St. Hilda’s Community Services Centre Privacy Policy

  1. We at Hilda’s Community Services Centre, take your personal data and privacy seriously. This policy explains how we manage your personal data in compliance with Singapore’s Personal Data Protection Act 2012 (“PDPA”).
  2. Personal data refers to data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. Examples of personal data which you may provide to us include your name, residential address, email address, and contact number.
  3. This policy applies to all personal data which we may collect from you or your authorised representative through telephone calls, emails, WhatsApp, SMS, Facebook, or any other communication means, in relation to the provision of social services by St. Hilda’s Community Services Centre or from any other form of interaction with you or your authorised representative, or from third parties.


CHANGES TO THIS PRIVACY POLICY

  1. This Privacy Policy may be changed over time. Any changes will become effective when we post the revised Privacy Policy on our website or mobile application. This Privacy Policy was last updated on 28th July 2021.


COLLECTION, USE AND DISCLOSURE OF YOUR PERSONAL DATA 

  1. Unless specified, the personal data which we may collect are deemed to be voluntarily given by you. The types of sensitive information we collect include records of communication between us. It may include, from time to time, information you provide us or we collect from others.
  2. We may collect your personal data in the following ways, when you:
    • Contact (e.g. telephone call, email, WhatsApp, SMS, Facebook) us to:
        •  ask for/seek support;
        • refer us to someone in need of our support;
        • enquire about our services;
    • Make a donation (financial and/or in-kind);
    • Sign-up as a volunteer;
    • Request to be in our mailing list;
    • Apply for financial assistance schemes;
    • Receive in-kind/sponsored gifts;
    • Participate in community outreach activity/event;
    • Apply for employment;
    • Respond by email to a web or direct communication;
    • Have a photo or video of yourself taken at our events;
    • Provide your personal data to us for any other reason.
  1. The type of personal data we may collect from you includes the following:
    • When you engage us for our social services, we will ask for your name, NRIC number, residential address, email address, contact number, date of birth, medical conditions (if necessary), emergency contact, name of next-of-kin, income, assets.
    • When you apply to work for St. Hilda’s Community Services Centre, we will collect your contact details, resume, and any other information you elect to provide us. We use these details to evaluate your application and to communicate with you regarding that open role.
  2. If you choose to interact with us through social media, your personal data (such as your name and the fact that you are interested in St. Hilda’s Community Services Centre) will also be visible to all the visitors of your personal account or page on such social media platform, according to your privacy settings on the social media services. St. Hilda’s Community Services Centre is not responsible for the processing of such personal data or the privacy policy of such social media websites. When you communicate with us through social media (for example, when you post a comment, upload media, send a personal message or become a fan of us by clicking the “Like” button), we may receive personal data about you (such as your username, profile photo, your location, and your email address). We will use the data received from social media in accordance with this Privacy Policy.
  3. You should ensure that all personal data submitted to us is complete, accurate, true and correct. Any failure on your part to do so may result in our inability to provide you with the products and services you have requested. We shall have the right to request for documentation and carry out the necessary checks to verify the personal data provided by you as part of our user verification processes or as required under law.
  4. St. Hilda’s Community Services Centre processes your personal data for the following purposes:
  • to administer or provide social services to you or our clients;
  • to confirm or verify your / our client’s identity;
  • to assess applications or inquiries for our services;
  • to communicate with clients’ next-of-kin, guardians, deputies, donees or caregivers with regards to our client’s welfare or affairs, our services or in case of emergency;
  • to conduct reference or background checks to protect our clients’ safety and interest (if necessary);
  • to bill for any of our services and to request for, or enforce, payment of the same;
  • to carry out payment transactions in relation to payments related to you. In order to carry out such payment transactions, payment information, which may include personal data, will be transferred to third parties such as our payment service providers;
  • to better serve you by matching your preferences or needs with our services;
  • to communicate with you regarding our website, services, fundraising, campaigns, activities, events, promotions or surveys, including changes to our terms and conditions and policies;
  • to provide you with information we think you may find useful or which you have requested from us;
  • to provide you with information on select third parties’ websites, products, services, programs or events which we think may be of interest to you;
  • to respond to your queries or requests;
  • to manage our service operations;
  • to improve our website, products, services, or programs;
  • to carry out research, data analysis, or surveys relating to our activities;
  • to investigate or process any wrongdoing, complaints, feedback, enforcement action or legal action in relation to our activities or website;
  • for legal purposes, including obtaining legal advice, managing disputes and risks, complying with any laws, regulations, legal obligations or law enforcement requests;
  • to conduct audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
  • to store, host, back up data, including personal data;
  • to prevent a threat to life, health or safety, if necessary;
  • any other purposes relating to the above purposes.
  1. We may disclose or permit the disclosure of your personal data with or transfer your personal data to third parties for the above-mentioned purposes. These third parties include but are not limited to: service providers in respect of payment services, data analytics, research, marketing, fundraising, customer service, information technology and website hosting, professional services, and their service providers and related companies.
  2. We may share your personal data with third party service providers such as payment service providers for them to provide services to you. Your acceptance or use of the third party service provider’s services shall be subject to terms and conditions as may be agreed between you and the third party service provider. Upon your acceptance of the third party service provider’s service, the collection, use, disclosure, storage, transfer and processing of your data (including your personal data and any data disclosed by us to such third party service provider) shall be subject to the applicable privacy policy of the third party service provider, who shall be deemed the data controller of such data. You agree that any queries, issues or complaints relating to your acceptance or use of the third party service provider’s services shall be directed to the third party service provider in accordance with their applicable privacy policy.
  3. We may share your personal data with a competent public authority, government, law enforcement or regulatory agency as permitted or required by applicable law or regulations.
  4. If we disclose your personal data to third parties, we endeavour to ensure that the third parties keep your personal data secure from unauthorised access, collection, use, disclosure or processing and retain your personal data only for as long as your personal data is needed to achieve the above-mentioned purposes or in compliance with applicable laws.
  5. We may transfer or permit the transfer of your personal data outside of the jurisdiction for any of the purposes set out in this Privacy Policy. However, we will not transfer or permit the transfer of any of your personal data outside of such jurisdiction unless the transfer is in compliance with applicable laws.
  6. You should rest assured that we do not sell your personal data to any third party. Our employees and any third parties engaged by us are contractually obligated to protect the privacy and confidentiality of your information.
  7. If you have provided to us any third party’s personal data, you shall be deemed to have obtained that party’s consent for the relevant purpose of providing the personal data to us.
  8. Additionally, we may disclose your personal data to third parties if we believe that we are required by law to so disclose or that such disclosure is reasonably necessary to protect the rights, property or safety of our clients, the public or us.


WITHDRAWAL OF CONSENT; ACCESS OR CORRECTIONS

  1. You may withdraw your consent to any collection, use or disclosure of your personal data for any of the purposes set out in this Privacy Policy, or request for access, or make corrections, to your personal data held by us, or make a complaint to us about any possible breach of the PDPA or this Privacy Policy on our part, at any time. We may charge a fee in relation to any request to access, or make corrections, to your personal data held by us. In order to facilitate processing of your request, it may be necessary for us to request further information relating to your request. To the extent permissible under law, we may refuse such requests if deemed unreasonable.
  2. You may request:
    • access to your personal data held by us;
    • correction or deletion of your personal data (but only where it is no longer required for a legitimate business purpose);
    • that you no longer receive marketing communications;
    • that the processing of your personal data is restricted.
  1. If you would like to request access to, correction or deletion of your personal data, or request that the processing of your personal data be restricted, or opt out of marketing communications, you may email us at info@sthildascsc.org.sg.
  2. If you make a specific request, the request must:
    • provide enough information for us to be able to verify you are the person whose personal data we hold or are an authorised representative of that person. We cannot respond to your request unless we can verify your identity or authority to make the request. If possible, this can be done by making the request via your password protected account. If not, we will aim to verify your identity based on personal data we already hold about you. If we need to request further information from you in order to verify your identity, we will only use that personal data for the purposes of identifying you or that you have authorized the request;
    • describe your request in enough detail so that we can properly locate the personal data the request relates to.
  1. We will respond to your request consistent with applicable law.
  2. If your personal data has been provided to us by a third party, you should contact that third party to make such queries, complaints or access and correction requests to us on your behalf.
  3. You should note that if you withhold or withdraw your consent to the collection, use or disclosure of your personal data for any purpose, we may not be able to provide or continue providing any of our products and services to you or you may not be able to access certain parts or functions of the website. It is also possible that by doing so, you may breach your contractual obligations to us.
  4. If you have any issues, queries, or complaints regarding the processing of your personal data, please email us at info@sthildascsc.org.sg.


SECURITY OF YOUR PERSONAL DATA

  1. We have implemented technology and policies with the objective of protecting your personal data from unauthorized access and improper use. In particular, we use encryption and apply authentication and verification processes for access to our services, and we regularly test, assess and evaluate the effectiveness of our security measures. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “Request” section above.
  2. We will retain your personal data for as long as we are required or permitted to by law or as relevant for the purposes for which it was collected. We will cease to retain your personal data, or render anonymous or remove such data which can identify you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data was collected, and is no longer necessary for any legal purpose or purpose related to the provision of our social services.


COOKIES AND SIMILAR TECHNOLOGIES

  1. Hilda’s Community Services Centre uses cookies and similar technologies that collect and store information when you visit our website or use our application. This is to enable St. Hilda’s Community Services Centre to identify your internet browser and collect data on your use of our website, which pages you visit, the duration of your visits, and identify these when you return so that we can improve your experience. You can control and set your cookie preferences by adjusting your browser settings.


MISCELLANEOUS

  1. This Privacy Policy, our privacy practices and your use of the Service shall be governed by Singapore law. We make no representation that this Privacy Policy and our privacy practices comply with the laws of any other country. If you are not residing in Singapore, your use of our website shall be deemed to mean that you will not hold us responsible for any non-compliance with the laws of your residence to the extent that such laws are applicable. Further, by your continued use of our website, you consent to the transfer and use of your personal data outside your jurisdiction.
  2. Any questions you may have regarding your personal data or this Privacy Policy should be directed via email to info@sthildascsc.org.sg.