ZION BISHAN BIBLE-PRESBYTERIAN CHURCH
(last updated 26 June 2014; address updated 22 Jan 2015; Data Protection Officer updated 1 Jan 2020)
PERSONAL DATA COLLECTED
4. The Church will collect, as the circumstances warrant, personally identifiable information, such as your name, NRIC/Passport number, age, gender, marital status, occupation, e-mail address, home or work address or telephone number. The Church may also collect information that may be personally identifiable when used in conjunction with other information which the Church has in its possession such as (for the purposes of illustration only) your previous social, professional, family, church or ministry background.
7. The Church will only collect, use and disclose your Personal Data for the purposes for which it was collected. This includes (but is not limited to) the purposes of employment, fund raising, planning events, member services, providing information and updates. Such purposes will be expressly notified to you on the collection of the Personal Data.
8. Subject to the Clauses below, Personal Data collected will not be used for different purposes unless the Church obtains your prior consent.
10. The Church will be the sole owner of the Personal Data collected by or on behalf of the Church.
11. Consent may be explicitly given, in the form of official Consent Forms and/or clear and express written consent. A copy of your signed Consent Form may be requested for your own records.
12. Consent may also be deemed to be reasonably given in certain circumstances as permitted by law.
13. Please note that the Church does not require your consent to use information that is publicly available. Publicly available information will generally include any information that is available to the public such as information disclosed in public forum, photographs and videos taken at events and locations that are open to the public. This will also include CCTV camera footage that may be captured at certain points within the Church’s premises. Almost all Church events and activities are considered by the Church as public events, and an event or activity may be considered by the Church as a public event notwithstanding that registration may be required for participation in the same.
14. The Church will not, as a condition of providing its services to you, require you to consent to the collection, use or disclosure of Personal Data about yourself beyond what is reasonable to provide its services to you, nor will it obtain or attempt to obtain consent for collecting, using or disclosing Personal Data by providing false or misleading information with respect to the collection, use or disclosure of the personal data, or using deceptive or misleading practices.
15. The amount and the type of Personal Data collected shall be limited to what is reasonably necessary to fulfil the stated purposes.
16. Any Personal Data collected which may be considered optional with regard to the stated purpose will be clearly marked as such.
17. The Church will not disclose, share, transfer or sell Personal Data to any 3rd parties.
18. The Church does not send unsolicited commercial marketing emails or other forms of commercial advertisements to persons who have provided their Personal Data unless such have been consented to.
19. In certain situations as permitted by law, the Church will disclose your Personal Data to 3rd parties for certain purposes (ie. arranging for deliveries, data processing, etc). In such cases, only what is reasonably required will be disclosed.
20. The Church will also only disclose your Personal Data, without notice, if required to do so by law or in the good faith belief that such action is necessary to:
(a) conform with the law;
(b) comply with legal process served on the Church;
(c) protect and defend the rights or property of the Church; and
(d) act under exigent circumstances to protect the personal safety of persons.
21. The Church will not display or make publicly available, whether through online directories, customer lists or otherwise, the Personal Data collected.
22. The Church does not retain Personal Data for longer than is reasonably necessary for the purposes for which the Personal Data was collected. Your Personal Data will be destroyed in the following situations:
(a) Your Personal Data is no longer required to be kept for legal and/or business purposes; and
(b) The purpose for which the Personal Data has been collected is no longer served by retention;
23. This policy will apply to the Personal Data of deceased individuals for a period of 10 years from date of death, after which the information may be used, disclosed and/or destroyed at the Church’s discretion.
24. The Church’s internal guidelines and procedures to govern the removal/destruction of Personal Data as aforesaid may, for example, involve a combination of the following:
(a) Transferring the softcopy/hardcopy data to a person authorized by you;
(b) Returning original and/or provided copies of the information to you; and/or
(c) Destruction of all softcopy and hardcopy personal data in our records.
25. The Church may in certain circumstances retain Personal Data for administrative purposes (i.e. preparing annual reports, financial statements, etc). In such situations, the Personal Data should be anonymised.
26. The Church monitors and tracks the usage of its website. If you are concerned that your Personal Data may be collected as a result and do not wish your Personal Data to be collected, please install the add-on at https://tools.google.com/dlpage/gaoptout.
28. If Personal Data is provided to the Church by a 3rd party, the Church will verify such Personal Data with you and obtain your consent for the collection, use and/or disclosure of such Personal Data for the purposes for which it was provided.
29. The Church will use reasonable efforts to protect the confidentiality and integrity of Personal Data you submit.
30. Only authorised personnel have access to the Church’s Personal Data database.
INDIVIDUAL ACCESS AND CORRECTION
31. You may submit a written request to our Data Protection Officer(s) to request for:
(a) a copy of your Personal Data and/or obtain information as to how your Personal Data is currently being used by the Church;
(b) the correction and/or update of your Personal Data.
32. The Church may require you to verify your identity before any of the aforesaid requests are entertained or processed.
33. We will respond to your request within a reasonable time to provide the information or data requested for and to make any requested changes.
WITHDRAWAL OF CONSENT
34. You may withdraw your consent to the use of your Personal Data for the purposes for which it was collected. You may also similarly withdraw your consent for any other purposes you may have subsequently consented to. Consent may also be withdrawn for the use of specific parts of your personal data.
35. For administrative purposes, all applications for such withdrawal of consent must be made in writing to the Church’s Data Protection Officers. The application for the withdrawal of consent must be signed by you and contain the following information:
(a) Your name, address and identification number (if applicable);
(b) Date of the request;
(c) Purpose of which consent is being withdrawn; and
(d) Whether or not consent is to be withdrawn for the use/disclosure of whole or just part of your Personal Data.
37. Upon receipt of the application for withdrawal of consent, the Church will notify you of the consequences of the withdrawal of your data (ie. Services may potentially be unable to be provided due to restriction on the use/disclosure of the information).
38. The Church advises you that you are still responsible for any legal obligations and/or repercussions arising out of the withdrawal of your consent. The Church will not be liable for any liabilities arising out of your withdrawal of consent for any reason.
THE “DO NOT CALL” REGISTRY
39. The Church does not engage in commercial practices such as telemarketing and will not use your personal data to contact you regarding such matters.
40. Please note that messages that promote charitable or religious causes are not covered in the “Do Not Call” provisions and the Church may contact you with regard to its services and/or existing or upcoming events.
41. Messages concerning the following are also exempt from the restrictions in the “Do Not Call” provisions:
(a) any message which is necessary to respond to an emergency that threatens the life, health or safety of any individual;
(b) any message the sole purpose of which is to facilitate, complete or confirm a transaction that you have previously agreed to enter into with the Church;
(c) any message the sole purpose of which is to deliver items or services which you are already entitled to receive under the terms of aforementioned transactions;
(d) any message the sole purpose of which is to provide notification concerning a change in your standing or status with regard to a subscription, Church membership, or any ongoing commercial relationship involving the ongoing purchase or use by you of goods or services offered by the Church.
42. Under the Personal Data Protection Act 2012, the Church is not required to disclose internal procedures and methods that are not related to its obligations under the Act.
43. You may through a written request to our Data Protection Officers request for the following information regarding the handling of your Personal Data:
(a) policies and practices of the Church;
(b) the mechanisms and processes implemented by the Church;
(c) the feedback and complaint process implemented by the Church.
44. Any queries and feedback should be addressed to our Data Protection Officer(s) at:
Mr David Tock
Contact Number: 6353 8081
E-mail Address: email@example.com
4 Bishan Street 13
Mondays – Fridays
9.00am – 5.30 pm
Ms Lydia Lim
Contact Number: 6353 8081
E-mail Address: firstname.lastname@example.org
4 Bishan Street 13
Tuesdays – Fridays
9.00am – 5.30 pm
45. Further questions and inquiries may be directed to the Personal Data Protection Commission at:
PERSONAL DATA PROTECTION COMMISSION
Telephone +65 6377 3131
Operating Hours 8.30am – 6.00pm (Mondays – Thursdays)
8.30am – 5.30pm (Fridays)
Closed on Weekends and Public Holidays
46. Nothing in this Policy and/or information provided by or on behalf of the Church or its Data Protection Officers constitutes legal advice regarding the laws and responsibilities imposed by the Personal Data Protection Act 2012. If you require further clarification after consultation with our Data Protection Officers, please seek independent legal advice.
END OF DOCUMENT