Processing of Personal Information in Singapore

For the purpose of processing your Personal Information in Singapore, we will follow the Data Privacy Principles and Regulations of the Personal Data Protection Act, 2012 (commonly known as 'PDPA’) and the Personal Data Protection Amendment Act, 2020 (‘the Amendment Act’). Please note that the following provisions will apply to you, if you are a Data Subject (resident or citizen) in Singapore, in addition to Infosys Global Privacy Statement.

Cross Border Transfer of Data

In general, Infosys Limited, domiciled in Bangalore, is the data controller processing your Personal Information. We may transfer your personal data outside Singapore to third parties including countries where the data protection legislation may differ from that of Singapore.

As per the obligations called out under PDPA, when we transfer your personal information to Infosys group companies and service providers outside Singapore, Infosys as the transferring organization ‎will remain accountable for the protection of your personal information and ensuring compliance with the applicable legislation, using contractual or other means to provide a comparable level of protection as prescribed under the PDPA. Additionally, we shall also take all the necessary steps to safeguard your data and ensure confidentiality and security of the transferred data.

Please note that before transferring such data we shall obtain your express or deemed consent. In certain situations, where the transfer is necessary for a use or disclosure and consent cannot be obtained, we shall take reasonable steps to ensure that personal data is not used or disclosed for any other purpose, than such use or disclosure.

Your Data Subjects Rights in Singapore

As a Data Subject located in Singapore, you are entitled to the following rights:

  • The right to be informed about the purpose for which we intend to collect, use or disclose your personal data.
  • The right to access the personal information that we collect about you.
  • The right to be notified about a data breach that is likely to cause you significant harm.
  • The right to withdraw consent from the collection, use and disclosure of your personal data.
  • The right to request correction of your inaccurate data.
  • The right to have your personal data which is no longer required being ceased from our retention.

If you are a resident of Singapore and you wish to exercise your data subject rights as called out above, please refer to section on exercising ‘Your Rights’ in the Infosys Global Privacy Statement.