Data Protection Policy

Privacy Policy – Shalom Reformed Baptist Church

1. Introduction

Shalom Reformed Baptist Church  (“the Church”) is committed to respecting and protecting the personal data of our members, regular attendees, visitors, volunteers, and staff. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore.

As a Christian church, we recognise that respecting personal information is part of our responsibility to love our neighbours with integrity, care, and accountability (Romans 13:7).

2. Scope of This Policy

This policy applies to all personal data in the Church’s possession or under its control, whether collected:

  • In person (e.g. membership forms, attendance records),
  • Electronically (e.g. website forms, emails, messaging platforms),
  • Through ministry activities, events, or pastoral care.

3. What Personal Data We Collect

The Church may collect personal data including, but not limited to:

  • Name, contact details (address, phone number, email)
  • Date of birth or age group (where relevant for ministry purposes)
  • Family and emergency contact information
  • Baptism, membership, and ministry involvement records
  • Attendance at services, classes, or events
  • Donation records (where applicable)
  • Images, audio, or video recordings taken during church services, events or CCTV-related records for security purposes
  • Pastoral information shared voluntarily for care and prayer

4. Purposes for Collection, Use, and Disclosure

The Church collects, uses, and discloses personal data for purposes including:

  • Church administration and communication
  • Membership and pastoral care
  • Operational planning of worship services, ministries, events and activities
  • Discipleship, teaching, and fellowship activities
  • Volunteer and ministry coordination
  • Compliance with legal and regulatory requirements
  • Financial administration and record-keeping
  • Interaction with non-members who have made enquiries with us
  • Publishing church materials (e.g. service recordings, event photos), where appropriate

We will not use personal data for purposes beyond what is reasonable and appropriate without obtaining consent, unless permitted or required by law.

5. Consent

By interacting with, submitting information to, or signing up for any organised activity offered by the Church,  you agree and consent to our collection, use, disclosure and sharing of your personal data for the purposes stated in our privacy policy.

Where required by the PDPA:

  • Consent will be obtained explicitly.
  • Individuals may withdraw consent by submitting a written request (see Section 10).

Please note that withdrawal of consent may affect our ability to provide certain ministries or services.

6. Disclosure of Personal Data

The Church does not sell personal data that we have collected in any form.

Personal data may be disclosed:

  • To church staff, elders, or ministry leaders on a need-to-know basis
  • To service providers engaged by the Church (e.g. IT, accounting), under confidentiality obligations
  • To government agencies or regulatory authorities, when required by law

7. Protection of Personal Data

The Church takes reasonable steps to protect personal data against:

  • Unauthorised access
  • Collection, use, or disclosure
  • Loss, misuse, or alteration

Safeguards include:

  • Restricted access to records
  • Password-protected digital systems
  • Secure storage of physical documents
  • Awareness and training for those handling personal data

8. Accuracy and Retention

The Church makes reasonable efforts to ensure personal data is accurate and complete when used.

Personal data will be retained only as long as necessary for the purposes stated, or as required by law, after which it will be securely disposed of or anonymised.

Certain historical records (e.g. baptism registers, membership rolls) may be retained indefinitely for archival and heritage purposes.

9. Access and Correction

In accordance with the PDPA, individuals may request:
• Access to their personal data held by the Church
• Correction of any inaccurate or incomplete personal data

Requests should be made in writing and may be subject to applicable legal limitations. Shalom Church will respond as soon as practicable.

10. Withdrawal of Consent

You may withdraw consent to the use or disclosure of your personal data by submitting a written request to the Church.

The Church will inform you of any implications associated with your withdrawal of consent before processing the withdrawal.

11. Use of Images, Audio, and Video

Services and events may be photographed, audio-recorded, or video-recorded for ministry and communication purposes (e.g. livestreams, recordings, church publications).

If you have concerns or wish to opt out where reasonably practicable, please inform our DPO accordingly.

12. Data Protection Officer (DPO)

In accordance with the PDPA, the Church has appointed a Data Protection Officer (DPO).

You may contact our DPO by writing to: dpo@shalomrb.org

13. Updates to This Policy

This Privacy Policy may be updated from time to time to reflect changes in alignment with legal requirements or church practices.

The latest version will be made available upon request or via our Church’s official communication channels.