The Privacy Policy of Galilee Bible-Presbyterian Church (“the Church”) is set out below:

PRIVACY POLICY

1. This Privacy Policy shown on the Church’s website is in English. Please communicate with us if you require the translation of the policy into a different language.
2. The Church encourages all individuals who provide Personal Data to the Church to read our Privacy Policy to understand the objectives of collecting their Personal Data. Our Privacy Policy will be updated from time to time and individuals who provide Personal Data to the Church may request a hardcopy of this updated Privacy Policy.
3. In this Privacy Policy, references to “you” or “your” would include your children or wards as well.

PERSONAL DATA COLLECTED

4. The Church will collect, as the circumstances warrant, personally identifiable information, such as your full name, age, gender, marital status, occupation, e-mail address, home address, and telephone number. The Church may also collect information that may be personally identifiable when used in conjunction with other information that the Church has in its possession; this will be done only when necessary.
5. For the purposes of this Privacy Policy, all personally identifiable information shall be referred to as “Personal Data”.

ACCOUNTABILITY

6. All Personal Data collected should be used and processed fairly and lawfully, following this Privacy Policy, while in the Church’s exclusive possession or custody.

SPECIFYING PURPOSES

7. The Church will only collect, use and disclose your Personal Data for the purposes for which it was collected. This includes, but is not limited to, the purposes of employment, planning events, member services, providing information and updates.
8. Subject to the Clauses below, Personal Data collected will not be used for different purposes unless the Church obtains your prior consent.
9. Notwithstanding any provisions under this Privacy Policy, please note that all Personal Data will be used for ministry purposes.
10. The Church will be the sole owner of the Personal Data collected by or on behalf of the Church.

CONSENT

11. Consent may be explicitly given, in the form of official Consent Forms and/or clear and express written consent. A copy of your signed Consent Form may be requested for your own records.
12. Consent may also be deemed to be reasonably given in certain circumstances as permitted by law.
13. Please note that the Church does not require your consent to use information that is publicly available. Publicly available information will generally include any information that is available to the public such as information disclosed in public forum, photographs and videos taken at events and locations that are open to the public. This may also include CCTV camera footage that may be captured at certain points within the Church’s premises. Almost all Church events and activities are considered by the Church as public events, notwithstanding that registration may be required for participation in such events.
14. The Church will not, as a condition of providing its services to you, require you to consent to the collection, use or disclosure of Personal Data about yourself beyond what is reasonable to provide its services to you, nor will it obtain or attempt to obtain consent for collecting, using or disclosing Personal Data by providing false or misleading information in relation to the collection, use or disclosure of the personal data, or using deceptive or misleading practices.

LIMITING COLLECTION

15. The amount and the type of Personal Data collected shall be limited to what is reasonably necessary to fulfil the stated purposes.
16. Any Personal Data collected which may be considered optional with regard to the stated purpose will be marked as such.

LIMITING USE

17. The Church will not disclose, share, transfer or sell Personal Data to any 3rd parties.
18. The Church does not send unsolicited commercial marketing emails or other forms of commercial advertisements to individuals who have provided their Personal Data unless such have been consented to.

DISCLOSURE

19. In certain situations as permitted by law, the Church will disclose your Personal Data to 3rd parties for certain purposes (ie.contact tracing, data processing, etc.). In such cases, only what is reasonably required will be disclosed.
20. The Church will also only disclose your Personal Data, without notice, if required to do so by law or in good faith that such action is necessary to:
    (a) conform with the law;
    (b) comply with legal process served on the Church;
    (c) protect and defend the rights or property of the Church; and
    (d) act under pressing circumstances to protect the personal safety of individuals.
21. The Church will not display or make publicly available, whether through online directories, or otherwise, the Personal Data collected.

RETENTION

22. The Church does not retain Personal Data for longer than is reasonably necessary for the purposes for which the Personal Data was collected. Your Personal Data will be destroyed in the following situations:
    (a) Your Personal Data is no longer required to be kept for legal and/or Church purposes; and
    (b) The purpose for which the Personal Data has been collected is no longer served by retention;
23. This policy will apply to the Personal Data of deceased individuals for a period of 10 years from date of death, after which the information may be used, disclosed and/or destroyed at the Church’s discretion.
24. The Church’s internal guidelines and procedures to govern the removal/destruction of Personal Data as aforesaid may, for example, involve a combination of the following:
    (a) Transferring the softcopy/hardcopy data to a person authorized by you;
    (b) Returning original and/or provided copies of the information to you; and/or
    (c) Destruction of all softcopy and hardcopy personal data in our records.
25. The Church may in certain circumstances retain Personal Data for administrative purposes (i.e. for annual reports etc).
26. The Church monitors and tracks the usage of its website. If you are concerned that your Personal Data may be collected as a result and do not wish your Personal Data to be collected, please install the add-on at https://tools.google.com/dlpage/gaoptout.
27. The Church’s website contains links to other sites. Please be aware that the Church is not responsible for the privacy practices of other sites and organisations linked to the website. This Privacy Policy applies solely to information collected by the Church’s website.

ACCURACY

28. If Personal Data is provided to the Church by a 3rd party, the Church will verify such Personal Data with you and obtain your consent for the collection, use and/or disclosure of such Personal Data for the purposes for which it was provided.

SAFEGUARDS

29. The Church will use reasonable efforts to protect the confidentiality and integrity of Personal Data you submit.
30. Only authorised personnel will have access to the Church’s Personal Data database.

INDIVIDUAL ACCESS AND CORRECTION

31. You may submit a written request to our Data Protection Officer(s) to request for:
    (a) a copy of your Personal Data and/or obtain information as to how your Personal Data is currently being used by the Church;
    (b) the correction and/or update of your Personal Data.
32. The Church may require you to verify your identity before any of the aforesaid requests are processed.
33. We will respond to your request within a reasonable time to provide the information or data requested for and to make any requested changes.

WITHDRAWAL OF CONSENT

34. You may withdraw your consent to the use of your Personal Data for the purposes for which it was collected or for any other purposes you may have subsequently consented to. Consent may also be withdrawn for the use of specific parts of your personal data.
35. For administrative purposes, all applications for such withdrawal of consent must be made in writing to the Church’s Data Protection Officers. The application for the withdrawal of consent must be signed by you and contain the following information:
    (a) Your name, address and identification number (if applicable);
    (b) Date of the request;
    (c) Purpose of which consent is being withdrawn; and
    (d) Whether or not consent is to be withdrawn for the use/disclosure of whole or just part of your Personal Data.
36. Please note that a withdrawal of consent only prohibits the future/continued use and disclosure of the Personal Data concerned and does not obligate the Church to destroy such Personal Data. Retention and destruction of the Personal Data will be subject to the principles stated in Paragraphs 22 to 27 of the Privacy Policy.
37. Upon receipt of the application for withdrawal of consent, the Church will inform you of the consequences of the withdrawal of your data (ie. Services may potentially be unable to be provided due to restriction on the use/disclosure of the information).
38. The Church advises you that you are still responsible for any legal obligations and/or repercussions arising out of the withdrawal of your consent. The Church will not be liable for any liabilities arising out of your withdrawal of consent for any reason.

THE “DO NOT CALL” REGISTRY

39. The Church does not engage in commercial practices such as telemarketing and will not use your personal data to contact you regarding such matters.
40. Please note that messages that promote charitable or religious causes are not covered in the “Do Not Call” provisions and the Church may choose to contact you with regard to its services and/or existing or upcoming events.
41. Messages concerning the following are also exempt from the restrictions in the “Do Not Call” provisions:
    (a) any message which is necessary to respond to an emergency that threatens the life, health or safety of any individual;
    (b) any message the sole purpose of which is to facilitate, complete or confirm a transaction that you have previously agreed to enter into with the Church;
    (c) any message the sole purpose of which is to deliver items or services which you are already entitled to receive under the terms of aforementioned transactions;
    (d) any message the sole purpose of which is to provide notification concerning a change in your standing or status with regard to a subscription, Church membership, or any ongoing commercial relationship involving the ongoing purchase or use by you of goods or services offered by the Church.

CHALLENGING COMPLIANCE

42. Under the Personal Data Protection Act 2012, the Church is not required to disclose internal procedures and methods that are not related to its obligations under the Act.
43. You may through a written request to our Data Protection Officers request for the following information regarding the handling of your Personal Data:
    (a) policies and practices of the Church;
    (b) the mechanisms and processes implemented by the Church;
    (c) the feedback and complaint process implemented by the Church.
44. Any queries and feedback should be addressed to our Data Protection Officer(s) at:
    Data Protection Officer
    Contact Number: +65 6560 2410
    E-mail Address:  sandeep@galileebpchurch.org
    Mailing Address: 202 Pandan Gardens, Singapore 609338
    Operating Hours: Mondays – Fridays, 9.00am – 6.00 pm
45. Further questions and inquiries may be directed to the Personal Data Protection Commission at:
    PERSONAL DATA PROTECTION COMMISSION
    Telephone: +65 6377 3131
    E-mail: info@pdpc.gov.sg
    Operating Hours: 8.30am – 6.00pm (Mondays – Thursdays), 8.30am – 5.30pm (Fridays)
    Closed on Weekends and Public Holidays

LIABILITY

46. Nothing in this Policy and/or information provided by or on behalf of the Church or its Data Protection Officers constitutes legal advice regarding the laws and responsibilities imposed by the Personal Data Protection Act 2012. If you require further clarification after consultation with our Data Protection Officers, please seek independent legal advice.