1. Introduction

​Mirai After-School Haven ("The Centre," "we," "us," or "our") respects the privacy and confidentiality of the personal data of our students, parents/guardians, and employees. This Policy outlines how we manage the Personal Data we possess in accordance with the Singapore Personal Data Protection Act 2012 (PDPA).

​

​This Policy applies to all Personal Data in our possession or under our control.

​

​2. Definition of Personal Data

​"Personal Data" refers to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have access.

​​

​Examples of Personal Data we collect include:

• ​Child’s Data: Full name, NRIC/FIN/Passport number, date of birth, gender, nationality, religion, medical information (allergies, health conditions, immunisation records), developmental history, photos, and video recordings.

• ​Parent/Guardian Data: Full name, NRIC/FIN/Passport number, contact information (home address, phone numbers, email), employment details, income declaration for subsidy purposes, and relationship to the child.

• ​Other Data: Information provided for emergency contacts, visitors' logs, and financial details for payment/billing.

 

​3. Collection, Use, and Disclosure of Personal Data

​

​A. Purpose for Collection and Use

​We collect, use, and process Personal Data for purposes reasonably necessary for the proper functioning of the Centre and the provision of student care and educational services, including:

1. ​Enrolment & Administration: Processing applications, registration, maintenance of student records, and collecting fees.

2. ​Child Welfare & Safety: Providing appropriate care, monitoring health and development, addressing medical emergencies, maintaining security (including CCTV footage within the premises), and administering necessary medication.

3. ​Communication: Communicating with parents/guardians regarding their child's progress, school activities, events, and operational updates.

4. ​Marketing & Publicity (with Consent): Using photographs/videos of activities for the Centre’s website, social media, or marketing materials, only where explicit consent has been provided.

5. ​Compliance: Meeting statutory or regulatory requirements, including those imposed by MSF and other government bodies.

 

​B. Consent for Collection of Children's Data

​As our students are primarily below the age of 13, we obtain consent for the collection, use, and disclosure of the child's Personal Data from their parent or legal guardian. By enrolling your child, you consent to our collection, use, and disclosure of your and your child's Personal Data for the purposes outlined in this Policy.

​

​C. Disclosure to Third Parties

​We will not disclose Personal Data to third parties without first obtaining consent, except in limited situations permitted under the PDPA, such as:

• ​Relevant Government Agencies: Sharing data with the Ministry of Social and Family Development (MSF) and other relevant government bodies for regulatory compliance, subsidy administration, and national security purposes.

• ​Service Providers: Sharing necessary information with external vendors who provide services such as IT support, transportation, health screening, or school photographers (under a contract that requires them to protect the data).

• ​Emergency: Disclosure to medical professionals or hospitals in the event of a medical emergency to protect the life or health of the child.

 

​4. Withdrawal of Consent

​You may withdraw your consent for the collection, use, and/or disclosure of your or your child's Personal Data by submitting a written request to our Data Protection Officer (DPO).

• ​We will process your request within 30 working days and cease the collection, use, or disclosure of the Personal Data, unless retention is required by law.

• ​Please note that the withdrawal of consent may affect our ability to provide certain services to your child, and we will inform you of the consequences of your withdrawal.

 

​5. Access and Correction

​You may request access to or correction of your or your child's Personal Data held by the Centre.

• ​All requests must be made in writing to the DPO.

• ​We reserve the right to charge a reasonable administrative fee for processing an access request.

• ​We will provide the requested information or make the necessary correction within 30 working days unless an exception under the PDPA applies.

 

​6. Protection of Personal Data

​We take reasonable steps to protect Personal Data in our possession or under our control against risks such as loss, unauthorised access, destruction, use, modification, or disclosure. These measures include:

• ​Limiting physical access to data storage (e.g., locked cabinets for hard-copy records).

• ​Implementing digital security measures (e.g., strong passwords, encryption, restricted network access) for electronic records.

• ​Training staff on data protection policies and confidentiality obligations.

 

​7. Retention of Personal Data

​We will only retain Personal Data for as long as it is necessary for the purposes it was collected for, or as required by legal or business purposes, such as maintaining records required by MSF. Once data is no longer necessary, we will securely destroy or anonymise it.

 

​8. Data Protection Officer (DPO)

​If you have any questions or feedback relating to this Policy, or if you wish to make any requests, please contact our Data Protection Officer:

 

​Attention to: Data Protection Officer

Email: contact@miraisingapore.com

Contact No.: 90689539

Address: 824 Tampines Street 81 #01-08 Singapore 520824

​

​9. Policy Review

​This Policy is effective from 15 October 2025 and will be reviewed and updated periodically to ensure compliance with Singapore laws and current practices.

​