Sync is a Government Agency digital service.
We may use “cookies”, where a small data file is sent to your browser to store and track information about you when you enter our websites. The cookie is used to track information such as the number of users and their frequency of use, profiles of users and their preferred sites. While this cookie can tell us when you enter our sites and which pages you visit, it cannot read data off your hard disk.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
To safeguard your Personal Data, all electronic storage and transmission of Personal Data is secured with appropriate security technologies.
This site may contain links to non-Government sites whose data protection and privacy practices may differ from ours. We are not responsible for the content and privacy practices of these other websites and encourage you to consult the privacy notices of those sites.
SCOPE AND SHARING OF DATA
Sync is a service that helps to share your Covid-19 Vaccination Status, ART and PCR Test Records with non-government entities of your choosing. When you use sync, you consent to your Covid-19 vaccination status and test records of up to 2 weeks prior to your date of using Sync to be shared with the non-government entities of your choice. Please note that:
We may share necessary data with other Government agencies, so as to serve you in the most efficient and effective way unless such sharing is prohibited by law.
Your consent will be sought before your data is shared with non-government entities. Detailed specifications can be found in our data protection notice for third parties.
For your convenience, we may also display to you your vaccination status and test records of up to 2 weeks prior to your date of using Sync. This will speed up the transaction and save you the trouble of repeating previous submissions. Should the data be out-of-date, please supply us the latest data.
- Please contact 1800 211 0777 or [email protected] if you:
(a) have any enquires or feedback on our data protection policies and procedures, (b) need more information on or access to data which you have provided to us in the past.
DATA PROTECTION NOTICE FOR NON-GOVERNMENT ENTITIES
This Data Protection Notice (“Notice”) sets out the basis which all non-government entities (“they”, “their”, “them”) listed as on Sync may collect, use, disclose or otherwise process personal data of users in accordance with the Personal Data Protection Act (“PDPA”).
The PDPA is not applicable to Government agencies or entities.
This Notice applies to personal data in their possession or under their control, which upon consent given by the user, has been shared with them through Sync, including personal data in the possession of organisations which they have engaged to collect, use, disclose or process personal data for their purposes.
- As used in this Notice:
“Sync” is a Government Agency Digital Service;
“user” means an individual who (a) has used Sync by logging in through SingPass/sgID for the purposes of using the services provided by Sync;
“personal data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Examples of personal data which Sync may collect from you include your name and identification information such as your NRIC number, contact information such as your address, email address or telephone number, nationality, gender, date of birth,photographs and other audio-visual information, and health and medical records including but not limited to your Covid-19 vaccination status, Covid-19 Antigen Rapid Test and Polymerase Chain Reaction test results.
Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).
COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
- Sync may disclose your personal data to non-government entities:
(a) where such disclosure is required for performing obligations in the course of or in connection to the services requested by the user; or
(b) to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in clause 5 above for us.
- Non-Government entities may collect and use your personal data for any or all of the following purposes: performing obligations in the course of or in connection with our provision of the goods and/or services requested by you; verifying your identity; responding to, handling, and processing queries, requests, applications, complaints and feedback from you; complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority; any other purposes for which you have provided the information;
Sync will not share your personal data with non-government entities unless (a) consent is provided to us voluntarily by you directly to the collection and usage of your personal data, and (b) the use and sharing of your data will be limited to the specific use-case that is listed when you are prompted to share data with non-government entities via Sync, or (c) collection and use of personal data without consent is permitted or required by the PDPA or other laws.
Non-Government entities shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
WITHDRAWING YOUR CONSENT
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you. You may withdraw consent and request non-government entities to stop using and/or disclosing your personal data for any or all of the purposes listed above by toggling the data sharing option in the Sync interface.
Upon receipt of your request to withdraw your consent, non-government agencies may require reasonable time for your request to be processed and for them to notify you of the consequences of them acceding to the same, including any legal consequences which may affect your rights and liabilities to them. In general, they shall seek to process your request within ten (10) business days of receiving it.
Whilst they respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, they may not be in a position to continue providing their goods or services to you. Should you decide to cancel your withdrawal of consent, please inform them in the manner described in clause 8 above.
Please note that withdrawing consent does not affect their right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws.
PROTECTION OF PERSONAL DATA
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, Sync has introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by Sync, and disclosing personal data both internally and to non-government entities only when consent is given by you.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, Sync strives to protect the security of your information and are constantly reviewing and enhancing our information security measures.
ACCURACY OF PERSONAL DATA
Non-Government entities rely on personal data provided by you (or your authorised representative, medical service provider,or government agencies). In order to ensure that your personal data is current, complete and accurate, please update them if there are changes to your personal data.
RETENTION OF PERSONAL DATA
Non-Government entities may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
Non-Government Entities will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
DATA PROTECTION OFFICER
You may contact the Data Protection Officer of the relevant non-government entities if you have any enquiries or feedback on their personal data protection policies and procedures, or if you wish to make any request. Please contact the relevant non-government entity directly for details of how to contact their Data Protection Officer.
EFFECT OF NOTICE AND CHANGES TO NOTICE
This Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by them.
Sync may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of Sync constitutes your acknowledgement and acceptance of such changes.
ACKNOWLEDGEMENT AND CONSENT
By using Sync, you acknowledge that you have read and understood the above Data Protection Notice, and consent to the collection, use and disclosure of my personal data by the selected non-government entities for the purposes set out in the Notice.
You authorise the sharing of your data records from the date of providing consent via sync.