1. INTRODUCTION
1.1 The Personal Data Protection Act 2012 (the “PDPA”) establishes a data protection law in Singapore that governs the collection, use and disclosure of personal data.
1.2 Yayasan MENDAKI respects the privacy of an individual’s personal data. As an organization that collects, uses and discloses personal data, we are committed to being in compliance with the PDPA. This Policy sets out our key personal data protection policies.
1.3 This Policy can be found online on our webpage. If you have any questions regarding the contents of this Policy or our data protection practices in general, please contact our Data Protection Officer, Mohd Khair at Tel: 6245 5837 or email at [email protected].
2. PERSONAL DATA
2.1 Personal data refers to data about an individual who can be identified from (i) that data or (ii) that data and other information to which Yayasan MENDAKI has or is likely to have access to.
2.2 Examples of personal data include: an individual’s name, photograph, address, telephone numbers (including residential, business and mobile phone numbers), NRIC number, date of birth, email address, residential address, education and employment history.
3. HOW WE COLLECT PERSONAL DATA
3.1 Given the broad range of community-based services, programmes, events and financial aid organised/provided by us, the following are ways in which we collect personal data:
(a) Through application forms or registration forms for our services, programmes, events or financial aid;
(b) When we are contacted by or referred to individuals/families seeking assistance or aid;
(c) Visits to our website to perform an online transaction/registration;
(d) Sign-ups for our newsletters and periodicals;
(e) Through interactions with our customer service officers, for example, via telephone calls, letters, face-to-face meetings, social media platforms and emails
(f) Through surveys administered by us or our third party surveying service providers;
(g) Through Personal Data shared to us by government agencies or any public agencies eg: MOE; and
(h) Through cookies in some of our webpages.
4. PURPOSES FOR COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
4.1 The collection of personal data is required in connection with our objectives of providing social assistance (eg: through our employability and tuition scheme programmes) and organising of community-based events (eg: policy forums and education seminars).
4.2 Your personal data provided may be collected, used and disclosed for the following purposes:
(a) evaluating your eligibility and suitability for your participation in our programmes and events;
(b) evaluating your eligibility and suitability for award of any loan, bursary, scholarship or other financial aid;
(c) general administration and running of our programmes and events or various forms of financial aid;
(d) monitoring of performance and compliance with the terms of financial aid or participation in our programmes/events;
(e) offering of other aid, assistance or services provided by Yayasan MENDAKI;
(f) sending updates about our events and activities;
(g) research and analysis for social assistance objectives;
(h) reviewing our policies and procedures; and
(i) any other purpose reasonable in connection with the above.
5. DISCLOSURE TO AFFILIATES AND THIRD PARTIES
5.1 Yayasan MENDAKI often works with its affiliates and other third parties in providing its services, programmes and events. As such, for the purposes state above, we may disclose your personal data to the following:
(a) our affiliates and related organisations (eg: Mendaki SENSE Pte Ltd, MENDAKI Club, Community Leaders Forum (CLF));
(b) our contractors and third party service providers;
(c) other government organisations and self-help groups; and
(d) any other person or organisation for the reasonable purposes as stated above.
6. YOUR RIGHTS OF ACCESS AND CORRECTION
6.1 Under the PDPA, you have certain rights to seek access to the personal data that is in our possession or under our control. In addition, you also have the right generally to request that we correct any errors or omissions in the personal data that is in our possession or under our control. Where possible, you may also edit your personal data in our systems.
6.2 Any requests to seek access to or correction of personal data in our possession or under our control should be sent to our Data Protection Officer.
7. ACCURACY OF PERSONAL DATA
7.1 We will make a reasonable effort to ensure that your personal data collected by us is accurate and complete. If there are any changes to your personal data, please inform us so that we can make the necessary updates.
8. LIMIT TO RETENTION OF PERSONAL DATA
8.1 We will retain your personal data only for such period of time the purpose of collection of that personal data is still being served and retention is still necessary for legal or business purposes.
8.2 Thereafter, we will decide on the appropriate means by which we will cease to retain your personal data depending on the nature of the personal data and the media it is kept/stored in. This may include but not be limited to destruction of documents or deletion of electronic data.
9. WITHDRAWAL OF CONSENT
9.1 You may withdraw your consent to any collection, use or disclosure of your personal data with reasonable notice, but there may be certain consequences as a result of your withdrawal of consent (eg we may not be in a position to process your applications or provide further services).
10. PROTECTING PERSONAL DATA
10.1 We will ensure that personal data in our possession or under our control is protected with sufficient security safeguards. These safeguards include:
(a) Storage of physical forms containing personal data in locked cabinet accessible only by authorized personnel; and
(b) Electronic files containing personal data are stored in the network servers accessible only by authorized personnel whose accounts are password-protected.
11. DO NOT CALL REGISTRY
11.1 We may call or send messages to your Singapore telephone number for marketing purposes if:
(a) You have given us clear and unambiguous consent to do so;
(b) Your Singapore telephone number is not registered on the Do Not Call Registry; or
(c) Making such a call or sending such a message is permissible under the PDPA or other applicable law.
11.2 We may also from time to time continue to call you or send you messages for other purposes not restricted by law, for example where the purpose is solely for market research and market surveys.
12. UPDATES ON DATA PROTECTION POLICY
12.1 As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
12.2 We reserve the right to amend the terms of this Policy from time to time. Any amended Policy will be posted on our website and can be viewed at http://www.mendaki.org.sg/
12.3 You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.