Personal Data Protection Policy

CARE COMMUNITY SERVICES SOCIETY (“CCSS”) is a registered charitable society. The main functions and activities of CCSS are developing, organising and providing community programmes and social services, collectively called our ‘Services’, to individuals and families in need.

 

  1. OVERVIEW
  • This is CCSS’s Personal Data Protection Policy, hereinafter called this ’Policy’.
  • This Policy describes the types of personal data that we collect, use and disclose in accordance with the Personal Data Protection Act (“PDPA”).
  • CCSS respects the confidentiality of the personal information of our stakeholders, including our Services users, clients, donors, sponsors, partners and volunteers. Such information will only be used to facilitate and enhance our mutual relationship and the delivery of our Services.
  • By providing us your personal data, you are consenting to this Policy and the collection, use and disclosure of your personal information as described in this Policy.

 

  1. Consent to collect, use and disclose

Generally, we seek consent before we collect, use or disclose any of your personal data. A lot of time, however, we rely on the following modes provided by the PDPA that allow us to collect, use and disclose your personal data without the need to seek your written or oral consent:

(i)  by ‘deemed consent’, where:

  1. a)  the personal data is provided by you voluntarily for a particular purpose known to you,
  2. b)   it is necessary for performing a contractual transaction with you, or
  3.   c)    we inform you of an intended new purpose and you do not come back by a given time to tell us that you do not want us to do so; and

(ii)  by ‘exempted consent’ (i.e. when no consent is required), where it is for:

  1. evaluating your eligibility, qualification and suitability for the course, service or position that you may have applied for,
  2. a legitimate interest of CCSS or another interested party,
  3. carrying out research on subjects relating to our Services,
  4. improving the quality and delivery of our Services, and
  5. other circumstances stipulated by the PDPA.

 

  1. TYPES OF PERSONAL DATA

 

  • By interacting with us, submitting information to us or signing up for any of our Services, you may be asked to provide us with your personal information and particulars as and when appropriate.

3.2         Such personal information may include:

  1. your full name, NRIC or passport or other identification number,
  2. your telephone or contact numbers,
  3. your mailing or email addresses,
  4. your voice, photograph(s) or video image(s),
  5. your occupation and education background.

3.3         You should ensure that such information provided to us is true, complete and accurate.

 

 

  1. PURPOSES FOR COLLECTION, USE AND DISCLOSURE

 

  • CCSS collects personal data only when necessary, and we do so only with your expressly given consent or silent consent deemed under the PDPA, unless consent is not required as stipulated by the PDPA (see clause 2 above).
  • The main purposes for which personal data is collected, used and disclosed include:
  1. to contact you regarding your enquiries and to process and administer services requested by you,
  2. for identification and verification purposes in connection with any of the services that may be supplied to you,
  3. to facilitate the collection of donations or for payment of services, programmes and activities provided by CCSS,
  4. for the purpose of assessment, training, learning purposes, and research involving stakeholders,
  5. for funding and subsidy support from donors and sponsors,
  6. for internal and external publicity purposes in print, electronic publications or collaterals, website and social media platforms, including but not limited to photographs and audio/video recordings during events,
  7. to meet or comply with CCSS’s internal policies and procedures and any applicable rules, laws, regulations, codes of practice, or guidelines, orders or requests issued by any court, legal or regulatory body,
  8. to disclose to a third party to comply with any law, legal requirements, order or direction from any court, authority or government body of any jurisdiction within or outside of Singapore,
  9. to share across other help-agencies to serve you better in terms of inter-agency service delivery and coordination, and for data analysis and research purposes,
  10. for marketing, promotional and relationship management purposes, such as sending you updates on our new services and programmes, volunteer opportunities, fund-raising projects, training courses, or other initiatives as undertaken or which involves CCSS,
  11. to maintain the security of all CCSS’s premises,
  12. to handle feedback and complaints,
  13. to process and provide tax-deduction receipts.

 

  1. SECURITY OF YOUR PERSONAL DATA

 

5.1         CCSS will not sell your personal data under any circumstances, and neither will CCSS disclose your personal data other than for purposes stated above and those allowed under the PDPA.

5.2         Your personal data will be kept confidential. However, in accordance with the aforesaid stated purposes, your personal data may be disclosed to affiliated CCSS centres and/or CCSS’s authorised third-parties. In doing so, CCSS will require such parties that your personal data be kept confidential and secure at all times.

5.3         The third-parties may include third-party service providers such as banks and payment method providers to ensure safe transactions and partners whom we may tie up with for fund-raising and related causes.

 

  1. Access to and Correction of Personal Data

 

6.1       You  have  the  right  to  know  whether  we  hold  in  our  control  and  possession  your personal data and if we do, you may, subject to the restrictions stipulated in the PDPA, request for access to such data about you as well as information about how we have used it and who we shared it with for the preceding 12 months.

6.2      You have the right, subject to the restrictions stipulated in the PDPA, to request that CCSS corrects or updates any personal data held about you that is inaccurate, incomplete or out-dated.

6.3           All  requests  for  correction  and  access  to  your  personal  data  must  be  in  writing  and addressed to our Data Protection Officer as detailed in clause 13 below. We will endeavour to respond to your request within 30 days, and if that is not possible, we will inform you of the required time.

6.4        We  may  charge  you  a  fee  for responding to your request for access to the personal  data  and information about the ways we have used and disclosed your personal data. If a fee is to be charged, we will inform you of the amount beforehand and respond to your request after you have agreed to the said fee payment.

 

  1. Accuracy of personal data

 

CCSS keeps your personal data accurate, complete and up-to-date. Where required, we will validate your personal data using generally accepted practices and guidelines. This includes request to see original documentation before we use and disclose the personal data.

 

  1. Protection of Personal Data

8.1       CCSS protects personal data against loss, theft, unauthorised access, disclosure, copying, use and modification with security safeguards appropriate to the sensitivity of the personal data.

8.2        We use various methods to safeguard, including:

  • physical measures to lock up filing cabinets, restricted access to offices and security systems
  • technical measures in the use of passwords and encryption
  • administrative measures in employing confidentiality agreements, security clearances, staff training, and limiting access on a need-to-know basis

8.3        Online  security  is  also  a  priority  for  us.  CCSS  incorporates  security  measures  such  as encryption and authentication tools to protect personal data from unauthorised use and access.

  1. Retention of Personal Data

CCSS will retain your personal data only for as long as the purposes for which they are collected, used and disclosed are being fulfilled, and necessary for our legal and business purposes. Thereafter, CCSS will delete and destroy them, or remove the means by which the personal data can be associated with you.

  1. Complaints

We take our compliance and your complaint seriously. If you wish to share with us your feedback, concerns and unhappiness with the way your personal data is handled, do let us know as we have a process to receive, hear and respond to your concerns. We study all complaints in a timely manner. After we have completed our study, we will respond to your complaint accordingly.

  1. Withdrawal of consent

 

11.1       You may request us to stop the use or disclosure of your personal data at any time by giving us notice to withdraw your given and deemed consent to the use, disclosure of your personal data in accordance with the PDPA. You may do so by contacting us at ed@ccsscares.sg.

11.2     Please allow at least ten (10) days for your request to be processed.

11.3       Please note that the use and disclosure of your personal data may be necessary for us to provide you with the Services that you requested and should you withdraw your consent to the use and disclosure of any of such requisite personal data, CCSS may not be able to continue providing the requested Services to you.

 

12           MINORS

 

12.1       CCSS is unable to distinguish the age of users who access our website. As our Services are also directed at children under the age of 16, we will erase the personal data of a minor if we become aware that information has been collected from such a person without parental or guardian consent as such.

12.2       If you come to know of the same before us, please contact us immediately to remove the relevant data of the minor.

 

  1. CONTACT US

 

13.1       If you have any queries on the foregoing or requests relating to your rights as stipulated in this Policy, please do not hesitate to contact our Data Protection Officer in writing referencing ‘CCSS Personal Data Protection Policy’ at our mailing address at  ‘Care Community Services Society, 103 Lavender Street, #01-02 CarePoint Singapore 338725’.

13.2       Alternatively, you may drop us an email addressed to ed@ccsscares.sg.

 

  1. GOVERNING LAW

 

14.1       This Policy is governed by and construed in accordance with the laws of Singapore.

14.2       You agree to submit to the exclusive jurisdiction of the courts in Singapore.