NursingHomeGuide.sg · Privacy
Privacy policy
Last updated: 7 June 2026
NursingHomeGuide.sg (“we”, “us”, “our”) is committed to protecting the personal data of everyone who uses this website. This policy explains what data we collect, why we collect it, how long we keep it, and the rights you hold under Singapore’s Personal Data Protection Act 2012 (PDPA).
Please read this policy before using the site. By continuing to browse, you acknowledge that you have read and understood it.
1. Who we are
NursingHomeGuide.sg is an independent online directory of nursing homes and eldercare facilities in Singapore. We are the data controller for personal data collected through this website. You can reach us via the contact form on this site.
2. Data we collect
2.1 Contact enquiry form
When you submit an enquiry through our contact form, we collect:
- Name — so we can address you personally in our reply.
- Email address — to send you our response.
- Phone number (optional) — if you prefer a callback.
- Message content — the text of your enquiry.
This data is collected only when you voluntarily submit the form and is used solely to respond to your enquiry.
2.2 Analytics data
To understand how visitors use the site and to improve our content, we log the following technical data:
- Page URL visited
- HTTP referrer (the page you came from, if any)
- Event type (e.g. page view, outbound link click)
- A randomly generated session UUID that resets each visit
We do not store IP addresses, device fingerprints, or any other personally identifiable information in our analytics pipeline. The session UUID cannot be linked back to you.
2.3 Operator portal
Nursing home operators who register to manage their listing provide an email address used as their login credential. No additional personal data is required for registration.
2.4 Cookies
We set one session cookie named nhg_session. It expires when you close your browser and is used only to maintain your session state (for example, keeping an operator logged into the portal). We do not use persistent tracking cookies of our own.
Third-party services embedded on the site may set their own cookies — see Section 6 for details.
3. How we use your data
| Data | Purpose | Legal basis (PDPA) |
|---|---|---|
| Contact enquiry (name, email, phone, message) | To respond to your enquiry and, where relevant, follow up once | Consent given at point of submission |
| Analytics (URL, referrer, event, session UUID) | To identify popular content, broken links, and editorial gaps — always in aggregated, anonymised form | Legitimate interests (no PII involved) |
| Operator email address | Account authentication and service-related communications | Contractual necessity / consent at registration |
We do not use personal data for marketing to visitors, build individual profiles, or make automated decisions with legal or significant effects.
4. How long we keep your data
| Data type | Retention period | Deletion method |
|---|---|---|
| Contact enquiry submissions | 90 days from receipt, then permanently deleted | Automated scheduled deletion |
| Analytics logs | 12 months on a rolling basis | Automated purge of records older than 12 months |
| Operator account data | For the duration of the operator relationship; deleted within 30 days of account closure on request | Manual deletion upon request |
| Session cookie | Browser session only (deleted when browser is closed) | Browser-managed expiry |
5. Your PDPA rights
Under the PDPA, you have the following rights in relation to personal data we hold about you:
Access
You may request a copy of the personal data we hold about you, along with information about how it has been used or disclosed in the past year.
Correction
You may request that we correct any personal data that is inaccurate, incomplete, or misleading, where it is reasonable to do so.
Withdrawal of consent
Where our processing is based on your consent, you may withdraw it at any time. Withdrawing consent will not affect the lawfulness of processing carried out before withdrawal. Please note that withdrawing consent to use your contact details means we may be unable to respond to your enquiry.
Data portability
Where technically feasible and required under the PDPA, you may request that we provide your personal data in a commonly used machine-readable format so it can be transferred to another organisation.
How to exercise your rights
Submit your request via our contact form with the subject line “PDPA request”. Please include your full name and a description of your request so we can locate your data and respond appropriately.
We will acknowledge your request within 5 business days and respond fully within 30 calendar days. If we need more time, we will notify you before the deadline.
We do not charge a fee for handling PDPA requests unless a request is clearly excessive or repetitive, in which case we will inform you of any fee before proceeding.
6. Third-party services
Google Maps
Facility listing pages may embed Google Maps iframes to display location information. When a map is loaded, Google’s servers receive your IP address and may set cookies in accordance with Google’s privacy policy. We load maps only where location context is directly useful to you.
Google Analytics (optional)
We may use Google Analytics with IP anonymisation enabled. If active, Google Analytics receives anonymised usage data (no full IP addresses are transmitted or stored). You can opt out globally using the Google Analytics Opt-out Browser Add-on.
Supabase
We use Supabase as our backend database and authentication service. All data is stored in the Singapore region (ap-southeast-1). Supabase processes data on our behalf as a data intermediary under terms consistent with the PDPA. Data is not transferred outside Singapore for storage purposes.
7. Advertising and data sales
We may display advertisements served by third-party ad networks. These networks may use cookies and device identifiers to show relevant ads. We configure our advertising partners to:
- Respect browser-level privacy signals (e.g. Do Not Track, Global Privacy Control).
- Not use sensitive personal data for targeting.
- Comply with Singapore PDPA requirements for any data collected through our pages.
We do not sell personal data to any third party, and we do not share personal data with advertisers for their own independent use.
8. Data security
We take reasonable technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or loss. These include encrypted connections (HTTPS), access controls on our backend systems, and limited staff access to production data. In the event of a data breach that poses significant harm, we will notify affected individuals and the Personal Data Protection Commission (PDPC) as required by the PDPA Notification Obligation.
9. Children’s data
This website is not directed at children under the age of 18, and we do not knowingly collect personal data from minors. If you believe a child has submitted personal data to us, please contact us and we will delete it promptly.
10. Links to other websites
This site contains links to nursing home operator websites and third-party resources. Once you leave NursingHomeGuide.sg, this privacy policy no longer applies. We are not responsible for the privacy practices of external sites and encourage you to read their policies before providing any personal data.
11. Changes to this policy
We may update this privacy policy from time to time to reflect changes in our practices, technology, or legal requirements. For material changes — those that affect how we collect, use, or share your personal data — we will update the “Last updated” date at the top of this page and, where practical, display a notice on the site for 30 days.
We encourage you to review this page periodically. Continued use of the site after a material change constitutes acceptance of the updated policy.
12. Contact and complaints
For any privacy-related questions, requests, or concerns, please use our contact form with the subject “PDPA request”.
If you are not satisfied with our response, you have the right to lodge a complaint with Singapore’s Personal Data Protection Commission (PDPC):
- Website: www.pdpc.gov.sg
- Online complaint form: Lodge a complaint with the PDPC