A- A A+
Home > About TTSH > TTSH Community Fund > Our Corporate Governance

​​​​​​​​​​Data Protection Privacy Notice​​

At TTSH Community Fund, we take your privacy seriously.

When dealing with your personal information we observe our obligations under the Personal Data Protection Act (“PDPA”). This policy sets out how we collect, use, disclose or process your personal data in accordance with the PDPA.

This Notice applies to all individuals whose personal data is in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.​

'Personal data’ means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

The types of personal data we collect from you includes, but is not limited to, the following:

  • Contact details (i.e. your name, address, telephone numbers, email);
  • Identification information such as NRIC/FIN number;
  • Demographics (nationality, gender, date of birth, marital status);
  • Donation history;
  • Correspondence history (i.e. letters, emails)
  • Photographs and other audio-visual information taken at events/interviews; and
  • Credit/debit card numbers or bank account information.

TTSH Community Fund is the charity arm of Tan Tock Seng Hospital.

We run over 100 patient-centred programmes, which includes providing financial assistance to needy patients​, as well as supporting research, innovation, training and community projects to improve patient care.

We collect, use and disclose your personal data for the following purposes:

  • Processing beneficiaries' applications;
  • Processing grant applications for healthcare innovation, research and training;
  • Donor and donation management;
  • Regulatory requirements;
  • Verification of identity;
  • Business and internal administrative purposes;
  • Any other business for which we have obtained your consent for.

We generally do not collect your personal data unless:

  1. It is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us, or
  2. Collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for purpose(s) for which you have not been notified (except where permitted or required by law).

​We collect personal data about our beneficiaries (patients/clients/grantees) supporters, donors, fundraisers, volunteers, participants/visitors to our events. We collect your personal data in the following ways:

  • Application forms and other correspondence (both in writing and electronically);donation forms and other correspondence (both in writing and electronically);
  • Event registration forms and other correspondence (both in writing and electronically);
  • Emails and other electronic mediums e.g. website, social media;
  • Face to face;
  • Phone calls;

  • Voice or image recordings; and

  • Request for information from departments related to our charity work.

If you are providing the personal data of another individual (e.g. family member), you confirm that you have obtained that individual’s consent for TTSH Community Fund to collect, use and disclose his/her personal data in accordance to our charity’s PDPA policy, and/or you validly give us such consent on his/her behalf (e.g. as a parent / guardian).

We will not disclose your personal data to affiliates or third parties without your consent. We only use your personal and sensitive information for the purpose(s) for which it was collected, or as otherwise permitted by PDPA or other laws.

The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing.

You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing, filling in the online request form or emailing to

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request) to process your request and notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall process your request within 10 working days of receiving it.

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.

You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing, filling in the online request form or emailing to if you wish to make:

  • An access request for access to
    • A copy of the personal data which we hold about you or
    • Information about the ways in which we use or disclose your personal data
  • A correction request to correct or update any of the personal data which we hold about you.

We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within 10 working days after receiving your request, we will inform you in writing on the estimated timeframe by which we will be able to respond to your request. 

If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA). We may also request for more information from you for verification purposes.

To safeguard your personal data from unauthorised access, collection, use, disclosure, copy, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures.

This includes antivirus protection and password protections of documents to secure documents containing personal data. We disclose personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis. Only authorised personnel are permitted to access these details. It is our policy to destroy personal data once there is no longer a legal or business need for us to retain it.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your personal data and are constantly reviewing and enhancing our security measures.

In the event of a personal data breach, we will endeavour to notify the affected parties within five working days from when we become aware of the breach.

We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing us in writing, filling in the online request form or emailing us at

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

We generally do not transfer your personal data to countries outside of Singapore. In the event that overseas transfer has to be made, TTSH Community Fund will ensure that there are proper safeguards in place.

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any requests.

Contact details

Eunice Toh
Data Protection Officer, TTSH Community Fund
Tel: +65 6357 2491 | Email:

We may revise this Notice from time to time without any prior notice.


​​​​Whistl​e-blowing Policy​​

​TTSH Community Fund adopts NHG's whistle-blowing policy which sets out a whistleblowing framework for reporting concerns on actual or suspected wrongdoings, misconduct, and negligent or improper activities for investigation and corrective actions. The policy covers the whistleblowing guidelines and processes (including investigation and reporting), confidentiality and protection of whistle-blowers. If you observe or have reason to suspect any TTSH Community Fund’s employees and/or its partners engaged in any wrong-doings, we strongly encourage you to raise your concerns:​

Website Email​ Tel: 1800 492 2363

Anti-money Laundering Policy

TTSH Community Fund does not support money laundering activities and is committed to implementing internal controls to counter such activities. The anti-money laundering policy seeks to provide information and guidance on the money laundering risks arising in relation to TTSH Community Fund’s activities, establish due diligence procedures, and allow staff to recognise and deal with any potential money laundering issues if they arose.

Individuals working for TTSH Community Fund whether on paid or voluntary basis are required to:​​

  • Attend anti-money laundering training
  • Be vigilant about warning signs / red flags
  • Be committed to strong financial accountability
  • Perform due diligence when receiving new donations
  • Report suspicious transactions to the authorities​​

Last Updated on