DATA PROTECTION POLICY
DATA PROTECTION POLICY FOR NORTHLIGHT SCHOOL
1. The Personal Data Protection Act 2012 (‘PDPA’) establishes a general data protection law in Singapore which governs the collection, use and disclosure of individuals’ personal data by organisations. The PDPA governs the collection, use and disclosure of individuals’ personal data by organisations in a manner that recognises both the right of individuals to protect their personal data and the need of organisations to collect, use and disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.
2. The purpose of this document is to inform users how NorthLight School (‘the School’) manages Personal Data which is subjected to the Singapore Personal Data Protection Act (2012). This Data Protection Policy supplements but does not supersede nor replace any other consent you may have previously provided to the School.
DATA COLLECTED, USAGE, DISCLOSURE AND PURPOSE
3. The School collects personal data including (but not limited to):-
4. The data is used in order to:-
5. Data may be shared, as necessary, with third party companies to provide extended services; examples include transport, medical, catering, travel services and online services such as email. In particular, the School may:
CONSENT AND DEEMED CONSENT
6. For the purposes of the School’s students (as minors), it is reasonable and accepted that parental/guardian consent is sufficient.
7. By voluntarily providing the School with your personal data, you shall be deemed to consent the School to collect, use and disclose the data for the purpose that you have provided it for. Examples of such situations are staff employment and student enrolment. The School shall also highlight such situations and seek to obtain explicit consent.
DATA SECURITY AND RETENTION
8. The School undertakes to:
SHARING DATA WITH THIRD PARTIES
9. The School shares personal data with a variety of third parties for the purposes of the third party providing a relevant service to the school. Examples of these services include transport, catering, travel services, accommodation and medical.
10. The School will only share data for the purposes of eliciting a necessary service from these third party organisations and not for commercial gain.
11. Where the School signs explicit contracts with these organisations, it will ensure that the organisation is using the data purely for the intended purpose of providing the required service and that it is taking appropriate precautions to safeguard the data.
CONTACTING US – WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION OF YOUR PERSONAL DATA
12. You may contact our Data Protection Officer if you have any queries or feedback on our personal data protection policies and procedures, or if you:
13. Please contact us via email to firstname.lastname@example.org with the subject title ‘PDPA Policy’ and addressed to Data Protection Officer, NorthLight School. You may also write to us at NorthLight School (Attn: Data Protection Officer), 151 Towner Road, Singapore 327830.
UPDATES ON DATA PROTECTION POLICY
14. As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
15. We may amend the terms of this Data Protection Policy at our absolute discretion. Any amended Data Protection Policy will be posted on our website and can be viewed at https://nls.edu.sg/school/data-protection-policy
Last updated 23 May 2019