Last Updated: 20 December 2017
Your privacy is important to us. Lotus Garden Restaurant ("Lotus Garden” or as appropriate in the context, “we”, “us” or “our”), wholly owned and managed by Lotus Garden Restaurant Pte. Ltd., take a serious approach to comply with the Singapore Government’s Personal Data Protection Act 2012 (“PDPA”).
Please read this Policy to understand how Lotus Garden uses the Personal Data collected. If you provide Personal Data to us or continue to interact with us, you are consenting to the collection, use, and disclosure of information in accordance with this Policy. Please review this Policy carefully before visiting or using our website, or otherwise providing us with any of your Personal Data. When you give us Personal Data about other individuals, you confirm that you are authorised to disclose and consent, on their behalf, to the collection, use, and disclosure of information in accordance with this Policy.
We strive to have your confidence and assure you of Lotus Garden's capability as a provider of service excellence. Should you have any queries or comments about this Policy, please contact us at the following:
Email: [email protected]
Address: 1 West Coast Drive, #01-78/79 NEWest, Singapore 128020
For more information about PDPA generally, please visit the Personal Data Protection Commission’s website at http://www.pdpc.gov.sg
1. PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA
1.1 What Personal Data We Collect
We may request some or all of the following information from its members, employees, customers, vendors and visitors to our events, websites and pages on various social media. Some examples of Personal Data that we may collect are:
- personal particulars (e.g. name, NRIC number / FIN number / passport number, contact details, residential address, age, gender, date of birth, nationality, race and religion);
- contact information (e.g. postal address, telephone and mobile numbers, email address and user names on various social media websites);
- your photos;
- your payment related information, such as your bank account or credit card information, and your credit history;
- personal opinions made known to us (e.g. marketing preferences, feedback or responses to surveys);
- information and interactions with us pertaining to your order (e.g. telephone recordings, order details);
- your employment history;
- information relating to a related third party (e.g. information of your next of kin, spouse, children, parents, and/or employees); and
- Information about your usage of and interaction with our website and/or services including computer and connection information, device capability, bandwidth, statistics on page views and traffic to and from our website.
1.2 How and When We Collect Your Personal Data
Generally, we collects your Personal Data in the following ways:
- when you submit forms relating to any of our products or services;
- when you register for or use any of our services on websites owned or operated by us or when you register as a member of websites owned and/or operated by us, or use services on such websites, including performing any online transactions;
- when you interact with any of our employees, including our customer service officers;
- when you use any of our services;
- when you establish any online accounts with us;
- when you request that we contact you;
- when you respond to our request for additional Personal Data
- when you ask to be included in an email or other mailing list;
- when you respond to our promotions and other initiatives;
- when you submit a job application;
- when we receive references from business partners and third parties, for example, where you have been referred by them; and
- when you submit your Personal Data to us for any other reason.
When you browse our website, you generally do so anonymously, but please see section 2 below on cookies and related technologies.
1.3 Purposes for the Collection, Use and Disclosure of Your Personal Data
Generally, we may use your Personal Data for one or more of the following purposes:
If you are a Customer:
- processing your orders;
- processing purchase transactions;
- recording and tracking of order and purchase history;
- communicating with you, including providing you with updates on changes to our policies or terms and conditions;
- responding to queries or feedback on our products and services;
- compiling data and conducting statistical or demographic analysis;
- addressing or investigating any complaints, claims, commercial risks or disputes;
- improving the content and navigability of our website;
- informing you of developments on our new products and services, special offers and/or promotions;
- to verify and process your personal particulars and payments in relation to the provision of any of our products or services to you;
- informing you of invitations to events / functions and seeking your feedback and comments on your attendance of the events / functions; and
- for purposes ancillary to or in furtherance of the above purposes.
Additionally, if you are a Member:
- to process your application for any of our services;
- to maintain your account with us;
- to verify and process your personal particulars and payments in relation to the provision of any of our products or services to you; and
- for purposes ancillary to or in furtherance of the above purposes.
If you are a Vendor / Business Partner:
- to conduct due diligence / background checks that are mandated by legislation or our internal policies and practices;
- for the supply of products and services and support by vendors / business partners to us;
- to evaluate and improve our products and services;
- to evaluate the products and services provided by vendors / business partners to us;
- to facilitate attendance at our corporate events / functions or any events/functions that we are involved in; and
- for purposes that are ancillary to or in furtherance of the above purposes.
If you are a prospective employee / employee:
- processing your application including pre-recruitment checks;
- providing or obtaining employee references or other references where relevant for background screening/vetting;
- collecting information about your suitability for the position applied for, including the conduct of background / due diligence checks ;
- organising training and staff development programs;
- assessing your performance;
- administrating benefits and payroll processing;
- providing you with tools to facilitate your job or as required for you to do your job;
- communicating with you as required by us to comply with its policies and processes, including for business continuity purposes; and
- for purposes that are ancillary to or in furtherance of the above purposes.
1.4 Usage of Personal Data for Marketing Purposes
From time to time, we may use your Personal Data to offer you products our services, including special offers, promotions or contests that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, direct mailers, short message service, telephone calls, facsimile and other mobile messaging services.
If at any time, you would like to request that we stop contacting you for marketing purposes or if you wish to change the way we use your Personal Data for marketing purposes, please contact us at the email above.
Please note that we may still send you non-marketing messages such as surveys, customer-service notices and other service related notices.
1.5 Disclosure of Personal Data
We will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, this Personal Data may be disclosed, for the purposes listed above (where applicable), to the following third parties, whether they are located overseas or in Singapore:
- any entity within the Company and its affiliates;
- anyone to whom we transfer or may transfer our rights and duties, including our business partners, vendors, service providers, external contractors and agents;
- service providers who provide IT and outsourcing services such as data storage, electronic mail services;
- banks, credit card companies and their respective service providers;
- our professional, legal and financial advisors such as our auditors, lawyers, tax advisors and insurers; and
- any other party to whom you authorise us to disclose your Personal Data.
We require that the parties to whom we transfer any Personal Data implement adequate levels of protection in order to protect Personal Data. We also require that these parties only process Personal Data strictly for purposes for which we engage them for and consistent with the purposes that we have described in Section 1.3 above or for other purposes for which consent has been sought and obtained.
In addition, we would disclose Personal Data in the following circumstances:
- in response to a request from law enforcement authorities or other government authorities;
- to comply with a court order or direction from any government agency or regulatory authority; and
- where such disclosure is necessary for investigations or legal proceedings.
1.6 Sale of Business
If our business is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.
2. COOKIES AND RELATED TECHNOLOGIES
2.1 Servers & Cookies
Our websites are hosted on third party servers. When you access our websites, the servers hosting our websites may automatically collect non-Personal Data (e.g. type of Internet browser and operating system used, domain name of the Web site from which you came, number of visits, average time spent on the site, pages viewed). This data may be used to monitor the information such as the number of users, their frequency of use, profiles of users and their online preferences and may help us to improve the performance or content of our websites.
When you view one of our websites, we may store some data on your computer in the form of a “cookie” to automatically recognise your PC next time you visit. Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website and may affect the functionality of our website(s). For further information about cookies visit www.aboutcookies.org or www.allaboutcookies.org.
2.2 Third-party Sites
Our website may contain links to other websites which are not maintained by us, such as those of our business partners. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the terms, conditions and privacy policies of such third party websites and to contact its owner or operator if you have any concerns or queries.
3. REQUEST FOR WITHDRAWAL OF CONSENT, ACCESS AND CORRECTION OF PERSONAL DATA
3.1 Withdrawal of Consent of your Personal Data
You may withdraw your consent to our usage or disclosure of your Personal Data for a particular at any time. If you wish to withdraw consent to the usage or disclosure of your Personal Data or obtain access to or make corrections to your Personal Data records, please contact our Data Protection Unit. Once we receive your notice that you wish to withdraw consent, we will contact you within fourteen (14) days to acknowledge receipt of your withdrawal notice and within sixty (60) days to inform you of the likely consequences of your withdrawal of your consent. We will cease to use and share your Personal Data within sixty (60) days after our acknowledgement of receipt of your withdrawal notice. We will also inform any third parties to stop using and sharing your Personal Data. If we require more information from you in order to respond to your request for withdrawal of consent, we will contact you within thirty (30) days after our acknowledgement of receipt of your withdrawal notice to obtain the necessary information from you.
If you withdraw your consent to any or all usage or disclosure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide its products and services to you, or to administer any contractual relationship with you. However, please understand that your withdrawal of consent for purposes necessary to us to supply any products or services to you or to administer any contractual relationship with you may carry legal or practical consequences, which will continue to apply.
Please understand that after your withdrawal of consent, we will continue to retain your Personal Data for any legal purposes in accordance with any applicable laws.
3.2 Access to your Personal Data
Subject to the exceptions referred to in section 21(2) of the PDPA (No. 26 of 2012), you have the right to request a copy of the information that we hold about you. We may charge an administrative cost to respond to your request for information, such as the printing or postage and any costs that we may incur in order to respond to your requests. We will inform you on the reasonable fee to be paid upon our receipt of your request for information. Once we receive payment of the administrative fee, we will respond to your request for information within thirty (30) days from the date of our receipt of payment of the administrative fee. If we require more time to respond to your request for information or if we require more information from you in order to respond to your request, we will contact you within thirty (30) days from the date of our receipt of payment of the administrative fee to inform you of our estimated time of response or to obtain the necessary information from you. We will use our reasonable means to respond to your request as soon as possible.
3.3 Rights to Photography and Digital Information
We own and reserve the right to post Buyers’ company logo, name, comments, testimonials and pictures of the event on our website without consent of our Buyers. We own the photography rights to all products that are sold by us. We also reserves the photography rights to advertise our customers’ cakes in any form of media. If you are uncomfortable or dislike the information posted on our Website or any other platforms managed by us, please write to the email above to request for it to be taken down.
3.4 Updates & Correction to your Personal Data
We take all reasonable measures to ensure that your Personal Data remains accurate, complete and up-to-date. If there is any change or update in your Personal Data, please write to our Data Protection Officer and provide your name and email address / postal address for us to contact you, the nature of our relationship with you and the Personal Data for which there has been a change, update or correction. As it is important for us that the Personal Data that we have about you is accurate and complete, we may contact you if we require supporting documentation from you.
4. SECURITY AND RETENTION
We maintain a range of security safeguards and practices to ensure the integrity and confidentiality of your Personal Data and to protect it from loss, misuse, accidental or unauthorised access, collection, disclosure, copying, alteration or destruction of the Personal Data.
Some of the ways we protect Personal Data include:
- external and internal premises security;
- restricting access to Personal Data only to authorised persons who need it to perform their day to day functions; and
- maintaining technology products to prevent unauthorized computer access or damage to electronically stored information, such as requiring identifiers and passwords, firewalls and anti-virus software
Please be aware that no method of transmission over the Internet or method of electronic storage is fully secure. While we cannot guarantee 100% security, we strive to protect the security of your information and are constantly reviewing and enhancing our information protection measures.
For unsuccessful job applicants, Lotus Garden will retain your Personal Data for no longer than two (2) year for the purposes of evaluating your suitability for future job openings with us and our affiliate, unless you inform us otherwise.
5. GOVERNING LAW
This Policy is governed by the laws of Singapore. You consent to submit to the exclusive jurisdiction of the Courts of Singapore in any dispute relating to this Policy.
Amendments and Updates of the Policy
We may amend this Policy from time to time to ensure that this Policy is consistent with any developments to the way we uses your Personal Data or any changes to the laws and regulations applicable to us. We will make available the updated Policy on our website. All communications, transactions and dealings with us shall be subject to the latest version of this Policy in force at the time.