> PDPA
The Organisation shall fully comply with the obligations and
requirements of the Personal Data Protection Act 2012 (PDPA 2012). The
Organisation’s officers, management and members of staff shall, at all times,
respect the confidentiality of and endeavour to keep safe any and all personal
data collected and/or store and/or transmitted and/or used for, or on behalf
of, the Organisation.
The Organisation shall endeavour to ensure all collection,
storage, transmission and other handling or usage of personal data by the
Organisation shall be done in accordance with the obligations and requirements
of the PDPA 2012.
Where an individual legitimately requests access to and/or
correction of personal data relating to the individual, held by the
Organisation, then the Organisation may provide and/or correct that data in
accordance with the time and manner stipulated within the PDPA 2012.
Types of Personal Data Collected from Donors, Supporters, Volunteers, Staff, Residents
For the purpose of carrying on the Organisation’s activities
and businesses, including sale, provision, registration, administration,
operation of halfway house, work therapy projects, social enterprise, donation
receipts, management of residents, volunteers and related services and
operations (including relevant online services and billing service), you as our
Donor, Supporter, Volunteer, Staff, Residents, Partners, Service/Product
Customer, Vendor may be requested to provide personal data such as, but not
limited to, the following, without which it may not be possible to satisfy your
request:
a) Name;
b) NRIC/Fin/UEN (Company & Organisation) Number;
c) Correspondence address, Service Provision Address, and/or
billing address;
d) Contact details, including name and telephone number or
email address;
e) Account details, including account numbers, service
numbers, or user accounts;
f) Payment details, including credit card and banking
information.
In some instances, you may also be requested to provide
certain data that may be used to further improve the Organisation operational
activities and/or better tailor the type of information presented to you. In
most cases, this type of data is needed for the new intake of our mandated or non-mandated
resident or staff or applicant for a job in the Organisation where the
requested service is a personalised service, or provision of the service is
dependent on your providing all requested data. Failure to provide the
requested data may prevent the Organisation from providing the residential
rehabilitation programme or offer the job position to you. This type of data
may sometimes include, but is not limited to:
a) Age;
b) Gender;
c) Marital Status;
d) Salary range and employment details;
e) Education and Profession;
f) Hobbies and leisure activities;
g) Family history and Genogram;
h) Fostering Experience;
i) Financial Status;
j) Criminal Records and admission to Prison/DRC details;
k) Addictions details;
l) Legal status;
m) Medical profile;
n) Religious Faith;
o) Halfway House experience;
p) Needs Assessment
In support of the management and operational activities of
the Organisation, information may be automatically collected relating to those
services or nature activities of a Charity so the Organisation may perform
accurate reporting and administration of your accounts such as, but not limited
to, call/connection time, duration, origin, and destination.
The Organisation’s web servers may also collect data
relating to your online session, the use of which is to provide aggregated,
anonymous, statistical information so that the Organisation may better meet the
demands and expectations of visitors to its sites.
Under certain circumstances, telephone calls made to and
from the Organisation’s order and/or service hotlines and/or inquiry telephone
numbers will be recorded for the purposes of quality control, the time of
calling, such recordings are NOT personal data of the caller and therefore, in
respect of the callers, are not subject to the various provisions of the PDPA
2012 and the caller has no rights and/or claims either statutory, contractual
or tortious, over or to such data. At all times, care is taken to protect such
recordings from in advertent and/or unauthorized access.
The Organisation’s Halfway House Centre and the Operational
Units operated by Social Enterprise are under CCTV surveillance for security,
management of residents and staff purposes. At all times, care is taken to
protect such recordings from in advertent and/or unauthorized access. Access to
such recordings will only be produced to authorize personnel/law enforcer e.g.
Police, Court, Prison Officer and etc.
Purpose for Collection, Processing and Disclosure of
Personal Data Your personal data may be used for:
Disclosure
The Organisation may, where such disclosure is necessary to
satisfy the purpose, or a directly related purpose, for which the data was
collected provide such information to the following parties:
(a) Any related enterprises or affiliates establishments;
(b) Any person or Organisation who is acting for or on
behalf of the Organisation, or jointly with the Organisation, in respect of the
purpose or a directly related purpose for which the data was provided;
(c) Any other person or Organisation who is under a duty of
confidentially to the Organisation and has undertaken to keep such information
confidential, provided such person or Organisation has legitimate right to such
information;
(d) The Organisation dealers, agents, contractors, suppliers
and other telecommunication, information service providers and content
providers; its professional advisers, including its accountants, auditors and
lawyers;
(e) Government and regulatory authorities and law
enforcement agencies and other organisations, as required or authorised by law;
and
(f) Any other purposes as may be agreed to between you and
the Organisation, including the purposes set out in any application or terms
and conditions for the supply of specific goods and services.
Consent
All personal information collected would be used or disclosed only for the purposes for which it was collected.
Access and Correction
The Organisation fully complies with the “Rights of Access
and Correction” obligations of the PDPA 2012.
Any personnel with their personal data parked with the
Organisation may exercise the right to access and correction the personal data
upon request.
Withdrawal of Consent
The Organisation fully complies with the “Rights of
Withdrawal of Consent” obligations of the PDPA 2012.
Any personnel with their personal data parked with the
Organisation may exercise their right to Withdrawal of Consent for stopping the
receiving of newsletters, magazines, correspondences, events and etc. from the
Organisation.
Withdrawal of Consent is allowed as it is not violating any
other obligations or legislation or regulation of law enforcers, government
agencies or requirements for the operation of a non profit organisation of
Halfway House.
Retention
The Organisation will destroy any personal data it may hold in accordance with its internal policy. Generally speaking, the Organisation policies follow closely to the obligation of applicable statutory or contractual obligation.
Accuracy
Where possible, the Organisation will validate data provided using generally accepted practices and guidelines. This includes the use of check sum verification on some numeric fields such as account numbers or credit card numbers. In some instances, the data provided will be validated against pre-existing data held by the Organisation. In some cases, as per the requirements of the statutory or contractual obligation, the Organisation is required to see original documentation before the personal data may be used, such as Personal Identity Card, Work Pass and/or proof of address. For the purpose of ensuring accuracy or authenticity of the identity document supplied to us, we expect personnel to produce their identity document in person for checking at a time convenient to them.
Security Safeguards
All personal data held by the Organisation will be kept confidential. Appropriate security safeguards are in place to protect personal data against unauthorised access, misuse, disclosure, copying, use, alteration, accidental loss or theft, destruction or damage. Only authorised personnel(s) have access to our systems.
Updates to the Privacy Policy
The Organisation will ensure regular updates or not more
than a period of three (3) months of the Privacy Policy to go in line with the
latest legislation requirements announcement in PDPA website.
Our mechanisms and processes are in place to receive and
address feedback or inquiries about our policies and procedures relating to the
handling of personal data. Appropriate measures will be taken to amend policies
and procedures if a feedback is found to be justified.
Cookies
We do not use “cookies”, “web-bugs” or any other tracking technologies to collect information from users of our web site.
Links to the other website
Our Organisation’s website contains links to other sites. Please be aware that we are not responsible for the privacy practices of other sites. This Privacy Policy applies solely to information collected by this website.
Prevailing Terms
Any other obligations to applicable statutory or contractual obligation will be prevailed then the PDPA 2012 as stated in government law and regulations.
Contact us
If you have any queries on the privacy policy and how we use
your personal data, you could reach out Data Protection Officer (DPO) through
the following means,
(a) Data Protection Officer: Mr Freddy Wee
(b) By email to dpo@breakthroughmissions.org.sg
(c) By post to: Breakthrough Missions
The Data Protection Officer
24 Yew Siang Road
Singapore 117758
Date of Publication: 1st July 2014
