EtonHouse International Education Group

 

Personal Data Protection Statement

EtonHouse respects the privacy of individuals and recognizes the importance of the personal data entrusted to us and believe that it is our responsibility to properly manage, protect, process, use and/or disclose our employees, students and stakeholders’ personal data.

At EtonHouse, we are also committed to adhering to the provisions and principles of the Personal Data Protection Act 2012. As such, this Personal Data Protection Statement is to assist us in understanding how we collect, use and/or disclose personal data.

EtonHouse will collect, use and disclose our employees, students and stakeholders’ personal data in accordance with the Personal Data Protection Act 2012 (“Act”).  The Act establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data.

It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

The Act takes into account the following concepts:

Consent

Organisations may collect, use or disclose personal data only with the individual’s knowledge and consent (with some exceptions);

Purpose

Organisations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure; and

Reasonableness

Organisations may collect, use or disclose personal data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.

In projecting the three main concepts above, the Act contains nine main obligations which organisations are expected to comply with if they undertake activities related to the collection, use and/or disclosure of personal data:

  1.  The Consent Obligation
  2. The Purpose Limiting Obligation
  3. The Notification Obligation
  4. The Access and Correction Obligation
  5. The Accuracy Obligation
  6. The Protection Obligation
  7. The Retention Limitation Obligation
  8. The Transfer Limitation Obligation
  9. The Openness Obligation

While EtonHouse will not be going into the details of these Obligations in this Personal Data Protection Statement, rest assured that EtonHouse is constantly mindful of them in our collection, use and disclosure of personal data.

Should anyone wish to know more about these obligations, a summary can be found in the Advisory Guidelines of the Personal Data Protection Commission at: www.pdpc.gov.sg/docs/default-source/advisory-guidelines/overview-of-the-data-protection-provisions-(chapter-10).pdf?sfvrsn=0

1. Purpose for the Collection, Use & Disclosure of Personal Data

In general, subject to applicable exceptions permitted in the Act, before EtonHouse collect any personal data from our employees, students and stakeholders, EtonHouse will notify our employees, students and stakeholders of the purposes for which their personal data may be collected, used and/or disclosed, as well as obtain consent for the collection, use and/or disclosure of their personal data for the intended purpose.

Depending on our employees, students and stakeholders relationship with EtonHouse, the personal data collected may be used and/or disclosed for the following purpose:

For Employees/Staff Generally

In order to comply with it’s contractual, statutory, and management obligations and responsibilities, EtonHouse is required to collect personal data relating to its employees.

All such data will be processed in accordance with the provisions of the Act and the relevant school’s rules and policies, including those on data protection, as may be amended from time to time. Our employees’ relationship with EtonHouse will in most cases, be governed by the Employment Contract, Staff Handbook and/or Governance and Academic Policies Handbook (which may be revised from time to time) at our schools/centres, all of which shall state expressly or implicitly the purposes for, and the manner in, which our employee personal data will be used.

The purposes listed below serve only to supplement and clarify the matter, without limiting, superseding or supplanting any express or implied terms in the abovementioned documents:

  • for managing employment relationships with EtonHouse; 
  • for depositing salaries and other payments; 
  • for monitoring the use of EtonHouse’s computer network resources; 
  • for updating EtonHouse’s intranet and website, issuance of staff pass, newsletters and the like; 
  • for managing staff benefit schemes; 
  • for disclosure where necessary to external parties for purposes of school administration, to Government agencies for official purposes and to external third parties for, or in connection with, the above purposes, or where required by law; and 
  • for any other purposes not related to those listed above or in the employment contract, which EtonHouse may inform our employee of in writing from time to time, to seek separate consent. 

For Students Generally

Students are required to provide consent to EtonHouse to use their personal data in the manner set out in the school registration form completed when they first enrol in EtonHouse; or when they use specific services and facilities offered by the school; or when parents/guardian (on behalf of the students) are notified by the school administration of new rules and policies applicable to the student body and are deemed to have consented to the same.

The purposes listed below serves only to supplement and clarify this matter, without limiting the scope of our student/parent/guardian’s earlier consent:

  • Administering and/or managing relationships with the company and/or the school (including responding to enquiries, the mailing of correspondence, statements or notices which could involve the disclosure of certain personal data to bring about delivery of the same); 
  • Processing application(s) for financial aid and administering and managing financial aid/grant/discounts and other support programmes which may include use of personal data for development and disclosure of personal data to donors, grantors, external evaluators and/or external organisations for purposes of assessment, periodic reports, event invitations, surveys and/or publicity of the company and/or the schools’ related programmes; 
  • Responding to requests for information from government or public agencies, ministries, statutory boards or other similar authorities or non-government agencies authorised to carry out specific Government services or duties; 
  • Carrying out market-related, evaluative or similar research and analysis for the company and/or the school’s operational strategy and policy planning purposes, including providing data to external parties for school programme evaluation and to partnering/affiliated institutions/centres for jointly-administered programmes; 
  • Conducting outreach and engagement to garner support and resources for the company and/or the school, its community and affiliated centres/institutions; 
  • Supporting the company and/or the schools’ functions including but not restricted to, the teaching and personal and professional development of students, research and administration of the company and/or the school; 
  • Processing, administering and conferring awards of prizes, medals, scholarships/sibling discounts, classes of honours and other marks of distinction, and student or graduation status, and publication or releasing of information on the same; 
  • Engaging in initiatives and/or activities and invitation to participate in surveys and sending of communication collaterals; 
  • Facilitating participation in student’s life and community development opportunities which may include social, cultural, athletic, and educational activities, events, volunteering and training programmes in clubs, societies, halls and residences, and orientation/reception activities; 
  • Taking of photographs and/or videos (whether by the company and/or the schools’ staff or third party photographers and/or videographers engaged by the company and/or the school) during events or seminars organised by the company and/or the school or its affiliates for publicity purposes; 
  • Where consented to in the registration form and/or other methods of consent notification, providing marketing, advertising and promotional information via postal mail, electronic mail, SMS or MMS, fax and/or voice calls; 

For The Public and Other Third Parties Generally

EtonHouse is committed to engaging and embracing its surrounding community, ecosystem as well as society at large. As a result, EtonHouse often organise activities in which external stakeholders or the general public are invited to participate.

While it is impossible to list all the events in which EtonHouse hopes the public will participate, some events that members of the public can look forward to include community outreach courses, exhibitions, road shows (locally and/or international), extra-curriculum activities, performances and others (Events).

Naturally, in encouraging spontaneous interactions with the public, there will be opportunities, and often a need to collect, use and/or disclose personal data from members of the public. Some of the reasons/ purposes are as follows:

  • For security/ verification purposes at certain Events; 
  • For logistical/ administrative purposes for certain Events; (e.g. catering and transportations) 
  • To keep our student/parents/guardian and employees updated of future EtonHouse Events/ products which we feel may interest them; 
  • For marketing/ publicity purposes (e.g. Photographs and video with voice)

For Events where provision of personal data is a pre-requisite to attendance, our students (parents/guardian) and employees shall be informed in advance so that they may make an informed decision as to whether or not to attend. EtonHouse will also endeavour to inform our students (parents/guardian) and employees of the purposes for which personal data collected from them will be used.

Should our students (parents/guardian) and employees at any time feel that the manner in which EtonHouse has acted, or seeks to act, in respect of the collection, use or disclosure of personal data for an Event is inappropriate; please feel free to make their concerns known to the company Data Protection Officer.

2. Disclosure of Personal Data to Third Parties

EtonHouse will not disclose our employees, students and stakeholders’ personal data to any third parties without first obtaining our employees, students and stakeholders’ consent permitting EtonHouse to do so or unless any such disclosure is permitted under any of the statutory exemptions under the Act.

In this respect, please note that EtonHouse may disclose our employees, students and stakeholders’ personal data to third parties in certain circumstances without first seeking our employees, students and stakeholders’ consent, if such disclosure is either required or permitted under the Act, including without limitation, if the disclosure is required by law and/or regulations or if there is an emergency.

3. Request for Access, Correction and/or Withdrawal of Personal Data

Subject to certain exceptions in the Act, our employees, students and stakeholders’ may request to access and/or correct the personal data currently in our possession or withdraw their consent for the collection, use and disclosure of our employees, students and stakeholders’ personal data in EtonHouse possession at any time by submitting a written request.

For a request to access personal data, EtonHouse will provide our employees, students and stakeholders’ with the relevant personal data within a reasonable time from such request being made.

For a request to correct personal data, EtonHouse will process their request, including undertaking necessary verification activities, as soon as practicable after the request has been made. EtonHouse will send the corrected personal data to every other organisation to which the personal data was disclosed by EtonHouse within a year before the date the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose.

Our employees, students and stakeholders’ may be charged a reasonable fee for the handling and processing of their requests to access and/or correct their personal data, but our employees, students and stakeholders’ will be notified in advance of such costs.

For a request to withdraw consent; EtonHouse will process the request within a reasonable time from such a request for withdrawal of consent being made. In some cases, requests for withdrawal of consent may adversely impact our employees, students and stakeholders’ relationship with EtonHouse as it may hinder EtonHouse ability to continue to interact with our employees, students and stakeholders’. EtonHouse will notify our employees, students and stakeholders’ and employees in advance of such impact, if any.

4. Administration and Management of Personal Data

EtonHouse will take appropriate measures to keep our employees, students and stakeholders’ personal data accurate, complete and updated.

EtonHouse will also take appropriate precautions and preventive measures to ensure that our employees, students and stakeholders’ personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of our employees, students and stakeholders’’ personal data.

EtonHouse will also take reasonable efforts to ensure that the personal data in our possession or under our control is destroyed as soon as it is reasonable to assume that:

  • the purpose for which that personal data was collected is no longer being served by the retention of such personal data; 
  • and retention is no longer necessary for any other legal or business purposes.

EtonHouse websites may contain links to other websites not maintained by EtonHouse. Such third party websites are subject to their own data protection and privacy practices and our employees, students and stakeholders’ are encouraged to examine the data protection policies of those websites.

5. Responsibility of EMPLOYEES (Staff, Department), STUDENTS AND OTHER STAKEHOLDERS

The Act also imposes certain responsibilities on all those who process personal data at the company or school whether it is a member of staff holding, using and sharing personal data in teaching, research or administration, or a student accessing and recording personal data in their studies or other activities.

These obligations include holding and using data in a secure manner, making sure that data is handled in line with what individuals have been told, having appropriate arrangements in place for the access to (and sharing of) data, and making sure that individuals’ data is accurate and retained for a suitable period.

If a data breach occurs (e.g. personal data held by the school is lost, stolen, inadvertently disclosed to an external party, or accidentally published), this should be reported immediately to the company’s Data Protection Officer so that EtonHouse may review the circumstances and liaise as necessary internally and with the relevant external authorities. 

DATA PROTECTION OFFICER

Mr Heintjie Santos

Email: [email protected]


This page was last edited on July 5, 2017