Privacy Policy

1. Introduction

Harmony ("we", "us", "our") is committed to protecting the privacy and personal data of all individuals who interact with our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore.

This policy applies to residents, family members, prospective clients, website visitors, and anyone who communicates with us. If you have questions about this policy, please contact us at [email protected].

2. Data We Collect

We may collect the following categories of personal data:

Contact Information: Name, email address, phone number, and mailing address, provided through our contact form, phone enquiries, or in-person visits.

Care-Related Information: For residents and programme participants, we collect health records, medical history, dietary requirements, personal preferences, and emergency contact details. This information is essential for providing safe, personalised care.

Website Usage Data: When you visit our website, we may collect data through cookies and analytics tools, including pages visited, time spent, browser type, and device information. See our Cookie Policy for details.

Communication Records: Records of enquiries, feedback, and correspondence between you and our team.

3. How We Use Your Data

We use personal data for the following purposes:

Providing and managing elderly care services, including residential care, caregiver relief stays, and day programme participation. Communicating with families about care updates, scheduling, and service-related matters. Responding to enquiries and processing service requests submitted through our website or by phone. Improving our services and website experience through aggregated, anonymised analytics. Complying with legal and regulatory obligations under Singapore law, including MOH reporting requirements. Sending service-related communications; we do not use your data for unrelated marketing purposes without your explicit consent.

4. Legal Basis for Processing

Under the PDPA, we process personal data on the following grounds: consent provided by you or your authorised representative; contractual necessity for delivering the services you have engaged; legitimate interests in maintaining the safety and wellbeing of our residents; and legal obligations, including healthcare regulatory requirements.

5. Data Sharing

We do not sell or rent personal data. We may share data with: healthcare professionals involved in a resident's care (with appropriate consent); government agencies when required by law or regulation; service providers who assist with website hosting, analytics, or IT support, bound by confidentiality agreements; and emergency services when the safety of a resident or individual is at risk.

6. Data Protection Measures

We implement reasonable security measures to protect personal data, including secure storage of physical records in locked facilities, encrypted digital systems with access controls, staff training on data handling and confidentiality, regular reviews of our data protection procedures, and incident response protocols for any potential data breaches.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Website enquiry data is typically retained for up to 24 months. Resident care records are retained in accordance with MOH guidelines, which may require retention for a period following the conclusion of care. You may request early deletion of non-essential data by contacting us.

8. Cookies

Our website uses cookies to enhance your browsing experience and to collect anonymised usage data. You can manage your cookie preferences at any time through our Cookie Policy page or through your browser settings.

9. Your Rights

Under the PDPA, you have the right to: access the personal data we hold about you; correct inaccurate or incomplete data; withdraw consent for data processing (where consent is the basis); request information about how your data has been used or disclosed in the past year; and lodge a complaint with the Personal Data Protection Commission (PDPC) if you believe your data has been mishandled.

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

10. Third-Party Links

Our website may contain links to external websites. We are not responsible for the privacy practices of these third-party sites and encourage you to review their policies independently.

11. Children's Privacy

Our services are intended for adults aged 18 and above. We do not knowingly collect personal data from children. If you believe a child's data has been submitted to us in error, please contact us so we can take appropriate action.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any significant changes will be communicated through our website. We encourage you to review this page periodically.

13. Contact Us

If you have any questions or concerns regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Email: [email protected]
Address: Harmony, 31 Toa Payoh Lorong 5, Singapore 319459
Phone: +65 6348 9271

You may also contact the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.