Facebook Instagram YouTube Telegram Linkedin |

Data Protection Notice

Buddhist Compassion Relief Tzu-Chi Foundation (Singapore) (hereinafter “Tzu-Chi Foundation (Singapore)”, “we”, “us”, “our”) is committed to ensure that personal data is protected and managed in accordance with Singapore’s Personal Data Protection Act 2012 (“PDPA”). We collect, use and manage your personal data in order to offer individuals appropriate information on our initiatives, programmes and activities.


The security of your personal data is important to us. In compliance with PDPA, this Notice sets out how we collect, use, retain, and disclose your personal data.

In this Data Protection Notice, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

Under the Singapore Personal Data Protection Act (PDPA), Business Contact Information (e.g., name, company address, company telephone number) is not considered as personal data so long as it is used strictly for business-to-business (B2B) transactions.

Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include your name, contact information such as your address, email address or telephone number, nationality, gender, date of birth, marital status, photographs and other audio-visual information, employment information, education background, and information about your usage of and interaction with our website.

Other terms used in this Notice shall have the meanings given to them in the Singapore Personal Data Protection Act (where the context so permits).


We will obtain your consent before collecting, using and making disclosure of your personal data. After receiving written Withdrawal of Consent from you, we will stop the collection, use and disclosure of your personal data.

By voluntarily providing us your personal data, you are deemed to have given consent to this Notice and are agreeable to the collection, use, disclosure, and management of your personal data, unless we receive your written Withdrawal of Consent.

We may further disclose, share or transfer your personal data to our third party service providers, agents, affiliates or another organisation (and its downstream organisation), for the necessary conclusion or performance of the transaction.


When asking for your personal data, we will explain why we require the personal data and will only ask for the information we need.

We may collect your personal data in the following ways:

  1. Face to face contact
  2. Electronically through our websites and related social media platforms
  3. Social media messages or conversations
  4. Phone calls, voice or image recordings
  5. Whilst delivering and administering services at our establishments
  6. From forms and other types of correspondence (both in writing and electronically)
  7. When you become our donors and submit donations
  8. When you subscribe to our newsletters
  9. When you register for our programmes and activities
  10. When you participate in our programmes and activities
  11. When you submit your enquiry and volunteer application
  12. When you apply or another person or organisation applies on your behalf for our charity programmes
  13. When you register for our medical services
  14. When you submit your résumé for job applications
  15. When you contact us to share your stories


We may use your information for the following purposes:

  1. To update you on Tzu Chi Singapore’s latest initiatives and activities
  2. To contact you for programmes and activities which you have signed up for
  3. To facilitate the collection of donations, process donations and administer tax receipts for eligible donations
  4. To manage and administer your job application
  5. To manage and administer your application to become our volunteer
  6. To send newsletters which you have subscribed to
  7. To publish your stories, sharing, photos, video recordings on our official website, related social media platforms, and other promotional materials
  8. To manage and administer your applications, registrations, enquiries, feedback or complaints
  9. To comply with any requirements by law.

We will not use your personal data for purposes other than what we have informed you or which are permitted under laws and regulations.


We may disclose your data to the following third parties when such sharing is necessary to facilitate our programmes and activities:

  1. Clinics/hospitals/medical centres for medical assessment
  2. Charities/social workers for financial assistance assessment
  3. Insurance companies for insurance coverage
  4. Government agencies which require security clearance
  5. Travel agencies/Airlines for flight booking purposes
  6. Hotels/accommodation providers for room reservation purposes
  7. Partners assisting Tzu Chi Singapore with facilitation of logistics and activities

In compliance with any regulatory requirements, we may be required to disclose your information with government agencies and investigation bodies.

We may collect, disclose or use your personal data pursuant to an exception under the Personal Data Protection Act or other written law such as during the following situations:

  1. To respond to an emergency that threatens your life, health and safety or of another individual; and
  2. Necessary in the national interest, for any investigation or proceedings.

You have the right of choice regarding the collection, usage and/or disclosure of your personal data. If you choose not to provide us with the personal data described in this notice, we may not be able to perform our obligations as stated in this notice. You have the right to object to the processing of your personal data and withdraw your consent in the manner described below.

If you choose not to provide us with your personal data for the purposes listed above, you may submit a request in writing or via email to our Data Protection Officer at the contact details provided below or indicate in the personal data collection form submitted to us (if any). By choosing not to provide us with your personal data, depending on our relationship, we may not be able to provide services to you or process your job application. Depending on the complexity of the request and its impact to our relationship with you, we will not collect or, within 30 days of our receipt of your request, cease using and/or disclosing your personal data in accordance with your request.

The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

In the case where we receive unsolicited personal data via email or any other communication channels, the unsolicited personal data will not be retained and will be securely disposed of immediately.


To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we take reasonable steps to ensure the security of personal data we hold, only authorised personnel are permitted to access and use these details only a need-to-know basis. All electronic storage and transmission of personal data are protected with security technologies which comply with applicable security standards.

If there is a need to disclose your personal data to third parties in line with the purposes mentioned above, we will ensure that they provide sufficient guarantees to us to have implemented the necessary security measures to protect your personal data.

However, no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your personal data and are constantly reviewing and enhancing our information security measures. In the event of a personal data breach, we will endeavour to notify the affected parties within five (5) business days from when we become aware of the breach.


We will retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required for legal or business purposes. Any personal data which are no longer needed for legal or business purposes will be destroyed or anonymised according to our policy.


Subject to applicable laws and regulations, you or your authorised representative may at any time, give us reasonable written notice, to request for access to, to request for a copy of and to request to update or correct your personal data held by us. You may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.

We will respond to your request as soon as reasonably possible. Before we accede to your access or correction request, we may need to verify your identity by checking identification document, and the legitimacy of your request. Should we not be able to respond to your request within thirty (30) days after receiving your request in writing (including both electronic and non-electronic methods), we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

If your request relates to personal data which we are processing on behalf of another organisation, we will instead forward your request to the relevant organisation for their necessary action.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

We will make every reasonable effort to ensure that personal data collected by us or on our behalf is accurate and complete. All personal data provided by you shall be deemed as accurate and complete, and that none of it is misleading or obsolete. You will promptly update us in writing in the event of any change to your personal data.

Address to: Data Protection Officer
Postal Address: Buddhist Compassion Relief Tzu-Chi Foundation (Singapore)
9 Elias Road, Singapore 519937
Contact No. : +65 6582 9958
Email Address: dpo@tzuchi.org.sg



If you would like to withdraw your consent to any use of your personal data as set out in this Notice, please send a written request to us.

Please note that upon the receipt of your withdrawal request, we will stop collecting, using, disclosing or processing your personal data. However, we will be retaining your personal data as required by applicable laws. We will cease to retain your personal data as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving. Should we require more time to give effect to a withdrawal notice, we will inform you of the time frame by which the withdrawal of consent will take effect.

Please take note that the withdrawal of your consent may mean that we will no longer be able to liaise with you. Withdrawing consent also does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.


Unless for charity-related needs, we generally do not transfer your personal data to other jurisdictions. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA, including entering into an agreement with the receiving party to accord similar levels of data protection as those in Singapore.


Please write to us if you:

i. have any enquiries or feedback relating to your personal data or this Notice; or
ii. have identified or discovered a data breach. We endeavour to protect your personal data and contain the breach.

In the event a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we shall promptly assess the impact and if appropriate, report this breach within three (3) calendar days to the Personal Data Protection Commission (PDPC). We will notify you when the data breach is likely to result in significant harm to you after our notification to PDPC. We may also notify other relevant regulatory agencies, where required. If we are a Data Intermediary, we shall inform the Data Controller immediately of any data breach so they can promptly assess the impact and comply with their data breach notification obligation.


This site may use cookie and tracking technology. If you do not want cookies to be used, please disable them via your browser settings.


We reserve the right, at our sole discretion, to make changes to the Data Protection Notice, at any time. Any changes to this Notice will be posted. Continued use of our services and website following the posting of changes to this Notice shall constitute your consent to such changes.


Last updated in January 2024