Your privacy matters to us at NSG Hospitality Holdings Pte. Ltd. (“NSG”).
The Group’s portfolio includes operated or managed properties and businesses, as well as licensed hotels. Any licensed hotels are operated by entities that are separate from the Group. To determine the data controller for guest data under a licensed hotel, please contact the hotel directly.We may from time to time update this Policy to ensure that it remains consistent with the business and services we offer and any changes to legal or regulatory requirements.
1. PERSONAL DATA WE COLLECT
1.1 Types of personal data we collect
The personal data we collect will depend on your relationship with us and the service you have requested. It may include:
- your identity and contact details (such as your name, identification number, passport number, driver’s licence number, photograph, nationality, gender, date of birth, occupation, telephone number(s), email address, and mailing address), travel partner programme affiliation, and membership information;
- payment information in connection with a reservation or additional products or services purchased during your stay or visit;
- information related to your reservation, itinerary and other travel-related information, including information about your companions;
- information related to your stay at or visit to our property, including your feedback and opinions about our properties and services;
- information on your usage of and interaction with our website;
- videos and images collected through Closed-Circuit Television (“CCTV”) recordings;
and any other information which you choose to provide to us.
1.2 How your personal data is collected
We may collect your personal information directly from you or in the course of our dealings with you including when you:
- provide personal information to us through our website, app and/or paper forms;
- visit our website, social media channels or access our app;
- use the Internet connection, networks, telecommunications systems and/or information processing systems at our properties;
- visit our properties, through CCTV recordings placed in public areas;
- when you interact with any of our employees either in-person or online;
- participate in a membership or loyalty program;
- authorise a third party to interact with us on your behalf in any manner e.g. make, change or enquire about a reservation on your behalf.
If you provided us with the personal data of a third party after receiving authorisation to do so, you represent to us that you have obtained the consent of the third party to provide us with their personal data for the respective purposes.
1.3 Regarding health and other sensitive information
In the course of our dealings with you, a situation may arise which results in us collecting information about you which is considered sensitive under applicable privacy and data protection laws. Such information includes information regarding your health or religion which you might volunteer to us during your enquiries, reservation, stay or visit at our properties.
We will ask for your consent to handle your health or other sensitive information. We will not use such information for any purpose other than the purpose for which you have consented to our use. This is not applicable, however, in situations where we need to use the information (i) to protect your vital interests (if you are not capable of giving consent), or (ii) in connection with a legal claim.
1.4 Regarding cookies and other similar technologies
1.5 Regarding CCTV Systems
Our properties are equipped with CCTV systems for security purposes and to protect the safety of our employees, guests and their property. Recordings may also be shared with governmental and regulatory authorities in accordance with any applicable laws. Unless required for the conduct of an investigation, or where requested or required by the relevant authorities, recordings are automatically deleted after a certain amount of time.
2. HOW WE USE YOUR PERSONAL DATA
We use, store, and otherwise process information about you to provide the services you request and to offer you the level of hospitality you expect of us:
2.1 Where it is necessary for the adequate performance of our contract with you
We will use your personal data in the following ways:
- Reservation, booking or other related information. Provide you with the services you require, such as to facilitate your reservations, your booking of facilities, or to assist you with meetings, event planning or travel arrangements;
- Contact information. Send you pre- and post-stay/event/activity communications and satisfaction surveys; communicate with you on other administrative information in relation to our services;
- Identification information. Verify your identity for the purpose of providing you with our services;
- Payment information. Facilitate and/or process your payments for the services you require;
- Request for information. We process your information to assist you with your requests, queries and complaints, whether sent to us online, through paper forms, or in person; and
- Compliance. Comply with applicable legal and regulatory obligations in relation to our contract with you.
2.2 To enhance your experience with us
We process your information given our legitimate interest in safeguarding and improving our properties and in continuously striving to provide a better level of service to you. We may use and disclose your Personal Data for the following purposes:
- Guests’ preferences and interests. Offer recommendations that may be of interest to you; improve and customise your experience for current and future stays at our properties;
- Guests’ reviews and opinions. Allow us to measure how well we have served you; respond to your feedback, queries and complaints; help us continuously improve our properties and services.
- Statistical Research. Conduct market and statistical research in order to better understand customer preferences and demographics, and to improve our properties and services.
2.3 To optimise your experience when using our digital and physical facilities
We process your information given our legitimate interest in maintaining the proper functioning and security of our digital and physical facilities. We may use and disclose your Personal Data for the following purposes:
- Improve and optimise the functioning of our website and app, such as by performing analytics and conducting research;
- Maintain the safety and security of our properties, facilities and employees;
- Ensuring network and information security; and
- Implementing fraud prevention.
2.4 To manage our relationship with you
Where you are our existing guest or customer, we process your information given our legitimate interest in undertaking marketing activities to promote properties and services. We may use and disclose your Personal Data for the following purposes:
- Send you promotions, sales, offers, events, competitions and/or activities, and other information about us and/or our trusted partners that may be of interest to you;
- Personalise, measure and improve our advertising;
- Conduct profiling on your characteristics and preferences to send you tailored marketing content; and
- Participate in our branding activities (including without limitation, the publication of your image, written quotes and testimony audio and video recordings for the purpose of promoting our company or companies, and our community).
If you do not wish to receive marketing communications from us, you can easily unsubscribe from such communications by clicking the “Unsubscribe” button on the emails or by sending us a request via email@example.com.
3. PROTECTING YOUR PERSONAL DATA
We take the privacy of your personal information seriously.
We have implemented appropriate procedures to protect personal information we hold. These measures include technical measures (such as firewalls and Secure Sockets Layer encryption technology) and organisational measures (such as information access controls).
The data that is stored with NSG will usually be stored up to the maximum statutory limitation as allowed by law in each jurisdiction, after which the data in its digital and tangible form will be destroyed by a recognised disposal company.
We also take precautions to ensure that Internet and other technology services which we provide at our properties are secure. Subject to any applicable law, we may monitor the use of our Internet connection(s), wireless or cable networks, telecommunications systems and/or information processing systems to enable us to detect and counter any security breaches.
NSG strives to keep all our guests and visitors informed about NSG special offers and enhancements, and those offered by our strategic marketing partners. However, certain data privacy regulations may require us to obtain your permission before we send you information that you have not requested from us.
In some cases, your permission will be implied from the nature of the service requested or transaction undertaken. For example, NSG may collect and use personally identifiable information provided by you or related persons to facilitate or effect transactions with NSG or its Affiliates, or behavioural data or information collected in the aggregate. In addition, your permission will be deemed given for communications from us that are necessary to fulfil transactions and services that you request.
5. Disclosure of personal data
Subject to the provisions of the Policy and any applicable law, we may disclose your personal information to third-party service providers, including travel-related companies (such as airport transfer companies and tour activity operators) and business partners who provide administrative, telecommunications, payment, fulfilment, analytics or other services.
Where required by law, we may disclose your personal information to law enforcement agencies, regulatory authorities and other authorised entities in accordance with applicable laws and regulations.
We do not permit the sale of personal information to third parties.
6. DATA TRANSFERS
7. YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
You may exercise any of the following rights with respect to your personal data, under applicable data protection laws (except where the exercise of these are restricted under applicable laws – for example, due to judicial proceedings or the carrying out of investigations), which can be exercised by sending us a request via firstname.lastname@example.org.
- Access. You may request us to ascertain the personal data that we may possess and, request a copy of your personal data held by us and/or receive information on how your data is processed. This right may be restricted if it adversely affects the rights and freedoms of other persons.
- Correction. You may request us to correct, complete or update your personal data that is incomplete or inaccurate.
- Erasure. You may request for us to remove your personal data, subject to legal requirements of the jurisdiction.
- Objection to processing. You may raise an objection by way of request to us processing your personal information.
- Restriction on processing. You may request a restriction on our processing of your personal information, in particular, when:
- You contest the accuracy of your personal information;
- The processing is unlawful in that particular jurisdiction, and you do not want us to delete your personal information;
- We no longer need your personal information, but you require the information for establishing, exercising or defending legal claims; or
- You have submitted an objection to processing based on our legitimate business interests, pending our response to your request.
- Data Portability. In the case of personal information for which processing is carried out by automated means, you may request a copy of personal information you have provided to us in a structured, commonly used and machine-readable format, and request us to transmit this information to another company (where technically feasible).
- Rejection of automated decision making. You may refuse the automated processing of your personal data which may significantly affect you, by way of request to us.
Please note that we may ask you to verify your identify before taking further action on your request. Please note that all requests may take time before a reply is given, and we may also charge you a reasonable fee to process your request where permitted by the applicable laws and regulations.
In certain circumstances, we may refuse a request, where the data is processed for the purposes of prevention, investigation, detection or prosecution of criminal offences. We may also refuse such a request, where there is processing of personal data in the prevention of threats to public security. We will also notify you if there is any data breach that becomes apparent.
8. CONTACT US
78 Shenton Way #20-01 Singapore 079120
Please provide your full name, contact details and the name of the property(s) you stayed at so that we can assist you appropriately.
If you are in the European Union, you may write in to your local data protection authority (DPA) within the EU.
If you are in Australia, you may write in to the Office of the Australian Information Commissioner (OAIC).