Privacy Policy

GF-OP-003 Privacy Policy (09-2022)


Thank You for visiting the Giving Fridays (“We”, “Us”, “Our”) website ( This privacy shall explain in detail the manner and way in which we may collect, use, disclose or otherwise process the personal data of our users (“Donors”, “Recipients”, “You”, “Your”) in accordance with the Personal Data Protection Act (“PDPA”), and all other legislations and regulations applicable domestically and globally. This Policy applies to personal data in our custody or under our control, including personal data in the possession of organizations which we have employed to collect, use, disclose or process personal data for our purposes. This Policy supplements, but does not supersede, any prior consents you may have given us. We may revise this Policy from time to time to ensure that it reflects our future developments, industry trends, and/or changes in legal or regulatory requirements. We highly recommend that you keep visiting this space for any further developments to this policy.

Your Personal Data

In this Policy and under the PDPA, “Personal Data” refers to any data or information (whether true or false) about you that enables you to be identified, either (i) directly from the data; or (ii) indirectly through the data and other information to which we have or are likely to have access. Among the types of Personal Data that we may collect are the following:

  1. Your name, identification number and document(s), telephone number(s), mailing address, email address, NRIC and any other information related to you which you provided to us into via any form of interaction with us; and
  2. Your usage and engagement with our websites, mobile applications, and/or services, including your computer and connection information, bandwidth usage, page view statistics, and traffic to and from our websites and mobile applications.

All your Personal Data is stored in our cloud based system. All such information shared with other users registered on the platform shall be exchanged pursuant to your consent to the applicable notices and disclaimers.

Our Platform also allows certain users (Recipients) to download other users’ information for donation receipt and tax deduction purposes. Such information shall be extracted in CSV format and once received shall remain the users’ responsibility, including such compliance as is required under the PDPA and other compliance requirements.

Other terms used in this policy shall have the same meanings as is accorded to them in the PDPA to the extent that the context permits.

Our basis of collecting your personal data?

We generally do not collect personal data about you unless (a) you voluntarily provide it to us by agreeing to access our website or provide it to us through a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) and (ii) you (or your authorised representative) have been informed of the purpose for which the data is being collected through applicable disclosures and disclaimers and (ii) you (or your authorised representative) have provided us with written consent to the collection and use of your personal data. We will obtain your approval prior to collecting new personal data or using your personal data for a purpose not previously disclosed to you (except where permitted or authorised by law). All our data collection and for the purposes for which it is collected is done in a lawful manner and under strict adherence to the PDPA and any other applicable laws. We also collect personal data by way of cookies that we have installed on our website. For a better understanding, you may refer to our cookie policy (“Use of Cookies”) below.

We will use reasonable efforts to ensure the accuracy and completeness of the Personal Data we collect. Please assist us by ensuring that any Personal Data submitted is correct and full. You may notify us of any changes to the Personal Data you have supplied to us by emailing our staff. We will promptly correct or complete your Personal Data. We shall not be liable for relying on inaccurate or incomplete Personal Data as a result of your failure to keep us updated on any changes to the Personal Data you initially provided us with. Incomplete, accurate, untruthful, and incorrect information may result in our inability to provide you with requested services and/or process essential administration.

Why we collect your personal data?

We may collect and also use your personal data for any or all of the following purposes:

  1. complying with responsibilities incurred during or in connection with our supply of the services requested by you, including the execution of Donations or recurring Donations;
  2. verifying your identity;
  3. responding to, processing, and managing your inquiries, requests, applications, complaints, and feedback;
  4. managing your relationship with us;
  5. processing payment or credit transactions;
  6. giving you information about our services, such as notices about upcoming events, initiatives, and promotions;
  7. complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or assisting in law enforcement and/or regulatory authority investigations;
  8. any other purposes for which you have provided the information;
  9. transferring to unaffiliated third parties, such as our third-party service providers and agents, as well as to relevant governmental and/or regulatory authorities, whether in Singapore or elsewhere, for the aforementioned reasons; and
  10. any other incidental business purposes related to or in connection with the above.

Under which conditions will we disclose your personal data?

We may disclose your personal data:

  1. Where such disclosure is necessary to carry out our obligations during or in connection with the provision of the goods or services requested by you;
  2. Any liquidator, receiver, official assignee/trustee, judicial manager, or other person appointed under or pursuant to any applicable law or court order in connection with any individual, company, or business’s bankruptcy, liquidation, winding up, judicial management, or any other equivalent process;
  3. Professional adviser such as auditors or lawyers;
  4. To third party service providers, agents, employees and other related parties to perform any of the functions listed above. Please note that all such recipients are bound by a strict clause of confidentiality and are provided access to your personal data only on a “need to know” basis;
  5. For Tax deduction purposes;
  6. To adhere to an order of any court, tribunal, regulatory authority or an enforcement agency; and
  7. Any other body that you may authorise us.


Withdraw your consent

The consent you offer for the collection, use, and dissemination of your personal data is valid until you revoke it and inform us in writing. You may revoke your consent and request that we cease using and/or disclosing your personal data for any or all of the above-mentioned purposes by making a written or email request on our address

We may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) to process your written request to withdraw your consent and to notify you of the consequences of our doing so, including any legal consequences that may affect your rights and liabilities to us. Generally, we will respond to your request within fifteen (15) business days after receipt of the same.

Please keep in mind that if you withdraw your permission to the collection, use, and/or disclosure of your Personal Data, we may be unable to continue providing our services or meeting our contractual obligations to you, depending on the nature of your request. Additionally, such withdrawal may also result in the termination of any agreements or arrangements you have with us. In such a scenario, our legal rights and remedies are expressly retained. Please note that withdrawing consent does not impact our right to continue collecting, using, and disclosing personal data without your consent to the extent that such collection, use, and disclosure without consent are permitted or required by applicable law.

Access to your Personal Data

If you wish to submit an access request to obtain a copy of the personal data we possess about you or information on how we use or disclose your personal data, or a correction request to correct or update any of your personal data that we keep about you, you may do so in writing or through email by sending us an email on

We will respond to your inquiry as quickly as possible. If we are unable to respond to your request within thirty (30) days of receipt, we will notify you in writing within thirty (30) days of the estimated time of response. If we are unable to supply you with requested personal data or make requested corrections, we will normally tell you of the reason for our inability to do so (except where we are not required to do so under the PDPA).

How we protect your personal data?

To protect your personal data from unauthorised access, collection, use, disclosure, copying, modification, or disposal, as well as other risks, we have implemented appropriate administrative, physical, and technical safeguards such as up-to-date antivirus protection, encryption, and the use of privacy filters to secure all personal data stored and transmitted by us, as well as disclosing personal data only to our authorised third-party service providers and agents.

However, you should be aware, that no mode of electronic transmission or storage is totally secure. While we cannot guarantee security, we make every effort to safeguard your information and are always analysing and improving our information security methods.

For how long do we retain your personal data?

We will retain your personal data for as long as necessary to accomplish the purpose for which it was collected, or as required or permitted by relevant laws.

We will stop retaining your personal data, or the mechanisms by which the data can be connected with you, as soon as it is reasonable to infer that such retention is no longer necessary for the purpose for which the personal data was acquired or for legal or business purposes.

Use of Cookies

We may collect and analyse aggregated data that does not identify individual users (“Aggregate Information”), such as the number of users and their frequency of use, the number of page views (or page impressions) on our websites/applications, and the most frequently used entry and exit points to our websites/applications.

When you visit our website or use our mobile applications, we utilise “cookies,” which are little data files that are delivered to your browser to record and track Aggregate Information about you. The cookie is used to track information about users, such as their number, frequency of use, user profiles, and preferred websites. The Aggregate Information collected enables us to analyse how our websites/applications are used and to improve our websites, mobile applications, and services.

You can disable the cookies by changing your browser settings.

Third Party Sites

For your convenience and information, our website may contain links to other websites and maintained by third parties. You acknowledge that you are using these websites and applications at your own risk. To the fullest extent permissible by law, we disclaim responsibility for the acts, omissions, data policies, or cookie usage of third parties, as well as the content or security of third-party websites and applications, even if they are linked to our websites and applications. We recommend that you review the third party’s applicable data protection policy to see how the third party will treat any information they gather from you. Any liability in this regard is clearly disclaimed and excluded.

Transfer of Personal Data outside Singapore

By and large, we do not transfer your personal data outside of Singapore. If we do so, we will get your consent and take steps to guarantee that your personal data continues to be protected to a level at least comparable to that given under the PDPA.

If you have any questions or feedback related to this Policy, please feel free to send us an email at:

Data Protection Officer

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

Hairmann Hayak

Data Protection Officer

Effect of Notice and changes to Notice

This Notice applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.

We may revise this Notice from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.

Last updated: 21 Sep 2022