And Jesus answering said unto them, Render to Caesar the things that are Caesar's, and to God the things that are God's.
— Mark 12:17a (KJV)

Data Protection Policy

Introduction
  1. First Evangelical Reformed Church (“FERC” or “the Church”) recognises the importance of safeguarding personal data when dealing with information relating to its members, worshippers at its services, attendees of its programs, visitors and staff, and therefore is committed to fully implementing and complying with the provisions of the Personal Data Protection Act (the “Act”). FERC’s Personal Data Protection Policy set out here explains the procedures and systems in place to comply with the Act (the “Policy”) in respect of personal data as defined under the Act.

  2. The personal data that FERC may collect, use, and disclose includes the following:
    1. Personal details (e.g. Name, age, gender, religion, marital status)
    2. Addresses (e.g. Residential and email addresses)
    3. Contact numbers (e.g. telephone numbers)
    4. Identification details (e.g. NRIC, FIN, passport and permit numbers)
    5. Photographs and video recordings
    6. Employment history, qualifications

Purposes for the Collection, Use and Disclosure of Personal Data
  1. FERC receives or collects the personal data of its members, worshippers at its services, attendees of its activities and programs, visitors and staff for purposes reasonably required by it as a place of worship with its attendant activities and programs.

  2. These purposes include the following, whether within or outside Singapore:
    1. planning and implementing activities and programs such as worship services, camps, conferences, gospel outreach, visitations, fellowship activities, discipleship activities, bible teaching and bible study;
    2. communicating and publicising activities, programs and other church-related information including the church bulletin and other publications;
    3. maintaining records of members, worshippers, participants of activities and programs;
    4. the management and administration of the Church, including the employment of staff and the matters related thereto; and
    5. such other purposes as may reasonably be appropriate in the circumstances of the collection of personal data.
  3. FERC will not use the personal data for any purpose other than that for which it was collected.  Should FERC require any personal data in its possession to be used for a purpose other than those for which consent was originally given, fresh consent will be sought to use the data for that new purpose.

  4. In the course of processing personal data for the above purposes, FERC may disclose such personal data to third parties within or outside Singapore. These third parties include:
    1. governmental organisations or authorities to whom FERC is required by law to disclose data to;
    2. parties who are legally entitled to the data;
    3. third parties who require the data in order to process and operate programs in which an individual intends to participate;
    4. third parties who provide FERC with data processing, administration, health, insurance or legal services, or other professional or management services; and
    5. such other persons as may reasonably be appropriate in the circumstances of the collection of personal data.
  5. Disclosure to third parties outside Singapore shall only be to organisations that are required or undertake to process the data with a comparable level of data protection as that required under Singapore law.

Minors below 13
  1. FERC will not collect, use or disclose the personal data of persons below the age of thirteen (13) for any purpose unless written parental or guardian consent has been given for such purpose.

Withdrawal of consent
  1. Should an individual wish to withdraw or limit his/her consent to FERC’s collection, use and disclosure of his/her personal data, they can write in with full particulars to our Data Protection Officer (“DPO”) using the contact details provided in paragraph 20 below.

Confidentiality
  1. Any personal data collected by FERC shall be accessible by office bearers, employees, and members of FERC who are engaged in the planning and implementation of Church activities or the management and administration of the Church. Such persons are to use the data only for the purpose for which the data was collected. Such persons shall also observe strict confidentiality at all times.

  2. In the event personal data is disclosed to third parties, such third parties will be required to sign an agreement requiring them to observe confidentiality at all times and to use the personal data only for the purpose for which it was disclosed to them.

Data Protection Officer
  1. FERC has designated a DPO to deal with data protection matters and complaints, to encourage good data handling practices, and to ensure that FERC complies with the Act and the Policy. If an individual has any questions, complaints or concerns, they can contact the DPO using the contact details provided in paragraph 20 below.

Accuracy
  1. FERC endeavours to take all reasonable steps to ensure that personal data in its possession or under its control is accurate, up-to-date, and complete. If there is any error or omission in the personal data you have provided to FERC, please write in to our DPO with the necessary details to correct your data. If any personal data that you have provided to FERC becomes inaccurate, please contact our DPO to update your data.

Access
  1. Should you wish to access any personal data collected by FERC or understand how such data has been used or disclosed, please write in to our DPO with your request. The DPO will provide you with the requested information within a reasonable time, after verification of your identity. Kindly note that FERC reserves the right to charge a reasonable administrative fee for responding to any such requests.

Retention
  1. FERC will retain personal data for as long as it is necessary to serve the purpose for which it has been collected. Once the data in FERC’s possession is no longer necessary to serve the purpose for which it was collected, the data will be destroyed or anonymised in a secure manner.

Protection
  1. FERC endeavours to maintain all personal data in its possession or under its control securely. To this effect, FERC has put in place measures to ensure the protection of data in its possession against unauthorised access, collection, use, disclosure, copying, modification, disposal or other risks.

Transfer
  1. FERC shall not transfer any personal data in its possession to any parties outside Singapore except as specified in this Policy. Any outside party to which FERC intends to transfer data in its possession must have protections equivalent to those provided for in the Act.

Complaints
  1. If an individual feels that his data has been erroneously or improperly handled by FERC, he may lodge a complaint in writing with the DPO. Once a complaint has been received, the DPO will acknowledge receipt of the same in writing, and will investigate the complaint.

  2. The outcome of the investigation will be communicated by the DPO to the complainant in writing.

Enquiries
  1. FERC is committed to protecting the privacy and personal data of its members, worshippers at its services, attendees of its programs, visitors and staff. For matters pertaining to data protection in FERC, the DPO may be contacted via the following means:

    First Evangelical Reformed Church
    652 Yio Chu Kang Road
    Singapore 787076
    Church Administrator (attention to DPO)

Updating the Policy
  1. This Policy may be updated from time to time to take into account changes in policy, technology, and/or to ensure compliance with the law.