Personal Data Protection Policy
Objectives
1. The objective of this policy is to provide guidelines on the collection, usage and disclosure of personal data.
Data Governance Structure
2. Senior Manager, Corporate Services shall be the Club’s Data Protection Officer. He is responsible to oversee the Data Protection governance in Temasek Club and all the related policies & SOPs shall be approved by the GM. The respective data owners are highlighted below:
Purposes for the collection, use and disclosure of personal data
3. The Club collects, uses and discloses the Personal Data for the following purposes:
a. Members:
(1) To manage membership matters, including recruitment, processing and termination;
(2) Provide membership services and benefits;
(3) Assist Members and Guests with their enquiries;
(4) Process payment for membership or any other members-related transactions;
(5) To improve customer services, such as resolving complaints and handling requests and enquiries;
(6) To conduct research, surveys and interviews;
(7) To keep Members updated on Club’s events & activities; and
(8) To verify identity for the purposes of membership application.
b. Employees:
(1) Assessing potential employees’ suitability for the job;
(2) Verifying potential employees’ information and conducting background & reference checks;
(3) Headcount and payroll planning & execution;
(4) Performance management;
(5) Workforce development, training and certification;
(6) Approving, monitoring and providing employees with benefits and employability services;
(7) General administration and record keeping;
(8) Maintain emergency contact details;
(9) Audit, risk management and security compliance purposes;
(10) Internal investigations and legal proceedings;
(11) To comply with applicable laws and regulations;
(12) To verify identity for the purposes of membership application or employment application.
c. Customers (Sales):
(1) To follow up on any sales enquiries;
(2) To coordinate and facilitate the delivery of events & activities;
(3) Process payment for events & activities conducted;
(4) To improve customer services, such as resolving complaints and handling requests;
(5) To conduct research, surveys and interviews;
(6) To updated on Club’s events & activities, e.g. wedding fair.
Collection of personal data;
4. The Personal Data can be collected from the following means when:
a. MINDEF provides the personal data of its active servicemen for the automatic membership.
b. Potential Members (non-active servicemen) sign up for Club Membership.
c. Members register for Club events, courses or activities.
d. Members or Guests request the Club to contact them.
e. Members or Guests respond to the Club’s promotion.
f. Members or Guests access the Club’s social platforms or perform online transaction.
g. Members or Guests respond to the Club’s request for additional Personal Data.
h. Members or Guests submit their Personal Data to the Club for any reasons.
i. Members submit the Personal Data of their spouse and/or other dependents for membership services on their behalf and with their consent in accordance with this Policy and, in respect of minors (i.e. individuals under 18 years of age) or individuals not legally competent to give consent, in which they were appointed to act for their spouse and/or other dependents, to consent on their behalf to the processing of their Personal Data in accordance with this Policy.
j. Members or Guests browse the Club’s website or related online platform where the Club may collect or analyse information such as number of users and their frequency of use, the number of page views (or page impressions) that occur on the Club’s website for the purpose of improving customer’s experience.
k. Potential employees and/or relevant third parties (e.g. recruitment agencies) provide their personal data to apply for a position in the Club.
5. Unless permitted under the PDPA or any other laws, regulations and guidelines, Temasek Club shall not collect personal data without the consent of the individual.
6. The Club may continue to use the personal data of an individual collected before 2 July 2014 (the effective date of the data protection provisions of the PDPA), for the purposes for which the personal data was collected as stated in para 3 above unless the individual has withdrawn consent.
7. The Club may monitor or record phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation, identity verification purposes, feedback, respond to Members and Guests’ queries or requests to resolve complaints and other related purposes. Such monitoring or recording will be in accordance with applicable law.
Consent
8. It is important to note that the PDPA does not apply to business contact information. Business contact information refers to individual’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and any other similar information about the individual, not provided by him or her solely for his or her personal purposes.
9. For the avoidance of doubt, the Club is not required to obtain consent before collecting, using or disclosing any business contact information or comply with any other obligations in the Data Protection Provisions in relation to business contact information.
Marketing
10. From time to time, the Club may contact Members or Guests via mail, electronic mail, telephone (call or text), facsimile or social medial platforms, to inform them about club-related benefits, services and activities.
11. Members or Guests who do not wish to receive marketing or promotional materials may request to be excluded in the mailing list by informing the Club via membership@temasekclub.org.sg. However, the Club may still call, notify or send non-marketing messages or information such as surveys, customer-service notices and other service-related notices or the following:
a. To facilitate, complete or confirm a transaction that the Member or Guest has previously agreed to enter into with the Club;
b. To deliver services that the Member or Guest is entitled to receive under the terms of a transaction that the Club has previously agreed to enter into with the Member or Guest.
c. To provide subscription, membership services or comparable ongoing commercial relationship involving the use of the services offered by the Club.
Third Party Sites
12. The Club’s website will not provide links to other websites operated by thirdparties independent of the Club. The Club is not responsible for the privacy practices of such websites operated by third parties, who may be associated with Temasek Cub directly or indirectly. Members, Guests and Staff are encouraged to learn about the privacy policies of such third-party websites by checking the policy of the respective sites.
Withdrawal of Personal Data
13. Members or Guests who wish to withdraw their consent to any use or disclosure of their Personal Data, as set out in this Personal Data Protection Policy, may contact us via membership@temasekclub.org.sg. However, the Members or Guests would be informed that the Club may not guarantee the effective provision of membership or related services.
Protection
14. The Club shall implement appropriate and reasonable technical, physical, electronic and procedural security measures to ensure the security of the Personal Data against risks of unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, in accordance with applicable laws.
15. All employees’ hardcopy personal files shall be maintained by the HR Department under lock and key.
16. The Club shall regularly review and implement appropriate security measures when processing and retaining personal data.
17. All employees shall handle Personal Data with strict confidentiality, failing which they may be subject to disciplinary action.
18. The Club shall impose compliance with data confidentiality requirements on its agents, third party service providers, consultants and professional advisors in its working relationships and/or agreements with these parties.
Accuracy & Collection
19. The Club aims to keep all Personal Data as accurate, complete, not misleading, up-to-date and reliable as possible. It is the Members’ responsibility to inform the Club of any updates of their Personal Data via membership@temasekclub.org.sg. The Club will correct or update the Personal Data found to be inaccurate or incomplete as soon as practicable.
20. Employees who wish to correct or update their Personal Data shall contact the HR Department.
21. The Club may refuse to correct or update personal data as requested if the Club is unable to confirm the Members’ identity or where such refusal is permitted under the PDPA.
Retention
22. For Members and Employees who have left the Club, the Club shall retain the Members’ and Employees’ Personal Data up to 6 years for audit purposes unless otherwise permitted by applicable law or in order to defend legal claims. Where there is no longer any requirements to retain the Personal Data for the purposes stated in this policy unless its further retention is required to satisfy a longer retention period to meet operational, legal, regulatory, tax or accounting requirements, the Club shall then purge or destroy the Personal Data from the Club’s system and records.
23. Retention of Members’ Data. For members who have terminated their membership and inactive for more than 6 years, their information shall be removed from the system and only the following information shall be retained separately for the purpose of determining re-joining membership and its associated fees:
a. Full Name
b. Date of Birth (for verification)
c. Membership Number
d. Date of membership termination
e. Disciplinary and/or outstanding financial records
Complaints Procedures
24. Members, guests or employees can write in formally to dpo@temasekclub.org.sg for any questions or complaints relating to the use or disclosure of Personal Data, data protection policies and practices.
Personal Data
Protection Policy
Objectives
1. The objective of this policy is to provide guidelines on the collection, usage and disclosure of personal data.
Data Governance Structure
2. Senior Manager, Corporate Services shall be the Club’s Data Protection Officer. He is responsible to oversee the Data Protection governance in Temasek Club and all the related policies & SOPs shall be approved by the GM. The respective data owners are highlighted below:
Purposes for the collection, use and disclosure of personal data
3. The Club collects, uses and discloses the Personal Data for the following purposes:
a. Members:
(1) To manage membership matters, including recruitment, processing and termination;
(2) Provide membership services and benefits;
(3) Assist Members and Guests with their enquiries;
(4) Process payment for membership or any other members-related transactions;
(5) To improve customer services, such as resolving complaints and handling requests and enquiries;
(6) To conduct research, surveys and interviews;
(7) To keep Members updated on Club’s events & activities; and
(8) To verify identity for the purposes of membership application.
b. Employees:
(1) Assessing potential employees’ suitability for the job;
(2) Verifying potential employees’ information and conducting background & reference checks;
(3) Headcount and payroll planning & execution;
(4) Performance management;
(5) Workforce development, training and certification;
(6) Approving, monitoring and providing employees with benefits and employability services;
(7) General administration and record keeping;
(8) Maintain emergency contact details;
(9) Audit, risk management and security compliance purposes;
(10) Internal investigations and legal proceedings;
(11) To comply with applicable laws and regulations;
(12) To verify identity for the purposes of membership application or employment application.
c. Customers (Sales):
(1) To follow up on any sales enquiries;
(2) To coordinate and facilitate the delivery of events & activities;
(3) Process payment for events & activities conducted;
(4) To improve customer services, such as resolving complaints and handling requests;
(5) To conduct research, surveys and interviews;
(6) To updated on Club’s events & activities, e.g. wedding fair.
Collection of personal data;
4. The Personal Data can be collected from the following means when:
a. MINDEF provides the personal data of its active servicemen for the automatic membership.
b. Potential Members (non-active servicemen) sign up for Club Membership.
c. Members register for Club events, courses or activities.
d. Members or Guests request the Club to contact them.
e. Members or Guests respond to the Club’s promotion.
f. Members or Guests access the Club’s social platforms or perform online transaction.
g. Members or Guests respond to the Club’s request for additional Personal Data.
h. Members or Guests submit their Personal Data to the Club for any reasons.
i. Members submit the Personal Data of their spouse and/or other dependents for membership services on their behalf and with their consent in accordance with this Policy and, in respect of minors (i.e. individuals under 18 years of age) or individuals not legally competent to give consent, in which they were appointed to act for their spouse and/or other dependents, to consent on their behalf to the processing of their Personal Data in accordance with this Policy.
j. Members or Guests browse the Club’s website or related online platform where the Club may collect or analyse information such as number of users and their frequency of use, the number of page views (or page impressions) that occur on the Club’s website for the purpose of improving customer’s experience.
k. Potential employees and/or relevant third parties (e.g. recruitment agencies) provide their personal data to apply for a position in the Club.
5. Unless permitted under the PDPA or any other laws, regulations and guidelines, Temasek Club shall not collect personal data without the consent of the individual.
6. The Club may continue to use the personal data of an individual collected before 2 July 2014 (the effective date of the data protection provisions of the PDPA), for the purposes for which the personal data was collected as stated in para 3 above unless the individual has withdrawn consent.
7. The Club may monitor or record phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation, identity verification purposes, feedback, respond to Members and Guests’ queries or requests to resolve complaints and other related purposes. Such monitoring or recording will be in accordance with applicable law.
Consent
8. It is important to note that the PDPA does not apply to business contact information. Business contact information refers to individual’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and any other similar information about the individual, not provided by him or her solely for his or her personal purposes.
9. For the avoidance of doubt, the Club is not required to obtain consent before collecting, using or disclosing any business contact information or comply with any other obligations in the Data Protection Provisions in relation to business contact information.
Marketing
10. From time to time, the Club may contact Members or Guests via mail, electronic mail, telephone (call or text), facsimile or social medial platforms, to inform them about club-related benefits, services and activities.
11. Members or Guests who do not wish to receive marketing or promotional materials may request to be excluded in the mailing list by informing the Club via membership@temasekclub.org.sg. However, the Club may still call, notify or send non-marketing messages or information such as surveys, customer-service notices and other service-related notices or the following:
a. To facilitate, complete or confirm a transaction that the Member or Guest has previously agreed to enter into with the Club;
b. To deliver services that the Member or Guest is entitled to receive under the terms of a transaction that the Club has previously agreed to enter into with the Member or Guest.
c. To provide subscription, membership services or comparable ongoing commercial relationship involving the use of the services offered by the Club.
Third Party Sites
12. The Club’s website will not provide links to other websites operated by thirdparties independent of the Club. The Club is not responsible for the privacy practices of such websites operated by third parties, who may be associated with Temasek Cub directly or indirectly. Members, Guests and Staff are encouraged to learn about the privacy policies of such third-party websites by checking the policy of the respective sites.
Withdrawal of Personal Data
13. Members or Guests who wish to withdraw their consent to any use or disclosure of their Personal Data, as set out in this Personal Data Protection Policy, may contact us via membership@temasekclub.org.sg. However, the Members or Guests would be informed that the Club may not guarantee the effective provision of membership or related services.
Protection
14. The Club shall implement appropriate and reasonable technical, physical, electronic and procedural security measures to ensure the security of the Personal Data against risks of unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, in accordance with applicable laws.
15. All employees’ hardcopy personal files shall be maintained by the HR Department under lock and key.
16. The Club shall regularly review and implement appropriate security measures when processing and retaining personal data.
17. All employees shall handle Personal Data with strict confidentiality, failing which they may be subject to disciplinary action.
18. The Club shall impose compliance with data confidentiality requirements on its agents, third party service providers, consultants and professional advisors in its working relationships and/or agreements with these parties.
Accuracy & Collection
19. The Club aims to keep all Personal Data as accurate, complete, not misleading, up-to-date and reliable as possible. It is the Members’ responsibility to inform the Club of any updates of their Personal Data via membership@temasekclub.org.sg. The Club will correct or update the Personal Data found to be inaccurate or incomplete as soon as practicable.
20. Employees who wish to correct or update their Personal Data shall contact the HR Department.
21. The Club may refuse to correct or update personal data as requested if the Club is unable to confirm the Members’ identity or where such refusal is permitted under the PDPA.
Retention
22. For Members and Employees who have left the Club, the Club shall retain the Members’ and Employees’ Personal Data up to 6 years for audit purposes unless otherwise permitted by applicable law or in order to defend legal claims. Where there is no longer any requirements to retain the Personal Data for the purposes stated in this policy unless its further retention is required to satisfy a longer retention period to meet operational, legal, regulatory, tax or accounting requirements, the Club shall then purge or destroy the Personal Data from the Club’s system and records.
23. Retention of Members’ Data. For members who have terminated their membership and inactive for more than 6 years, their information shall be removed from the system and only the following information shall be retained separately for the purpose of determining re-joining membership and its associated fees:
a. Full Name
b. Date of Birth (for verification)
c. Membership Number
d. Date of membership termination
e. Disciplinary and/or outstanding financial records
Complaints Procedures
24. Members, guests or employees can write in formally to dpo@temasekclub.org.sg for any questions or complaints relating to the use or disclosure of Personal Data, data protection policies and practices.
