PERSONAL DATA PROTECTION POLICY
Mandai Park Holdings Pte. Ltd. (“MPH”“), its subsidiaries, related companies and affiliates who are engaged in our lines of businesses (collectively referred to as the "MPH Group" and any such entities collectively or individually, “we”, “our”, or “us”, as the context and case may require) recognise the importance of an individual’s privacy and personal data (“Personal Data”) (as defined below at paragraph 1).
This personal data protection policy ("Data Protection Policy") outlines how the MPH Group manages Personal Data (“Personal Data”) which is subject to the Personal Data Protection Act 2012 in Singapore (the "Act").
1. Personal Data
1.1. We may collect, use, disclose and/or process Personal Data about you. The purposes for which we may collect, use, disclose and/or process such Personal Data are set out below at paragraph 2.2.
1.2. Personal Data refers to any data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the MPH Group has or is likely to have access to, including existing data in our records which you have provided us, in any forms you may have submitted to us or via any form of interaction with us.
1.3. Examples of Personal Data which you may provide to us include but are not limited to the following:
b) NRIC/Passport/Other Identification Number;
c) Telephone Number;
d) Mailing address, country of residence;
e) Email address;
f) Social media account user name;
g) Profile details including, but not limited to, your interests;
h) Date of birth;
j) Photograph, image, picture, recording, film footage, likeness or other characteristics or identification, or such other medium in which your likeness may appear; and/or
k) Credit card number/bank details.
2. Purposes for Collection, Use and Disclosure of Personal Data
2.1. You can generally use and browse our website without disclosing your Personal Data to us (subject to paragraph 2.2 below), except where such disclosures may be necessary to allow us to respond to your requests, or in cases where you contact us directly.
2.2. Generally, the MPH Group collects, uses and discloses your Personal Data in respect of the following purposes:
a) to communicate with you on our promotions, products , services, and events (including updates on our parks and facilities, membership programme features, etc.);
b) to communicate with you on our agents’, contractors’ or third party service providers’ (collectively referred to as our “Partners”) promotions, products, services, events or similar;
c) to respond to your enquiries, requests, or feedback on product and service improvements;
d) to process and administer your transactions with us (including, but not limited to, processing gift voucher purchases, handling of large baggage deposit services, rental and retrieval of mobility aids, handling of lost and found item notifications or returns);
e) to process your membership, programme and related participation(s), volunteer, ambassador or job application(s), and/or to auto-retrieve, auto-populate, or similar, your Personal Data, from such Personal Data that may have been previously provided to us in respect of the foregoing;
f) to verify your identity;
g) to facilitate the running of our parks and our and/or our Partners’ provision of products and services to you;
h) to manage our administrative and business operations and to comply with our internal policies and procedures;
i) to execute, administer and manage your visit to, or events you participate in at, our parks including liaising with organisations which arrange for your visit (including, but not limited to, education executives for school visits, Zoo Explorer camps or other public programmes);
j) to facilitate business asset transactions (including, but not limited to, asset sales, mergers or acquisitions involving any of our companies);
k) to obtain your feedback or participation in surveys, market research and/or analysis for statistical, profiling or other purposes to enable us to customise, review, improvise and develop our products and services, to understand customer preferences, behaviour and market trends;
l) to manage the safety and security of our parks and services including but not limited to conducting security clearances and carrying out CCTV surveillance, granting or refusing admission to our parks and tracking your movement on our parks;
m) to provide media announcements or responses;
n) to respond to any claims, actions or proceedings and/or to safeguard and enforce our contractual and legal rights and obligations;
o) to manage and prepare any reports regarding incidents or accidents;
p) to comply with any applicable rules, laws, regulations, codes of practice or guidelines as well as to assist in investigations and law enforcement by the relevant authorities; and/or
q) any other purpose reasonably related to any of the above.
2.3. For any other purpose(s) not set out herein, the MPH Group may notify and seek your further consent in accordance with the requirements of the Act before using your Personal Data for that other purpose(s), including, but not limited to, when you are asked to provide your Personal Data before you participate in a contest, or when we ask you to share your photos (or media) with us for use on our websites, social media accounts, or for developing our online and public profile and community.
3. Disclosure of Personal Data to Third Parties
3.1. Subject to the provisions of any applicable law and in order to carry out the purposes listed at paragraph 2.2 above, we may disclose your Personal Data to the following third parties for any of the purposes described in this Data Protection Policy:
a) related corporations or affiliates of the MPH Group;
b) Partners contracted by the MPH Group to perform functions including those listed at paragraph 2.2 above;
c) Partners contracted by the MPH Group (and the sub-contractors of such Partners) to provide operational services, including, but not limited to courier services, insurance, telecommunications, information technology, payment, payroll, processing training, market research, storage, archival, customer support investigation services or other services, in all instances, being reasonably related to our lines of businesses;
d) organisations which arrange for your visit to our parks (including, but not limited to, welfare organisations, people’s organisations, or education executives organising school visits or public programmes);
e) banks or other financial institutions, credit card companies, payment processors or gateways, secretarial agents, billing organisations, or similar, and their respective service providers;
f) our business associates or partners, investors, assignees or transferees (actual or prospective) to facilitate business transactions which may include any merger, acquisition or asset sale or transfer;
g) our professional advisors, which may include lawyers, auditors, accountants or other consultants;
h) law enforcement agencies, relevant government ministries, regulators, statutory boards or authorities in compliance with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and/or
i) any other person to whom you authorise us to disclose your Personal Data to.
3.2. The MPH Group will use all commercially reasonable endeavours to ensure that our employees, officers, Partners and such other third parties who have access to your Personal Data observe and adhere to the terms of this Data Protection Policy.
4. Consent to Collection, Use and Disclosure of Personal Data
4.1. By submitting information to us, communicating with us, or signing up for any products and services offered by any member of the MPH Group, you agree and consent to the MPH Group collecting, using, and disclosing your Personal Data amongst ourselves or to our Partners, in the manner set forth in this Data Protection Policy.
4.2. When you provide the MPH Group with any Personal Data relating to a third party (including, but not limited to, information on your dependants, spouse, children and/or parents), you represent and warrant that you are authorised to do so and/or the consent of that third party has been obtained for the collection, use and disclosure of the Personal Data by us for any of the purposes listed herein.
5. Withdrawing Your Consent
5.1. The consent that you provide for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed herein by submitting your request in writing or via email to our Data Protection Officer at the contact details provided at paragraph 14 below.
5.2. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same. In general, we shall seek to process your request within ten (10) business days of receiving it.
5.3. Please note that the withdrawal of your consent does not affect our right to continue to collect, use and disclose your Personal Data where such collection, use and disclose without consent is permitted or required under the applicable laws.
6. Access and Correction of Personal Data
6.1. If you wish to make (a) an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data, or (b) a correction request to correct or update any of your Personal Data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided at paragraph 14 below.
6.2. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
6.3. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) calendar days after receiving your request, we will inform you in writing within thirty (30) calendar days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Act).
7. Protection of Personal Data
7.1. The MPH Group will take reasonable steps to secure your Personal Data against any unauthorised access, collection, use, disclosure, copying, modification or similar risks and ensure that access to your Personal Data is limited to persons whom we reasonably believe require access for effective delivery of our services to you for the purposes listed herein (where applicable) or any other purpose as consented by you.
8. Accuracy of Personal Data
8.1. We will take reasonable efforts to ensure that your Personal Data is accurate and complete, if your Personal Data is likely to be used by us to make a decision that affects you, or disclosed to another organisation, subject to paragraph 8.2.
8.2. In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer in writing or via email at the contact details provided at paragraph 14 below. We will not be responsible for relying on inaccurate or incomplete Personal Data arising from you not updating us of any changes in your Personal Data that you had initially provided us with.
9. Retention of Personal Data
9.1. We may retain your Personal Data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
9.2. We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal or business purposes.
10. Transfer of Personal Data Outside of Singapore
10.1. The Personal Data we collect from you may be transferred to, stored and processed at a destination outside Singapore. By submitting your Personal Data, you agree to such transfer, storing or processing for the purposes described in this Data Protection Policy. MPH will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Data Protection Policy.
11. IP Addresses
11.1. When you use or access our websites, we may collect and store information about your computer (including, but not limited to, your IP address, operating system and browser type) for the purposes of system administration, processing, and related analysis.
12.2. Should you wish to disable the cookies of our websites, you may do so by changing the settings on your browser. However, you may not be able to enter certain part(s) of our websites.
13. Third Party Websites
13.1. Our websites may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please ensure you carefully read and review the privacy policies of these websites before you submit any Personal Data to these websites.
14. Data Protection Officer
14.1. You may contact our Data Protection Officer if you have any enquiries or feedback relating to your Personal Data or our Data Protection Policy in the following manner:
Data Protection Officer
Address: 80 Mandai Lake Road Singapore 729826
Email: [email protected]
14.2. Please note that for any Personal Data provided to us by a third party (including, but not limited to, your company or a recruiter or a parent), you should inform such party to write to the MPH Group for any queries, feedback, complaints, and access and correction requests on your behalf.
15. Updates to Data Protection Policy
15.1. The MPH Group reserves the right to modify and update this Data Protection Policy from time to time without prior notice except by publication on this, to ensure that this Data Protection Policy is consistent with any changes to the laws and regulations applicable to the MPH Group. All communications, transactions and dealings with us shall be subject to the latest version of this Data Protection Policy in force at the time.
15.2. This Data Protection Policy was last updated on 21 April 2020. We encourage you to visit this site to stay informed of our privacy and data practices.
16. Governing Law
16.1. This Data Protection Policy shall be governed in all respects by the laws of Singapore.