PERSONAL DATA PROTECTION POLICY

  1. Policy Statement
    1. The Bone Marrow Donor Programme (BMDP) recognized the importance of personal data. We are committed to ensuring that the personal data collected is managed in accordance with relevant Singapore Act, Regulations and best practices.
    2. The policy is established to inform you how we collect, use, disclose and/or process the personal data you have provided to us, which is subjected to the Personal Data Protection Act 2012 (PDPA).
    3. The policy supplements but does not supersede nor replace any other consents which you have previously consented to us. We may update the Policy from time to time to ensure it is aligned and consistent with future developments and/or any changes in legal or regulatory requirements.
  2. Personal Data
    1. Under the Personal Data Protection Act 2012 (“PDPA”), “Personal Data” refers to any data or information (whether true or not) about you from which you can be identified, either
      1. a) from that data; or
      2. b) from that data and other information to which we have or are likely to have access.
  3. Collection of Personal Data
    1. Generally, personal data is collected in one or more of the following ways when you:
      1. a) register as a potential volunteer stem cell donor;
      2. b) proceed with different stages of the donation process for volunteer stem cell donor;
      3. c) donate as a financial donor;
      4. d) visit our website;
      5. e) visit our premises as CCTV recording is operating for 24 hours;
      6. f) register as volunteers;
      7. g) attend events, roadshows, talks as photos and/or video recordings may take place for publicity purposes;
      8. h) interact with any of the staff, volunteers, interns, part-timers, sub-committee and board members;
      9. i) respond to our request for additional Personal Data;
      10. j) request that we contact you, be included in an email or other mailing list;
      11. k) respond to our initiatives or programs;
      12. l) submit your Personal Data to us for any other reasons;
      13. m) apply for employment with us;
      14. n) apply for an internship with us; and/or
      15. o) submit a general enquiry
    2. In general, subject to the applicable exceptions permitted in the PDPA, before we collect the above personal data from you, we will notify you of the purposes for which your personal data may be collected, used and/or disclosed, as well as obtain your consent for the collection, use and/or disclosure of your personal data for the intended purposes. If you choose not to provide us with your personal data described in this policy, we may not be able to fulfil our contractual duties towards you or facilitate your request or provide our services to you.
    3. You have choices regarding the collection, use or disclosure of your personal data. You have the right to object to the processing of your personal data and withdraw your consent in a manner described in this policy.
    4. We may collect, disclose or use your personal data pursuant to an exception under the PDPA or other written law such as during the following situations:
      1. a) To respond to an emergency that threatens your life, health and safety or of another individual; and
      2. b) Necessary in the national interest, for any investigation or proceedings.
    5. We will make reasonable efforts to ensure that the Personal Data we collect is accurate and complete. Please help us by ensuring that all Personal Data that you submit is complete and accurate. You may update us when there are any changes to the Personal Data which you have provided to us by emailing the updates to our teams. We will correct or complete your Personal Data as soon as reasonably practicable. Where possible, we will validate the personal data provided by you using generally accepted practices and guidelines.
    6. We will not be responsible for relying on inaccurate or incomplete Personal Data arising from you not providing updates to us of any changes in your Personal Data that you had initially provided us with.
    7. Where Personal Data is submitted to you on behalf of another individual or concerns another individual other than yourself, you represent and warrant to us, that all the necessary consents have been obtained from the relevant individuals.
  4. Purpose for the Collection, Use and Disclosure of Personal Data
    1. We collect, use and/or disclose your Personal Data for the purposes we have specifically obtained your consent and the purposes for which the Personal Data is provided to us. Below listed some of the purposes: –
      1. a) Administration and Operations
        1. i. To facilitate the registration of both volunteer stem cell donors and financial donors;
        2. ii. For stem cell donors, to administer the donation processes once you are found to be a match to a patient;
        3. iii. For financial donors, to process your donations along with your tax-deduction claims with the relevant authorities;
        4. iv. To administer the search processes for a prospective patient;
        5. v. To process and administer payments and billings for both donors and patients;
        6. vi. To administer the processes relating to your employment;
        7. vii. Responding and handling your queries, feedback and complaints;
        8. viii. Purposes which are reasonably related to the aforesaid.
      2. b) Volunteering and Advocacy
        1. i. We may contact you to inform you about our events and activities or other information which may be of interest to you. We may also invite you to volunteer or participate in our events and activities;
        2. ii. If you have provided us with your registered Singapore telephone number(s) and have indicated that you consent to receiving upcoming events, activities and updates from us via your Singapore telephone number(s), from time to time, we may contact you using that phone number(s), including via voice calls text, fax or other means with our updates.
      3. c) Complying with any applicable Acts, laws and regulations, Code of practice or guidelines or to assist in law enforcement and investigations by relevant authorities and agencies.
    2. We take reasonable steps to protect your personal data against loss and to guard against unauthorised access, disclosure, copying, modification and usage, regardless of the format in which it is held.
    3. Your personal data held by us will be kept confidential, but we may, where such disclosure is necessary to satisfy the purpose, or a directly-related purpose for which the personal data was collected, disclose to the following entities and/or parties, whether they are located in Singapore or overseas: –
      1. a) Our staff, volunteers, interns, committee and board members;
      2. b) Banks, CPF, credit card companies and other financial institutions for the processing of any monies receivable or payable;
      3. c) 3rd party service providers;
      4. d) Professional advisers such as auditors and lawyers
      5. e) Relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any government authority (including MOH); and/or
      6. f) Any other party to whom you authorised us to disclose your personal data to.
  5. Transfer of Personal Data outside Singapore
    1. Where your Personal Data is to be transferred out of Singapore, we will comply with the PDPA in doing so. We only make these transfers where we are completely satisfied that adequate levels of protection are in place to protect any information held in that country, or that the service provider acts at all times in compliance with applicable privacy laws.
  6. Withdrawal of Consent
    1. In the event if you withdraw your consent to the collection, use, and/or disclosure of your Personal Data, depending on the nature of your request, we may not be able to continue providing the services to you. We will review and inform you on the consequences of the withdrawal of consent prior to processing your request.
  7. Access to and Correction of your Personal Data
    1. Upon request, we will provide you the access to your Personal Data or other appropriate information on your personal data in accordance with the requirements of the PDPA.
    2. Upon request, we will correct an error or omission in your Personal Data that is in our possession or control in accordance with the requirements of the PDPA.
  8. Retention of your Personal Data
    1. The Personal Data you provide will be retained by us in accordance with applicable laws. We will cease to retain personal data, as soon as it is reasonable to assume that the purpose for collection of such personal data is no longer being served by such retention, and such retention is no longer necessary for legal or business purposes.
    2. Any unsolicited personal data received by us will be returned to the sender immediately. If received by email or through our website, these unsolicited personal data will be deleted right away. If received by telephone or verbally, these will not be recorded.
  9. Use of Cookies
    1. The BMDP uses cookies. A cookie is a small string of information that a website transfers to our browser for identification purposes. Depending on the surrounding circumstances, the cookies used by BMDP may or may not identify users who log into the website. If they do reveal your identity, they constitute personal information, and thus are the subject of the Personal Data Protection Act.
    2. Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used.
    3. There are also software products available that can manage cookies for you. Rejecting cookies can, however, limit the functionality of our website (such as preventing users from logging on and making purchases).
  10. About your personal data
    1. If you have any questions about data protection, complain about how we have handled your personal data, or wish to request for your personal information, you can email our data protection officer a atdpo@bmdp.org.
    2. For data protection enquiries, please contact:

      Data Protection Officer

      Email Address: atdpo@bmdp.org

      Tel: 6916 0370 ext 307

  11. Updates on Personal Data Protection Policy
    1. As part of our efforts to ensure that we properly manage, protect and process your Personal Data, our policies, procedures and processes are to be reviewed from time to time.
    2. We reserve the right to amend the terms of this Policy at our absolute discretion. Any revised Policy will be posted here.

A DONOR FOR EVERY PATIENT