Personal Data Protection Policy
Data Protection Policy
PERSONAL DATA PROTECTION STATEMENT
TRINITY THEOLOGICAL COLLEGE (“TTC”) takes its responsibilities under the Personal Data Protection Act 2012 (the “PDPA”) seriously. We recognise the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
This Data Protection Policy is designed to give you an understanding of how we collect, use and/or disclose the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Data Protection Officer (the “DPO”) at:
Telephone number: +65 6767 6677
Email address: [email protected]
1) INTRODUCTION TO THE PDPA
1.1 “Personal Data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include names, identification numbers, contact information, medical records, photographs, and videos taken during events or seminars organised by TTC or its affiliates, or within our premises.
1.2 Personal Data collected through the TTC website, hardcopy forms (eg, registration forms, application forms) and other channels will be handled in accordance with the PDPA.
2) PURPOSES FOR COLLECTION, USE & DISCLOSURE OF PERSONAL DATA
2.1 Depending on your relationship with us (eg, as an applicant, student, alumnus, staff, donor, vendor, service provider, or other person related to our College), the personal data which we collected from you may be used and/or disclosed for the following purposes:
- Human resource administration;
- Programme and course registration, enrolment, and management;
- Student management and provision of services by the College;
- Meet reporting request from sponsoring churches/organisations or individual donors;
- Event organisation and management;
- Fundraising and donation drives;
- Donor/Supporter management;
- Tenancy/Rental management;
- Service intermediation (insurance and banking);
- Queries and request handling;
- Meet regulatory, internal governance and audit requirements (eg, Student Pass applications, Charity Portal declarations);
- Publicity, communications, archives; and
- Purposes which are reasonably related to the above.
2.2 If you provide us with any personal data relating to a third party (eg, information of your spouse, children, parents, employer and/or referee), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.
3) SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
3.1 We respect the confidentiality of the personal data you have provided to us.
3.2 In that regard, we will not disclose any of your personal data to any third parties without first obtaining your express consent permitting us to do so. However, please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:
(a) the disclosure is required for the administering of a group insurance scheme;
(b) the disclosure is required based on the applicable laws and/or regulations;
(c) the purpose of such disclosure is clearly in your interests and consent cannot be obtained in a timely way;
(d) the disclosure is necessary to respond to an emergency that threatens the life, health, or safety of yourself or another individual;
(e) there are reasonable grounds to believe that the health or safety of yourself or another individual will be seriously affected and consent for the disclosure of the data cannot be obtained in a timely way, provided that we shall, as soon as may be practicable, notify you of the disclosure and the purposes of the disclosure;
(f) the disclosure is necessary for any investigation or proceedings;
- the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer; and/or
(g) the disclosure is to a public agency and such disclosure is necessary in the public interest.
3.3 The instances listed above at paragraph 3.2 are not intended to be exhaustive. Please refer to http://statutes.agc.gov.sg for the full list.
3.4 In all other instances of disclosure of personal data to third parties with your express consent, we will provide for adequate forms of protection over such personal data and confidentiality and security in the handling and administration of your personal data by such third parties in compliance with the PDPA and our data protection policies.
4) REQUEST FOR ACCESS, CORRECTION AND/OR WITHDRAWAL OF PERSONAL DATA
4.1 You may request to access and/or correct the personal data currently in our possession or withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control at any time by submitting your request through the following methods:
E-mail: [email protected]
Singapore telephone number: +65 6767 6677
Office address: 490 Upper Bukit Timah Road, Singapore 678093
4.2 For a request to access personal data, we will provide you with the relevant personal data within a reasonable time from such a request being made.
4.3 For a request to correct personal data, we will process your request, including undertaking necessary verification activities, as soon as practicable after the request has been made.
4.4 For a request to withdraw consent, we will process your request within a reasonable time from such a request for withdrawal of consent being made.
5) ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
5.1 We will take appropriate measures to keep your personal data accurate, complete, and updated.
5.2 We will also take reasonable efforts to take appropriate precautions and preventive measures to ensure that your personal data is adequately protected and secured.
Appropriate security arrangements will be taken to prevent any unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorised use of your personal data by third parties which are wholly attributable to factors beyond our control.
5.3 We will also take reasonable efforts to ensure that the personal data in our possession or under our control is destroyed and/or anonymised as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any other legal or business purposes.
5.4 This Data Protection Policy applies only to the TTC website and data collected by TTC. Our website may contain links to other independently-managed websites whose data protection and privacy practices may be different from ours. You are encouraged to examine the privacy policies of those websites.
6) UPDATES ON DATA PROTECTION POLICY
6.1 This Policy may be updated from time to time in accordance with prevailing government regulations.
Updated 25 Jul 2022