We respect your individual privacy and treat your Personal Data in accordance with the Personal Data Protection Act 2012 (PDPA). This Data Protection Policy explains to you how we deal with the information that we collect from you, in particular, the purposes for which we collect, use and disclose your Personal Data.
1. Personal Data
"Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access. Examples of Personal Data include your name, NRIC, telephone number, mailing address, email address, transactional data which you have provided us in any forms submitted to us, via your use of your Friends of the Gardens membership card, or via other forms of interaction with you.
2. Collection of Data
We collect your Personal Data when you register for our services and events and/or when you visit our website at www.gardensbythebay.com.sg. We may also gather your Personal Data in connection with your participation in any activities organised by us, in your feedback or participation in surveys, market research and/or analysis for statistical, profiling, trend analysis or other purposes to enable us to customize, review, improvise and develop our products and services, to understand customer preference, behavior and market trends and any other purpose that we may notify you of at the time of obtaining your consent collectively referred to as the “Purpose”.
3. Consent of Collection of Personal Data
(i) By providing your Personal Data through any of the abovementioned ways, you have agreed to the collection, use and disclosure of the Personal Data by Gardens by the Bay for any of the purposes listed herein.
4. Purpose and Use of Personal Data
We will use your Personal Data to communicate with you, through mails, emails, text messages and/or fax messages, on news and offers from participating merchants and/or other carefully selected companies which we think may be of interest to you and which relate to events and programmes. You can inform us if you do not wish to receive such communication.
5. Disclosure of Personal Data
(i) We will take reasonable steps to secure your Personal Data against any unauthorised access, improper use or disclosure and ensure that access to your Personal data is limited to persons whom we reasonably believe requires access for effective delivery of our services to you for the purposes listed herein (where applicable) or any other purposes as consented by you.
(ii) Subject to the provisions of any applicable law and in order to carry out the purposes listed herein, we may share or disclose your Personal Data with our related corporations including but not limited to:
Agents, contractors or third party services providers (whether in Singapore or elsewhere) contracted by Gardens by the Bay to provide operational services such as courier services, insurance, telecommunications, information technology, payment, payroll, processing training, market research, trend analysis, storage, archival, customer support investigation services or other services.
Banks, credit card companies, secretarial agents, billing organizations and their respective service providers;
Our business associate or partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions which may include any merger, acquisition or asset sale;
Our professional advisors such as lawyers, auditors, accountants or consultants;
Law enforcement agencies, relevant government ministries, regulators, statutory boards or authorities incompliance with any laws, rules guidelines and regulations or schemes imposed by any governmental authority; and/or
Any other person to whom you authorise us to disclose your Personal Data to.
Gardens by the Bay will use all commercially reasonable endeavours to ensure that our employees, officers, partners and such other third parties who have access to your Personal Data observe and adhere to the terms of this Personal Data Protection Policy.
6. Access and Correction of Personal Data
(i) You may request to access and/or correct the personal data currently in our possession or control by submitting a written request to us. We will need sufficient information from you in order to ascertain your identity as well as the nature of your request, so as to be able to deal with your request and shall attend to your request within 30 days. You may write to our Personal Data Protection Officer at the address provided below if you:
Have any queries or feedback relating to your Personal data or our Data Protection Policy;
Would like to obtain access and make correction/update to your Personal Data in our record.
(ii) We will also be charging you a reasonable fee for the handling and processing of your requests to access your Personal Data. We will provide you with a written estimate of the fee we will be charging. Please note that we are not required to respond to ordeal with your access request unless you have agreed to pay the fee.
7. REQUEST TO WITHDRAW CONSENT
(i) You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by submitting your request to firstname.lastname@example.org.
(ii) We will process your request within a reasonable time from such a request for withdrawal of consent being made and will thereafter not collect use and/or disclose your Personal Data in the manner stated in your request.
(iii) The withdrawal of your consent may mean depending on the extent of your withdrawal of consent for us to process your Personal Data, that we will not be able to continue with your existing relationship with us.
8. ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
(i) We will put in place reasonable security arrangements to ensure that your Personal Data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorised access, collection, use disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. We will not be responsible for any unauthorised use of your Personal Data by third parties which are attributable to factors beyond our control.
(ii) We will put in place measures such that your Personal Data in our possession or under our control is destroyed and/or anonymised as soon as it is reasonable to assume that (i) the purpose for which the Personal Data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any legal or business purposes.
9. COMPLAINT PROCESS
If you have any complaint or grievance regarding how we are handling your Personal Data or about how we are complying with the PDPA, please contact us with your complaint or grievance at any of the following methods.