The Personal Data Protection Act (PDPA) of 2012 established regulations on collection, use and disclosure of personal data. It primarily aims to recognize the rights of individuals to protect, access, and correct their personal data (including directory information such as contact number, postal address) and the needs of organizations to collect, use, or disclose personal data for reasonable and valid purposes. PDPA also includes the DO NOT CALL provision (DNC) which restricts organizations from sending marketing and promotional information to individuals without their consent.
In compliance to PDPA, DigiPen Institute of Technology Singapore has outlined the following general guidelines in handling matriculated student data:
- Accumulated student data (personal and educational records) will be used for the purpose of delivering academic and administrative services, conducting internal analysis/research, report generation for authorized internal or external (i.e. auditors, government agencies) parties as well as in promoting educational activities organized by the Institute.
- Access to student data is limited to authorized staff or faculty members of the Institute who require such information to perform their educational duties. Personal data, including educational records, of any student will not be disclosed by the Institute to any external party without the student’s written consent.
- The Institute will correct any error or missing information on the student record upon written request.
Please refer to https://www.digipen.edu.sg/privacy-and-cookie-policies for more information. If you have any questions on PDPA, please contact the Data Protection Officer at dpo.sg@digipen.edu.