Data Protection Policy

Data Protection Policy

Mountbatten Vocational School (MVS) respects the right of individuals to protect one’s own personal data.  This data protection policy gives individuals information about how the school collect, use and disclose personal data while recognising people’s right to protect personal data and the organisation’s need to collect, use or disclose it for purposes believed to be reasonable and appropriate in the circumstances of the programmes that are provided to students.

It applies to the personal data of all individuals who are clients (or parents or guardians of students), donors, employees, including volunteers, and online users of the website at

What Counts as Personal Data?

Personal data is information which can be used to identify a person.

Examples of such Personal Data provided include (depending on the nature of interaction) name, NRIC, passport or other identification number, telephone number(s), mailing address, email address and any other information relating to any individuals which have provided in any forms submitted to MVS or via other forms of interaction.

Consent Obligation

We obtain consent from an individual before collecting, using or disclosing their personal data. The individual’s consent is only valid when:

  • They are notified of the purposes for which their personal data will be collected, used or disclosed
  • They provided consent to those purposes

Objectives for collection, usage and disclosing of personal data

Personal data is collected from or about students, parents and guardians of students, donors, employees and other individuals.  Personal data is utilized so that the school is able to provide programmes (which are described on the website) efficiently and effectively and also for MVS’ mandatory compliance with legal obligations.

Collection, use and disclosure of personal data

  1. When persons submit application form or registration form, or other forms relating to any of MVS’ programmes, services or events
  2. When one enters into any agreement or provides other documentation or information with respect to interactions with MVS, or when one uses services or participates in events.
  3. When MVS receives references from partners and third parties, for example, where one has been referred by them.
  4. When MVS seeks information from third parties about persons in connection with the services one has applied for.
  5. Communication in regards to enquiries, and/or sending marketing, and promotional information and materials relating to programmes; events; and/or services.
  6. Administrative matters on purchases of MVS’ products and services, managing your membership and/or processing your sign-ups/registrations/booking/reservation
  7. Conducting market research and customer satisfaction surveys; and
  8. Any other purposes that we notify individuals of at the time of obtaining your consent.

If at any time anyone would prefer not to provide some personal data that is requested, please inform MVS. MVS will then explain the purposes for collecting that personal data.  If one still does not wish to provide it will be discussed whether or not the school can proceed without it.

MVS is permitted by the PDPA to collect, use or disclose personal data about individuals without consent in various circumstances that include the following:

  1. In times of emergency
  2. For evaluative purposes such as, and not limited to assessing school admission, a job or volunteering application
  3. Where the disclosure is related to law enforcement or where the collection, use or disclosure is in connection with certain legal issues
  4. Relevant government authorities, ministries, statutory boards and agencies

One may in writing withdraw personal consent given for any or all purposes set out in this Privacy Statement by emailing to If consent is withdrawn for any or all of the purposes, MVS may not be in a position to continue to provide services to individuals and their family members. MVS has the right to consider withdrawal, a termination by individuals of any contractual relationship which one may have with MVS, and a breach of one’s contractual obligations or undertakings, as the case may be.

Retention of personal data

MVS ceases to retain documents containing personal data about individuals, or remove the means by which it can be associated, as soon as it is reasonable to assume that the purpose for which it is collected is no longer necessary for legal or business purposes.

Accuracy of personal data

Reasonable efforts are made to ensure that personal data that is collected is accurate and complete if MVS is likely to use it to make a decision that affects individuals, students or we are likely to disclose it to another organisation.

Protection of personal data

Reasonable steps are taken to ensure the security of personal data that is in individuals’ possession or under MVS control and to protect it against risks such as loss or unauthorised access, destruction, use, modification or disclosure.  Only authorised personnel are permitted to have access to personal data. In the event of data breaches, MVS is obligated to respond as follows:

  1. Contain data breach, take immediate action to stop further damage;
  2. Assess risk and impact;
  3. Report incident to relevant authorities;
  4. Inform relevant stakeholders such as students, parents and guardians of students, staff, members and/or any group linked to the incident; wherever applicable.

However, MVS cannot completely guarantee the security of any Personal Data that may have been collected from or about individuals, or that for example no harmful code will enter websites (for example viruses, bugs, trojan horses, spyware or adware). One should be aware of the risks associated with using websites. While MVS strives to protect everyone’s Personal Data, MVS cannot ensure the security of the information you transmit to via the Internet or when individuals use the online portals, and everyone is urged to take every precaution to protect their own Personal Data when one is on the Internet.

Data Protection Officer

An appointed Data Protection Officer is contactable as follows:

  • Send an email to
  • Call 6440 3331
  • Write to us at Mountbatten Vocational School, 225 Mountbatten Road, Singapore 397997

What does the Data Protection Officer do?

His/Her responsibilities and activities include, but not limited to:

A. Working with management to develop policies and processes for handling personal data

B. Providing internal training on data protection compliance

C. Monitoring and reporting data protection risks

Data Breach Reporting

If a data breach occurs and the breach is assessed to be “notifiable”, we must notify the Personal Data Protection Commission of the breach as soon as possible, no later than 3 calendar days after we make the assessment.

Changes to this data protection policy

We reserve the right to review, amend and/or update this data protection policy at any time and from time to time.