Respect and protection of your Personal Data
At Singapore Red Cross (SRC), we will protect and respect your personal data in line with the Personal Data Protection Act 2012 (the “PDPA”) and our personal data protection policy. By volunteering or providing your personal data to SRC, it will be deemed that you have agreed and consented to the collection, use and disclosure of your personal data by SRC and its related entities in the manner described below. For purposes of this notification, “SRC Entities” includes Singapore Red Cross (SRC) and organization(s) authorized and established by Singapore Red Cross (SRC). This notification describes how the SRC entities and its representatives and/or agents (collectively, “SRC”, “we”, “us”, “our” or similar expression) may collect, use, disclose and manage your personal data.
Collection, Use And Disclosure Of Personal Data
SRC’s personal data protection policy applies to all individuals whose personal data is within SRC’s possession or control. Personal data generally includes any data that can be used to identify a natural person, such as name, identification number or address, but excludes business contact information. If you have provided the personal data of another individual (such as a family member or next-of-kin), you agree that you have obtained his/her consent to SRC ’s collection, use and disclosure of his/her personal data according to SRC ’s personal data protection policy or that you validly give us such consent on their behalf. In accordance with the PDPA, we have processes and procedures in place to ensure that such personal data is collected, used and disclosed only for the following purposes:
- evaluating and assessing the suitability for job applicants;
- verification of identity;
- volunteer engagement;
- donor engagement;
- member engagement;
- regulatory reporting;
- business and internal administrative purposes, such as internal records and references or to process any queries or feedbacks;
- facilitation of any business asset transactions (which may extend to any sale, transfers, assignments or novation of assets, rights or obligations); or
- for any other purposes for which we have obtained your consent, for which you may be deemed to have provided consent or are reasonably related to the foregoing.
SRC may also share or refer your personal data to relevant third parties, strictly on a need-to-know basis. Such third parties may include individual or corporate business partners such as volunteers and sponsors, SRC ’s service partners, vendors and government agencies. SRC may use, collect and disclose the personal data for the purposes mentioned above. If you are unable to provide your consent, we will not be able to provide the intended services or information you are requesting for (if any). We may also collect, use and disclose personal data where required or permitted by laws or regulations binding on SRC for any purpose.
Access and Correction
Under the Act, you have the right to request for information about your personal data that is in our possession or under our control. You can also request for information about the ways in which your personal data has been or may have been used or disclosed by us. An administrative fee may be imposed on you for the request. Please email request to firstname.lastname@example.org.
Withdrawal of Consent
You have the right to withdraw any consent that you have given to us. Please let us have any notice of withdrawal in writing, indicating your instructions clearly. If you withdraw your consent for the collection, use or disclosure of your personal data, we will put the withdrawal into effect within thirty (30) working days of your request. Please email request to email@example.com.
Accuracy Of Personal Data
SRC will keep personal data as accurate, complete and up to date, taking into account its use and the interests of our members, volunteers and donors. Where possible, we will validate data provided using accepted practices and guidelines. This might include a request to see original documentation before we use the personal data such as data with personal identifiers and/or proof of address.
Protection Of Personal Data
SRC protects personal data against loss or theft, as well as unauthorized access, disclosure, copying, use or modification with security safeguards appropriate to the sensitivity of the personal data, regardless of the format in which it is held.
Retention of Personal Data
SRC will retain your personal data only for as long as the purposes for which such data is collected or used (as notified to you) continues, or where necessary for our legal or business purposes. Thereafter, SRC will delete or destroy the personal data, or remove the data that can be associated with you.
Transfer of personal data
SRC may transfer any personal data in its possession or control to another SRC entity as may be necessary to achieve the purposes set out above and to provide SRC ’s services to you. SRC may transfer the personal data outside Singapore with SRC ensuring that appropriate safeguards are put in place in compliance to PDPA.
Feedback and queries
If you have any feedback or queries in relation to the protection and retention of your personal data, you may also write to our Personal Data Protection Officer. We will look into your feedback or queries, and will provide you with a response within three (3) working days.
Changes to the notification
We reserve the right to modify or change this Notification at any time. This notification may be amended in tandem with changes in the legislation.