Your story is yours. We just hold the door.

Never Alone in Singapore ("Never Alone", "we", "us", "our") is a private peer community based in Singapore. This Privacy Statement explains how we collect, use, disclose, and protect personal data in line with the Singapore Personal Data Protection Act 2012 (PDPA) and its subsequent amendments.

Our Data Protection Officer (DPO) can be contacted at drkev@drkevinkwok.org or by post at 16 Raffles Quay #14-05, Singapore 048581, or by phone at +65 8366 9817. Any privacy question, access request, withdrawal of consent, or complaint can be sent there, and a real person will respond within 30 calendar days.

We try to collect only what we genuinely need:

• Account data you give us when signing up: your first name and email address.
• Community content you choose to share inside the community (posts, replies, reactions).
• Technical data automatically generated when you visit the site: IP address, browser type, device type, pages visited, and timestamps. This is used only for security, abuse prevention, and basic site analytics.
• Correspondence you send us (for example, emails to our DPO or moderators).

We do not knowingly collect personal data from anyone under 13. If you are between 13 and 18, you should review this statement with a parent or guardian.

We use personal data only for purposes a reasonable person would expect, namely:

• Creating your community membership and welcoming you.
• Sending occasional community emails (e.g. updates, gentle check-ins, important changes to our terms).
• Moderating the community to keep it safe and kind.
• Preventing abuse, fraud, spam, scraping, and unauthorised access.
• Complying with Singapore law, including responses to lawful requests by authorities.

We will not use your personal data for any new purpose without first notifying you and, where required, obtaining your consent.

By submitting the sign-up form, you give us consent under the PDPA to collect, use, and disclose your personal data for the purposes set out in Section 3.

You can withdraw consent at any time by writing to drkev@drkevinkwok.org. Once we receive your request, we will action it within a reasonable period (usually within 10 business days) and inform you of any consequences (for example, closing your community account if it can no longer function without that data).

You have the right under the PDPA to:

• Access the personal data we hold about you and information about how it has been used or disclosed in the past year.
• Correct any personal data that is inaccurate or out of date.

Send your request to drkev@drkevinkwok.org. We may ask for proof of identity to make sure data is not given to the wrong person. A reasonable fee may apply for very large access requests; we will tell you before charging anything.

We make reasonable efforts to keep personal data accurate, complete, and up to date when it is used to make a decision affecting you, or when it is disclosed to another organisation.

We protect personal data with reasonable technical and organisational measures, including:

• Encryption in transit (HTTPS/TLS).
• Access controls so only authorised moderators can see member data.
• Logging and monitoring for suspicious activity.
• Regular review of who has access and why.

No system is perfectly secure, but we treat your trust as the most important thing we hold.

We stop retaining personal data as soon as it is no longer needed for the purposes in Section 3, or for any legal or business reason.

• Active member data is kept while your account is open.
• If you close your account or withdraw consent, we will delete or anonymise your personal data within 90 days, except where we are required to keep it longer (for example, to deal with a legal claim or safety report).
• Technical logs are typically kept for no more than 12 months.

We do not sell, rent, or trade your personal data. Ever.

We share personal data only with:

• Trusted service providers (for example, our database host and email provider) who act on our instructions and are bound by confidentiality and PDPA-equivalent protections.
• Authorities when required by Singapore law, court order, or to protect the safety of any person.

Some of our service providers may store data outside Singapore (for example, in regional data centres). Before transferring personal data overseas, we make sure the receiving organisation is bound by legally enforceable obligations that provide a standard of protection at least comparable to the PDPA, as required by the PDPA Transfer Limitation Obligation.

In the unfortunate event of a notifiable data breach (one that is likely to result in significant harm to affected individuals, or that affects 500 or more individuals), we will:

• Notify the Personal Data Protection Commission (PDPC) as soon as practicable, and in any case within 3 calendar days.
• Notify affected individuals without undue delay, with clear information on what happened and what we are doing about it.

We do not send marketing SMS or make telemarketing calls. We may send you community emails (welcomes, updates, important changes). Every email includes a clear way to unsubscribe, and unsubscribing takes effect immediately.

If we ever start sending marketing messages to Singapore phone numbers in the future, we will check the DNC Registry first and obtain your clear and unambiguous consent in writing, as required by the PDPA.

We use only essential cookies and local storage needed to keep you signed in to the admin area and to remember basic preferences. We do not use third-party advertising trackers. If we ever add optional analytics, we will ask for your consent first.

If you believe we have not handled your personal data in line with the PDPA, please contact our DPO first at drkev@drkevinkwok.org. We will investigate and respond within 30 calendar days.

You also have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) Singapore at pdpc.gov.sg.

We may update this Privacy Statement from time to time. If we make material changes, we will notify members by email and update the "Last updated" date below. Continued use of Never Alone in Singapore after a change means you accept the updated statement.