Privacy Policy

2.4. SGH will make reasonable effort to ensure that Personal Data collected by or on behalf of SGH is accurate and complete. However, it is the responsibility of individuals to ensure that Personal Data provided to SGH is accurate, complete, up-to-date and correct. SGH shall not be liable for any loss or damage arising from or in connection with any inaccurate or incomplete information provided to SGH by any individual. Where you provide SGH with Personal Data of an individual other than yourself, you warrant that you are authorised to do so, and have informed and obtained the consent of such individual in respect of the purposes such Personal Data may be collected, used and disclosed by us in the manner set out in this Policy.

2.5. SGH may disclose Personal Data to third parties (local or overseas) for any of the purposes described in this Policy, including to the following:

2.5.1. third parties which SGH may partner with from time to time to conduct events, programs, trainings;
2.5.2. professional advisors, consultants, insurers, service providers, subcontractors or agents;
2.5.3. law enforcement agencies, relevant government ministries, regulators, statutory boards or authorities in compliance with applicable laws and regulations, notices, codes of practice or guidelines; and
2.5.4. any third party to whom the individual authorises us to disclose Personal Data, or to whom such disclosure is permitted or required under applicable laws.

2.6. SGH will generally require third party recipients to give an undertaking to protect the Personal Data disclosed and to only use or disclose such Personal Data for the purposes described herein. SGH shall ensure that such disclosures or transfers (local or overseas) shall be done in a manner that is secure and compliant with the requirements of the PDPA.

3. ACCESS, CORRECTION AND WITHDRAWAL REQUESTS

3.1. Individuals who wish to exercise their right to access or correct their Personal Data records held by SGH or to withdraw their consent for the use and disclosure of their Personal Data (or to do so on behalf of another individual) must make the request in writing (with full particulars included) to the SGH Data Protection Officer (“DPO”) at the contact details provided below.

3.2. SGH shall be entitled to ask further questions or for evidence to verify the requestor’s identity, and, if the requestor is submitting a request on behalf of another individual, the identity of such other individual and the requestor’s legal authority to validly act on behalf of such other individual.

Access

3.3. Subject to the permitted exceptions in applicable laws, upon written request, SGH will provide the requesting individual with (a) Personal Data about the individual that is in the possession or under the control of SGH; and (b) information about the ways in which such Personal Data has been or may have been used or disclosed by SGH within a year before the date of the request.

3.4. A reasonable fee may be charged for an access request. If so, SGH will inform the requesting individual of the estimated fee before processing such request. SGH reserves the right not to provide access to the requested Personal Data until the individual has paid the access fee.

3.5. SGH will respond to access requests as soon as reasonably possible. Should SGH not be able to respond to the access request within 30 calendar days of receiving such request, SGH will inform the requesting individual in writing within 30 calendar days of the time by which SGH will be able to respond to such request and/or the reasons SGH is unable to do so.

3.6. Where SGH has refused to provide any Personal Data requested for pursuant to an individual’s access request, SGH will preserve a copy of the Personal Data concerned for not less than the 30 calendar days after the date of refusal of the access request (or such other period under applicable laws).

Correction

3.7. Subject to the permitted exceptions in applicable laws, upon written request, SGH will correct any error or omission in the Personal Data about the requesting individual that is in the possession or control of SGH.

3.8. SGH will respond to correction requests as soon as practicable. Should SGH not be able to respond to the correction request within 30 calendar days of receiving such request, SGH will inform the requesting individual in writing within 30 calendar days of the time by which SGH will be able to respond to such request and/or the reasons SGH is unable to do so.

Withdrawal

3.9. The consent provided by individuals for the collection, use and disclosure of their Personal Data will remain valid until such time it is being withdrawn by such individual in writing.

3.10. SGH will allow individuals to, upon reasonable notice, withdraw any consent provided to SGH previously and to request SGH to cease collecting, using and/or disclosing such individual’s Personal Data for any or all of the purposes described herein. Upon receipt of a withdrawal notice, SGH will inform the individual of the likely consequences of withdrawing consent.

3.11. SGH will respond to withdrawal requests as soon as reasonably possible. Should SGH not be able to respond to the withdrawal request within 10 working days of receiving such request, SGH will inform the requesting individual in writing within 10 working days of the time by which SGH will be able to respond to such request.

3.12. SGH is generally not obliged to delete or destroy Personal Data after an individual’s withdrawal of consent, and such Personal Data will continue to be protected and retained in accordance with SGH’s internal policies and applicable laws.

4. PROTECTION AND RETENTION

4.1. SGH will make reasonable security arrangements to protect the Personal Data that SGH possesses or controls to prevent unauthorised access, collection, use, disclosure, copying, modification or disposal or similar risks, and the loss of any storage medium or device on which Personal Data is stored.

4.2. In the course of undertaking their work, all SGH staff, ministry personnel, and other designated persons (including members and/or volunteers) (“SGH Personnel”) will ensure the administrative, physical and technical security of all Personal Data that they access or process. Such measures include ensuring that:

4.2.1. soft copy databases containing Personal Data are password protected;
4.2.2. access to the softcopy databases containing Personal Data are given only to authorized SGH Personnel on a “need-to-know” basis;
4.2.3. only authorized SGH Personnel are allowed to save any copies of databases in their own computer hard drives or portable storage drives;
4.2.4. authorization to view, access, modify or delete databases containing Personal Data shall only be given by the church elders or deacons, and a record of authorized personnel shall be kept by the DPO; and
4.2.5. hardcopy forms such as Connect Slips and other consent or registration forms containing personal information under the ministries’ care shall be kept in secured cabinets.

4.3. SGH may retain Personal Data for as long as it is necessary to fulfil the purpose for which it was collected, for any business or legal purpose, or where otherwise permitted or required by applicable laws. Without limiting the generality of the foregoing:

4.3.1. SGH will retain the following data of registered members indefinitely for record-keeping purposes: name, date of birth, date of baptism, date of marriage and date of death;

4.3.2. records containing Personal Data of guests and visitors will be retained for at least 3 years after such individual ceases attending any SGH events, programs or worship services.
 
4.4. SGH may choose to anonymise, aggregate or otherwise perform de-identification of Personal Data where necessary.

4.5. In the event SGH has reason to believe that a data breach affecting Personal Data in its possession or under its control has occurred, SGH will conduct, in a reasonable and expeditious manner, an assessment of whether the data breach is a notifiable data breach under the PDPA. If SGH has assessed that the data breach is a notifiable data breach, SGH will make the necessary notifications to the Personal Data Protection Committee, and where required, any affected individual(s), in accordance with applicable laws.

5. EXISTING PERSONAL DATA

5.1. SGH will continue to use Personal Data that has been collected before 2 July 2014 for the purposes for which the Personal Data was collected, unless the individual has withdrawn consent. If there is a different purpose for the use of the Personal Data, SGH will obtain consent for the new purpose.

6. PHOTOGRAPHY, VIDEO AND AUDIO RECORDINGS

6.1. SGH may collect Personal Data of individuals where identifiable individuals are captured in photographs, videos or audio recordings.

CCTV

6.2. For security reasons, SGH may collect Personal Data through CCTV footage from CCTVs deployed at SGH’s premises. SGH will place notices around SGH’s premises to enable individuals to have sufficient awareness that CCTVs have been deployed for security or surveillance purposes.

Photos and Videos at SGH meetings or events

6.3. SGH may collect Personal Data from photographs, videos or audio recordings captured at SGH meetings or events. These photographs, videos or audio recordings may be used by SGH for its internal communications and external publications (whether in print or electronic form).

6.4. For SGH-organised events, it will generally be stated in the invitation/sign-up form that photos of attendees will be taken at the function for publicity purposes on print and electronic media. Appropriate notices will also be put up at appropriate places to inform the attendees during the event.

6.5. Please note that SGH is not responsible for, and has no control over, photographs, videos or audio recordings made by persons acting in their own personal or domestic capacity, for example, if a member takes photos for his or her own personal purposes at a service, meeting or event by SGH. If SGH wishes to use photos, videos or audio recordings containing Personal Data which are taken by members or visitors in their personal or domestic capacities for SGH’s purposes, SGH will obtain the relevant individual’s consent.

7. POLICY UPDATES AND REVIEW

7.1. This Policy was last updated on 18 April 2021. This Policy will be maintained and updated by the DPO, reviewed and approved by the Committee of Elders, and the latest version of this Policy will be published on our website.

7.2. You are encouraged to regularly check our website to stay updated on any changes to this Policy. By continuing to interact with SGH, communicate with SGH or attend any meetings, services, events, programs or trainings by SGH, you are deemed have to consented to the then-current version of this Policy.

7.3. This Policy shall be governed by and construed in accordance with the laws of the Republic of Singapore.

8. CONTACT

8.1. If you have any questions, feedback or requests, please contact the SGH DPO at the contact details below:

Attention: Data Protection Officer
Email : dpo@singhalls.org
Address: Singapore Gospel Halls
601 Ang Mo Kio Ave 4, Singapore 569898