Privacy
YOUR PRIVACY IS IMPORTANT TO US
- Introduction
- At Sagaramudra Buddhist Society (refers “SBS”) we respect the privacy and confidentiality of the personal data of our devotees , associates, and others whom we interact with in the course of providing our services. We are committed to implementing policies, practices, and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act (PDPA) 2020. We have developed this Data Privacy Policy to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession.
- How We Collect Your Personal Data
- We collect your personal data when you:
- Register any of the Society’s dharma events, offerings, activities and courses that we conduct (including processing of your applications under any government funding programmes that we are under);
- Respond to our electronic direct mails (EDMs) sent by us as part of our marketing or promotion campaigns through an authorised third party EDM service provider;
- Enquire about our Society’s range of services and courses;
- Visit our website and leave behind your contact information through our contact form;
- Communicate with us via emails or written correspondences.
- Types of Personal Data We Collect About You
- The types of personal data we collect about you include:
- Personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, employment, health and/or education details);
- Personal opinions made known to us (e.g. feedback or responses to surveys).
- We generally do not collect your personal data unless it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you after
- you or your authorised representative have been notified of the purposes for which the data is collected, and
- you or your authorised representative have provided written consent to the collection and usage of your personal data for those purposes.
- The exact data to be collected depends on the purposes and needs of SBS, which will be communicated to you on or before the data is collected.
- How We Use Your Personal Data
- We use the personal data you provide us for one or more of the following purposes:
- Enrolling you onto our events, courses, activities and any other programmes that you have signed up for;
- Assessing and processing applications, instructions or requests from you;
- Communicating with you, including providing you with updates on changes to Society’s services, events, activities and courses;
- Conduct joint marketing with other companies and service providers;
- Respond to your inquiries and feedback to improve our quality of service;
- Analyse the use of our products, services or websites;
- Transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities in Singapore or abroad, for the aforementioned purposes;
- Addressing or investigating any complaints, claims or disputes;
- Comply with or fulfil legal obligations and regulatory requirements.
- Where SBS collects data for purposes other than those listed above, SBS will disclose such purposes to the individual, by suitable means, when collecting the personal data from the individual.
- Who We Disclose Your Personal Data To
- We may from time to time disclose your personal data to any personnel of SBS or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure.
- Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
- How We Manage the Collection, Use and Disclosure of Your Personal Data
-
Obtaining Consent
Before we collect, use, or disclose your personal data, we will notify you of the purpose why we are doing so. We will obtain written confirmation from you on your expressed consent. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed. Under certain circumstances, we may assume deemed consent from you when you voluntarily provide your personal data for the stated purpose. We may rely on exceptions to the need for consent under the PDPA for the collection, use or disclosure of your personal data under the following circumstances:
- the personal data is publicly available;
- the personal data is disclosed by a public agency or disclosed to a public agency;
- the personal data is necessary for any investigation or proceedings.
-
Withdrawal of Consent
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g., without your personal contact information we may not be able to inform you of future services offered by us. Your request for withdrawal of consent can take the form of an email or letter to us, or through the “Unsubscribe” feature in an online service.
-
Use of Cookies
We use “cookies” to collect information about your online activity on our website. A cookie is a small text file created by the website that is stored in your computer to provide a way for the website to recognise you and keep track of your preferences. The cookie makes it convenient for you such that you do not have to retype the same information again when you revisit the website or in filling electronic forms. Most cookies we use are “session cookies”, which will be deleted automatically from the hard disk of your computer at the end of the session. You may choose not to accept cookies by turning off this feature in your web browser. Note that by doing so, you may not be able to use some of the features and functions in our web applications.
-
Third-Party Consent
We do not get consent on behalf of another individual. We only get consent from the individual who will be dealing directly with us.
- How We Ensure the Accuracy of Your Personal Data
- We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, not misleading and kept up to date. From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you.
- How We Protect Your Personal Data
- We have implemented appropriate information security and technical measures to protect the personal data we hold about you against loss, misuse, destruction, unauthorised alteration/modification, access, disclosure, or similar risks. We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data and will only share your data with authorised persons on a ‘need to know’ basis. When we engage third-party data processors to process personal data on our behalf, we will ensure that they provide sufficient guarantees to us to have implemented the necessary organisational and technical security measures and have taken reasonable steps to comply with these measures.
- How We Retain Your Personal Data
-
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic forms. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.
We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached.
- How We Retain Your Personal Data
-
You may write in to us to find out how we have been using or disclosing your personal data over the past year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
If you find that the personal data we hold about you is inaccurate, incomplete, misleading or not up-to-date, you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.
- Transfer of Personal Data
- Where there is a need to transfer your personal data to another country outside Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as those in Singapore.
- Mandatory Data Breach Notification
- In the unlikely event that we suffer a data breach pertaining to unauthorised access or disclosure of personal data being stored or processed by us, we will meet the PDPA's breach notification timelines and requirements to perform the needful, including but not limited to informing relevant authorities and affected individuals, based on the Significant Harm or Significant Scale definitions as set out by the PDPA.
- Contacting Us
-
If you have any query or feedback regarding this Notice, or any complaint you have relating to how we manage your personal data, you may contact our Data Protection Officer (DPO) at:
Email: dpo@sagaramudra.org.sg
Address: 5 Lorong 29 Geylang Singapore 388060
Any query or complaint should include, at least, the following details:
- your full name and contact information; and
- brief description of your query or complaint.
- We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.
- Changes to this Data Privacy Notice
- We may update this Data Privacy Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes. Changes to this Notice take effect when they are posted on our website
- (Last updated: October 2024)
隐私政策
我们对您的隐私极为重视
- 介绍
-
在海印学佛会(简称“SBS”),我们尊重与信众、合作伙伴及其他与我们提供服务过程中互动的个人数据的隐私和保密性。我们致力于实施政策和流程以保护您提供给我们的个人数据的收集、使用和披露,符合2020年新加坡个人数据保护法(PDPA)的规定。
我们制定了这份数据隐私政策,以帮助您了解我们如何收集、使用、披露、处理、保护和保留您的个人数据。
- 我们如何收集您的个人数据
- 我们在以下情况下收集您的个人数据:
- 参加我们举办的法会、活动和课程(包括我们参与的任何政府资助计划的申请处理);
- 回复我们通过授权的第三方提供商发送的电子直邮(EDMs)作为我们市场营销或推广活动的一部分;
- 询问我们学会的服务和课程;
- 参访我们的网站并通过我们的联系表单留下您的联系信息;
- 通过电子邮件或书面函件与我们进行沟通。
- 我们收集的个人数据
- 我们收集的个人数据包括:
- 个人资料(例如姓名、联系方式、住址、出生日期、身份证/护照信息、就业、健康和/或教育信息);
- 您向我们提供的个人意见(例如反馈或对调查的回应)。
- 除非您直接或通过经您授权的第三方自愿向我们提供了个人数据,否则我们不会收集您的个人数据,授权该第三方应获得
- 您或您的授权代表已被告知数据收集目的,
- 并获得您或您的授权代表对为这些目的收集和使用您的个人数据提供书面同意。
- 要收集的确切数据取决于 SBS 的目的和需求,这将在收集数据之前与您沟通。
- 我们如何使用您的个人数据
- 您提供给我们的个人数据将用于以下一个或多个项目:
- 您登记的法会、活动、课程和其他项目;
- 评估和处理您的申请、指示或请求;
- 与您沟通,包括向您提供有关服务、活动、课程的更新;
- 与其他公司和服务提供商共同进行营销;
- 回答您的询问和反馈以改善我们的服务质量;
- 分析我们的服务或网站的使用情况;
- 将数据传输给任何不相关的第三方,包括我们的第三方服务提供商和代理商,以及新加坡境内或境外的相关政府和/或监管机构,为上述目的;
- 处理或调查任何投诉、索赔或争议;
- 遵守或履行法律义务和监管要求。
- 如果SBS为除上述目的以外的其他目的收集数据,SBS在收集个人数据时,将通过适当的方式向该个人披露此类目的。
- 我们向谁披露您的个人数据
- 我们可能不时将您的个人数据披露给SBS的任何员工或第三方,在新加坡或其他国家/地区,以执行上述目的。当我们披露您的个人数据时,我们会要求他们确保个人数据的保密性和安全性。
- 如果法律要求,我们可能会向相关机构或执法机构披露有关您的个人数据。
- 我们如何管理您的个人数据的收集、使用和披露
-
获得同意
在我们收集、使用或披露您的个人数据之前,我们将告知您我们这样做的目的。我们将征得您明示同意的书面确认。我们不会收集超过在明确目的下所必需的个人数据量。如果收集、使用或披露您的个人数据有变化,我们将征求您的同意。
在某些情况下,当您自愿提供您的个人数据时,我们可以假定您已同意。
在以下情况下,我们可能依靠《个人数据保护法》中对免除同意需要的例外情形收集、使用或披露您的个人数据:
- 该个人数据是公开可获得的;
- 该个人数据是由公共机构披露的或披露给公共机构的;
- 该个人数据对任何调查或程序是必要的。
-
撤回同意
如果您希望撤回同意,您应提前通知我们。我们将告知您撤回同意的可能后果,例如,如果没有您的个人联系信息,我们可能无法通知您我们未来提供的服务。 您对撤回同意的请求可以以电子邮件或信函的形式发送给我们,或通过在线服务中的“取消订阅”功能进行。
-
使用 Cookies
我们使用“Cookies” 收集您在我们网站上的在线活动信息。Cookies 是由网站创建的小型文本文件,存储在您的电脑,为网站识别您并追踪您的偏好。
Cookie 使您无需在重新访问网站或填写电子表格时重新输入相同信息而变得更加便捷。
我们使用的大多数 Cookies 是“会话 Cookies”,这些 Cookies 将在会话结束时自动从您的电脑硬盘中删除。
您可以选择通过在网络浏览器中关闭此功能来拒绝接受 Cookies。这样做可能会导致您无法使用我们的 Web 应用程序中的某些功能。
-
第三方同意
我们不会代表其他个人获得同意。我们仅从将直接与我们联系的个人获得同意。
- 如何确保您的个人数据的准确性
- 我们将采取合理的步骤来确保您的个人数据是准确的、完整的、不误导的和最更新的。我们会定期进行数据验证以便让您更新您在本会所的个人数据。
- 如何保护您的个人数据
- 我们已经实施了适当的信息安全和技术措施,以保护我们持有的个人数据,以免丢失、误用、销毁、未经授权的更改/修改、披露或类似风险。 我们还已经建立了合理和适当的组织措施,以维护您的个人数据的机密性和完整性,并且只会根据“需要知道”的原则与授权人员共享您的数据。 当我们委托第三方数据处理人员代表我们处理个人数据时,我们将确保他们向我们提供充分的保证,已经实施了必要的组织和技术安全措施,并已经采取合理措施确保遵守这些措施。
- 我们如何保留您的个人资料
- 我们的文件保留政策会记录您以纸质或电子形式向我们提供的个人资料的保留期限。当您的个人资料不再为任何业务或法律目的所需要时,我们将不会保留任何您的个人资料。 当保留期限到达时,我们会以适当和安全的方式处置或销毁包含您个人资料的文件。
- 您如何取得和更正您的个人资料
- 您可以致函给我们,了解我们在过去一年中如何使用或披露您的个人资料。在回复您的请求之前,我们可能需要通过检查您的身份证明文件(如身份证或其他法律身份证明文件)来验证您的身份。我们将尽快在30天内回复您的请求。如果我们无法在30天内完成,我们会通知您需要多久的估计时间。我们可能会向您收取合理费用处理您的请求。 如果我们所持有的有关您的个人资料存在不准确、不完整、误导或不时效,您可以要求我们更正数据。如果我们有足够理由认为应当进行更正,我们将尽快或在收到您的请求之日起的30天内更正数据。
- 个人数据的转移
- 如果需要将您的个人数据转移到新加坡境外的另一个国家,我们将确保接收国的数据保护标准与新加坡的《个人数据保护法》(PDPA)相媲美。如果不符合这一标准,我们将与接收方签订合同,以确保提供与新加坡相同水平的数据保护。
- 强制数据泄露通知
- 在我们存储或处理的个人数据遭受未经授权访问或披露的情况下,我们将根据PDPA的泄露通知时间和要求履行必要的义务,包括但不限于根据PDPA规定的“重大伤害”或“重大规模”定义,通知相关机构和受影响的个人。
- 联系我们
-
如果您对此通告有任何疑问或反馈,或者有关我们如何管理您的个人数据的任何投诉,您可以联系我们的数据保护相关人员(DPO):
电子邮件:dpo@sagaramudra.org.sg
邮寄:5 Lorong 29 Geylang Singapore 388060
任何疑问或投诉请包括以下详细信息: 您的名字和联系信息;以及 您的疑问或投诉的简要描述。 我们会认真处理您的疑问和反馈并在合理的时间内处理。
- 您的名字和联系信息;以及
- 您的疑问或投诉的简要描述。
- 我们会认真处理您的疑问和反馈并在合理的时间内处理。
- 隐私政策的修订与更新
-
我们会不时更新此隐私政策。更新后的政策会在我们的网站上发布。请定期参访我们的网站以了解任何更改。
网站上发布的更新政策时将即时生效。
(更新于: 2024年10月) *请以英文版本为准
