Privacy Policy
This Privacy Policy (“Policy”) outlines how REACH Community Services Society (“REACH”) manages personal data in accordance to the Personal Data Protection Act (“PDPA”).
It applies to the personal data of all individuals (‘you’, ‘your’, etc.) who are service users of REACH Community Services Society, donors, volunteers, participants, stakeholders, partners and our employees.
When service user or potential service user is below 18 (i.e. are a minor), REACH Community Services Society will rely on consent from another individual. The individual will include the parent and legal guardian of the service user/ potential service user.
REACH will provide and notify additional specific purpose, if the need arises; so that you can make informed consent to disclose your personal data.
If at any time you prefer not to provide some personal data, please let us know. We will explain the purpose for collecting that personal data. If you still do not wish to provide it, we will assess the impact on the service delivery/continuity and communicate the outcome to you.
We collect, use, or disclose personal data about you only if:
Where we ask you to consent to us collecting, using or disclosing personal data about you, we will first inform you of our purposes for doing so. We will not use or disclose personal data about you for any other purposes without first informing you of the additional purposes and getting your consent to us doing so for the additional purpose(s).
In some circumstances, you are deemed to have consented to us collecting, using or disclosing personal data about you for a purpose. For example, if you pose for a photograph by our photographer at one of our events or if you send us your CV when you apply for a job with us, you are deemed to have consented to us collecting, using or disclosing the personal data about you that is in the photograph (that is, your image) or the CV.
We are permitted by the PDPA to collect, use or disclose personal data about you without your consent in various circumstances that include the following:
Your request to us should be made in writing (which includes email) sent to our Data Protection Officer. We may require you to provide proof of your identity.
There are some circumstances where we are not required to provide you with information, and others where we are not allowed by the PDPA to do so. In some circumstances we may only be able to provide you with limited information. You may obtain information about all of these circumstances from our Data Protection Officer.