1.2 "Personal Data" is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access.
2. Policy Application
2.1 We are committed to safeguarding your Personal Data in compliance with the Singapore Personal Data Protection Act 2012 ("PDPA") and all the associated regulations and guidelines as may from time to time be issued under it.
3. Collection of Personal Data
3.1 We will collect your Personal Data in accordance with the PDPA from information which you provide to us: (a) through your use of our Mobile Application Service and/or Web Service; (b) in your interaction with us; (c) when you make a purchase on our Mobile Application Service and/or Web Service; (d) in the course of telephone enquiries; (e) via application or other forms; (f) when you subscribe to our newsletter; (g) when you sign up for an account on our Mobile Application Service and/or Web Service; (h) via cookies or through any other voluntary submission of any information by you.
3.2 Personal Data that may be collected includes, among other things, your name; mailing address; telephone number(s); email addresses; date of birth; gender; nationality; Facebook username; purchases of products; payment information; credit card numbers; marketing preferences; answers you provide to security questions; information used to provide products or services; information needed to administer rewards or loyalty programs; and any other types of information that you choose to provide to us or that we may collect about you through your transactions with us. Additional information such as the user’s transaction location, transaction details, purchase activity, device information, location information, and browser information may also be collected.
3.3 If you are only browsing our Mobile Application Service and/or Web Service, we do not capture data that allows us to identify you individually.
3.4 Our Mobile Application Service and/or Web Service do not sell or share any personal information about a user to or with any person or organisation except:
- As authorised by the user to transfer information in the user’s digital application form, or other information provided by the user, to the Merchant for the purposes of the user joining or participating in any Merchant Programs;
- As authorised by the user to transfer to the Merchant the user’s first name and last name, email address and phone number for the purpose of reservations/bookings, downloading/use of any voucher, or scanning any QR code at the Merchant’s tablet/mobile device for the purposes of receiving/using a voucher, confirmation of reservations/bookings, receiving of loyalty points and verification/administration of e-gift or e-membership cards;
- To Merchants or third parties with whom our Mobile Application Service and/or Web Service has entered into a business relationship in order to or in connection with providing various products or services to the user (either directly or through one or more third parties);
- As may be required by applicable law or regulatory requirement;
- As otherwise set out in our Mobile Application Service and/or Web Service Terms and Conditions at www.cds.sg
4. Purposes for Collection, Use, Disclosure and Processing of your Personal Data
4.1 By submitting your Personal Data to us, you acknowledge and consent to our use and disclosure of your Personal Data for the purposes for which it was collected and for any related or ancillary purpose, including but not limited to the following:-
- To respond to your requests;
- To process any orders or purchases which you make on our Mobile Application Service and/or Web Service;
- To manage and/or process your registration as a Member, or your sign-ups for mailing lists or promotional activities, etc.
- To communicate with you on your enquiries;
- To obtain your feedback on our services to you;
- To improve the quality of service provided to you on our Mobile Application Service and/or Web Service;
- To our related companies and/or our agents for internal auditing and administration;
- For the marketing of promotions, products and services which we think may be of interest to you;
- For conducting market research and customer satisfaction surveys on our products;
- Reservations/bookings with our Merchants;
- Downloading/use of any voucher, e-gift cards, promotions, and/or e-membership cards; and
- Receiving of membership loyalty points.
4.2 As the Purposes for which we may collect, use, disclose or process your Personal Data depend on the circumstances at hand, such purpose may not appear above. We shall notify you of such other purpose at the time of obtaining your consent, unless processing of your Personal Data without your consent is permitted by the PDPA or by law.
4.3 Our Mobile Application Service and/or Web Service collects information on its users when you sign up for an account and when using our Mobile Application Service and/or Web Service. When you register, we may ask you for information about you, including your first name, last name, email address, gender and birth year. Once you register with us, you are not anonymous to us. Page visits or mobile application usage may also store information about your computer or mobile phone configuration such as your IP address, location, where you have executed transactions stored within the application, screens viewed within the mobile application, cookie information and the pages you requested.
4.4 Our Mobile Application Service and/or Web Service may use this information to help make changes to the service to better serve you and our users. We also use the information to customize content on the site or in the mobile application and to match offers to you that will be displayed to you.
4.5 The use of features such as membership, loyalty programs, promotions, reservations/bookings on our Mobile Application Service and/or Web Service is considered an action by you to opt-into the sharing of such information to the merchant and our Mobile Application Service and/or Web Service. This information may be shared with the Merchant and ur Mobile Application Service and/or Web Service and may be used to match offers and services to your profile. The information shared with the Merchant may be used at the Merchant’s discretion and our Mobile Application Service and/or Web Service does not assume liability or responsibility of how the information is used by the Merchant.
5. Disclosure to third parties
5.1 We may provide information to third parties who assist us in operating our Mobile Application Service and/or Web Service, conducting our business, or servicing you, as long as these parties agree to keep the information confidential. If you can be identified from the information that is disclosed, then we will not disclose such information without prior notification to you and we will obtain your approval and opt-in in relation to such disclosure.
5.2 Information which does not constitute Personal Data may be provided to third parties for marketing, advertising, or other uses.
5.3 Our Mobile Application Service and/or Web Service will never distribute or sell personal information from our users to any third party unaffiliated with our Mobile Application Service and/or Web Service. We may disclose your Personal Data to third parties without first obtaining your consent in certain situations, including, without limitation, the following circumstances:
- We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims;
- In cases in which the purpose of such disclosure is clearly in your interests, and if consent cannot be obtained in a timely manner;
- In cases in which the disclosure is necessary to respond to an emergency that threatens the health or safety of yourself or another individual;
- In cases in which disclosure is necessary for any investigation or proceedings;
- In cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest;
- In cases where disclosure without your consent is permitted by the PDPA or by law.
We may make user information available on at aggregated level to participating merchants or advertisers using the platform in the form of reports. This information does not contain personally identifiable information.
6. Accuracy of Personal Data
6.1 We take all reasonable measures to ensure that the Personal Data collected from you is accurate, comprehensive and up-to-date. However, if there are any errors or changes in relation to your Personal Data, you may contact us to correct such errors or to update your personal information by emailing us at: email@example.com .
6.2 Once we receive sufficient information from you to deal with your request to correct your Personal Data, we will correct your Personal Data within 30 days. Please note that the PDPA exempts certain types of Personal Data from being subject to a request for correction and also provides for situations when corrections need not be made by us despite your request.
7. Access to Personal Data
7.1 We recognise that every individual has a right of access to his or her Personal Data. Should you wish to request for access to your Personal Data in our possession or control, you may make a written request (hereafter “Access Request”) to: software.sales@CDS.com.sg and we shall endeavour to respond to your access request within 30 days, failing which at the reasonably soonest time. We reserve the right to charge a fee to recover the costs and time spent in acceding to the Access Request. Please note that the PDPA exempts certain types of Personal Data from being subject to your Access Request.
8. Withdrawal of consent
8.1 You may withdraw your consent for the collection, use and/or disclosure of your Personal Data in our possession by submitting your request to: firstname.lastname@example.org. If you do not want your Personal Data to be shared among our Affiliates, please inform us by sending us an email at: email@example.com. If you do not wish to receive any further emails from us regarding launches, offers, promotions, special events or other information, you may unsubscribe by clicking the unsubscribe link in our mailers.
8.2 Please note that if you withdraw your consent for a limited purpose, such as for marketing, we may still contact you or use your information for other purposes for which you have not withdrawn your consent and such Personal Data may still be used or shared, as permitted under the PDPA and other applicable law.
8.3 We shall process your request within a reasonable time from such request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your Personal Data in the manner stated in your request. However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. Depending on the extent of your withdrawal of consent, it may mean that we will not be able to continue with your existing relationship with us.
8.4 You can change your notification options at any time by contacting our Mobile Application Service and/or Web Service at: firstname.lastname@example.org.
- We reserve the right to send you certain communications relating to the our Mobile Application Service and/or Web Service, such as service announcements, administrative messages and service notifications, that are considered part of your Mobile Application Service and/or Web Service account, without offering you the opportunity to opt-out of receiving them.
- You can delete your Mobile Application Service and/or Web Service account by e-mailing email@example.com and requesting that we delete your account. You will not be able to recover any membership data, un-used gift-card value, loyalty points, reservation/booking data, transaction progress or rewards once your account has been deleted.
Any information that may have been collected during your visits or use of our Mobile Application Service and/or Web Service may remain after your account has been permanently deleted for aggregated reporting and analysis, but this information may not be used to uniquely identify you.
9. Security of Personal Data
9.1 We have a variety of security measures to ensure that your Personal Data is adequately and securely protected and stored. Appropriate security arrangements will be taken to prevent any unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your Personal Data.
9.2 In addition, our Mobile Application Service and/or Web Service has security measures in place to protect against the accidental loss, misuse, and unauthorized access to your Personal Data while under our control. Such security measures include, but are not limited to, password controls, firewalls, and other industry standard security measures.
9.3 We have a business continuity plan which identifies business functions and assets (including Personal Data) which would need to be maintained in the event of disaster and which sets out the procedures for protecting and restoring the Personal Data if necessary.
9.4 You should be aware that no method of transmission over the Internet or method of electronic storage has 100% security. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
9.5 We cannot assume responsibility for any unauthorised use of your Personal Data by third parties which are wholly attributable to factors beyond our control.
9.6 We shall ensure that your Personal Data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that the purpose for which that Personal Data was collected is no longer being served by the retention of such Personal Data; and retention is no longer necessary for any other legal or business purposes.
9.7 Where your Personal Data is to be transferred out of Singapore, we shall comply with the PDPA in doing so. This includes obtaining your consent unless an exception under the PDPA or law applies, and taking appropriate steps to ascertain that the recipient of the Personal Data is bound by legally enforceable obligations to provide a standard of protection for the Personal Data that is at least comparable to the protection under the PDPA.
9.8 Our Mobile Application Service and/or Web Service will take reasonable and appropriate measures to ensure that a user’s personal information is delivered and disclosed only in accordance with a user’s instruction. Sophisticated secure technology is used to protect user data and data transmissions. However, our Mobile Application Service and/or Web Service cannot guarantee that the security of a user’s account information will not be compromised due to unauthorised access or use of our Mobile Application Service and/or Web Service, hardware failure, software failure, and other factors at any time. Please see our Mobile Application Service and/or Web Service’s Terms and Conditions at www.cds.sg for the full terms and conditions governing the use of our Mobile Application Service and/or Web Service.
9.9 We care about your private information, so we make every effort to protect it including, but not limited to:
- Encrypting data through HTTPS
- Storing private data encoded
- Restricting access to personal information to only employees that require the information to process it
10. Usage of Cookies and re-targeting technologies
10.2 Most browsers automatically accept cookies, but you can modify your browser setting to decline cookies. Generally, you can remove these cookies by following directions provided in your Internet browser's "help" file. If you choose not to allow us to place a cookie on your computer, you may be restricted from some services and some of the interactive features offered on our Mobile Application Service and/or Web Service may be similarly restricted or rendered inoperable.
10.3 In addition to cookies, we may also use other Internet technologies, such as web beacons or pixel tags, and other similar technologies, to deliver or communicate with cookies and track your use of our Mobile Application Service and/or Web Service. The information we obtain in this manner is primarily for statistical analysis purposes and enables us measure the overall effectiveness of our Content, advertising campaigns, and the products/services we offer through our Mobile Application Service and/or Web Service. By accessing our Mobile Application Service and/or Web Service and agreeing to receive our notifications, e-mail messages or newsletters, you agree that we can use technologies such as those mentioned above on your device(s).
10.4 Our Mobile Application Service and/or Web Service may contain web analytic services provided by third parties such as, but not limited to, Google Analytics. This means that when you visit our Mobile Application Service and/or Web Service, a cookie will be stored on your computer, except when your browser settings do not allow for such cookies. This is used to collect data about your online activities while you are on our Mobile Application Service and/or Web Service for the purposes of analysis on our behalf and this information may be used to measure usage of our Mobile Application Service and/or Web Service and personalize advertising content on our Mobile Application Service and/or Web Service. Google Analytics, and/or other data analytical tools, acts as our agent, which means that we solely determine the purposes for which the data is being used. If you do not wish information about your behaviour at our Mobile Application Service and/or Web Service to be collected and assessed by Google Analytics and/or other data analytical tools, you can install the Google Analytics opt-out browser add-on to opt-out of this data collection process.
10.5 Our Mobile Application Service and/or Web Service may use retargeting technologies which enables us to show our visitors advertisements from us on partner websites/applications. We also work with other companies who use tracking technologies to serve advertisements on our behalf across the Internet. These companies may collect non-personally identifiable information about your visits to our Mobile Application Service and/or Web Service. Retargeting technologies analyse your cookies and display advertisement based on your past surfing/usage behaviour.
10.6 When using our Mobile Application Service and/or Web Service, we may use and store your location data if it has been explicitly granted to the application or website by you, to verify transactions as well as to improve the user experience through localized content. Our Mobile Application Service and/or Web Service may use technologies available through the devices including GPS, WiFi, IP address and cell towers to generate your location.
12. Complaint process
12.1 Should you have any complaint regarding the way we handle your Personal Data or relating to our compliance with the PDPA, please contact us with details of your complaint via:
- • Email: firstname.lastname@example.org
- • Address: 1 Rochor Canal Road, #06-73, Sim Lim Square, Singapore 188504
12.2 All complaints will be evaluated by us in a timely manner. After we have completed the evaluation, we shall respond to the person who submitted the complaint with the results of our evaluation.