For the most part, your consent will be sought to collect, use and disclose personal data, subject to certain exceptions. Your consent may be expressed in writing (including electronic writing), orally, or through your authorised representatives. In certain circumstances, it may also be deemed or implied. We will not ask you to provide personal data as a pre-condition for providing a product or service if the purpose is beyond what is reasonable to provide that product or service.
The Personal Data Protection Act allows us to collect, use, disclose and transfer your personal data without your consent in the following situations:

A fuller list of such situations may be found in the Second, Third and Fourth schedules of the PDPA.
You may withdraw your consent by giving us written notice and allowing us a reasonable period of time. But do note that withdrawing consent may mean that we may not be able to provide those services that require the use of the personal data withdrawn.

What personal data do we collect?

AA will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the law or comply with legal process served on AA or the site; (b) protect and defend the rights or property of AA; or (c) act under exigent circumstances to protect the personal safety of users of AA, or the public.

Whenever we collect, use or disclose your personal data, we will tell you why we are doing so. Your personal data will be collected, used and disclosed for the purposes you consented to, or as permitted or required by law.

We collect, use and disclose personal data for these reasons:

We will inform you of the purposes for which we collect your personal data before or at the time that we collect the personal data from you. For personal data that we intend to use or disclose, we will inform you of the purposes before using or disclosing them.

Should you need clarification, do contact your consultant who, if he or she is not able to answer your question immediately, will be able to find the person in the company who will be able to do so.

You can ask us about the personal data we have about you or that is in our control. You may also ask us about personal data we have used or disclosed to others up to a year earlier. Your request should be written and you should give us a reasonable period to respond to you. Because responding to your request requires additional time and effort on our part, we will charge a reasonable fee. We will inform you of the fee before responding your request.

Subject to certain exceptions under the PDPA, you will be given access to your personal data. Such access is usually to verify the accuracy and completeness of information. You may request that your personal data be corrected, amended, or withdrawn as appropriate.

We will make all reasonable effort to ensure that your personal data will be as accurate, complete and as up-to-date as is practicable. To this end, we encourage you to access, review and correct regularly the personal data that you have given to us and to update these as promptly as you can so that we will always possess complete and accurate data on you.

We will correct and update the personal data you supply as soon as is practicable..

We will keep your personal data only for as long as is necessary to serve the purposes for which they were collected, or for as long as they are needed for our business and operational reasons.

We may store or process your personal data with trusted organisations outside Singapore. Unless otherwise permitted by the Personal Data Protection Commission, when we do so, we will ensure that the organisation will be able to protect our personal data to a standard comparable to that under Singapore law. All such organisations will be prohibited from using your personal data except as instructed by us and they are required to maintain the confidentiality of your personal data.

Information about our data protection policies and practices will be made available to you upon request. This request is to be directed to our Data Protection Officer whose contact information is at the end of this Policy.