Personal Data Protection Policy

Singapore Kindness Movement (‘we’, ‘us’, ‘our’, etc.) respects the right of individuals to protect their personal data.

This data protection policy gives you information about how we collect, use and disclose personal data about you while recognising both your right to protect personal data about you and our need to collect, use or disclose it for purposes that we believe are reasonable and appropriate in the circumstances of our work.

It applies to the personal data of all individuals (‘you’, ‘your’, etc.) who are our programme participants, donors to us, our employees, including volunteers, and online users of our website. For our programme participants, ‘you’, ‘your’, etc. also includes a parent or parents, a legally-appointed guardian and another caregiver who takes responsibility for the programme participant’s welfare.

If you are not in any of these categories but we collect, use or disclose personal data about you in the course of our charitable work this data protection policy will apply to that personal data consistently with the way in which it applies to the above individuals.

We have developed this Data Protection Policy to assist you in understanding how we collect, use, disclose, process and retain your personal data with regards to:

Our Website Service https://www.kindness.sg

Purposes for us collecting, using or disclosing personal data

We collect personal data from or about our programme participants and our potential programme participants and from our donors, employees and other individuals. We use and/or disclose that personal data so that we are able to provide our services for the following purposes:

• Communicate with customers, members and website visitors
• Provide advertisement, newsletters, promotional updates and/or other relevant information to stakeholders who are interested in our , programmes, events and products
• Process and administer donations received
• Process applications for registration of our programmes and/or events
• Process applications for volunteering opportunities at our events and/or services
• Process applications for grants
• Processing & administration of employment records
• Contact winners of contests/competitions
• Process referrals, enquiries, orders and customer service (exchange or returns) for products and/or services
• Process payment for purchases and transactions
• Update records in our database
• Investigate complaints, claims and disputes

(or as described on our website) efficiently and effectively and so that we can comply with our legal obligations.

Our collection, use and disclosure of personal data

Where possible, we collect personal data directly from you. We do this in various ways, including telephone and in-person meetings and interviews, forms and questionnaires. This may also include the following:

• When you subscribe to an online portal
• When you purchase an item
• When you send in your job application form
• When you sign in as a visitor
• When you make payment
• When you leave your contact details online

If at any time you would prefer not to provide some personal data that we request, please let us know. We will then explain our purpose for collecting that personal data. If you still do not wish to provide it we will discuss with you whether or not we can proceed without it. We may not be able to do so.

We collect, use, or disclose personal about you only if:

• you give, or are deemed to have given, your consent under the Personal Data Protection Act (PDPA) to us collecting, using or disclosing that personal data or
• collection, use or disclosure by us of that personal data without your consent is required or authorised under the PDPA or any other written law

Where we ask you to consent to us collecting, using or disclosing personal data about you we will first inform you of our purposes for doing so. We will not use or disclose personal data about you for any other purposes without first informing you of the additional purposes and getting your consent to us doing so for the additional purpose(s).

In some circumstances, you are deemed to have consented to us the collecting, using or disclosing personal data about you for a purpose. For example, if you pose for a photograph by our photographer at one of our events or if you fill up a job application form and send it to us you are deemed to have consented to us collecting, using or disclosing the personal data about you that is in the photograph (that is, your image) or the job application.

We may collect personal data about you from another individual or organisation if you have given that other individual or organisation consent that allows it to disclose personal data to us. We will use or disclose it only for the purposes for which the other individual or organisation disclosed it to us.

Types of Personal Data We Collect About You

The types of personal data we collect about you may include:

• Personal Details
• Personal Contact Information
• Photos & Video Footage
• Family Background & Details
• Academic History
• Education & Professional Qualifications
• Employment Details & History
• Financial Information
• Criminal Background/Past Offences

Who We Disclose Your Personal Data To

We disclose some of the personal data we have collected about you to the following parties or organisations outside Singapore Kindness Movement:

• Marketing & Communications Agencies Employees / Staff
• Delivery Services
• Partners
• Information Technology Service Providers
• Insurance Companies (Group Insurance for Employees)
• Ministry of Manpower (MOM)

We are permitted by the PDPA to collect, use or disclose personal data about you without your consent in various circumstances that include the following:

• if it is publicly available or if it is business contact information
• if it is disclosed to us by a public agency and the collection is consistent with the purpose of the disclosure by the public agency
• if it is necessary for any purpose that is clearly in your interests and consent cannot be obtained in a timely way
• if it was provided to us by another individual to enable us to provide a service for the personal or domestic purposes of that other individual
• if there is an emergency
• if we do so for evaluative purposes (such as assessing a job or volunteering application)
• where the disclosure is related to law enforcement or where the collection, use or disclosure is in connection with certain legal issues

If you would like more information about the circumstances under which we may collect, use or disclose personal data without your consent, please contact our Data Protection Officer.

If you browse our website, we do not capture any data that allows us to identify you.

Withdrawing your consent

On giving us reasonable notice, you may at any time withdraw any consent you have given, or are deemed to have been given, to us collecting, using or disclosing personal data about you for any purpose. Any notice of withdrawal of consent should be given in writing (which includes email) sent to our Data Protection Officer.

The consequences of you withdrawing consent to us collecting, using or disclosing personal data about you for any purpose may be onerous for you. Therefore:

• we may require you to provide proof of your identity and
• we will inform you in writing (which may be by email) of the likely consequences of withdrawing your consent for the specified purpose

If you still wish to withdraw your consent we will act on your request and cease collecting, using or disclosing the personal data, unless doing so without your consent is required or authorised under the PDPA or other written law. We will also cause any and all of our data intermediaries to cease collecting, using or disclosing the personal data.

In addition, we will cease to retain our documents containing that personal data, or remove the means by which it can be associated with you, as soon as it is reasonable for us to assume that retention is no longer necessary for our legal or business purposes.

Access to personal data and information about use

On request by you, we will as soon as reasonably possible provide you with:

• personal data about you that is in our possession or under our control and
• information about the ways in which we have, or may have, used or disclosed that personal data within a year before the date of your request

Your request to us should be made in writing (which includes email) sent to our Data Protection Officer. We may require you to provide proof of your identity.

There are some circumstances where we are not required to provide you with information, and others where we are not allowed by the PDPA to do so. In some circumstances, we may be able to provide you with limited information. You may obtain information about all of these circumstances from our Data Protection Officer.

We may charge you a fee for providing you with access to your personal data or information about how we may have used or disclosed it. The fee will reflect our incremental costs associated with responding to your request. You may obtain information about the fee from our Data Protection Officer.

Correction of errors in, or omissions from, personal data about you

You may request us to correct an error or omission in the personal data about you that we hold or that is under our control. Your request to us should be made in writing (which includes email) sent to our Data Protection Officer. We may require you to provide proof of your identity and/or documents or other evidence supporting your request.

There are some circumstances where we do not make a correction and other circumstances where we are not required to act on such a request. You may obtain information about these circumstances from our Data Protection Officer.

Unless we are satisfied on reasonable grounds that a correction should not be made, we will correct the personal data as soon as practicable. We will also send the corrected personal data to every other organisation to which we have disclosed it within a year before the date we made the correction (unless that other organisation does not need the corrected personal data for any legal or business purpose). Alternatively, with your consent, we will send the corrected personal data only to specific organisations as agreed with you.

Another organisation that has disclosed your personal data to us might notify us that it has corrected it. If this happens, unless we are satisfied on reasonable grounds that we should not make the correction, we will correct your personal data that is in our possession or under our control.

Accuracy of personal data

We make reasonable efforts to ensure that personal data that we collect about you or that is collected our behalf is accurate and complete if we are likely to use it to make a decision that affects you or we are likely to disclose it to another organisation

Protection of personal data

We take reasonable steps to ensure the security of personal data about you that is in our possession or under our control and to protect it against risks such as loss or unauthorised access, destruction, use, modification or disclosure. Only authorised personnel are permitted to have access to personal data about you.

Retention of personal data

We cease to retain documents containing personal data about you, or we remove the means by which it can be associated with you, as soon as it is reasonable to assume that the purpose for which we collected that personal data is no longer being served by its retention and retention is no longer necessary for legal or business purposes.

Complaints procedure

We strive for excellence in providing services to our programme participants and in all our interactions with donors, and with our employees (which includes our volunteers), as well as with the community generally. This includes our compliance with the PDPA.

Please direct any queries or complaints you have about the way in which we collect, use or disclose personal data about you to our Data Protection Officer. Generally, we are unable to deal with anonymous complaints because we are unable to investigate them. If you raise a complaint anonymously we will nevertheless note the matter raised and, if possible, try and investigate and resolve it appropriately.

Whenever you make a complaint our Data Protection Officer will seek to obtain sufficient information from you to enable us to investigate it. Please be prepared to provide our Data Protection Officer with information as to, for example:

• the type of action, or lack of action, by us that has given rise to your concern
• whether it was an isolated incident or is ongoing and, in the case of an isolated incident, when it occurred
• a copy of any relevant correspondence you hold and
• details about what you consider should have happened or should not have happened

Immediately upon receiving a complaint, our Data Protection Officer must investigate it and within two business days advise you of:

• the outcome of the complaint and the reasons for that outcome or
• write to you (which may be by email) advising you that the Data Protection Officer needs more time to investigate the complaint and stating when the Data Protection Officer expects to have resolved the complaint for you

If a complaint is settled to your complete satisfaction, our Data Protection Officer is not required to advise you in writing of the outcome of the complaint, unless you request a written response (which may be by email).

If a complaint is not settled to your complete satisfaction, our Data Protection Officer will advise you of the outcome of the complaint and the reason(s) for that outcome in writing (which may be by email). If you are not satisfied with the outcome, you may take your complaint to the Personal Data Protection Commission.

Do-Not-Call (DNC) Provisions

Please note that we do not engage in telemarketing activities. Therefore, our organisation is not subjected to the DNC rules.

Tracking of User Activity

Cookies
We use “cookies” to collect information about your activity on our Web site. Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Behavioral Remarketing

The following is used for remarketing services for purposes of advertising.

Google AdWords
Singapore Kindness Movement uses remarketing services to advertise on third party websites to you after you have visited our Service. We, and our third-party vendors, use cookies to inform, optimize and serve ads based on your past visits to our Service.

Google
Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page.

Links To Other Sites

Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. It is important that you review the Privacy Policy of every site you visit.

We have no control over, or unable to assume any responsibility for the content, privacy policies or practices of any third party sites or services.

Changes To This Data Protection Policy

We reserve the right to review, amend and/or update this data protection policy at any time and from time to time.

Data Protection Officer

If you:

• have any question or feedback relating to your Personal Data or our Data Protection Policy;
• would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or would like to obtain access and make corrections to your Personal Data records, please contact our Data Protection Officer a [email protected] or 67619100.