PERSONAL DATA PROTECTION POLICY STATEMENT

Your Privacy is Important to Us

Your personal data is important to Lian Shan Shuang Lin Monastery, its related corporations and affiliates (collectively referred to as “LSSLM”, “we”, “us” or “our”) and LSSLM is committed to ensuring that personal information is protected and managed in accordance with the Personal Data Protection Act 2012 (“PDPA”) and all the associated regulations and guidelines as may from time to time be issued by the Personal Data Protection Commission (“PDPC”) of Singapore. This policy describes how we may collect, use, disclose, process and manage your personal data. The policy applies to any individual’s personal data which is in our possession or under our control.

  1. Collection of Personal Data 

1.1. “Personal data” means data, whether true or not, about an individual who is identifiable from (i) that data; or (ii) that data and other information to which we have or are likely to have access to. Some examples of personal data that we may collect are:

(a) Personal particulars (e.g. name, contact details, residential address, date of birth, identity card/passport details, employment, health and/or education details);

(b) Video and still images of you; and

(c) Personal opinions made known to us (e.g. feedback or responses to surveys).

1.2. We generally do not collect your personal data unless it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you after (i) you or your authorised representative have been notified of the purposes for which the data is collected, and (ii) you or your authorised representative have provided written consent to the collection, usage and disclosure of your personal data for those purposes.

1.3. The exact data to be collected depends on the purposes of LSSLM, which will be communicated to you on or before the data is collected.

  1. Use of Personal Data (Purposes)

2.1. LSSLM endeavours to only collect, use or disclose personal data which we consider reasonably necessary for the purposes underlying such collection, use or disclosure. LSSLM may also use the personal data for purposes which are permitted by law.

2.2. We may use your personal data for purposes such as:

(a) Developing and providing monastery facilities, products, services, events or activities, including but not limited to:

  1. Executing service instructions, or other transactions and clearing or reporting on these transactions;
  2. Carrying out research, planning and statistical analysis; or
  3. Performing analytics for the purposes of developing or improving our products, services, events, activities, security, service quality, and advertising strategies;

(b) Assessing and processing applications, instructions or requests from you;

(c) Communicating with you, including providing you with updates on changes to products, services, events, activities and monastery facilities including any additions, expansions, suspensions and replacements of or to such products, services, events, activities and monastery facilities and their terms and conditions;

(d) Verifying your identity;

(e) Responding to queries or feedback;

(f) Addressing or investigating any complaints, claims or disputes;

(g) Complying with obligations and requirements imposed by the relevant authority;

(h) transmitting to any unaffiliated third parties including our third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; or

(i) any other incidental purposes related to or in connection with the above.

2.3. All personal data given as part of a prospective employment application will be used to assess the applicant’s suitability and/or eligibility for the position that has been applied for. Such personal data may also be used to assess the individual’s suitability and/or eligibility for a position for which the applicant has not applied, but one which we believe the individual may be suited for. Should this be the case, we will seek the consent of the individual before considering the applicant for such other position.

2.4. We may also use personal data for purposes set out in the terms and conditions that govern our relationship with you.

2.5. Where LSSLM collects data for purposes other than those listed above, LSSLM will disclose such purposes to the individual, by suitable means, when collecting the personal data from the individual.

  1. Use of Personal Data for Marketing Purposes

3.1. We may use your personal data to offer you products or services, including events, activities, contests or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including, but not limited to, electronic mail, direct mailers, short message service, telephone calls, and other mobile messaging services. In doing so, we comply with PDPA and other applicable data protection and privacy laws.

3.2. In respect of sending telemarketing messages to your Singapore telephone number via short message service, telephone calls, and other mobile messaging services, please be assured that we shall only do so if we have your clear and unambiguous consent in writing or other recorded form to do so if you have not otherwise made the appropriate registration of that number with the Do Not Call Registry. If we have an ongoing relationship with you and you have not indicated to us that you do not wish to receive telemarketing messages sent to your Singapore telephone number, we may send you telemarketing messages to that number related to the subject of our ongoing relationship via short message service, and other mobile messaging services.

3.3. You may at any time request us to stop contacting you for marketing purposes via email. To find out more on how you can change the way we use your personal data for marketing purposes, please contact us via [email protected].

3.4. Nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.

  1. Disclosure of Personal Data

4.1. We may from time to time, in compliance with all applicable laws on data privacy, disclose your personal data to any personnel of LSSLM or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure.

4.2. We wish to emphasise that LSSLM does not sell personal data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or under any applicable law.

4.3. We may transfer to third-party service providers or use their services to store, process and/or deal with your personal data in/outside Singapore. In doing so, we will comply with the PDPA and other applicable data protection and privacy laws and ensure that such service providers take sufficient measures to comply with the PDPA.

  1. Consent and Withdrawal of Consent

5.1. By voluntarily providing your personal data to LSSLM, you consent to LSSLM collection, use and disclosure of your personal data in accordance with this policy statement. 

5.2 If you provide us with personal data of other individuals, you warrant that you have informed the individuals of the purpose(s) for which we are collecting their personal data and that they have consented to your disclosure of their personal data to us for those purpose(s).

5.3. Any individual who wishes to withdraw his or her consent to any collection, use or disclosure of his or her personal data may do so by writing to us via [email protected]. Depending on the circumstances and the nature or extent of your withdrawal, the withdrawal of your consent may result in us not being able to provide services to you. LSSLM will advise on the exact timeframe required to respond to the notification and effect any change.

  1. Accuracy of Personal Data

6.1. LSSLM keeps personal data as accurate, complete and up-to-date as possible, by taking into account its use and the interests of you. The data provided will be validated by making references to accepted practices and guidelines. 

6.2. LSSLM strives to ensure the accuracy of the personal data we possess. However, the individual also plays a part to ensure that the personal data provided is correct. We generally rely on personal data provided by you or your authorised representative. In order to ensure that your personal data is current, complete and accurate, please update us accordingly where there are changes to your personal data.

  1. Protection of Personal Data

7.1. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced reasonable security measures such as:

(a) minimised collection of personal data;

(b) up-to-date antivirus, anti-spyware, firewall and perform regular scanning and update to remove any known malware on the devices; 

(c) automated logout and actively self-locking mechanisms for computers screen;

(d) encrypting personal data to prevent unauthorised access;

(e) adopt good password practices; 

(f) categorising and labelling confidential documents clearly and prominently;

(g) using privacy filters to minimise unauthorised personnel from viewing personal data on computer or mobile devises;

(h) proper disposal of documents with personal data and confidential information that are no longer needed through shredding or similar means; 

(i) securely erase storage media in devices before disposal;

(j) disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis. 

7.2. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

  1. Retention Limitation

8.1. Your personal data is retained for as long as the purpose for which it was collected remains or as required or permitted by applicable laws.

8.2. Any unsolicited personal data that LSSLM receives from individuals will be assessed to determine whether it is necessary to retain any of this data to provide the individual with any services that they have requested.

8.3. We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected and is no longer necessary for legal or business purposes.

  1. Transfer Limitation 

We have taken steps to ensure that appropriate levels of protection necessary to maintain the security and integrity of your personal data are in place. In addition, any data transferred outside of Singapore is processed only in accordance with the PDPA and any other applicable law.

  1. Access and Correction of Personal Data

10.1. You may request access or make correction to your personal data held by LSSLM. LSSLM may charge a fee for processing your request for access. Such a fee depends on the nature and complexity of your access request. Information on the processing fee will be made available to you before we process your request.

10.2. All access or correction requests must be made in person and in writing. Please prepare the proper identification documents to confirm your identity.

10.3. LSSLM will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing of the soonest practicable time within which we can respond to your request.

10.4. Please note that the PDPA exempts certain types of personal data from being subject to your correction request as well as provides for situation(s) when correction need not be made by us despite your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

10.5. For a request to correct personal data, we will:

(a) correct your personal data as soon as practicable after the request has been made unless we have reasonable grounds not to do so; and

(b) We may, if you so consent, send the corrected personal data only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose.

  1. Data Breach Notification

Personal data breaches can occur due to various reasons such as malicious activity, human error or computer system error. If there have found or suspected Data Breaches, the following data breach management and response plan shall be executed as per PDPC recommendation:

  1. Contain the data breach to prevent further compromise of data and implement mitigating action(s) to minimise potential harms from the breach after an initial appraisal has been conducted to determine the extent of the breach. 
  2. Assess the data breach to determine the root cause (where possible) and the effectiveness of containment action(s) taken thus far to contain the data breach. Where necessary, continuing efforts should be made to prevent further harm from the data breach. 
  3. Report the data breach to:

– The PDPC (mandatory if the breach is a notifiable data breach under the PDPA. Organisations may also inform PDPC of the data breach voluntarily); and/or

– The affected individuals (if required under the Data Breach Notification Obligation).

  1. Evaluate the organisation’s response to the data breach and consider the actions that can be taken to prevent future data breaches. Where necessary, continuing efforts should be made to prevent further harm from the data breach.
  1. Contact Us

12.1. If you have any feedback, queries or complaints on any aspect of this policy, or on how we are handling your personal data, you may contact our Data Protection Officer through the following methods:

By email: [email protected]

By post: 184 Jalan Toa Payoh Singapore 319944

12.2. If you are aware of or suspect a personal data incident involving LSSLM, you may report the incident to our Data Protection Officer by emailing to [email protected].

12.3. LSSLM will respond to your query or complaint as soon as reasonably possible. If LSSLM are unable to reply within thirty (30) days, we will inform you as soon as possible of the time LSSLM will be able to reply your query or complaint.

  1. Changes to Policy

We reserve the right to modify or change this Policy at any time. The Effective Date, as stated below, indicates the last time this policy was materially revised. Your continued use of our Services will be taken as acceptance of any such change. You are therefore encouraged to check this page regularly. 

Effective date: 30 Dec 2024