Emotify Pte Ltd Data Protection Policy
Data Protection Notice
This Data Protection Notice (“Notice”) sets out the basis which Emotify Pte Ltd (the “Data Controller”) may collect, use, disclose or otherwise process personal data of Emotify Pte Ltd’s customers in accordance with Singapore’s Personal Data Protection Act (“PDPA”). This Notice applies to personal data in the possession or under the control of Emotify Pte Ltd.
Personal Data
1. As used in this Notice:
“customer” means an individual who:
a) has contacted us through any means to find out more about any goods or services we provide, or
b) may, or has, entered into a contract with us for the supply of any goods or services by Emotify Pte Ltd; and
“personal data” means data, whether true or not, about a customer who can be identified:
c) from that data; or
d) from that data and other information to which we have or are likely to have access.
2. Depending on the nature of customer interaction with Emotify Pte Ltd, some examples of personal data which we may collect from you include your name and your contact information such as your residential address, email address or telephone number, photographs and other audio-visual information, and employment information.
3. Emotify Pte Ltd does not process any personal data classified as ‘special’ (i.e. racial, ethnic origin, sexual orientation, philosophical beliefs).
Consent to Collection, Use and Disclosure of Personal Data
4. We only collect customers’ personal data if:
a) it is provided to us voluntarily by a customer directly or via a third party who has been duly authorised by a customer to disclose their personal data to us (their “authorised representative”) after:
i. the customer (or their authorised representative) has been notified of the purposes for which the data is collected, and
ii. the customer (or their authorised representative) has provided written consent to the collection and use of their personal data for those purposes, or
b) collection and use of personal data without consent is permitted or required by the PDPA or other laws.
c) We shall seek your consent before collecting any additional personal data and before using your data for a purpose which has not been notified to you (except where permitted or authorised by law).
5. We may collect and use customers’ personal data for any or all of the following purposes:
a) operating our website;
b) communicating with customers and potential customers;
c) updating your personal and contact information;
d) performing obligations in the course of or in connection with Emotify Pte Ltd’s provision of the goods and/or services requested by customers;
e) responding to, handling, and processing queries, requests, applications, complaints, and feedback from customers;
f) managing customers’ relationship with us;
g) sending customers newsletters where they have opted to receive them;
h) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
i) any other purposes for which customers have provided information;
j) transmitting to any unaffiliated third parties including Emotify Pte Ltd’s third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
k) any other incidental business purposes related to or in connection with the above.
6. We may disclose customers’ personal data:
a) where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by customers; or
b) to third party service providers, agents and other organisations we have engaged to perform any of the functions with reference to the above-mentioned purposes;
c) where your consent has been obtained for disclosure; or
d) if required by the law or in the good faith belief that:
i) such action is necessary to conform to the edicts of the law or comply with legal processes served on us;
ii) such action is necessary to to protect and defend our rights or property.
7. Where your use of our Website is concerned, you acknowledge and accept that certain functions, when activated or used by you, will operate to send or display information about yourself, including but not limited to, your personal data, to certain third parties, and you agree to the sharing of such information with these third parties. You acknowledge and agree that we shall not be held responsible or accountable for any loss, injury or damage sustained by you arising from the activation or use of such features on the Websites.
8. The purposes listed in the above clauses may continue to apply even in situations where the customer’s relationship with us has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with the customer).
Withdrawing Consent
9. The consent that customers provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by the customer in writing. Customers may withdraw consent and request us to stop using and/or disclosing their personal data for any or all of the purposes listed above by submitting their request via email to the Data Controller at sarah@drsarahwhyte.com.
10. Upon receipt of a customer's written request to withdraw consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) to process your request and to notify you of the consequences of our acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process customers' requests within ten (10) business days of receiving them.
11. Whilst we respect customers' right to withdraw consent, please note that depending on the nature and scope of your request, we may not be able to continue providing goods or services to you. We shall notify you of this before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 9 above.
12. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.
Access to & Correction of Personal Data
13. If customers wish to make:
a) an access request for a copy of the personal data which we hold about you, or information about the ways in which we use or disclose your personal data; or
b) a correction request to correct or update any personal data which we hold,
customers may submit their request via email to the Data Controller at sarah@drsarahwhyte.com.
14. We will respond to customers' requests as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond within thirty (30) days of receiving your request, we will inform you in writing within that period of the time by which we will be able to respond. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Protection of Personal Data
15. To safeguard customers' personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures to secure all storage and transmission of personal data by Emotify Pte Ltd and to govern the disclosure of personal data internally and to Emotify Pte Ltd's authorised third-party service providers.
16. Customers should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of customers' information and are constantly reviewing and enhancing our information security measures.
Reporting of Personal Data Breaches
17. In the event of a personal data breach, we shall, to the best of our ability, notify affected customers and/or the relevant regulatory authority within three (3) calendar days of becoming aware of the breach, where the breach is notifiable under the PDPA. We will endeavour to ensure that all information furnished is complete, correct and accurate.
18. If required by law and/or regulation, we shall cooperate in notifying the relevant authorities and/or customers.
19. Notification of a breach will include, to the extent known, details regarding::
a) the (suspected) cause of the leak;
b) the (currently known and/or anticipated) consequences thereof;
c) the (proposed) solution;
d) the measures that have already been taken.
Accuracy of Personal Data
20. We generally rely on personal data provided by customers (or their authorised representative). In order to ensure that customers’ personal data is current, complete and accurate, please update the Data Controller with changes to personal data by informing the Data Controller via email at sarah@drsarahwhyte.com.
Retention of Personal Data
21. We may retain customers’ personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
22. We will cease to retain customers’ personal data, or remove the means by which the data can be associated with customers, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
Transfer of Personal Data Outside of Singapore
23. Emotify Pte Ltd acknowledges that in the course of providing our products and services, we may transfer customers’ personal data to third-party service providers or affiliates located outside of Singapore. This includes, but is not limited to, the use of third-party software such as Dropbox and Google for data storage and workspace provision, Calendly for calendar scheduling, Microsoft for email and calendar services.
24. The transfer of personal data outside of Singapore may be necessary for the following purposes:
a) Utilizing third-party services for data storage and processing;
b) Facilitating communication and collaboration with international partners or clients; and
c) operating platforms and tools integral to the running of Emotify Pte Ltd's business, which may involve the transfer of personal data outside of Singapore as part of their ordinary functioning.
25. We will take steps to ensure that customers’ personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. We engage service providers that implement reasonable security measures to safeguard your personal information.
26. By engaging with our products and services, customers consent to the transfer of their personal data outside of Singapore as outlined in this Notice.
Use of Cookies
27. The Website ( www.drsarahwhyte.com) may place and access certain cookies on your computer and/or any other electronic device used to access the Websites. We use cookies to improve your experience and to improve the efficacy of our services.
28. Cookies are small files of letters and numbers stored on your browser or hard drive. They help a website run effectively and provide the best experience for visitors, allowing them to navigate and use key features.
29. Users of the Website who wish to deny the use and saving of cookies from the Website onto their computers and/or other electronic devices should take the necessary steps within their internet browser security settings to block all cookies from this Website.
30. You can block or deactivate cookies in your browser settings and may delete them at any time. However, you may lose information that enables you to access the Website more quickly and efficiently.
External Websites
31. Our Website contains links to external websites. We make no representations as to the quality, suitability, functionality or legality of the material on external websites that are linked to, or to any goods and services available from, such websites. The material is only provided for your interest and convenience. We do not monitor or investigate such external websites and we accept no responsibility or liability for any loss arising from the content or accuracy of the material. Any opinion expressed on such external websites should not be taken as our endorsement, recommendation or opinion. This Notice does not extend to your use of such external websites. You are advised to read the privacy policy or statement of such websites before using them.
Data Controller
32. Customers may contact the Data Controller, Dr Sarah Whyte, with any enquiries or feedback on Emotify Pte Ltd’s personal data protection policies and procedures, or to make any request, as follows:
Email: sarah@drsarahwhyte.com
Address: 60 Paya Lebar Road, #06-28 Paya Lebar Square, Singapore, 409051
Effect of Notice and Changes to Notice
33. This Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of customers personal data by Emotify Pte Ltd
34. We may revise this Notice from time to time without prior notice. Customers may determine whether any such revision has taken place by referring to the date on which this Notice was last updated. Customers’ continued use of our services constitutes their acknowledgement and acceptance of such changes.
Miscellaneous
35. This Notice and its implementation will be governed by the laws of Singapore.
36. Any dispute arising in connection with or arising from this Notice will be referred to the competent Singapore court in the district where the Data Controller has its registered office.
Last updated: Monday 29 June 2026