Personal Data Protection and Privacy Policy
enquiry@ofs.edu.sgEnquiry
feedback@ofs.edu.sgFeedback
+65 6738 0211Call Us
Camp QuestCamp

Personal Data Protection and Privacy Policy

  1. Introduction
    1. Overseas Family School Limited (School) is the owner and operator of Overseas Family School, a private K-12 foreign system school in Singapore.
    2. The Personal Data Protection Act 2012 (PDPA) establishes a comprehensive law in Singapore for the protection of personal data (Data) and seeks to ensure that organisations comply with a baseline standard of protection for Data of individuals. The PDPA governs the collection, use and disclosure and care of individuals' Data by organisations. It recognises both the rights of individuals to protect their Data, including rights of access and correction, and the needs of organisations to collect, use or disclose Data for legitimate and reasonable purposes.
    3. The PDPA takes into account the following concepts:
      1. Consent – Organisations may collect, use or disclose Data only with individual's knowledge and consent (with some exceptions);
      2. Purpose – Organisations may collect, use or disclose Data in an appropriate manner for the circumstances, and only if they have informed the individual of purposes for the collection, use or disclosure; and
      3. Reasonableness – Organisations may collect, use or disclose Data only for purposes that would be considered appropriate to a reasonable person in the given circumstances.
    4. The School is committed to protecting and respecting an individual's Data in accordance with the PDPA and has procedures in place to safeguard and protect the confidentiality of the Data on individuals that it has collected.
  2. Collection, Use and Disclosure of Data
    1. The School will seek an individual's expressed or implied consent for the collection, use and disclosure of the individual's Data.
    2. In the context of a client, the term "individual" includes his/her spouse, child/ward, guardians and other family members, where applicable.
    3. Collection of Data
    4. The School will collect Data from:
      1. clients (and prospective clients) and their children, or where applicable, the employees of clients, authorised guardians and other relevant family members;
      2. job applicants and the School's staff;
      3. suppliers of goods or services (including tender respondents) or their employees, agents or contractors;
      4. individuals otherwise involved in and/or connected with the School's activities; and
      5. visitors to OFS website.
    5. Members of the School's staff will:
      1. only collect Data that is necessary for their respective functions and activities;
      2. collect Data by lawful and fair means and not in an unreasonably intrusive manner, and without intimidation or deception; and
      3. as good practice, obtain consent in writing or recorded in a manner that is accessible for future reference.
    6. The types of Data collected include, but are not limited to the following:
      1. Personal particulars and documents such as name, birthdate, gender, Passport No./NRIC/FIN, nationality, postal addresses, email addresses, telephone numbers, immigration documents, previous student school reports, healthcare information, bank details;
      2. Previous employment particulars and documents such as company name, company type, industry, designation, telephone numbers, past school attended, academic qualifications and results, year qualified;
      3. Academic progress/interim/final grades and reports;
      4. Photographs, videos, sound recordings and illustrations; and
      5. Web cookies to record the visitors' browsing activity (including frequency of use, profiles of visitors and their surfing patterns).
    7. Use and Disclosure of Data
    8. The use of the Data collected is intended for the purposes detailed below:
      1. For clients and their children, the Data provided may be used and disclosed to all persons who require such information for the purposes of evaluating and processing the Student's admission, for registration of examinations, for school related activities and for any other purpose relating to the conduct of the School's business and the provision of services by School or its authorised service providers, as well as to comply with all laws and regulatory requirements including but not limited to the purchase of insurance under the Fee Protection Scheme and Student Medical Insurance Scheme; and reporting, promotional and marketing purposes relating to the School and its related entities.
      2. For staff, the Data provided may be used and disclosed to all persons who require such information for the purposes of evaluating and processing the staff's appointment, for human resource related activities like leave, benefits and payroll administration, appraisals and professional development, as well as to comply with all laws and regulatory requirements including but not limited to the purchase of insurance under the Staff Medical Insurance Scheme.
      3. For all visitors, including staff, clients and their children, the Data provided or captured (e.g. by campus CCTV), may be used and disclosed to all persons who require such information for the purposes of ensuring campus security and safety of the School community.
    9. If the Data is intended for another purpose (i.e. differing from the original purpose), new consent will be obtained from the individual again.
    10. Collection, Use and Disclosure of Data Without Consent
    11. The School may, in the following relevant circumstances (as extracted from the Second, Third and Fourth Schedules of the PDPA), collect, use or disclose of Data without an individual's consent:
      1. The Data is generally available to the public.
      2. The Data is required for evaluative purposes.
      3. The Data is solely for artistic or literary purposes.
      4. The Data is required for payment or debt recovery.
      5. The Data is required by law or a regulatory body.
      6. The Data is required for any investigation or proceedings.
      7. The Data is contained in a document produced for employment, business or professional purposes.
      8. The Data is required for the purposes of managing or terminating employment.
      9. The Data is for research or statistical purposes, and the results of the research or statistical processing would lead to aggregated or de-identified Data and would not lead to identification of an individual by any reasonably foreseeable means.
      10. The collection, use or disclosure of Data is in the individual's interest and the individual's consent cannot be obtained in a timely manner at the point of collection or where the individual would not reasonably be expected to withhold it.
      11. In an emergency that threatens the life, health or security of the individual or any member of the School community.
  3. Processing and Maintenance of Data
    1. Accuracy of Data
    2. The School will make reasonable effort to ensure Data collected is accurate and complete.
    3. The School will also take reasonable steps to review the Data collected remains accurate, complete and up-to-date, as a matter of routine.
    4. Protection of Data
    5. Data collected will be treated as confidential information, and will be protected in a secure manner. The School has procedures in place to protect the confidentiality of the Data. Data stored in the School's computer systems are protected from unauthorised access by appropriate security technologies. Only authorised staff of the School will have access to Data on a need-to-know basis.
    6. Retention of Data
    7. The School has measures in place to destroy and/or anonymise the Data as soon as it is reasonable to assume that:
      1. the purpose for which that Data was collected is no longer being served by the retention of such Data; and
      2. retention is no longer necessary for any other legal or business purposes.
    8. Transfer of Data
    9. The School will not transfer any Data to a country or territory outside Singapore except in accordance with the requirements prescribed under the PDPA to ensure that organisations provide a standard of protection to Data so transferred that is comparable to the protection under the PDPA.
  4. Access and Correction/Updating
    1. The School will provide an individual with access to and/or to correct/update his/her Data, except in specified circumstances prescribed under the PDPA. An individual must submit a written request with sufficient explanation and information to the Registration Office (registration@ofs.edu.sg) to access his/her Data.
    2. For a request to access Data, the School will notify the individual of the outcome of the request as soon as reasonably practicable, or a reason if the request is not accepted.
    3. For a request to correct/update Data, the School will correct/update the individual's Data as soon as reasonably practicable.
    4. A minimal fee may be charged for processing of any Data requested.
  5. Withdrawal of Consent
    1. An individual is entitled, at any time after having granted his/her consent, to write in to inform the School of the withdrawal of his/her consent. The School will, after being so informed, continue to maintain the relevant Data in its custody, but will not use or disclose the Data to any other party.
    2. The School shall inform the individual of the likely consequences of withdrawing his/her consent. The withdrawal of consent may affect the School's ability to provide some or all of its services to the individual or to administer any contractual relationship already in place and in such an event, the School's legal rights and remedies are expressly reserved.
  6. Website Privacy

    The following provides how privacy is protected when browsing OFS website:

    1. If you are browsing OFS website, the School does not capture data to identify you individually.
    2. The School uses cookies, where a small data file is sent to your browser to store and track information when you enter OFS website. The cookie is used to track information such as the number of visitors and their frequency of use, profiles of visitors and their surfing pattern. While this cookie will inform the School when you enter OFS website and the pages you visit, it cannot read data off your hard disk.
    3. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
    4. If you provide the School with personally identifiable data, the School will not share your personal data with third-party entities, except where such entities have been authorised to carry out specific services, such as personal data shared manually or electronically with IB (International Baccalaureate) and CIE Direct (Cambridge Assessment International Education) for the purposes of assessments and examinations.
    5. To safeguard your personal data, all electronic storage and transmission of personal data is secured with appropriate security technologies. You can help further by safeguarding the confidentiality of your password.
    6. The OFS website contains links to third-party websites whose data protection and privacy practices may differ from the School. The School is not responsible for the content and privacy practices of these other websites and encourage you to consult the privacy notices of those websites.
  7. Enquiries and Contact Person
    1. The Data Protection Officer (DPO) is the main contact person for all PDPA-related matters.
    2. Enquiries concerning PDPA-related matters should be addressed to:

      Data Protection Officer
      Overseas Family School Limited
      81 Pasir Ris Heights
      Singapore 519292
      Email: dpo@ofs.edu.sg