Who We Are
The Helping Hand (THH) is registered as a Social Service Agency (SSA) under the Ministry of Social and Family Development (MSF) and the National Council of Social Service (NCSS), with Institution of Public Character (IPC) status. We are located at 819 Upper Serangoon Road, Singapore 534678.
Charity Reg:000673, IPC:000344
What Is The Purpose Of This Policy?
We are committed to safeguarding the privacy and security of your personal data. We take our responsibilities under Singapore’s Personal Data Protection Act (the “PDPA”) seriously. We also recognise the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
This Policy applies to all personal data that you may provide to us and the personal data we hold about you. By providing us with your personal data or by accessing, using or viewing the applicable Website or any of its services, functions or contents (including transmitting, caching or storing of any such personal data), you shall be deemed to have agreed to each and all the terms, conditions, and notices in this Policy. If you do not agree, please cease use of the relevant Website(s) and/or service(s) and DO NOT provide any personal data to us.
What Is Considered Personal Data?
As used in this Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
While some data will necessarily relate to an individual, such as an individual’s name, other data may not, on its own, relate to an individual. Such data would not constitute personal data unless it is associated with, or made to relate to, a particular individual.
Examples of personal data may include an individual’s name, identification number, address, personal mobile phone number, photos and video images of the person (including CCTV footages), biometric data.
What Is Not Considered Personal Data?
Personal data does not include “business contact information”, which refers to an individual’s name, position name or title, business telephone number, business address, business electronic mail address or fax number and any other similar information about the individual, not provided by him solely for his personal purposes. The provisions of the PDPA does not cover business contact information.
Personal data does not include data about individuals which has been anonymised. Anonymisation is the process of removing identifying information such that the remaining data cannot be used to identify any particular individual. Anonymisation techniques can include pseudonymisation, aggregation, replacement, data reduction, data suppression, data shuffling, or masking.
Whose Data Are Collected?
We may collect personal data of volunteers to allow us to contact you when regarding events, activities and developments at THH and to engage you in our events and activities.
We will notify you about the personal data to be collected and seek your consent for the abovementioned purposes in our volunteer application form.
We will not use your personal data for any other purpose (such as sending marketing materials) without first seeking express consent from you.
We collect donors’ personal data such as name, identification number and contact information via the processes in which the donations were collected. Donations can be collected from online platforms, mail and in-person.
If you are a donor, your personal data will be collected and used by us for the following purposes and we may disclose your personal data to third parties where necessary for the following purposes:
Submission of personal details to IRAS for tax deduction purposes; and
Verifying your identity and the accuracy of your personal details and other information provided.
Your consent to the collection, use and disclosure of your personal data for the abovementioned purposes is deemed to be obtained at the point when donations are collected.
We will not use your personal data for any other purpose (such as sending marketing materials) without first seeking express consent from you. We will seek additional consent from you by providing option to receive marketing materials on our website.
In our donation appeals, via print, online or other forms of media, we will notify our donors about the personal data to be collected and purpose/usage of their personal data. We will seek donors’ consent by providing option on our donation forms for donors to consent (or indicate their withdrawal of consent) to receive fundraising appeal letters.
We collect customers’ personal data such as name and address and contact number in connection with the sale and delivery of goods and provision of services, and communications on products and services. Customer’s consent is deemed to be obtained at the point when your information is provided and used solely in connection with the fulfilment of sale of goods and provision of services, and communications for intended purposes. We do not disclose any personal data to third party service providers and/or agent for unintended purposes.
We collect public members’ personal data such as name, email address and contact number through our website’s enquiry email function. The public member’s consent is deemed to be obtained for collection and use solely in connection with follow-up and response to the public member’s enquiry.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
All online payment are redirected to the website of Red Dot Payment Pte. Ltd. (“Red Dot Payment”), the payment gateway provider of THH for cashless payment. By submitting your payment account information, you are deemed to agree to the collection and transmission of your data to the relevant card scheme, banks and other transaction processing parties, both domestic and overseas, which form part of the network of the card scheme necessary for the payment to be authorised and processed. In doing so, you are deemed to agree to the retention of this data by Red Dot Payment and THH, for the purpose of reconciliation and future reference of the transaction in case of dispute handling or investigation by regulators and card schemes.
To best protect your rights, review your account statements carefully every month. For any fraud or suspicious activity, kindly contact your issuing bank to report the problem.
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing.
You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to the DPO at firstname.lastname@example.org.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process and effect your request within five (5) days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and extent of your request, we may not be in a position to process any related service (as the case may be). We shall, in such circumstances, notify you before completing the processing of your request (as outlined above).
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
Access To And Correction Of Personal Data
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold, you may submit your request in writing or via email to the DPO at email@example.com.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your access request as soon as reasonably possible. Should we not be able to respond to your access request within thirty (30) days after receiving your access request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our Organisation has on record, if the record of your personal data forms a negligible part of the document.
Protection Of Personal Data
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
Accuracy Of Personal Data
We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing us in writing via email.
Retention Of Personal Data
We may retain your personal data for as long as it is necessary to fulfil the purposes for which they were collected, or as required or permitted by applicable laws.
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data were collected, and are no longer necessary for legal or business purposes.
Transfers Of Personal Data Outside Of Singapore
We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
Effect Of Policy And Changes To Policy
This Policy applies in conjunction with any other policies, notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated.