Home / About Us / Our Policies /

Our Data Protection Policy

  1. Policy Statement
    1. This page contains the personal data protection and privacy policy (“Policy”) adopted by City Harvest Church (the “Church”, “us”, “we” or “our”) to manage your Personal Data (as defined below) and to govern the use of this website (the “Site”) in accordance with the Personal Data Protection Act 2012 (the “Act”). Please take a moment to read this policy to understand the basis on and the purposes for which we collect, use, disclose, transfer and/or process your personal data.
    2. By accessing, visiting or using this Site and/or our mobile application (the “App”), interacting with the Church, submitting information to the Church and registering for or attending any event or activity offered by the Church, you agree to be bound by the terms of this Policy.
    3. The Church respects the privacy of individuals and recognises the need to treat Personal Data in an appropriate and lawful manner. The Church is committed to complying with its obligations under the Act in respect of all Personal Data it handles.
    4. The Church may revise any part or all of the contents of this Policy from time to time without notice to you. Please check this webpage regularly for revisions to our Policy. You may determine if any revision has taken place by referring to the date on which this Policy was last updated. Your continued use of our Site and/or the App constitute your acknowledgement and acceptance of such revisions.
    5. If you do not agree to and/or accept any term in this Policy, please do not provide your personal data to us and discontinue your use of this Site and/or the App.

      If you consider that this Policy has not been followed in respect of your Personal Data or that of others, please raise the matter with our Data Protection Officer as soon as possible.

  2. Collection Of Your Personal Data
    1. “Personal Data” refers to any data, whether true or not, about an individual who can be identified (i) from that data; or (ii) from that data and other information to which we have or is likely to have access, including data in our records as may be updated from time to time.

    2. The information that we collect about you will vary depending on the nature of involvement and the activities you choose to be involved in. We endeavour to only ask you for information that is reasonably necessary for the activities that you are seeking to be involved in. In general, we may collect your Personal Data in several ways, including but not limited to the following:
      1. When you submit a membership registration form or other forms relating to the Church’s activities;
      2. When you sign up for a user account on our Site and/or App;
      3. When you access or use our Site and/or App and the various functionalities therein, such as the Bible Reading chart;
      4. When you contact us for enquiries, either via emails or phone calls;
      5. When you visit our office;
      6. When you register for or attend our services, events or activities held physically or virtually;
      7. When you make a donation or payment to the Church;
      8. When you request the Church to contact you;
      9. When you submit your personal data to us for employment purposes; and
      10. When you provide any personal data to the Church for the purposes of posting content on the Site and/or the App, requesting services or any form of assistance from the Church or reporting a problem with the Site and/or App.
    3. The examples of the types of Personal Data that may be collected by the Church include the following:
      1. Name;
      2. NRIC/FIN/Passport Number (*Please see Section 3 for more details);
      3. Nationality;
      4. Marital status;
      5. Date of birth;
      6. Gender;
      7. Religious information (attendance, denominational details, spiritual milestones);
      8. Names and ages of children;
      9. Employment details such as your job title/profession and your employer’s name and address;
      10. Contact information such as email addresses and telephone numbers;
      11. Emergency contact information of your preferred emergency contact;
      12. Demographic information such as residential or mailing address, postal code, preferences and interests;
      13. Financial information such as bank account or credit/debit card numbers;
      14. Details of transactions (including donations or payments) you carry out through our Site and/or App, including details of the fulfilment of such transactions;
      15. Signature;
      16. Photographs, audio/video recordings and digital images;
      17. Internet Protocol address (which is automatically collected when you access this Site);
      18. Information about your geographical location when you use our Site and/or App;
      19. Information about your web browser type and version (automatically collected when you access this Site) and access times;
      20. Information about the operating system of the device or computer you are using (automatically collected when you access this Site);
      21. Information about your mobile device model and software version, which allows us to identify and fix bugs and otherwise improve the performance of our App;
      22. Correspondence details when you contact us;
      23. A list of URLS which will enable us to trace your browser history, starting with a referring site, your activity on the Site and/or App, and the site you exit to;
      24. Cookies (please refer to paragraph 10 below); and
      25. Details of your visits to our Site and/or App and the actions you take on our Site and/or App, such as the resources that you access or the content of searches you perform;
      26. Information you post on the Site and/or the App;
      27. Other information which you may provide to the Church.
  3. NRIC And Other Identification Numbers
    1. In compliance with the Advisory Guidelines on the Act for NRIC and other National Identification Numbers, CHC will only collect, use or disclose your NRIC and other national identification numbers where it is required under the law or it is necessary for CHC to accurately establish or verify the identities of individuals to a high degree of fidelity, and for the following purposes:
      1. For the purposes of managing your employment with CHC, if you are a job candidate or employee;
      2. School of Theology student registration;
      3. Water baptism candidates;
      4. Organisation and facilitation of church activities outside Singapore, where passport information is required for the purchase of group travel tickets, accommodation arrangements etc.;
      5. Tax-exempt donations to City Harvest Community Services Association.
  4. Purposes Of Collection, Use, Disclosure, Transfer And/Or Processing Of Personal Data
    1. Generally, the Church may collect, use, disclose, process and/or transfer your personal data, whether obtained from you or from other sources, for the following purposes:
      1. Enabling you to access or use the Site and/or the App, including enabling you to post content on the Site and/or the App;
      2. Performing our obligations in the course of or in connection with the provision of the Church’s services or your use of the Site and/or App.
      3. Conducting and organising the Church’s activities, including church services and events, organised in person or virtually;
      4. Managing cell groups and attendance information;
      5. Managing the Church’s administration and operations, including but not limited to audit, accounting, risk management and record keeping purposes;
      6. Providing services to and managing the Church’s relationship with you or other members of the Church or attendees of the Church’s activities held physically or virtually;
      7. Processing your membership registration form and other forms or applications submitted by you;
      8. Sharing testimonies;
      9. Responding to, handling, processing and resolving queries, requests, complaints and feedback,
      10. Providing services for the communities or members of the public;
      11. Internal and external communication and publications;
      12. Notifying you of the Church’s news, announcements, publications, activities and events;
      13. Verification, authentication and/or identification purposes;
      14. Analytics and statistical research;
      15. Internal record keeping;
      16. Processing payment transactions;
      17. Tracking and auditing donations made to the Church;
      18. For emergency contact;
      19. Conducting investigations and proceedings in the event of any disputes, misconduct, unlawful action or omission;
      20. Responding to requests for information from government or public agencies, ministries, statutory boards or other similar authorities or non-government agencies authorised to carry out specific government or regulatory services or duties;
      21. Meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations);
      22. Understanding your needs and preferences, and to communicate with you about topics which we think you would be interested in, and be of benefit to you, such as church events or courses;
      23. Conducting surveys, research, and evaluations to obtain feedback;
      24. Evaluating whether to, temporarily or permanently, suspend, revoke, or terminate your account on the Site and/or the App;
      25. Verifying and approving the materials you post or transmit through the Site and/or the App;
      26. Maintaining or improving the quality of our services through the performance of quality reviews and similar activities;
      27. Maintaining or improving the Site and/or the App including the content, appearance, design, utility and performance thereof;
      28. Converting your personal data to anonymised data for the purposes of analytics, business intelligence and statistical research;
      29. Creating anonymised information which is information which is not used or intended to be used to personally identify an individual (e.g., aggregate statistics relating to the use of the Site and/or the App);
      30. Notifying you when updates and upgrades are available for the App;
      31. Any other incidental purposes related to or in connection with the above;
      32. Any other specific purposes which we may inform you of in writing from time to time, but for which we will seek your separate consent;
      33. Transmitting information to any unaffiliated third parties including our third-party service providers and agents, whether in Singapore or abroad, for the aforementioned purposes.
    2. You hereby consent to the use of your personal data for the purposes mentioned above.
    3. Your personal data will be retained by the Church as long as necessary for the fulfilment of the purposes mentioned above or is required to satisfy any legal, regulatory or accounting requirements.
  5. Disclosure Of Your Personal Data
    1. The Church will use reasonable efforts to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your personal data may be disclosed, for the purposes listed above (where applicable), to the following parties:
      1. The Church’s leaders, staff and volunteers, in order for them to provide pastoral services or manage our ministries and services;
      2. The Church’s agents, contractors, vendors or third-party service providers, whether located in Singapore or outside of Singapore, in connection with the services provided by these persons to the Church. Examples of such services include the Site and App maintenance services, the monitoring of activity on the Site or the App, internet cloud services, courier services, payment processing services, chat services, operational services (relating to donation collection, printing, training, security, accommodations) and/ or other services in relation to the Site and/or App;
      3. Our professional advisers such as auditors and lawyers;
      4. Relevant government regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and
      5. Any other party to whom you authorise us to disclose your Personal Data to.
    2. Save as set out under this Privacy Policy, unless we are obliged to or permitted under the Act to do so, your Personal Data will not be disclosed to any third parties without your permission.
    3. The Church will use its reasonable endeavours to ensure that the third parties, whom your Personal Data is being disclosed to, will provide an undertaking to provide a standard of protection for the transferred Personal Data that is comparable to that of the Act. However, the Church does not provide any warranty or take any responsibility on the manner or care in which these third parties maintain, protect or utilise your Personal Data, or any misuse by such third parties.
    4. Without prejudice to the foregoing, the Church may also disclose your Personal Data to third parties without first obtaining your consent in certain situations, including, without limitation, the following:
      1. The disclosure is required under applicable laws and/or regulations, which can include providing information as required by a court order;
      2. The purpose of such disclosure is clearly in your interests and consent cannot be obtained in a timely way;
      3. The disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual;
      4. There are reasonable grounds to believe that the health or safety of yourself or another individual will be seriously affected and consent for the disclosure of the data cannot be obtained in a timely way, provided that we shall, as soon as may be practical, notify you of the disclosure and the purposes of the disclosure;
      5. The disclosure is necessary for any investigation or proceedings;
      6. The Personal Data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the Personal Data is necessary for the purposes of the functions or duties of the office; and/or
      7. The disclosure is to a public agency and such disclosure is necessary in the public interest.
    5. 5.5. The instances listed above at paragraph 5.4 are not exhaustive. For an exhaustive list of exceptions, you are encouraged to refer to the Act.
    6. In all other instances of the disclosure of Personal Data to third parties with your express consent, we will use reasonable efforts to ensure that third parties are in compliance with the Act.
  6. Consents
    1. By submitting your personal data to the Church, you agree and consent to the collection, use, disclosure, transfer and/or processing of your personal data by the Church in accordance with and subject to the terms and conditions of this Policy.
    2. If at any time we decide to collect, use, disclose, transfer or process your personal data for an additional purpose different from the purposes set out above and unless we are permitted to or required to do so under applicable laws and regulations, we will request your consent to the additional purpose in writing, which you may refuse to give at your discretion.
    3. If you provide us with Personal Data of a third party (e.g. information of your spouse, children, parents or relatives), you irrevocably and unconditionally represent, warrant and undertake that:
      (a) you are authorised to act on such third party’s behalf;
      (b) you have obtained the consent of such third party to provide us with his/her personal data for the relevant purposes;
      (c) such third party accepts that his/her personal data will be subject to this Policy (as amended from time to time).
    4. Anonymity and Pseudonymity: Where practical and lawful, we will endeavour to provide you with the option of interacting anonymously or by using a pseudonym. However, this may prevent us from practically and effectively communicating with you or providing you with our services or access to our Site or App.
  7. Withdraw of Consent
    1. The consent that you provide for the collection, use, disclosure, processing and transfer of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may at any time withdraw any consent given in respect of the collection, use, disclosure, transfer and/or processing of your Personal Data by giving prior notice in the form of a formal written request addressed to the Data Protection Officer.
    2. In the event you withdraw your consent to the Church for the use, disclosure, transfer and/or processing of your personal data for any of the purposes mentioned in this Policy, the Church shall cease to process your personal data within 21 working days upon receiving your written request for withdrawal.
    3. We do not prohibit an individual from withdrawing his/her consent to the collection, use, disclosure, transfer or processing of Personal Data about the individual but this shall not affect any legal consequences arising from such withdrawal.
    4. On withdrawal of consent, we shall cease (and cause our data intermediaries and agents to cease) collecting, using or disclosing your Personal Data, as the case may be, unless such collection, use or disclosure, as the case may be, without the consent of the individual is required or authorized under the Act or other written law or regulation.
    5. Please note that once consent is withdrawn, we may not be able to continue to provide you with our services or access to the Site or the App. Your request for any of the above purposes may be rejected as well.
  8. Access And Correction To Your Personal Data
    1. Please send a formal written request to our Data Protection Officer if you wish to:
      (a) Make an access request for a copy of your Personal Data held by the Church; or
      (b) Make a correction request to correct or update any of your Personal Data held by the Church.

      Any access or correction request shall include the details of the requestor, description of the Personal Data being requested and the date and time range the Personal Data was believed to be collected.
    2. Within 30 calendar days upon receiving your request, the Church shall:
      1. Provide you with a copy of your personal data under our custody and/or other relevant information in accordance with the Act; or
      2. Correct your personal data as soon as practicable and inform you that the correction has been made to your Personal Data, unless the Church is satisfied on reasonable grounds that the correction should not be made; or
      3. Inform you that your request to access or correct your personal data is rejected, if the request was made in circumstances predefined by the Act where such access or correction is prohibited or not required.
      If we are unable to respond to your access request or correction request within 30 calendar days after receiving your request, we shall inform you in writing of the time by which we will be able to respond to your access request or to correct the Personal Data.
    3. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request. We will respond to your access request as soon as reasonably possible.
  9. Accuracy Of Your Personal Data
    1. You must ensure that all personal data submitted to us, including those in relation to third parties, is complete, accurate and up to date. Failure to do so may result in our inability to provide you with information or services you have requested.
    2. Please update us as soon as reasonably practical, if there are any changes to the personal data you provided to us, by informing the Data Protection Officer.
  10. Protection Of Your Personal Data
    1. The Church will take reasonable measures to protect your Personal Data from unauthorised access, improper use, disclosure or transfer, unauthorised modification, unlawful destruction or accidental loss. You should be aware, however, that no method of transmission over the internet or method of electronic storage is 100% secure. While security cannot be guaranteed, we strive to protect the security of the personal data and will constantly review and enhance our information security measures.
    2. We do not represent or warrant that our Site and App are free of errors, infection by computer viruses, and/or other harmful or corrupting code, program, macro and such other unauthorised software. We do not assume responsibility for any unauthorised use of your Personal Data by third parties, which are wholly attributable to factors beyond our control.
    3. The Church’s staff and volunteers are required to keep Personal Data confidential and only authorised persons have access to such information.
  11. Retention Of Your Personal Data
    1. We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Policy unless a longer retention period is required or permitted by law, as described in further detail below. After such time, we shall take reasonable efforts to destroy or anonymise documents containing your Personal Data, or remove the means by which your Personal Data can be associated with particular individuals.
      1. Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate your account. We also retain some of your information as necessary to comply with our legal, regulatory, tax accounting, reporting or business purposes.
      2. Information you share on the Site and/or App: If your account is deleted, some of your information and the content you have provided will remain in order to allow other users to make full use of the services offered on Site and/or the App.
      3. Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services, such as when you last opened an email from us or ceased using your account. We retain information derived from cookies for a reasonable period of time from the date such information was created.
  12. Use Of Cookies And Links
    1. A cookie is a small piece of information that is placed on your computer when you visit certain websites.
    2. The Church uses cookies on its website for the following purposes:
      1. Enabling certain features and functions on our Site;
      2. Building up a profile of how you and other users use the Site;
      3. Improving the efficiency of our Site;
      4. Administering services to you; and
      5. Establishing usage statistics.
    3. Most internet browsers provide you the option of turning off the processing of cookies (please see the “help” section of your browser), but this may result in the loss of functionality, restrict your use of the website and/or delay or affect the way in which it operates. If you do not accept or choose to remove cookies in relation to our Site, this may affect certain features or services of our Site and you may not be able to stay logged in to our Site.
    4. The Site and the App contains links to other websites. The Church is not responsible for the privacy policies of third-party websites to which links are provided. You should check the privacy policies on these sites before providing any Personal Data.
  13. Contact Our Data Protection Officer
    1. Should you have a complaint or require more information about how we manage your personal data, please contact our Data Protection Officer at:

      Data Protection Officer
      City Harvest Church
      1 Raffles Boulevard,
      #05-02, Suntec City,
      Singapore 039593
      Tel: +65 6737 6266
      Email:
      dpo@chc.org.sg
  14. Governing Law
    1. This policy and the use of this website shall be governed in all respects by the laws of Singapore. You agree to submit to the non-exclusive jurisdiction of the Singapore courts.

Updated as at 19 October 2021.