Last Updated: 26 Oct 2021
2. TYPES OF PERSONAL DATA COLLECTED
The types of personal data that NCC collects may include your name, residential address, work address, e-mail address, telephone number, mobile phone number, date of birth, gender, names and ages of children, employment details, nationality, race, identity card number, marital status, photographs, video recordings, audio-visual information and other information necessary to fulfil special requests (e.g., emergency contact information).
NCC may also collect non-personally identifiable information about you, such as your use of our Platforms, internet protocol addresses, browser and computer system information, cookies, invisible pixels, web beacons, and aggregated data related to your use of our Platforms.
When you email NCC with personal data for the purpose of receiving any form of assistance from NCC, you agree to allow NCC to collect, use and/or disclose such personal data to facilitate the provision of such assistance to you.
3. PURPOSE FOR COLLECTION, USE AND DISCLOSURE
NCC respects your privacy. It is NCC’s practice not to ask you for information unless NCC needs and intends to use it. You agree that NCC may collect, store, process, disclose, access, review and/or use personal data about you, whether obtained from you or from other sources, for the purpose of managing your relationship with NCC:
- providing services to you as a member/attendee of NCC;
- sending activation, confirmation, acknowledgement or reminder emails to you whenever you sign up for accounts on the Platforms, when you book, amend or cancel seats through NOAH, or in relation to your general use of any account you have on any of the Platforms;
- sending you invitations to church-wide events;
- enabling you to access or use the Platforms;
- identification, verification and authentication purposes;
- allowing your immediate family members to book seats through NOAH on your behalf;
- allowing you to book Rock Kidz classes for your children;
- allowing you to join any group (e.g. care group/life group) or ministry;
- sharing your testimonies;
- allowing you to manage team members and care group members, and submit attendance information;
- allowing you to register or RSVP for events;
- processing and responding to queries or requests (including but not limited to prayer and counselling requests) submitted by you;
- processing applications submitted by you;
- sending you marketing emails to events for targeted groups;
- sending you notification emails concerning road closures on service days or change in service venues/times;
- sending you notification SMSes regarding road closures on service days, changes in service venues/times, and/or booking confirmations;
- sending you mail to the postal address provided by you;
- statistical analysis;
- tax filing preparations;
- processing credit notes and processing refunds;
- collection of fees, charges, and expenses for services provided;
- facilitating the making and payment of claims, including payments by cheque, bank transfer or other means;
- carrying out billing, accounting, auditing and the maintenance of proper book-keeping for NCC’s operations and business; and/or
- the disclosure of the relevant books, documents, records and information (in hard or soft copy) to the auditors for the preparation of financial reports; and fulfilling any other reasonable purpose which may, in the ultimate discretion of NCC, be necessary, including any administrative or operational purposes.
Personal data collected may be shared with third parties (e.g., vendors) in the following circumstances:
- When NCC has received your consent to do so;
- When third parties are engaged to perform any of the purposes listed in Clause 3 above for and on behalf of NCC;
- In situations where sharing or disclosing your information is required in order to offer you products or services you desire;
- When it is necessary to disclose such information to NCC’s professional advisers (including without limitation our lawyers, accountants and auditors);
- When companies or service providers that perform business activities on behalf of NCC (e.g., credit card processing, customer support, online ticketing and registration, digital services and solutions and online marketing services) require such information;
- In the event that NOAH is merged or acquired by another entity;
- To comply with legal or regulatory requirements or obligations in accordance with applicable law; and
- In cases of emergency where disclosure is required to safeguard the life or health of an individual.
Examples of third parties include, but are not limited to:
- NCC’s SMS notification service provider;
- NCC’s technical helpline service provider (external call centre);
- Event vendors (e.g., when users sign up for camps via NOAH, limited information about camp attendees may be given to vendors helping NCC with the camps);
- Online ticketing and registration service providers;
- Online marketing service providers;
- Digital solutions and/or services providers; and
- Payment gateway service providers.
NCC will use its best endeavours to ensure that your personal data is protected by such third parties.
5. WITHDRAWAL OF CONSENT
Upon receipt of your written request to withdraw your consent, NCC may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for NCC to notify you of the consequences regarding the same. In general, we shall seek to process your request within fourteen (14) business days of receiving it.
Depending on the nature and scope of your request, NCC may not be in a position to continue providing our services to you, whether on the Platforms or otherwise, and NCC shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform NCC in the manner described above.
You may withdraw your consent to NCC using or disclosing your personal data but withdrawing does not affect our rights where (1) such use or disclosure is required by law, (2) on national/public interest grounds, (3) the personal data in question was collected from publicly available sources or (4) such use or disclosure is necessary in an emergency where the life or health of a person is at risk.
6. ACCESS AND UPDATING
NCC encourages users to regularly access, review and update their accounts on the Platforms with accurate and current information. NOAH members may do this online through their NOAH accounts.
7. DEACTIVATION, DELETION AND RETENTION OF PERSONAL DATA
If you no longer wish to use our Platforms, you may opt to deactivate or delete your account on our Platforms.
If you make a request to deactivate your account on our Platforms, you will have the option to reactivate your account in accordance with our internal processes, which may be updated from time to time, before your account is deleted. NCC will continue to retain the personal data associated with your account until your account is deleted, in accordance with our internal processes.
If you make a request to delete your account on our Platforms, we will make reasonable efforts to cease to retain the personal data associated with that account and remove the means by which the personal data can be associated with the user in a timely manner. By deleting your account, please note that you will not be able to subsequently reactivate your account, and you would need to create a new account should you wish to engage in any activities that require you to have an account on our Platforms.
In any event, we will store your personal data only for the time period necessary to fulfil the purposes for which such personal data was collected, or as required or permitted by applicable laws. Once we determine that the retention of your personal data is no longer necessary for those purposes, or that retention is no longer necessary for any legal or business purpose, we will cease to retain your personal data, or anonymise the personal data so that it can no longer be used to identify any particular individual.
8. TRANSBORDER DATA FLOWS
If your personal data is transferred out of Singapore, NCC will take appropriate steps to ensure that the recipients thereof are bound by legally enforceable obligations (such as laws, contracts, binding corporate rules or any other legally binding instrument), so that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
NCC will maintain reasonable technical and organizational security measures to protect personal data from loss, misuse, and unauthorized access, use, disclosure, alteration, modification, or destruction.
11. NO RIGHTS OR OBLIGATIONS CREATED
While NCC will make all reasonable efforts to store personal data collected by NCC in a secure server and/or secure files and keep such information accurate and up-to-date, please note that the Internet is not a secure medium for the transmission of information. Therefore, NCC cannot accept responsibility for, warrant or guarantee the security of information you send to or receive from NCC over the Internet. To the fullest extent allowed by law, NCC disclaims any responsibility or liability for any claim, damage or loss connected to the loss of or unauthorized use of personal data, whether by unauthorized access to the server or files or otherwise.
12. CONTACT US
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), New Creation Church has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
-by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
-by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK General Data Protection Regulation (GDPR) - UK Representative
Pursuant to Article 27 of the UK GDPR, New Creation Church has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
- by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom