Data Policy


SINDA respects your choices in terms of obtaining, using, retaining and disclosing your personal data, in compliance with the requirements of the Personal Data Protection Act 2012 (“PDPA”).

We collect data to understand your needs and serve you better. From time to time, with your consent, we may share your data with government agencies, partners of SINDA or third-party vendors, so that you can benefit from the various programmes and services that may be provided by them.

SINDA has a Data Protection Policy which details how we collect, use, disclose and/ or retain your Personal Data. This Personal Data Protection Policy sets out to elaborate on:

  1. How we manage your Personal Data;
  2. Types of Personal Data we collect, use, disclose and/or retain;
  3. How we collect, use, disclose and/or retain your Personal Data; and
  4. Purpose(s) for which we collect, use, disclose and/or retain your Personal Data.

1. Background Information
Personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPA). The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and retention of personal data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

The PDPA provides for the establishment of a national Do Not Call (DNC) Registry. The DNC Registry allows individuals to register their Singapore telephone numbers to opt out of receiving marketing phone calls, mobile text messages such as SMS or MMS, and faxes from organisations.

 

2. Personal Data
In this Data Protection Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or any other identification number, telephone number(s), mailing address, email addresses, transactional data and any other information relating to any individuals which you have provided us through any forms you may have submitted to us (including in the form of biometric data), or via other modes of interaction with you.

 

3. Data Protection Policy
This data protection policy applies to SINDA. This policy governs the collection, use, and disclosure of personal data submitted to SINDA, pages of www.sinda.org.sg, and explains how we collect and handle personal data of individuals and comply with the requirements of the Personal Data Protection Act 2012 of Singapore and its regulation(s) (“PDPA”).

 

4. Collection of Personal Data
Generally, we collect Personal Data:

  1. when you submit any form, including but not limited to the application (manual/online), declaration, or referral forms;
  2. when you interact with our staff, including our front desk officers, via telephone calls (which may be recorded), letters, fax, face-to-face meetings and email;
  3. when your images are captured by us via CCTV cameras while you are on our premises, or via photographs or videos taken by our representatives or us when you attend events hosted by us;
  4. when you request that we contact you, be included in an email or another mailing list; or when you respond to our request for additional Personal Data;
  5. when you submit an employment application or when you provide documents or information including your resume and/or curriculum vitae in connection with any appointment as a staff officer, volunteer or any other position;
  6. when you use our electronic services, or interact with us via our websites or use services on our websites;
  7. when you submit your Personal Data to us for any other reason.

By providing Personal Data relating to a third party (e.g. information of your dependent, spouse, children and/or parents) to us, you represent and warrant that the consent of that third party has been obtained for the collection, use and disclosure of the Personal Data for the purposes listed above

 

5. Collection of Personal Data
Information on you and any other third party (e.g. your dependent, spouse, children and/or parents), may be collected and retained by SINDA on software and technologies provided by third-party vendors. These vendors include:

  1. 365 Smart SMS
  2. Apsis Asia
  3. Google (and related services)
  4. HireRabbit
  5. InMotion Hosting
  6. Mailchimp
  7. Microsoft Dynamics CRM
  8. Paypal
  9. SingHost
  10. Survey Monkey
  11. WordPress
  12. Wufoo
  13. Zapier
  14. Zendesk

In collecting your data, the respective third party vendor’s privacy and data collection policies will apply. SINDA reserves the right to amend the above list of third party at its discretion.

 

 6.  Use of Personal Data
Generally, we use Personal Data in the following ways:

  1. programmes and services hosted by SINDA;
  2. programmes and services hosted by any agency selected by SINDA;
  3. responding to, processing and handling your complaints, queries, requests, feedback and suggestions;
  4. verifying your identity;
  5. managing the administrative and business operations of the organization and complying with internal policies and procedures;
  6. matching any Personal Data held which relates to you for any of the purposes listed herein;
  7. requesting feedback or participation in surveys, as well as analysis for statistical, profiling or other purposes for us to design our services, understand client, preferences, and to review, develop and improve the quality of our programmes and services;
  8. managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
  9. project management;
  10. providing media announcements, interviews and responses;
  11. organising community-based events;
  12. managing and preparing reports on incidents and accidents;
  13. preventing and detecting crime;
  14. complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities; and/or
  15. Any other purpose relating to any of the above.

 

 7.   Disclosure of Personal Data
Your Personal Data held by us shall be kept confidential at all times. However, in order to enable us to carry out the purposes set forth above, we may share your Personal Data with any government agencies, partners of SINDA or third party vendors. When doing so, we will require them to ensure that your Personal Data disclosed to them are kept confidential and secure. We wish to emphasise that we do not sell your personal data to any organization.

 

 8.  Use of Cookies
A cookie is a small text file that a website can send to your browser, which may then store it on your system. We use cookies in some of our pages to collect information about users of our website (for example, store users’ preferences and record session information) and the information that we collect is then used to ensure a more personalised service level for our users. You can adjust settings on your browser so that you will be notified when you receive a cookie. Should you wish to disable the cookies associated with these technologies, you may do so by changing the settings on your browser. However, by doing so, you may not be able to use certain functions or enter certain part(s) of our websites.

 

9. Measures to protect your Personal Data
  • We have implemented generally accepted standards of technology and operational security to protect the personal data in our possession or under our control and to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All SINDA staff follow a network-wide security policy. Only authorised SINDA staff are provided access to personally identifiable information and these personnel have agreed to ensure confidentiality of this information.
  • Personal data that is kept by us will be destroyed after a reasonable period from the time when it becomes outdated or is no longer required for the purpose for which it was collected or when we receive your request to delete it.
  • SINDA conducts regular briefing sessions for staff to share the good practices in handling personal data

 

 10.  Withdrawal of Consent
You may withdraw your consent given for any or all purposes set out in this policy by sending an email to DPO@sinda.org.sg. Please include your full name and NRIC number in the email. If you withdraw your consent to any or all purposes and depending on the nature of your request, SINDA may not be in a position to continue to provide our services to you.

 

 11.  Modifications
As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures, and processes from time to time. We reserve the right to modify or amend this Policy at any time. The effective date will be displayed at the beginning of this Policy. Any amended policy will be posted on our website and can be viewed at http://www.sinda.org.sg/data-policy.You are encouraged to visit the above website from time to time to ensure that you are well-informed of our latest policies about personal data protection

 

 12.  Data Protection officer
 Role of the DPO in SINDA

  • Ensure compliance of PDPA when developing and implementing policies and processes for handling personal data;
  • Share the internal personal data protection policies and processes ;
  • Manage personal data protection related queries and complaints;
  • Alert management to any risks that might arise with regard to personal data; and
  • Liaise with the PDPC on data protection matters, if necessary;
  • Ensure annual audit is done to prevent a lapse in SINDA’s Personal Data Protection policy and processes.

 

If you believe that information we hold about you is incorrect or out of date, or if you have concerns or further queries about how we are handling your personal data, or any problem or complaint about such matters, please contact our Data Protection Officervia the following channels;

Email us at DPO@sinda.org.sg
Call SINDA’s Data Protection Officer at 6393 7276; or
Write in to: Data Protection Officer, SINDA, 1 Beatty Road, Singapore 209943.

For more information on the PDPA, please click here.