At Sigrid we respect the privacy and confidentiality of our clients’ personal data and the personal data about or relating to all other individuals that we collect, use, disclose and store while operating our business, including to provide our services to our clients.
We are committed to implementing policies, practices and processes to safeguard our collection, use, disclosure and storage of the personal data. We are incorporated in the Republic of Singapore, and we comply with its Personal Data Protection Act. We also observe applicable requirements of the General Data Protection Regulation (GDPR) of the European Union.
When you register your interest in knowing more about us
When you visit our website and register your interest in knowing more about us, we collect only your name and email address. At this stage, we use this personal data only to respond to your expression of interest including, generally, to send you an invitation to complete a qualification questionnaire and do not disclose it to any third party, except our IT vendor(s) who may see it as part of their provision of services to us.
When you complete our qualification questionnaire
We hope that you will choose to complete our qualification questionnaire. If you do so, we collect general information about your job role and work life generally, for example:
• your primary occupation and approximately how many people work for you
• your approximate travel frequency and general destinations (by geographic region), your approximate meeting frequency and scheduling and your typical level of interaction with people within your organization and outside it
• the IT systems and/or applications you use for scheduling and expense management and
• which tasks you need support with from Sigrid
We use this information to understand your support needs broadly, to obtain insights into them and to assess whether Sigrid would be likely to be able to support them well. We also use it to contact you and as a basis for discussing your support needs with you. We do not disclose the information in your beta tester questionnaire to any third party, except our IT vendor(s) who may see it as part of their provision of services to us.
When you become a SigridAI client
If we reach a general agreement with you that Sigrid meets your needs and that you are keen to engage us we will send you information about our onboarding process, which commences after you provide us with your payment card details to make your first payment to us. We will collect, use and disclose your credit card details to process your initial payment to us, your ongoing monthly payments to us and unless you agree a different payment arrangement with us, your payments for travel and other expenses incurred at your request.
Onboarding you as a SigridAI client
A vital part of the Sigrid onboarding process is for us to learn more about you and the way you would like Sigrid to support you. We will invite you to complete further questionnaires (pre-populated with the information you have already provided to us in our earlier questionnaire). Also, you may choose to provide additional personal data that you foresee will be necessary to enable your Executive Assistant or our support team (referred to in the following as 'your EA' or your Executive Assistant') to provide services to you that you want to obtain from Sigrid. For example, if you want your Executive Assistant to be able to book international flights and hotel accommodation for you then you will need to provide your passport details and your flight and hotel preferences to us. You may choose to provide additional personal data such as your frequent flyer program and/or hotel loyalty program details and passwords to us.
During the onboarding process, we will ask you to provide personal data about or relating to third party individuals (such as individuals with whom you are frequently in contact and individuals who serve as your emergency contacts). Whenever you provide such third party personal data – that is, during the onboarding process or later, including when you update previously provided third party personal data – you confirm to us that you have obtained consent from the relevant third party to you disclosing their personal data to Sigrid.
It is not compulsory for you to provide to us any of the additional information we request for the onboarding process, including the personal data of third party individuals. However, where you prefer not to do so our level of service to you may be adversely impacted.
After onboarding you as a Sigrid client
You may at any time and from time to time provide additional personal data to us that you believe necessary or simply useful to enable your Executive Assistant to serve you better. For example, if at the onboarding stage you did not want your Executive Assistant to book flights for you but subsequently change your mind you may provide SigridAI with your passport details and flight preferences for that purpose.
In addition, over time you might decide to divulge all manner of personal data to your Executive Assistant – possibly as much, or more, than you might choose to divulge to an on-site executive assistant, and you might choose to do so even if it is not directly relevant to Sigrid providing you with an Executive Assistant. SigridAI will collect all such personal data and store it in its Client Fact Book and Client Secure Vault to provide you with a more personalized and world class service.
Purpose for collecting, using, disclosing and storing personal data
Sigrid will use and disclose the personal data we collect from you either during the onboarding process or subsequently only for the purposes of:
• providing the services to you that you request at any time and from time to time through your Executive Assistant and
• to the extent reasonably necessary, for its internal management, record-keeping and governance purposes
Consent and withdrawal of consent
By choosing to provide us with personal data in the circumstances described above, you consent to Sigrid collecting, using and disclosing personal data for the purposes described above in accordance with the Personal Data Protection Act.
You may at any time and with reasonable notice withdraw your consent to Sigrid using and disclosing any personal data about, or relating to, you for any purpose. You may also do so by telling your Executive Assistant about your withdrawal of consent.
Accessing and correcting personal data
You are responsible for the completeness and accuracy of the personal data that you provide to Sigrid. If you would like to know what personal data we hold about, or relating to, you at any time you may check its completeness and accuracy with your Executive Assistant who will be happy to tell you what personal data Sigrid holds about you and to tell you how Sigrid has used and disclosed it within the previous 12 months.
Similarly, you may update or otherwise correct the personal data about, or relating to, you that is held by Sigrid by asking your Executive Assistant to amend it for you.
Protecting personal data
We have implemented an Information Security Policy that governs how Sigrid protects personal data and confidential information that is in our possession [or under our control] and make reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks to personal data and confidential information. This includes a higher level of protection for important personal data, such as your passport details and payment card details.
All Sigrid employees are obliged to take reasonable and appropriate measures to maintain the confidentiality and integrity of personal data and confidential information that you provide to us. Individual employees will have access to it only on a ‘need to know’ basis.
Where we need to disclose personal data to data intermediaries or processors, Sigrid selects them carefully with regard to their capability in protecting personal data and implements strong contractual protection of the personal data that they process on our behalf.
Retention of personal data
Sigrid will not retain any personal data about, or relating to, you in our possession or under our control when it is no longer necessary for any business or legal purposes. You may also ask us to delete any personal data about, or relating to, you.
Sigrid has a Document Retention Policy that spells out how long we ought to retain each type of personal data. Certain retention periods are based on statutory or regulatory requirements. Where personal data no longer has any business or legal use, we will delete or destroy it securely.
Cross-border transfer of personal data
Sigrid uses carefully selected cloud services providers to maintains its information technology systems and personal data may be located on servers in various countries and provides its services from locations in the Philippines.. Therefore, whenever we collect personal data, it is stored in our cloud services providers servers and accessed by our employees in the Philippines for the purposes stated under ‘Purpose for collecting, using, disclosing and storing personal data’ above.
We protect personal data in the Philippines to a standard that is comparable to the Personal Data Protection Act in Singapore and the General Data Protection Regulation in the European Union.
If you have any questions or feedback about the way Sigrid collects, uses, discloses or stores personal data, please do not hesitate to let us know. If you have any concerns or complaints about the way Sigrid collects, uses, discloses or stores personal data, please raise them with us.
You may raise questions, provide feedback, or share your concerns or complaints with us through your Executive Assistant or by contacting our Data Protection Officer through DPO@sigrid.ai.
Sigrid treats all communications with you seriously and will deal with them confidentially and within a reasonable time.
Version 1.2: published on 01 July 2018.