Privacy Policy
Mandai Global Pte. Ltd. and its Affiliates (“we”, “our” or “us”) recognise the importance of protecting your privacy and Personal Data (as defined at paragraph 1.2 below). For avoidance of doubt, “Affiliates” in relation to a corporation, means the holding company of that corporation, a subsidiary of that corporation, a subsidiary of the holding company of that corporation, or an associated company of that corporation
This personal data protection policy (“Policy”) has been prepared in accordance with the provisions of the Singapore Personal Data Protection Act 2012 (“Act”). This Policy outlines the personal data protection practices that apply in our dealings with you and how we manage your Personal Data. Subject to your rights at law, you agree to be bound by the prevailing terms of this Policy, as amended and updated from time to time, and as found on our website at https://magicvalley.mandai.com ("Platform").
1. Personal Data
1.1 Generally, we may collect, use, disclose and/or process Personal Data which has either been provided by you to us voluntarily or by a third party who has been duly authorised by you to disclose your Personal Data to us. The purposes for which we may collect, use, disclose and/or process Personal Data are set out at paragraph 2.1 below.
1.2 For the purposes of this Policy, Personal Data is defined as any data, whether true or not, about an individual who can be identified (a) from that data, or (b) from that data and other information to which we have or are likely to have access to, including existing data in our records which you have previously provided to us, in any forms you may have submitted to us or via any of your interactions with us.
1.3 Depending on your interactions with us, some examples of Personal Data which we may collect from you include, but are not limited to, the following:
-
Name;
-
NRIC, passport or other identification number;
-
Telephone number;
-
Mailing, residential address and country of residence;
-
Email address;
-
Social media account user name;
-
Profile details such as your interests;
-
Date of birth;
-
Gender;
-
Photographs, images, pictures, recordings, film footage, or such other medium in which your likeness, characteristics or identification may appear in; and
-
Credit card number or bank details.
2. Purposes for Collection, Use and Disclosure of Personal Data
2.1 Generally, we will only collect, use, process and/or disclose your Personal Data where deemed necessary, and for, including but not limited to, the following purposes:
-
to notify you of the launch of our Platform (accessed via https://magicvalley.mandai.com) and provide you with updates on the new features on our Platform;
-
to communicate with you on our promotions, products, services, events, programmes, and initiatives (including but not limited to, providing you with updates on our parks and facilities, membership programme features, sponsorship packages etc.);
-
to communicate with you on our vendors’, agents’, contractors’ third-party service providers’ or business partners’ (collectively referred to as our “Partners”) promotions, products, services, events etc.;
-
to respond to your enquiries, requests, or feedback in relation to our products and service improvements;
-
to process and administer your transactions with us (including, but not limited to, processing payments and purchases made through the Platform, gift voucher purchases, handling of large baggage deposit services, rental and retrieval of equipment and mobility aids, handling of lost and found item notifications or returns);
-
to process your membership, programme and related participation(s), volunteer, ambassador or job application(s), or to auto-retrieve or auto-populate your Personal Data previously provided to us;
-
to verify your identity or eligibility for discounts and promotions or activities or events organised by us, on our behalf or on behalf of our Affiliates;
-
to facilitate the running of our parks and our or our Partners’ provision of products and services to you;
-
to manage our administrative and business operations and to comply with our internal policies and procedures;
-
to execute, administer and manage your visit to, or events you participate in at, our parks including liaising with organisations which arrange for your visit, including, but not limited to, education executives for school visits, Zoo Explorer camps or other public programmes;
-
to facilitate business asset transactions, including, but not limited to, asset sales and mergers or acquisitions involving any of our companies;
-
to obtain your feedback or participation in surveys, market research or analysis for statistical, profiling or other purposes to enable us to customise, review, improvise and develop our products and services, to understand customer preferences, behaviour and market trends;
-
to manage the safety and security of our parks and services including but not limited to conducting security clearances and carrying out CCTV surveillance, granting or refusing admission to our parks and tracking your movement in our parks;
-
to provide media announcements or responses;
-
to respond to any claims, actions, or proceedings or to safeguard and enforce our contractual and legal rights and obligations;
-
to manage and prepare any reports regarding incidents or accidents;
-
to comply with any applicable rules, laws, regulations, codes of practice or guidelines as well as to assist in investigations and law enforcement by the relevant authorities; or
-
any other purpose reasonably related to any of the above.
2.2 For any other purpose(s) not set out herein, we may notify and seek your further consent in accordance with the requirements of the Act before using your Personal Data for that other purpose(s), including, but not limited to, when you are asked to provide your Personal Data before you participate in a contest, or when we ask you to share your photos or any other media with us for use on our Platform, social media accounts, or for developing our online and public profile and community.
2.3 When you browse our Platform, you may opt to proceed without disclosing your Personal Data to us (subject to paragraph 2.1 above), except for situations where such disclosures may be necessary to allow us to respond to your requests, or in cases where you have contacted us directly.
3. Disclosure of Personal Data to Third Parties
3.1 Subject to the provisions of any applicable law and in order to carry out the purposes listed at paragraph 2.1 above, we may disclose your Personal Data to the following third parties for any of the purposes described in this Policy: [
-
our related corporations or Affiliates;
-
Partners contracted by us or our Affiliates to perform functions including those listed at paragraph 2.1 above;
-
Partners contracted by us or our Affiliates (and the sub-contractors of such Partners) to provide operational services, including, but not limited to, courier services, insurance, telecommunications, information technology, payment, payroll, processing training, market research, storage, archival, customer support investigation services or other services, in all instances, being reasonably related to our lines of businesses;
-
organisations which arrange for your visit to our parks (including, but not limited to, welfare organisations, people’s organisations, or education executives organising school visits or public programmes);
-
banks or other financial institutions, credit card companies, payment processors or gateways, secretarial agents, billing organisations, or similar, and their respective service providers;
-
our business associates or partners, investors, assignees, or transferees (actual or prospective) to facilitate business transactions which may include any merger, acquisition or asset sale or transfer;
-
our professional advisors, which may include lawyers, auditors, accountants, or other consultants;
-
law enforcement agencies, relevant government ministries, regulators, statutory boards, or authorities in compliance with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; or
-
any other person to whom you authorise us to disclose your Personal Data to.
3.2 To the extent we engage with any of the aforementioned third parties to collect, use, obtain or process your Personal Data, we will procure that the third parties exercise reasonable efforts to ensure that it is in compliance with this Policy, the Act and such other applicable laws and regulations for the purposes of protection of your Personal Data, and is transparent on the purpose of collecting, using, obtaining or processing your Personal Data.
4. Consent to Collection, Use and Disclosure of Personal Data
4.1 By providing or submitting any information to us, communicating with us, signing up for any products and services offered by us, and/or accessing or using our Platform, you agree and consent to us collecting, using, and disclosing your Personal Data amongst ourselves, or with any of the third parties listed out at paragraph 3 above, in accordance with this Policy. Please DO NOT provide us with any Personal Data and/or cease accessing or using our Platform if you do not accept this Policy. Information provided by individuals or organisations us for business purposes is not considered Personal Data.
4.2 When you provide us with any Personal Data relating to another individual, including, but not limited to, information on your dependents, spouse, children and/or parents, you represent and warrant that you are duly authorised to do so and/or the consent of the individual, which the Personal Data belongs to, has been duly obtained for the collection, use and disclosure of the Personal Data by us for any of the purposes listed in this Policy.
5. Withdrawing Your Consent
5.1 Your consent for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw your consent and request for us to stop collecting, using and/or disclosing your Personal Data for any or all of the purposes listed in this Policy by submitting your request via email or in writing to our Data Protection Officer at the contact details provided at paragraph 14 below.
5.2 Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same. In general, we shall seek to process your request within ten (10) business days of receiving it.
5.3 Please note that the withdrawal of your consent does not affect our right to continue to collect, use and/or disclose your Personal Data where such collection, use and/or disclosure without consent is permitted under the Act or required under applicable laws.
6. Access and Correction of Personal Data
6.1 If you wish to (a) make a request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data, or (b) make a correction request to correct or update any of the Personal Data which we hold about you, you may submit your request via email or in writing to our Data Protection Officer at the contact details provided at paragraph 14 below.
6.2 Please note that a reasonable fee may be charged for an access request. As such, upon receiving your access request, we will inform you of the fee payable before processing your request.
6.3 We endeavour to respond to your access or correction request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) calendar days after receiving your request, we will provide to you in writing, within the stipulated thirty (30) calendar days, a timeframe by which we will be able to respond to your request. If we are unable to provide you with any of the Personal Data you have requested for or to make a correction requested by you, we shall provide you with our general reasons as to why we are unable to do so, unless we are not required to do so under the Act.
7. Protection of Personal Data
7.1 We will take reasonable efforts to secure your Personal Data in our possession or our control by making reasonable security arrangements to prevent any unauthorised access, collection, use, disclosure, copying, modification or similar risks and ensure that access to your Personal Data is limited to persons whom we reasonably believe require access for effective delivery of our services to you for the purposes listed in this Policy (where applicable) or any other purpose as consented by you.
7.2 While we endeavour to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet or when you browse our Platform, and the method of electronic storage. We strongly encourage you to take every precaution to protect your Personal Data when you are on the Internet or when you browse our Platform. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
8. Accuracy of Personal Data
8.1 We will make a reasonable effort to ensure that any Personal Data collected by us is accurate and complete.
8.2 In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer via email or in writing using the contact details provided at paragraph 14 below. We will not be responsible for relying on inaccurate or incomplete Personal Data arising from you not updating us of any changes in your Personal Data that you had initially provided us with.
9. Retention of Personal Data
9.1 We may retain your Personal Data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
9.2 We will cease to retain your Personal Data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected for and is no longer necessary for legal or business purposes.
10. Transfer of Personal Data Outside of Singapore
10.1 The Personal Data we collect from you may be transferred to, stored and/or processed at location(s) outside of Singapore. By submitting your Personal Data to us, you agree to such transfer, storing or processing for the purposes described in this Policy. We will take steps that are reasonably necessary to ensure that such transfers of Personal Data to location(s) outside of Singapore will be in accordance with the requirements under the Act.
11. IP Addresses
11.1 This Policy also applies to any Personal Data we collect via our Platform. When you use or access our Platform, we may collect and store information about your computer (including, but not limited to, your IP address, operating system, and browser type) for the purposes of system administration, processing, and related analysis.
12. Cookies
12.1 Our Platform uses cookies to distinguish you from other users of our Platform. We may also collect statistical data, including but not limited to, your browsing actions and patterns, individually or in the aggregate, for the purposes of system administration, processing, and related analysis. Such information assists in increasing efficiency when you browse our Platform and enables us to improve our Platform for a more customised user experience.
12.2 Should you wish to disable the cookies on our Platform, you may do so by manually changing the settings on your internet browser. Please note that, should you disable the cookies on our Platform, your access to certain pages on our Platform may be restricted.
13. Third Party Websites
13.1 Our Platform may, from time to time, contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own policies in place and that we do not accept any responsibility or liability for these policies. Please ensure you carefully read and review the respective policies of these websites before you submit any Personal Data to these websites.
14. Data Protection Officer
14.1 You may contact our Data Protection Officer if you have any enquiries or feedback relating to your Personal Data or this Policy in the following manner:
-
Email: dpo@mandai.com
-
Write to:
Data Protection Officer
Address: 80 Mandai Lake Road
Singapore 729826
14.2 Please note that for any Personal Data provided to us by a third party, including, but not limited to, your company or a recruiter or a parent, you should inform such party to write to us for any queries, feedback, complaints, and access and correction requests on your behalf.
15. Updates to the Policy
15.1 We reserves the right to modify and update this Policy from time to time without prior notice except by publication on our Platform, to ensure that this Policy is consistent with any changes to the laws and regulations applicable to us. All communications, transactions, and dealings with us shall be subject to the latest version of this Policy in force at the time.
15.2 This Policy was last updated on 30 April 2024. We encourage you to visit this Policy to stay informed of our personal data protection practices.
16. Governing Law
16.2 This Policy shall be governed in all respects by the laws of the Republic of Singapore.