NUS Privacy Notice
- The National University of Singapore (NUS) takes the Singapore PDPA and other data protection laws very seriously and is very mindful of the concomitant responsibilities.
- This Privacy Notice sets out:
(i) the basis on which NUS will process any personal data we collect from you or that you provide to us; and
- This Privacy Notice applies only to NUS services and websites. If you are only browsing this website or using the Search function, we do not capture data that allows us to identify you individually. This website automatically receives and records information on our server logs from your browser, including your IP address, cookie information, and the page(s) requested. Although user sessions are tracked, the users remain anonymous. Our websites may contain links to other websites not maintained by NUS. Such third-party websites are subject to their own data protection and privacy practices and you are encouraged to examine the privacy notices of those websites.
- If you choose to share your Personal Data via an application or an e-mail or any other form, we recommend that you read our Privacy Notice set out below explaining how we use your Personal Data when you interact with us via our website or in any other way.
- If you have any queries on this Privacy Notice or any other queries in relation to how we manage, protect and/or process your Personal Data, please do not hesitate to contact the NUS Data Protection Office at [email protected] or [email protected].
- As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time. We reserve the right to amend the terms of this Privacy Notice at our absolute discretion. Any amended Privacy Notice will be posted on our website. Please visit this website periodically to access current information in relation to Personal Data protection.
NOTE: If you are an employee/student of NUS, please also refer to the NUS Personal Data Protection Policy & Procedures, a copy of which is available on the internal Staff Portal/Student Portal.
The National University of Singapore (NUS) takes its responsibilities under the Personal Data Protection Act 2012 (“PDPA”) and other data protection laws very seriously. NUS also recognises the importance of the personal data entrusted to us and believes that it is our responsibility to properly manage, protect and process your personal data.
By interacting with or transacting with us, calling or sending messages to us, accessing our websites and/or submitting information to us via forms or other data collection means or processes (whether through a form, an interview, our websites or otherwise), you signify that you have read, understood and agreed to NUS’ collection use and disclosure of your personal data as described in this Privacy Notice.
This Privacy Notice applies only to NUS services and websites. Our websites may contain links to other websites not maintained by NUS. Such third-party websites are subject to their own data protection and privacy practices and you are encouraged to examine the privacy notices of those websites.
WHO IS NUS?
References to “National University of Singapore”, “NUS”, “us”, “we”, “our” in this Privacy Notice mean National University of Singapore, a company registered in Singapore with Registration Number 200604346E.
QUESTIONS ABOUT THIS PRIVACY NOTICE
If, at any time, you have any queries on this Privacy Notice or any other queries in relation to how NUS manages, protect and/or process your personal data, please do not hesitate to contact the NUS Data Protection Office at: [email protected] or [email protected].
WHAT PERSONAL DATA DOES NUS COLLECT ABOUT YOU?
NUS may collect and process the following information about you either directly from you, from your authorised representatives, from third-parties, or from publicly available sources:
|Personal information||Your full name, your gender, your date of birth, your marital status, your photograph, your ethnicity, your religion.|
|Identification information||Your citizenship, your residency, a copy of your ID or passport.|
|Contact details||Your physical address, your email address, your telephone number.|
|Financial information||Your bank account details, your credit card details.|
|Medical information||Details of any special medical requirements or disabilities, your medical records.|
|Academic and employment records||Details of your academic records, details of your previous employment.|
|Information collected automatically||Data collected automatically using cookies, web beacons, tracking pixels and similar technologies when you view websites or use applications created by or on behalf of NUS.|
WHAT DOES NUS USE YOUR PERSONAL DATA FOR?
NUS may collect, use and/or disclose your personal data, where permitted by data protection laws, for the following purposes (“Purposes”):
- For students
- Evaluating suitability for admission to be a student with us and progressing your application.
- Administering and managing your relationship as our student, including sending you information about course/study/assignment/lecture materials, timetables, examination details, candidature matters, exchange programmes, scholarships, awards, fees, your achievements, your degree or certification, placements, secondments or internships with external organisations, programmes or courses run by other organisations.
- Administering our student records, such as managing student registrations, keeping our records up to date, processing payments and refunds of tuition fees, processing disciplinary actions.
- Facilitating your participation in Student Life and Development activities provided by NUS (e.g. festival celebrations, graduation ceremonies, orientation and student group camps, conferences, volunteering and training programmes, student benefit activities).
- The purposes listed in the Student Personal Data Notice and Consent Statements (as the same may be amended/revised, updated and/or supplemented from time to time) which you have agreed to and accepted as part of your enrolment with NUS.
- For employees
- Evaluating suitability for employment with us.
- Administering and managing your employment relationship with NUS, including secondments with or transfer to affiliates, related corporations/associated companies and third-party organisations, managing our training programmes.
- Administering our employee records, such as running our recruitment process, keeping our records up to date, managing our payroll and benefit schemes, processing disciplinary actions.
- The purposes listed in the Employee Personal Data Notice and Consent Statements (as the same may be amended/revised, updated and/or supplemented from time to time) which you have agreed to and accepted as part of your employment with NUS.
- For alumni
- Administering alumni activities including notifying you of NUS and alumni-related initiatives and activities, inviting you to NUS and alumni-related events, updating you on alumni information, submitting alumni surveys and communicating other alumni-related materials.
- Understanding the profile of the alumni community to inform NUS’s policy making and planning.
- Other purposes
- Carrying out due diligence or other screening activities and background checks in accordance with our legal or regulatory obligations or risk management procedures, including obtaining references and/or other information from prior educational institutions and employers.
- Responding (in accordance with our legal or regulatory obligations) to requests for information from government or public agencies, ministries, statutory boards or other similar authorities or non-government agencies authorised to carry out specific Government services or duties.
- Carrying out your instructions or responding to any enquiry given or submitted by you or on your behalf.
- Contacting you or communicating with you via various modes of communication such as voice call, text message, fax message, email or postal mail for the purposes of administering and managing your relationship with us.
- Dealing with, administering and managing your use of NUS facilities including accommodation, IT services and recreation facilities.
- Any other Purposes which NUS may inform you of in writing from time to time.
WHO DOES NUS SHARE YOUR PERSONAL DATA WITH?
In order for NUS to offer services to you, we may have to disclose your personal data to third-parties in order for them to process it on our behalf. This may include the following categories of recipients:
- Our service providers – for example, suppliers who are in charge of running aspects of our websites, or HR service suppliers who manage our payroll;
- Our agents – who may be delivering parts of our services on our behalf; and
- Our affiliates or related companies – who may be delivering parts of our services on our behalf.
Some of these third-parties may be located outside of Singapore.
NUS will only disclose your personal data to third-parties where we are allowed to do so under data protection laws. More specifically, NUS will not disclose your personal data to any third-parties without your prior consent to do so, unless such disclosure is sanctioned under the PDPA exemptions.
When sharing your personal data with third-parties, NUS will always ensure that appropriate safeguards are in place to protect the security and confidentiality of your personal data when in the hands of such third-parties. Those safeguards will always comply with the minimum requirements set out in data protection laws.
REQUESTS FOR ACCESS, CORRECTION AND/OR WITHDRAWAL OF PERSONAL DATA
You may request to access and/or correct the personal data currently in our possession, or object to the collection, use and/or disclosure of your personal data in our possession or under our control, at any time by submitting your request to the NUS Data Protection Office.
For a request to access personal data, NUS will provide you with a copy of the relevant personal data within a reasonable amount of time from when the request is made.
For a request to correct personal data, NUS will process your request as soon as practicable after the request has been made. Such correction may involve necessary verification, which may include sending the corrected personal data to other organisations to which the personal data was disclosed by NUS within a year before the date the correction was made (unless that other organisation does not need the corrected personal data for any legal or business purpose), or if you so consent, only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made.
NUS may also charge a reasonable fee for the handling and processing of your requests to access and/or correct your personal data. You will be notified in advance of such costs.
For a request to object to the processing of your personal data by us, NUS will process your request within a reasonable time from when the request is made. Such requests may adversely impact your relationship with NUS or the quality of the services NUS delivers to you. NUS will notify you in advance of such impacts.
HOW DOES NUS PROTECT YOUR PERSONAL DATA?
NUS will take appropriate measures to keep your personal data accurate, complete and updated.
NUS will take precautions and preventive measures to ensure that your personal data is adequately protected and secured in accordance with data protection laws. Appropriate security arrangements will be made to prevent any unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration to or of your personal data.
NUS will also make reasonable efforts to ensure that the personal data in our possession or under our control is destroyed and/or anonymised as soon as it is reasonable to assume that:
(i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data;
(ii) retention is no longer necessary for any other legal or business purposes.
PERSONS LOCATED INSIDE THE EUROPEAN ECONOMIC AREA (“EEA”)
The European Union (“EU”) General Data Protection Regulation (“GDPR”) is a EU framework for data protection that came into force on 25 May 2018.
It applies to organisations processing and holding the personal information of data subjects residing in the EEA, regardless of where the organisation is located.
NUS is in the process of aligning our privacy framework and organisational practices with the GDPR and a University-wide enhancement programme is currently underway to further strengthen the way in which we protect your personal information.
If you are located inside the EEA, the provisions set out in Appendix 1 will also apply to your personal data.
UPDATES TO THIS PRIVACY NOTICE
As part of our efforts to ensure that NUS properly manages, protects and processes your personal data, we will be reviewing our policies, procedures and processes from time to time.
NUS may amend the terms of this Privacy Notice at its absolute discretion. Any amended Privacy Notice will be posted on our website, and we will notify you if NUS makes any significant changes to this Privacy Notice where required to do so under applicable laws.
We recommend that you revisit this Privacy Notice regularly.
NUS WEBSITES & SERVICES
(i) This Privacy Notice applies only to NUS services and websites.
(ii) If you are only browsing this website or using the Search function, we do not capture data that allows us to identify you individually.
(iii) This website automatically receives and records information on our server logs from your browser, including your IP address, cookie information, and the page(s) requested.
(iv) Although user sessions are tracked, the users remain anonymous.
(v) Our websites may contain links to other websites not maintained by NUS. Such third-party websites are subject to their own data protection and privacy practices and you are encouraged to examine the privacy notices of those websites.
(i) Cookies are small files created on your computer by websites that you visit. They are widely used in order to enable websites to function and perform more efficiently as well as provide information to the owners of the websites.
(ii) When you use and access our websites, we may collect information from you automatically through cookies or similar technology.
- enabling proper functionality of our website such as security, network management and accessibility
- providing analytics
- collecting information on website usage
- understanding, storing and/or managing your interests, concerns and preferences
- monitoring, processing and/or tracking your website usage in order to facilitate or manage your use of the Website, and/or to assist us in enhancing your browsing experience
(iv) While this cookie can tell us when you enter our sites and which pages you visit, it cannot read data off your hard disk.