• Novena Medical Centre

    #09-23, 10 Sinaran Drive
  • Opening Hours

    Monday to Friday: 9am - 6pm
  • For an Appointment, Call:

    +65 63977309

Promises Group Data Privacy Policy

The purpose of this document (“Data Privacy Policy”) is to inform you of how Promises Healthcare Private Limited, operating under the name of Winslow Clinic and its related corporations or any of its affiliates (collectively, the “Promises Group”) manages Personal Data (as defined below) which is subject to the Singapore Personal Data Protection Act (No. 26 of 2012) (“the Act”).

Please take a moment to read this Data Privacy Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
By interacting with us, submitting information to us, or signing up for services offered by us, you agree and consent to the Promises Group, as well as its representatives and/or agents (collectively referred to herein as “Promises”, “the Group”, “us”, “we” or “our”) collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to Promises’ authorised service providers and relevant third parties in the manner set forth in this Data Privacy Policy.
This Data Privacy Policy supplements but does not supersede nor replace any other consents you may have previously provided to Promises in respect of your Personal Data, and your consents herein are additional to any rights which any member of the Promises Group may have at law to collect, use or disclose your Personal Data.
Promises may from time to time update this Data Privacy Policy to ensure that this Data Privacy Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Privacy Policy as updated from time to time on our website https://www.promises.com.sg/privacy. Please check back regularly for updated information on the handling of your Personal Data.

This policy document is updated as at 10 July 2018.

  1. Personal Data
    1. In this Data Privacy Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
    2. Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.
  2. Collection of Personal Data
    1. Generally, we collect Personal Data in the following ways:

      1. when you submit any form, including but not limited to customer inquiry forms or other forms relating to any of our services;
      2. when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
      3. when you interact with our staff, including customer service officers, for example, via telephone calls (which may be recorded), letters, fax, face-to- face meetings, social media platforms and emails;
      4. when you interact with us via our websites or use services on our websites;
      5. when you request that we contact you or request that you be included in an email or other mailing list;
      6. when you respond to our promotions, initiatives or to any request for additional Personal Data;
      7. when you submit an employment application or when you provide documents or information including your resume and/or CVs in connection with any appointment as an officer, director, representative or any other position;
      8. when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend our events;
      9. when you are contacted by, and respond to, our marketing representatives and customer service officers;
      10. when we seek information about you and receive your Personal Data in connection with your relationship with us, including for our products and services or job applications, for example, from business partners, public agencies, your ex-employer, referral intermediaries and the relevant authorities; and/or
      11. when you submit your Personal Data to us for any other reasons.
    2. When you browse our website, you generally do so anonymously but please see paragraph 6 below for information on cookies and other technologies which we have implemented on our We do not, at our website, automatically collect Personal Data unless you provide such information to us.
    3. If you provide us with any Personal Data relating to a third party (e.g. information about your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested, or delays in providing you with products and services you have requested, or processing your applications.
  3. Purposes for the Collection, Use and Disclosure of Your Personal Data

    1. Generally, Promises collects, uses and discloses your Personal Data for the following purposes:

      1. responding to, processing and handling your queries, feedback, complaints and requests;
      2. verifying your identity;
      3. managing and planning the administrative and business operations of Promises and complying with internal policies and procedures;
      4. facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales);
      5. requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to design our services, understand customer behaviour, preferences and market trends, and to review, develop and improve the quality of our products and services;
      6. matching any Personal Data held which relates to you for any of the purposes listed herein;
      7. preventing, detecting and investigating crime and analysing and managing commercial risks;
      8. managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
      9. monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
      10. in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
      11. conducting any form of investigations including but not related to those relating to disputes, billing, fraud, offences, prosecutions etc;
      12. meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on Promises (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
      13. purposes which are reasonably related to the aforesaid.
    2. In addition, Promises collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
      1. If you are a prospective, current or former patient or customer of Promises:
        1. providing customer service and support (including but not limited to customer relationship management, processing your admissions, processing and settlement of bills, facilitating, arranging and providing reminders of your appointments, medical examinations, screenings or checkups, contacting you regarding medical reports and results, providing follow-up calls and providing you with administrative support);
        2. administering and processing your requests including creating and maintaining profiles of our customers in our system database for administrative purposes (including tracking your attendance at various Promises facilities);
        3. personalising your experience at Promises’ touchpoints and conducting market research, understanding and analysing customer behaviour, location, preferences and demographics in order to improve our service offerings;
        4. administering medical care (including keeping patient case and procedure records, providing medication, ordering medical tests, reports and biological samples, and facilitating internet-based tele-consultations and correspondence with doctors);
        5. liaising with third party specialist doctors, clinics, hospitals and/or medical institutions in relation to your medical care (including by providing them with access to your medical records);
        6. if you use our e-services or online registration and payments systems, displaying your medical data, sending you health-related notifications, and facilitating the provision of our services to you;
        7. administering debt recovery and debt management; and/or
        8. purposes which are reasonably related to the aforesaid.
      2. If you are a nominated caregiver or next-of-kin of a patient or customer of Promises:

        1. informing you of the patient’s medical status and whereabouts; and/or
        2. purposes which are reasonably related to the aforesaid.
      3. If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by Promises:

        1. assessing your organisation’s suitability as an external service provider or vendor for Promises;
        2. managing project tenders and quotations, processing orders or managing the supply of goods and services;
        3. creating and maintaining profiles of our service providers and vendors in our system database;
        4. processing and payment of vendor invoices and bills;
        5. facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
        6. purposes which are reasonably related to the aforesaid.
      4. If you submit an application to us as a candidate for employment, internships or scholarships:

        1. conducting interviews;
        2. processing your application (including but not limited to pre-recruitment checks involving your qualifications and facilitating interviews);
        3. obtaining references and for background screening;
        4. assessing your suitability for the position applied for;
        5. enrolling successful candidates as our employees and facilitating human resource planning and management (including but not limited to preparing letters of employment, name cards and building access passes); and/or
        6. purposes which are reasonably related to the aforesaid.
      5. If you are an existing employee of Promises:

        1. providing remuneration, reviewing salaries and bonuses, conducting salary benchmarking reviews, staff appraisals and evaluation, as well as recognising individuals for their services and conferring awards;
        2. staff orientation and entry processing;
        3. administrative and support processes relating to your employment, including its management and termination, as well as staff benefits, including travel, manpower, business continuity and logistics management or support, processing expense claims, medical insurance applications, medical screenings and immunisations, leave administration, long-term incentive plans, training, learning and talent development, and planning and organising corporate events;
        4. providing you with tools and/or facilities to enable or facilitate the performance of your duties;
        5. facilitating professional accreditation and complying with compliance audits;
        6. compiling and publishing internal directories and emergency contact lists for business continuity;
        7. managing corporate social responsibility projects;
        8. conducting analytics and research for human resource planning and management, and for us to review, develop, optimise and improve work- related practices, environment and productivity;
        9. ensuring that the administrative and business operations of Promises function in a secure, efficient and effective manner (including but not limited to examining or monitoring any computer software and/or hardware installed within Promises, your work emails and personal digital and storage devices);
        10. compliance with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities (including but not limited to disclosures to regulatory bodies, conducting audit checks or surveillance and investigation);
        11. administering cessation processes; and/or
        12. any other purposes relating to any of the above.
      6. If you are a specialist doctor or clinical staff at Promises:
        1. facilitating professional accreditation and complying with compliance audits;
        2. facilitating disbursements of fees collected on your behalf;
        3. managing and providing you with tools, services and/or facilities to enable or facilitate the performance of your duties;
        4. planning and organising events for specialists;
        5. creating and maintaining profiles of our accredited clinicians in our system database;
        6. facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
        7. any other purposes relating to any of the aforesaid.
  4. Disclosure of Personal Data
    1. Promises will take reasonable steps to protect your Personal Data against unauthorised The nature of the disclosure shall be limited strictly to the extent required for the intended purpose and only to such persons authorised to access such disclosures for the respective purposes.
    2. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
      1. amongst the Promises Group members and affiliates (including their staff and medical practitioners);
      2. third party doctors, clinics, hospitals and/or medical institutions;
      3. companies providing services relating to insurance to Promises;
      4. agents, contractors, sub-contractors or third party service providers who provide operational services to Promises, such as courier services, telecommunications, information technology, payment, printing, billing, debt recovery, processing, technical services, transportation, training, market research, call centre, security, or other services to Promises;
      5. vendors or third party service providers and our marketing and business partners in connection with marketing promotions, products and services;
      6. our corporate clients;
      7. any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale);
      8. external banks, credit card companies, other financial institutions and their respective service providers;
      9. our professional advisers such as consultants, auditors and lawyers;
      10. relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority (including the Ministry of Health); and/or
      11. any other party to whom you authorise us to disclose your Personal Data to.
  5. Retention of Personal Data
    1. Promises retains such Personal Data as may be required for business or legal purposes, and such purposes do vary according to the
    2. Whilst Promises will securely dispose of or anonymise Personal Data which it can reasonably determine is no longer needed and does not generally hold on to Personal Data “just in case”, it is in the interests of any caregiver or person treating the patient to be able to refer to a complete set of medical records to avoid risks to health and safety of the
    3. As such that, with respect to the medical records of patients, unless specific contrary instructions from the patient are received, Promises may (but is not obliged to) retain such medical records for as long as Promises may be potentially consulted for further follow up by (or on behalf of) the patient even where such consultation may not occur until after a substantial period of time or there is no current or present indication that the patient may well return for further consultation or follow up.
  6. Use of Cookies, Web Beacons, and Similar Technologies on the website
    1. When you visit or interact with our sites, services, we or our authorized service providers may use cookies, web beacons, and other similar technologies for collecting and storing information to help provide you with a better, faster, and safer web
    2. The information collected by us or our authorised service providers may recognise a visitor as a unique user and may collect information such as how a visitor arrives at our sites, what kind of browser a visitor is on, what operating system a visitor is using, a visitor’s IP address and a visitor’s click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
    3. The use of cookies, web beacons and similar technologies by us on our website has different They are either necessary for the functioning of our services, help us improve our performance, or serve to provide you with extra functionalities. They may also be used to deliver content that is more relevant to you and your interests, or to target advertising to you on or off our sites.
      Cookies – Small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser. There are several types of cookies:

      • Session cookies expire at the end of your browser session and allow us to link your actions during that particular browser session.
      • Persistent cookies are stored on your device in between browser sessions, allowing us to remember your preferences or actions across multiple sites.
      • First-party cookies are set by the site you are visiting.

      Cookies can be disabled or removed by tools that are available in most commercial browsers. The preferences for each browser you use will need to be set separately and different browsers offer different functionality and options.
      Web beacons – Small graphic images (also known as “pixel tags” or “clear GIFs”) may be included on our sites and services. Web beacons typically work in conjunction with cookies to profile each unique user and user behaviour.
      Similar technologies – Technologies that store information in your browser or device utilizing local shared objects or local storage, such as flash cookies, HTML 5 cookies, and other web application software methods. These technologies can operate across all of your browsers.

      We may use the terms “cookies” or “similar technologies” interchangeably in our policies to refer to all technologies that we may use to collect or store information in your browser or device or that collect information or assist in identifying you as a unique user in the manner described above.

    4. We offer certain site features and services that are available only through the use of these You are always free to block, delete, or disable these technologies if your browser so permits.

      However, if you decline cookies or other similar technologies, you may not be able to take advantage of certain site features or services tools. For more information on how you can block, delete, or disable these technologies, please review your browser settings.

  7. Third-Party Sites
    Our website may contain links to other websites operated by third parties, including for example our business partners. We are not responsible for the data protection practices of websites operated by third parties that are linked to our website. We encourage you to learn about the data protection practices of such third party websites. Some of these third party websites may be co-branded with our logo or trade mark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable Data Privacy Policy of the third party website to determine how they will handle any information they collect from you.
  8. Withdrawal of Consent, Access and Correction of your Personal Data

    1. If you:

      1. have any questions or feedback relating to your Personal Data or our Data Privacy Policy;
      2. would like to withdraw your consent to any use of your Personal Data as set out in this Data Privacy Policy; or
      3. would like to obtain access and make corrections to your Personal Data records, please contact us as follows:
        Call: +65 607 7880
        Email: pdpo@promises.com.sg
        Write to our Data Protection Officer at:

        Data Protection Officer

        Promises Group

        10 Sinaran Drive #09-23

        Singapore 307506

    2. Please note that if your Personal Data has been provided to us by a third party (e.g. a general practitioner or your employer), you should contact that organisation or individual to make such queries, complaints, and access and correction requests to Promises on your
    3. If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Promises may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with Promises, and your being in breach of your contractual obligations or Promises’ legal rights and remedies in such event are expressly reserved.
  9. Governing Law

    1. This Data Privacy Policy shall be governed in all respects by the laws of Singapore.