Scope
This policy applies to all YSP members — C‑Suite, Directors, Managers, Members, and Volunteers — and all personal data collected through YSP platforms and programmes.
- Applications and onboarding forms.
- Internal systems (e.g. Notion, communication platforms).
- Events, surveys, and publications.
Types of data collected
Personal information
- Name, email address, contact details.
- Age range, location, timezone.
Programme & participation data
- Role, department, contributions, outputs.
- Attendance, engagement, and performance records.
Content & media
- Written work, recordings, and published materials.
- Participation in events, podcasts, or media.
Purpose of collection
Data will not be used for purposes unrelated to YSP without consent.
- Manage programme participation and operations.
- Facilitate communication and collaboration.
- Publish and showcase member contributions.
- Improve programmes, systems, and user experience.
Consent
By joining YSP, members provide informed consent for data collection and use, and acknowledge how their data may be used within YSP operations. Members may request clarification on data usage or withdraw consent — subject to programme or operational limitations.
Use & disclosure
Disclosure to external parties only occurs with explicit consent, when required for approved partnerships, or when legally compelled.
- Used only for legitimate organisational purposes.
- Shared internally on a need‑to‑know basis.
- Never sold to external parties.
Storage & security
Members handling data must protect any data they have access to and avoid downloading or sharing sensitive information unnecessarily.
- Stored on secure, access‑controlled platforms.
- Access is limited to authorised personnel only.
- Reasonable measures are taken to prevent unauthorised access, loss, or misuse.
Retention
Personal data is retained only as long as necessary for programme and organisational purposes, or to comply with legal or operational requirements. Data no longer required is securely deleted or anonymised.
Member rights
Requests should be directed to the HR / Data Protection lead at [email protected].
- Access your personal data.
- Request corrections to inaccurate data.
- Request deletion of data (where applicable).
- Withdraw consent for specific uses.
Confidentiality
All members handling data must maintain strict confidentiality and not share internal or personal data without authorisation. Breaches may result in disciplinary action or removal from YSP.
Data breach response
- Assess and contain the breach promptly.
- Notify affected individuals where necessary.
- Review and strengthen data protection measures.
Compliance & accountability
YSP is committed to complying with the Personal Data Protection Act (PDPA) and applicable international data protection principles. Responsibility lies with the HR / Data Protection leads, under C‑Suite oversight.