DATA PROTECTION POLICY
At SG Her Empowerment Limited (“SHE”), we make sure we protect the information you give us. We are committed to ensuring that the personal information provided by all of our visitors and donors is treated with respect, kept confidential and used solely for the purpose for which it is supplied. Below is our policy regarding the protection of visitors' and donors' personal data and information (the “Data Protection Policy” or “Policy”).
This Data Protection Policy is written in accordance with prevailing data protection legislation in Singapore, including but not limited to the Personal Data Protection Act 2012 (“PDPA”). It applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.
This Data Protection Policy sets out how SHE collects, uses and stores personal data via its website www.she.org.sg. It does not cover SHE’s presence on social media platforms, including but not limited to: Facebook, LinkedIn, and Instagram, which has been established in its own presence. In the context of these platforms, SHE is merely another user and hence the privacy policies and terms and conditions of these platforms would instead be applicable.
If you’ve any questions, please contact us at email@example.com.
1. Information We Collect
We may collect the following kinds of information:
A. Information You Provide
SHE collects information from you when you provide it to us.
This includes situations where you:
- Make a donation to us in person or on our website
- Make a donation to us through a third-party website that we are listed on
- Participate in our events or volunteer with us
- Subscribe to our mailing list
- Make an enquiry by phone, via our website or on social media
- Visit our website or social media pages via tools such as cookies
- Apply for a job with us
- Submit your personal data to us for any other reason
For the avoidance of doubt, this also includes situations when collection and use of personal data without consent is permitted or required by the PDPA or other laws.
The information you provide us may include information that personally identifies you, such as your name, email address or phone number. We also may collect your credit card or bank information in order to process payments. You should also know that SHE automatically stores information about your usage of our website or applications, which we may use for marketing purposes.
If you have applied for a job or a volunteering position and were unsuccessful, we will delete your information after one year. Your personal information will not be used for marketing purposes and we do not provide your personal data to third parties for commercial purposes.
For all other purposes, we may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We will also cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
B. Information from Cookies and Similar Devices
C. Information Based on Standard Web Protocols
When you access our website through a browser, application or other clients, like other web providers, our servers automatically record certain information. This data is recorded in server logs and may include information such as your web request, your interaction with the website, the website that you were visiting when you came to our website, your Internet Protocol (IP) address, your browser type and language, the date and time of your request, and your cookie data.
D. Information from Mobile Devices
If you are interacting with our website or applications on a mobile device, your mobile carrier may automatically send us your device and hardware ID, device type, carrier, carrier user ID, the content of your request and basic usage statistics about your device. This information is stored automatically, but SHE will not use it for any purpose. If you provide it to us or send us a message from your mobile device, we may also collect your phone number. Your device may also store information about your usage of our website and applications. Please consult your device documentation on how to manage local storage.
E. Information from Social Media
This refers to information collected from social networking sites (such as Facebook, LinkedIn and Instagram). We collect information from social media activity, including likes and shares, relating to our posted content on social networking sites.
2. How We Use the Information We Collect
Information we collect is used mainly to provide, maintain and improve the services offered by SHE. We may combine information we collect from various sources to improve the efficacy of our service offerings. For instance, we may perform statistical, demographic and marketing analyses, to determine how users interact with our website and platforms, understand their level of interest in our website and platforms, and customise products and services for them. We may use this information to contact you about services and/or to send you information that you have requested, depending on the nature of our relationship with you.
Please note that in the event that you have provided us with your Singapore telephone number(s) and have indicated that you consent to receiving our marketing or other promotional information by way of your Singapore telephone number(s), then from time to time, we may contact you using such Singapore telephone number(s) even if the(se) telephone number(s) is/are registered with the “Do Not Call” Registry. You may however let us know in writing if you do not wish to be contacted by us at your telephone number(s) for such purposes.
A. Financial Information
SHE will use financial information to facilitate donations or other transactions. SHE may collect bank account, credit or debit card information. Where transacted online, such information is protected and securely transmitted using algorithms such as TLS/SSL and the most current encryption protocols.
B. Transactional Information
SHE may use transactional information for marketing and management purposes to provide or improve any products or services offered. In addition, SHE may also share such transactional data on an aggregated basis (which will not identify any particular user) with third parties, such as vendors, donors, sponsors or business partners.
C. Business Transactions
In the event that SHE goes through a business transaction such as a bankruptcy event, merger, investment transaction, or acquisition by another entity involving the sale of all or a portion of its assets, the personal information collected by SHE may be among the assets reviewed.
D. Technical Information
SHE may use technical information, such as your IP address or browser type, to help diagnose problems with SHE’s servers, analyse website/platform usage trends, track user movements on its website/platforms, and to otherwise improve, manage and monitor the website/platforms.
E. Legal Action
SHE may disclose personal information when legally required to do so. SHE may also disclose personal information to protect against misuse or unauthorised use of its website/platforms or to limit legal liability or to protect SHE’s interests or those of others.
3. How We May Disclose Information We Collect
We may disclose the information we collect from and about you within our organisation and with certain third parties. For example, we may share your information with:
- Payment processing companies, to process your payments and donations
- Other organisations we may work with to provide services, research, products or programmes
Please be assured that we will never share or sell your data to a third-party organisation for them to contact you for their marketing purposes.
If you believe that the personal information you have provided us has been compromised, or if you become aware of a potential security vulnerability in our website or platforms, please contact us at firstname.lastname@example.org.
4. Third-party Websites
There may be places on our website where you may click on a link to access other websites that do not operate under this Data Protection Policy. These third-party websites may independently solicit and collect information, including personal information, from you and, in some instances, provide us with information about your activities on those websites. As we have no control over and are not responsible for the privacy practices of websites operated by these third parties, we recommend that you consult the privacy statements of all third-party websites you visit by clicking on the "privacy" link typically located at the bottom of the webpage you are visiting.
We recognise that security is important and take reasonable measures to protect your personal information from loss, misuse or unauthorised access, disclosure, alteration or destruction. We regularly review our physical and digital security, storage, and processing to ensure adherence to industry best practices.
Where your personal data is transferred out of Singapore, SHE will take reasonable steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under applicable laws.
Towards this end, SHE will implement reasonable security arrangements to ensure that your transferred personal data will be protected to a standard comparable to the protection provided under the applicable personal data protection laws and regulations. Security arrangements may include administrative, physical, and technical measures, such as ensuring that only the appropriate amount of personal data is held, restricting access to confidential documents on a need-to-know basis, implementing access limitation and encryption protocols to prevent unauthorised access, compartmentalization of data, transferring personal data only on secure computer networks, and/or other relevant measures to protect your personal data.
7. Changes to this Data Protection Policy
We will occasionally update this Data Protection Policy without any prior notice to reflect any changes in the applicable laws or the way in which we collect, use and disclose your personal data. We recommend that you check our website from time to time to inform yourself of any changes in this Data Protection Policy or any of our other policies. Your continued use of our services shall constitute your acknowledgement and acceptance of such changes.
8. Transfers of Personal Data
Your personal data may be transferred out of Singapore for the purposes described above. In particular, your personal data may be stored in external servers that are located out of Singapore, or may be transferred out of Singapore where it is necessary to share your personal data with and between our related corporations and business units, and third-party service providers.
We are committed to protecting your personal data when it is transferred out of Singapore. Where your personal data is transferred out of Singapore, we will take reasonable steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. For example, we may enter into contracts or impose binding corporate rules with the recipients of your personal data to protect your personal data in a manner that is compliant with all applicable laws. You may obtain further information in this regard by contacting our Data Protection Officer in writing or via email at the contact details provided below.
9. Governing Law
This Data Protection Policy shall be governed by and construed in accordance with the laws of Singapore. You hereby submit to the exclusive jurisdiction of the Singapore Courts. If you are located outside of Singapore when you use the platform, any information you submit thereto will be transferred to Singapore. Accordingly, by using the platform and submitting personal information thereto, you will be deemed to have authorised the transfer of your personal information to Singapore.
If any part of this Data Protection Policy is determined to be invalid or unenforceable pursuant to applicable law, then the invalid or unenforceable provision or part will be deemed suspended and a valid, enforceable provision that most closely matches the intent of the original provision or part and the remainder of this Data Protection Policy shall continue in full force and effect.
Last updated: 10 August, 2022
For any questions regarding our Data Protection Policy, any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any requests, you may contact our Data Protection Officer in the following manner:
Name: Simran Toor, CEO
Address: 6 Battery Road, #05-01/02
This page was last updated on 27 March, 2023.