention policies and securely dispose of data that is no longer needed. 
  4. Kerner Norland is keeping systems and software up to date with the latest security patches.
  5. Conduct regular security audits, and assessments to identify vulnerabilities and implement necessary measures.
  6. Encrypted the offline data stored on the device using strong encryption algorithms. 
  7. Established secure key management techniques to store and handle encryption keys (API keys).
  8. Data protection by design and default.
  1. Monitoring and reporting in a file any unauthorized or illegal access attempts.
  2. Monitoring specific activities such as who accesses personal data and with whom the data are being shared.
  3. Keeping a record of how long the data are to be stored while being stored.
  4. The data are encrypted, pseudonymized, and anonymized whenever possible, to protect them from any unauthorized access. 

8. Storage and Retention

We may keep information and content in our systems, backup files and archives as follows;

  1. Utilized encryption for data at rest and in transit.
    • Strong hashing for sensitive information in the database tables.
    • Server-side encryption by default in the database.
  2. Obtaining regular backup and testing the backup and recovery procedures. 
  3. Monitoring and logging access (only metadata), network traffic, and system activities for detection of security incidents and getting monitored via Security Operation Centre. 
  4. Classified data based on sensitivity and applied appropriate security controls over the Risk Based Authentication. 

We will retain your personal data as long as necessary to provide you with the services requested. However once your account has been deleted/de activated, your personal data will be stored in our archives for six months from the de activated date and we will remove it from our systems, records and/or take steps to properly anonymize it so that you can no longer be identified from it, unless we need to keep your personal data, including if we need to keep your personal data to comply with legal or regulatory obligations to which we are subject. 

9. Your Rights

  1. Right of access- You may have the right to obtain from us confirmation as to whether personal data concerning you is processed, and, where that is the case, to request access to the personal data.
  2. Right to rectification- You may have the right to obtain from us the rectification of inaccurate personal data concerning you. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  3. Right to object- If the processing of your personal data is based on legitimate interests, you may have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data by us and we can be required to no longer process your personal data. Moreover, if your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case, your personal data will no longer be processed for such purposes by us.
  4. Right to fair treatment- We will not discriminate against you for exercising any of your privacy rights. Irrespective of your standing on your privacy preferences, we will provide the services.
  5. To restrict the use of your information- You can request to restrict the use of your information.
  6. To complain to a supervisory authority – If you have any complaints regarding the data collected and the usage of it, you have the right to lodge a complaint to a superior authority. 

10. How to Contact Us

If you have any questions or concerns regarding the Privacy Policy, please feel free to contact us at the following email or telephone number; 

Email: support@workshiftly.com 

Phone:  (+65) 3158 0280