MAAROF MOSQUE MANAGEMENT BOARD
PERSONAL DATA PROTECTION POLICY
1. The Maarof Mosque Management Board (“Maarof Mosque”) takes our responsibilities under the Personal Data Protection Act 2012 (PDPA) seriously. We also recognise the importance of the personal data our stakeholders have entrusted to us and believe that it is our responsibility to properly manage, protect and process these personal data. Maarof Mosque is therefore committed to comply with the Personal Data Protection Act (the “PDPA”)
2. This document contains the Policy and Practices (“P&Ps”) adopted by Maarof Mosque in the collection, use, disclosure and update of personal data that is in its possession or will come into its possession.
B. Data Protection Officer
3. Maarof Mosque is to appoint a Data Protection Officer (“DPO”) who will be responsible for ensuring mosque’s compliance and implementation of PDPA.
C. Collection of Personal Data
4. Maarof Mosque is to only collect personal data that are reasonably necessary to fulfil the purposes for which the personal data are collected. See Annex A list the information that we collect from you, where we collect this information and how we use and disclose your personal information.
5. Personal data collected before 2 July 2014 (the “Appointed Day”)
- Maarof Mosque is not required to obtain consent for the collection of personal data before the Appointed Day.
- If an individual does not want Maarof Mosque to retain his or her personal data collected before the Appointed Day, the individual must give reasonable notice to Maarof Mosque to withdraw his or her consent to Maarof Mosque’s retention of that personal data.
6. Personal data collected after the Appointed Day
After the Appointed Day, Maarof Mosque is to obtain the consent of an individual before collecting personal data about that individual. This includes the collection of additional personal data about an individual whom Maarof Mosque has collected personal data before the Appointed Day.
D. Use of personal data
7. Maarof Mosque may use personal data collected before the Appointed Day for the purposes for which the personal data was collected, whether such use occurs before or after the Appointed Day.
8. Maarof Mosque is to obtain consent to use personal data that has been collected after the Appointed Day.
9. Where an individual withdraws his or her consent of this Policy, Maarof Mosque must cease to use that individual’s personal data within a reasonable time, whether that personal data was collected before or after the Appointed Day.
E. Disclosure of personal data
10. Maarof Mosque may disclose personal data collected for the purposes for which that personal data was collected
11. Maarof Mosque is to obtain consent to disclose personal data that has been collected after the Appointed Day.
12. Where an individual withdraws his or her consent, Maarof Mosque must cease to disclose that individual’s personal data.
F. Consent of individuals below 18 years old
13. In respect for individuals who have not attained the age of 18 years, Maarof Mosque is to obtain the consent of a parent or guardian of the individual before collecting, using or disclosing personal data about that individual.
G. Protecting and Storing of Personal Data
14. Maarof Mosque is to protect personal data in its possession or control by making reasonable arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks related to personal data in its possession or control.
15. Maarof Mosque may implement protection measures, as follows:
- physical measures such as locked filing cabinets and restriction of access to offices;
- restriction of personnel access to personal data, for example, security clearance and limiting of access to a “need-to-know” basis; and
- technological measures such as the password protection and encryption of information stored in an electronic medium. There should be IT policy of changing passwords twice a year.
16. Where necessary, more sensitive personal data are to be under a higher standard of protection.
17. Maarof Mosque is to ensure that all employees and volunteers are aware of the importance of protecting the confidentiality of personal data.
18. Maarof Mosque is to ensure that care is taken when personal data are to be disposed of or destroyed to prevent unauthorised parties from gaining access to that personal data.
H. Retention of Personal Data
19. Maarof Mosque is to ensure that any personal data that are no longer serving the purpose(s) for which they are collected, or that are no longer necessary to be retained for any legal or business purpose, are removed or made anonymous. I. Withdrawal of Consent and Making a Complaint
20. An individual may withdraw his or her consent to the collection, use or disclosure of his or her personal data by giving reasonable notice to Maarof Mosque to do so.
21. An individual who wishes to make a request, or to lodge a complaint to Maarof Mosque pertaining to any failure to comply with the provisions of the PDPA, may lodge the request / complaint to the DPO using the mosque office account at DPO@maarof.mosque.sg or submitting a letter of request / complaint to the DPO of Maarof Mosque.
22. The DPO is to investigate the complaint within a reasonable time and contact the complainant within a reasonable time, in order to address any concerns relating to compliance with the PDPA. J. Availability and Review of P&P
23. The document shall be made available upon request. This document may be found at Maarof Mosque’s website www.masjidmaarof.sg or at Maarof Mosque’s office located at 20 Jurong West Street 26, Singapore 648125.
24. The Mosque Mosque Management Board will, from time to time, monitor, review and amend this document in its absolute discretion where it deems necessary or appropriate in accordance with the PDPA.
Updated August 2016
1. WHAT IS PERSONAL DATA Personal Data is any information about you that you have provided to us including but not limited to the following:
□ Identity Card / Birth Certificate / Passport Details
□ Contact details (including telephone number and email address)
□ Residential address
□ Date of birth
□ Marital Status
□ Education Background
□ Name of school currently attending (students only)
□ Parent’s name and particulars (for those below the age of 18)
□ Photographs, audio/video recordings
□ Feedback and response to survey/evaluation form
2. WHERE WE COLLECT YOUR PERSONAL INFORMATION
2.1 Mosque Membership Database In order for us to keep a record and update our membership database, we may from time to time contact you to update your personal information. This information is also used to communicate with you, respond to your inquiries or feedback, provide you with information and/or updates on the Mosque.
2.2 Mosque Events, Seminars, Training, and Camps / Talks Maarof Mosque holds events such as Camps, Seminars, and religious talks on a regular basis. Participants will be asked to register for the event and information such as national registration identity card (NRIC) number, foreign identification number (FIN), passport number, name, postal address, email address and telephone number, marital status, profession, age may be collected only for use by the event organizers to follow up with you and update you promptly as well as to inform you of future events that may interest you.
2.3 Information collected on the website We may collect information such as your name, email address, telephone number when you fill up our online “Contact Us” form so that we could respond to your inquiries promptly.
2.4 Photographs and audio/video recordings Through your participation and involvement in our Mosque events, your photographs and audio/video recordings may be collected.
3. HOW WE USE AND DISCLOSE YOUR PERSONAL INFORMATION
Once you have given us your personal information, you are not anonymous to us. We may use your personal information to contact you for our Mosque events, courses, seminars, workshops from time to time. This may include mail, email, and text messages. We are committed to send you only text messages or emails that pertain to courses, seminars, workshops, and events that you have signed up with us. Photographs and audio/video recordings during our Mosque events may be used for our publicity and promotion purposes such as printed newsletters, brochures, flyers, posters, banners, calendars, electronic publications, websites, and social media platforms. We may also disclose your personal information to third party agencies such as insurance companies and travel agencies for travel insurance and hotel bookings where applicable. Access to your personal information will only be provided to them for the purpose of performing our services. We will require them to ensure that the personal information disclosed to them is kept confidential and secured.
If you do not wish to receive information or updates from the Mosque, you may opt-out anytime by calling our office at 65155033 or email us at DPO@maarof.mosque.sg to inform us to be unsubscribed from our mailing list/database.