top of page
Privacy Policy

This Privacy Policy describes David & Goliath Preschool's (DGP) policies on the collection, use and disclosure of your and your child's information when you use our website, or any online platforms or in-person interactions relating to DGP and its affiliates.

Personal data is documented to provide and improve enrolment processes with DGP as well as providing a successful learning experience and continuous interaction with child and parent within the school context. By voluntarily submitting such information, you agree to the collection and use of information in accordance with this Privacy Policy.

Collecting and Using Your Personal Data


Types of Data Collected

Personal Data:
We may ask you to provide certain personally identifiable information that can be used to contact or identify you. Personal data includes, but is not limited to the following:

  • Name;

  • NRIC/FIN (Foreign Identification Number)/Passport number;

  • Residential address;

  • Date of birth;

  • Gender;

  • Marital status;

  • Nationality;

  • Contact particulars such as personal telephone numbers and personal email address;

  • Financial information such as bank account or credit/debit numbers;

  • Photograph and video image.

  • Medical Records

Usage Data:
Aside from manual submission of personal data, online usage data is collected automatically when using the website.

It may include information such as your device type, Internet Protocol address (e.g. IP address), browser type, browser version, the webpages that you visit, the time and date, the time spent on those pages, unique device identifiers and other diagnostic data. The same may also apply to your mobile when accessing our website.


Tracking Technologies and Cookies:

We use cookies and similar tracking technologies to track the activity on DGP or other digital platforms and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze our services.

These cookies allow us to remember choices you make when you use the Website, such as remembering your login details or language preference. It aims to provide you with a more personal experience and to avoid having to re-enter your preferences every time you use our website or online services. We monitor and analyze the performance, operation and effectiveness of our platforms as well.

Use of Your Personal Data

DGP may collect, use and disclose Personal Data for, and not limited to, the following purposes:

  • To provide and maintain our preschool services.

  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services you have purchased or of any other contract with us..

  • To contact you by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.

  • To provide you with news, special offers and general information about other services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

  • To attend and manage your requests, queries or complaints.

  • Administration and management of DGP's operations, processes, functions or other internal matters as the case may be, including record keeping.

  • Providing services to one or more individuals, a community or the general public.

  • Internal and external communications and publications.

We may use your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our preschool services, curriculum, marketing and your experience.

Personal information may be automatically shared with Third-Party Service Providers, like vendors and external enrichment providers. When you share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If you interact with other users or register through a Third-Party Social Media Service, your contacts on the Third-Party Social Media Service may see your name, profile, pictures and description of your activity. Similarly, other users will be able to view descriptions of your activity, communicate with you and view your profile.

Retention of Your Personal Data

DGP will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.


We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

DGP will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of preschool services, or we are legally obligated to retain this data for longer time periods.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at DGP's operating offices and in any other places where the parties involved in the processing are located. 

DGP will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no unauthorised transfer or sharing of your Personal Data will take place.


Disclosure of Your Personal Data


Law enforcement:

Under certain circumstances, DGP may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements:

DGP may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation

  • Protect and defend the rights or property of DGP

  • Prevent or investigate possible wrongdoing in connection with DGP

  • Protect the personal safety of students or the public

  • Protect against legal liability

Security of Your Personal Data

To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as

  • minimised collection of personal data,

  • authentication and access controls (such as good password practices, need-to-basis for data disclosure, etc.), up-to-date antivirus protection,

  • regular patching of operating system and other software,

  • securely erasing storage media in devices before disposal,

  • web security measures against risks,

  • usage of one time password (otp)/2 factor authentication (2fa)/multi-factor authentication (mfa) to secure access, and

  • security review and testing performed regularly.

The security of your Personal Data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Accuracy of personal data

We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer at the contact details provided below. 


Retention of personal data

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes. 

Access Request

The data subject may request for (i) information on the personal data in our possession and the ways in which the data may have been used or disclosed and (ii) correction of any error or omission in the data.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request. 


We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you within thirty (30) days of the time by which we will be able to respond to your request.


Withdrawal of consent

An individual who does not wish JCC to retain his or her personal data may give reasonable written notice to JCC to withdraw his or her consent to the retention of his or her personal data. JCC will cease to retain personal data about the person within ten (10) business days from receiving such written notice of withdrawal (pending the complexity and consequences and legal liability affecting your rights and our relationship with you) unless there are circumstances under which retention does not require the individual’s consent.


Where an individual withdraws his or her consent for JCC to collect, use or disclose his or her personal data, JCC may no longer be able to carry out the purposes set out in Part 3 above for or in relation to the individual.




An individual who wishes to make a request, or to lodge a complaint to JCC pertaining to any matters relating to the PDPA, may make a written request or lodge a written complaint by doing one of the following:

  • visiting the Church Office and filling in a written request or complaint;

  • contacting the DPO at email address is or the telephone number of the Church Office; or

  • in writing by post sent to the Church Office and attention to “Data Protection Officer”.


The DPO will investigate the complaint within a reasonable time of receiving the written request or complaint and will contact the complainant within a reasonable time, in order to address any concerns relating to matters with the PDPA. JCC reserves the right to reject, among others, frivolous or vexatious requests or complaints.

Children's Privacy

DGP does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that information from our databases. We rely on consent as a legal basis for processing your and your child's information.


Links to Other Websites


DGP's website and other digital platforms may contain links to other sites that are not operated by DGP. If you click on a third party link, you will be directed to that third party's site at your own discretion. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Contact Us

If you have any questions about this Privacy Policy, you can contact us:

By email:
By visiting this page on our website:
By phone number: 62660539

bottom of page