First Evangelical Reformed Church (“FERC” or “the Church”) recognises the importance of safeguarding personal data when dealing with information relating to its members, worshippers at its services, attendees of its programs, visitors and staff, and therefore is committed to fully implementing and complying with the provisions of the Personal Data Protection Act (the “Act”). FERC’s Personal Data Protection Policy set out here explains the procedures and systems in place to comply with the Act (the “Policy”) in respect of personal data as defined under the Act.
FERC receives or collects the personal data of its members, worshippers at its services, attendees of its activities and programs, visitors and staff for purposes reasonably required by it as a place of worship with its attendant activities and programs.
FERC will not use the personal data for any purpose other than that for which it was collected. Should FERC require any personal data in its possession to be used for a purpose other than those for which consent was originally given, fresh consent will be sought to use the data for that new purpose.
Disclosure to third parties outside Singapore shall only be to organisations that are required or undertake to process the data with a comparable level of data protection as that required under Singapore law.
FERC will not collect, use or disclose the personal data of persons below the age of thirteen (13) for any purpose unless written parental or guardian consent has been given for such purpose.
Should an individual wish to withdraw or limit his/her consent to FERC’s collection, use and disclosure of his/her personal data, they can write in with full particulars to our Data Protection Officer (“DPO”) using the contact details provided in paragraph 20 below.
Any personal data collected by FERC shall be accessible by office bearers, employees, and members of FERC who are engaged in the planning and implementation of Church activities or the management and administration of the Church. Such persons are to use the data only for the purpose for which the data was collected. Such persons shall also observe strict confidentiality at all times.
In the event personal data is disclosed to third parties, such third parties will be required to sign an agreement requiring them to observe confidentiality at all times and to use the personal data only for the purpose for which it was disclosed to them.
FERC has designated a DPO to deal with data protection matters and complaints, to encourage good data handling practices, and to ensure that FERC complies with the Act and the Policy. If an individual has any questions, complaints or concerns, they can contact the DPO using the contact details provided in paragraph 20 below.
FERC endeavours to take all reasonable steps to ensure that personal data in its possession or under its control is accurate, up-to-date, and complete. If there is any error or omission in the personal data you have provided to FERC, please write in to our DPO with the necessary details to correct your data. If any personal data that you have provided to FERC becomes inaccurate, please contact our DPO to update your data.
Should you wish to access any personal data collected by FERC or understand how such data has been used or disclosed, please write in to our DPO with your request. The DPO will provide you with the requested information within a reasonable time, after verification of your identity. Kindly note that FERC reserves the right to charge a reasonable administrative fee for responding to any such requests.
FERC will retain personal data for as long as it is necessary to serve the purpose for which it has been collected. Once the data in FERC’s possession is no longer necessary to serve the purpose for which it was collected, the data will be destroyed or anonymised in a secure manner.
FERC endeavours to maintain all personal data in its possession or under its control securely. To this effect, FERC has put in place measures to ensure the protection of data in its possession against unauthorised access, collection, use, disclosure, copying, modification, disposal or other risks.
FERC shall not transfer any personal data in its possession to any parties outside Singapore except as specified in this Policy. Any outside party to which FERC intends to transfer data in its possession must have protections equivalent to those provided for in the Act.
If an individual feels that his data has been erroneously or improperly handled by FERC, he may lodge a complaint in writing with the DPO. Once a complaint has been received, the DPO will acknowledge receipt of the same in writing, and will investigate the complaint.
The outcome of the investigation will be communicated by the DPO to the complainant in writing.
FERC is committed to protecting the privacy and personal data of its members, worshippers at its services, attendees of its programs, visitors and staff. For matters pertaining to data protection in FERC, the DPO may be contacted via the following means:
First Evangelical Reformed Church
652 Yio Chu Kang Road
Church Administrator (attention to DPO)
This Policy may be updated from time to time to take into account changes in policy, technology, and/or to ensure compliance with the law.