Privacy Policy

Tembusu Institute Privacy policy

1. Introduction

“Personal Data” is defined under the PDPA to mean personal information, whether true or not and whether in electronic or other form, about an individual who can be identified:

  • From that data; or
  • From that data and other information to which Tembusu Institute has access to or are likely to have access to

Examples of personal data includes name, address, NRIC/FIN/Passport number, photograph or video image, telephone numbers and email addresses.

To find out more about PDPA, the potential student may visit the Singapore Personal Data Protection Commission’s website.

2. Purposes for Collection, Use & Disclosure of Personal Data

Depending on the relationship with Tembusu Institute (e.g. as an applicant, student, alumni of Tembusu Institute, staff, academic staff, donor, vendor, service provider, parents, guardians, recruitment agents and / or any other person relating to the organization), the personal data, photographic images, videos, etc., which is provided by the individual may be collected, used and/or disclosed for the following purposes:

  • Evaluating suitability for admission or employment, enrolling or employing, providing educational courses and training, including sending materials on course / study / assignment / course materials, information on timetables and examination details via postal mail, electronic mail, SMS or MMS, fax and/or voice calls;
  • Administering and/or managing relationships with Tembusu Institute (including responding to enquiries, the mailing of correspondence, statements or notices which could involve the disclosure of certain personal data to bring about delivery of the same);
  • Assessing, monitoring and reporting on individual student performance, attendance and disciplinary records;
  • Supporting students’ learning through curricular and extra-curricular activities including but not limited to outdoor trips and inter-Institute competitions;
  • Providing pastoral care and counseling where appropriate;
  • Providing healthcare and wellness services;
  • Application of student passes where appropriate;
  • Application for Ministry of Education approval for Singapore Citizens and Permanent Residents;
  • Facilitating payment for goods and/or services provided by Tembusu Institute and/or a third party on Tembusu Institute’s behalf including verification of bank and credit card details with third parties and using the Personal Data provided to conduct matching procedures against databases of known fraudulent transactions (maintained by us or third parties);
  • Responding to any complaints, feedback, requests and enquiries by student / parents / guardians;
  • Disclosing student records to parent(s) or guardian(s) at their request.
  • Informing student / parents / guardians/ related parties of events, talks, seminars and updates;
  • Maintaining and updating student, alumni, and academic staff records;
  • Generating financial, regulatory, management or survey reports and statistics for Tembusu Institute’s business and administrative purposes;
  • Promoting Tembusu Institute to prospective students, including but not limited to the institute’s prospectus, magazine and website;
  • Sending promotional and marketing information by post, email and SMS about the institute, activities and events as well as carefully selected third parties;
  • Taking of photographs and/or videos (whether by Tembusu Institute staff or third party photographers and/or videographers) during events or seminars organised by Tembusu Institute or its affiliates for publicity purposes;
  • Engaging alumni including but not limited to notification on Tembusu Institute and alumni- related initiatives and activities, invitation to Tembusu Institute and alumni-related events, updating of alumni information, invitation to participate in alumni surveys and sending of communication collaterals;
  • Processing applications for and administering local and overseas career related activities, events, programmes, internships, employment opportunities, and career coaching, and sharing information with companies (whether local or overseas) for purposes of recruitment, internship, industrial attachment, job placement and research support;
  • Meeting or complying with Tembusu Institute’s internal policies and processes / procedures and any applicable laws, rules, regulations, codes of practice or guidelines, orders or requests issued by any court, legal or regulatory bodies (including but not limited to disclosures to regulatory bodies, conducting audit checks, surveillance and investigation);
  • Carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations or risk management procedures that may be required by law or put in place by Tembusu Institute, including the obtaining of references and/or other information from prior educational institutions and employers;
  • Preventing, detecting and investigating crime, offences or breaches including that related to the security of Tembusu Institute’s premises (including but not limited to the use of security cameras);
  • Conducting checks with the DO NOT CALL Registry;
  • Purposes, which are reasonably related to the above.

By providing the Personal Data, including those related to a third party (e.g.:- information of the student’s parents) through the various channels (e.g.:- written form, webpage, email, etc.), he/ she represent and warrant that consent, including that of the third party, has been obtained for collection, use and disclosure of the Personal Data for the respective purposes. In the event the personal data is to be used for a new purpose, Tembusu Institute will notify and seek their consent.

Tembusu Institute ensures that Personal Data held by the organisation shall be kept confidential. When transferring personal data to third party service providers, agents and/or affiliates or related corporations whether in Singapore or elsewhere in order to carry out one or more of the purposes listed above, Tembusu Institute requires them to ensure that the Personal Data disclosed is kept confidential and secure.

SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

Tembusu Institute respects the confidentiality of the personal data provided.

In that regard, Tembusu Institute will not disclose any of the student’s personal data to any third party (unless otherwise for the purposes stated above) without first obtaining expressed consent. However, Tembusu Institute may disclose personal data to third parties without first obtaining the student’s consent in certain situations, including, without limitation, the following:

  • The disclosure is required based on the applicable laws and/or regulations;
  • The purpose of such disclosure is clearly in the student’s interests and consent cannot be obtained in a timely way;
  • The disclosure is necessary to respond to an emergency that threatens the life, health or safety of the student or another individual;
  • There are reasonable grounds to believe that the health or safety of the student or another individual will be seriously affected and consent for the disclosure of the data cannot be obtained in a timely way, provided that Tembusu Institute shall, as soon as may be practicable, notify the student of the disclosure and the purposes of the disclosure;
  • The disclosure is necessary for any investigation or proceedings;
  • The personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer; and/or
  • The disclosure is to a public agency and such disclosure is necessary in the public interest.

The instances listed above are not intended to be exhaustive. For an exhaustive list of exceptions, students are encouraged to peruse the PDPA, which is publicly available at http://statutes.agc.gov.sg.

Withdrawal of Consent :

Students may withdraw their consent to any or all use of Personal Data for any or all of the purposes set out in this policy in writing and submitting through the DPO. If students withdraw their consent to the use of their Personal Data for any or all purposes, and depending on the nature of request, Tembusu Institute may not be in a position to continue providing services to students or administer any contractual relationship in place, in which case Tembusu Institute reserves the right to cease providing the services and/or terminate the contractual relationship.

Without prejudice to the foregoing, students should agree and acknowledge that any withdrawal of consents in accordance with the terms set out will not affect any consent which was provided to Tembusu Institute in respect of the use of their Singapore telephone number(s) for the receiving of marketing or promotional information.

Administration & Management of Personal Data :

As Tembusu Institute relies on the Personal Data to provide services, students should ensure that the information provided are correct, accurate and complete. Students will update Tembusu Institute in a timely manner of all changes through the relevant form from the Staff Office. Alumni and Stakeholders shall update their Personal Data to relevant departments as and when necessary or through the annual update.

Tembusu Institute has implemented a variety of security measures to maintain the safety of your personal information. Tembusu Institute offers the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.

Students can view their personal data, which Tembusu Institute has collected and stored at any time. In order to do so, they will need to submit in writing to the DPO’s email or Staff Office (for student) for access. The right to view personal data is limited to the individual’s personal data only. Tembusu Institute is not permitted to reveal any personal data about any other individual. Tembusu Institute reserves the right to refuse access to the individual’s personal data if it will reveal or lead to the revelation of another individual’s personal data, cause harm to you or another individual or is contrary to the national interest.

TLS (Transport Layer Security). eNETS payment page is TLS-secured

Users may rest assured that their personal information and data will only be kept for as long as is necessary to fulfil the purpose for which such personal information and data are collected. Regarding sensitive information, such as credit card numbers entered on Tembusu Institute website /or Enrolment Form, Tembusu Institute encrypts such information using secure socket layer technology (SSL). Tembusu Institute also uses a third party service provider to facilitate these electronic transactions on the Website.

Student’s Personal Data is retained for the purpose of which it was collected and/or for other legal/business purposes where applicable.

Tembusu Institute will take commercially reasonable efforts to take appropriate precautions and preventive measures to ensure that the electronic storage and transmission of personal data is adequately protected and secured with the appropriate security arrangements and that our data intermediary are aware of the requirements of PDPA. Tembusu Institute cannot assume responsibility for any unauthorized use of personal data by third parties, which are wholly attributable to factors beyond Tembusu Institute’s control.

If students have any feedback or enquiries relating to Tembusu Institute’s PDPA related policies and procedures or would like to obtain access and make corrections to their personal data, they can contact the Data Protection Officer (DPO*), that is the Senior Manager for Sales and Marketing.

Address (1) Central Plaza #14-06, 298 Tiong Bahru Road, Singapore 168730
(2) Thye Hong Centre #02-09, 2 Leng Kee Road, Singapore 159086
Telephone 65-6011-8066
Email enquiry@tembusuinstitute.edu.sg

Tembusu Institute reserves the right to amend this Policy with or without notice from time to time.

3. Information Collected Through the Tembusu Mobile App  (Tembusu Student, Tembusu Trainer)

In addition to the Personal Data described in the main PDPA policy, the Tembusu Student mobile application collects the following information for operational, authentication, and service-related purposes:

Personal Information Provided by Users

  • Student name
  • Identification details used during enrollment
  • Contact information (email, mobile number)
  • Any information required during onboarding or form submissions within the app

Permissions Used by the App and Their Purpose

The Tembusu mobile app requests the following device permissions:

  • Location Access, used to verify attendance or presence for on-site activities (e.g., classes or training sessions)
  • Photo / Media Access Used to allow students or trainers to upload required documents like medical certificates/qualification certificates within the app.
  • The app does not access or store photos without explicit user action.

Third-Party Services and Data Sharing

The app integrates with trusted third-party providers as part of its core functionality. These providers may collect or process data only as necessary to perform their services:

  • SingPass Login (Authentication)
  • Used for secure identity verification for students and trainers in Singapore
  • SingPass may collect or process identity data strictly for authentication.

Stripe (Payment Processing)

  • Used to process tuition or service-related payments.
  • Stripe may collect payment card details, transaction information, billing information Tembusu Institute does NOT store full payment card details.

Trengo (Chatbot & Customer Support)

  • Used to provide in-app assistance and respond to student or trainer queries.
  • Trengo will collect: Name, Email, Mobile number, Chat messages, metadata related to support interactions
  • All third-party services comply with PDPA and employ their own security measures.

How We Use Data Collected Through the App

Data collected through the Tembusu Student app is used for:

  • Student identity verification
  • Course enrollment and management
  • Payment processing
  • Communicating important updates and notifications
  • Customer support through the chatbot
  • Location-based attendance or activity verification
  • App performance monitoring and troubleshooting
  • Enhancing user experience

The app does not sell or transfer personal data for advertising or unrelated marketing purposes.

Children’s Privacy

The Tembusu Mobile app is intended for adult learners, students, and trainers associated with Tembusu Institute.

It is not designed for children under the age of 13, and the Institute does not knowingly collect personal data from children below this age.

User Rights (Access, Correction, and Deletion)

Users of the Tembusu Student app have the right to:

  • Access Their Data: Users may request access to the personal data collected within the app by contacting the Data Protection Officer (DPO).
  • Correct Their Data: If any app-related personal information is incomplete or inaccurate, users may request corrections through the DPO or login to the student app to make the changes.
  • Delete Their Data: Requests for deletion of data collected through the app may be submitted to the DPO via email.

Deletion requests will be evaluated based on:
Legal retention requirements
-Operational needs (e.g., academic records)
-Regulatory obligations (e.g., payment receipts)
-Where deletion is permissible, Tembusu Institute will delete or anonymize the data within a reasonable timeframe.

Security of Data Collected via the App

Tembusu Institute takes reasonable administrative, technical, and physical measures to safeguard personal data collected through the mobile app, including:

  • Encrypted communication (HTTPS/TLS)
  • Access controls for sensitive information
  • Secure authentication via SingPass
  • Protection against unauthorized access, disclosure, and alteration
  • Payment information handled by Stripe is processed according to PCI-DSS security standards.

Updates to the App Privacy Section

Tembusu Institute may update these app-specific privacy provisions as required to comply with legal, regulatory, or operational changes. All updates will be posted within the privacy policy.

View the privacy policy for section 3

Notice to Students

Please note that this Policy does not derogate from the terms and conditions governing your relationship with Tembusu Institute and its related corporations. Tembusu Institute’s rights under this Policy shall be without prejudice to other rights of collection, use and disclosure available pursuant to the terms and conditions or under the law and nothing herein is to be construed as limiting any of these other rights.