Personal Data Protection Policy

Personal Data Protection Policy
Here in Siloso Beach Resort (SBR), your privacy is of utmost importance. The purpose of this Data Protection Policy is to inform you how SBR manages Personal Data which is subject to the Singapore Personal Data Protection Act (No. 26 of 2012).

Please take a moment to read this Privacy Policy carefully to ensure that you are aware of and understand the nature of the data which we may collect from you, use of such data, and with whom we may share it. This Privacy Policy also generally outlines the steps which we take to protect your privacy.
We also tell you how you can reach us to update your Personal Data, ask questions you may have about our personal data protection practices and provide feedback.

By accessing and using this site (, your use indicates your agreement to the terms of this Policy.

Type of Personal Data
Depending on the nature of your interaction with us, the information we may collect from you include the following:
– Name
– NRIC/FIN/Driving License/Passport Number
– Gender
– Date of Birth
– Nationality
– Email Address
– Telephone/Fax Numbers
– Home/Work Address
– Credit Card Information
– Vehicle Number
– Preferences (Room Type/Dining)
– Dietary requirements

We may collect Personal Data from you via the following channels:
– When you submit an enquiry or reservation through our website or telephone;
– When you register for events, contests and promotions;
– When you register for check-in at the Reception;
– When we take photos/videos of you at our premise;
– When you are captured on our CCTVs installed within our premises;
– When you complete our feedback forms for Resort accommodation, meetings or seminars;
– When you submit a job application (walk-in or email) to us as an employee, part-time staff or internships;
– When you correspond with our staff (e.g. during site visit inspection – exchanging of business cards etc);
– When you complete any forms issued by SBR e.g. Authorization to Charge forms, Shuttle Service forms;
– Provision of information by third party providers such as Web Portals, Tour Operators, Travel Agencies.
Purpose for Data Collection and Use
– To facilitate booking of Resort accommodation;
– For compliance with Singapore Statutes – Hotel Act Chapter 127, Section 13 under Hotels Licensing Regulations – Control and Management. No. 27 – Particulars of guests required. No. 28 – All guests to be registered;
– For compliance with other relevant laws or authorities (e.g. providing assistance to law enforcement agencies, regulatory authorities and other governmental agencies);
– Verifying your identity; (e.g. requesting for a duplicate room key)
– Providing Customer Service (e.g. responding to your queries, feedback, complaints and requests, creating and maintaining guest profiles in our Property Management System database);
– Conducting marketing promotions (e.g. sending marketing materials and invitations or promotions);
– Marketing research and improving quality service (e.g. performing market analysis, developing new products and enhancing our products and services);
– For processing of claims;
– Conducting investigations relating to disputes, billing, further to a non-payment or fraud;
– Managing and preparing reports on incidents and accidents;
– To process your application job with us;
– To obtain reference checks prior to your employment with us;
– Security checks (vendors);
– Processing and payment of vendor invoices;
– For our internal administrative processes.

Disclosure of your Personal Data
In accordance with the PDPA, your personal data is required to be kept confidential and not disclosed to any third parties, without your prior consent.
However, subject to other relevant laws and the provision of our products and services, your personal data may be disclosed to the following parties/entities:
– Our Business Partners;
– Our Partners in the tourism industry including but not limited to the Singapore Tourism Board and other hospitality counterparts;
– External banks and credit card companies for fraud protection and credit risk protection;
– To comply with legal, law enforcement and regulatory bodies;
– For emergency and security concerns (e.g. admission to hospitals or police investigation);
– Any relevant parties that you have authorized us to disclose to.

Third party service providers and affiliates will comply with Singapore Personal Data Protection Act 2012 (No. 26 of 2012) and applicable laws to ensure that your Personal Data is secure and protected with the fulfilment of delivery of product and services. While we urge all trusted and carefully selected third party service providers to adhere with strict compliance to the Personal Data Protection Act, we do not hold any responsibilities for their omission or lapses when handling your Personal Data. Rest assured that we do not sell nor trade your Personal Data.

Access, Correction and Accuracy of Personal Data
We endeavor to ensure that the personal data we hold about you is accurate and up-to date. Please note that in most circumstances, we will presume that personal data directly provided by you will be accurate and complete. We are aware that such personal data changes frequently with changes of address and other personal circumstances. We encourage you to contact us soon as possible in order to update any personal data it holds about you.

Should you require access to your data from us, please state your reasons for your request to us in as much detail as possible to enable us to properly assess the matter. Please note that we may choose to reject your request if we have determined that the burden or expense of providing it would be unreasonable to us or disproportionate to your interests, if your request concerns information that is trivial, does not exist or cannot be found or it is otherwise frivolous or vexatious. Any such request may be subject to an administrative fee.

You may also withdraw your consent for the collection, use or disclosure of your personal data by the Resort at any time with reasonable notice.
Please note that should you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, SBR may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in place, which in turn may also result in the termination of any agreements with SBR, and your being in breach of your contractual obligations or undertakings.
Our contact details are set out below. We may require you to verify your identity.

Protecting your Personal Data
Any Personal Data collected by us on our website or by other means will be stored in a secure environment on a secure database or server. SBR uses a reasonable range of technology and physical security arrangements and maintain safeguards to protect against accidental or unauthorized access, collection, use, disclosure, copying, modification, disposal, deletion and other similar risks to Personal Data.

We endeavor to provide reasonable security arrangements to protect personal data under our possession or control, and we have implemented guidelines and internal policies for our staff to safeguard the security of the IT and Operational systems for your Personal Data.
Personal Data submitted on our website are also encrypted and protected with industry standard SSL (secure socket layer) communication protocol.

Retention and Disposal of Personal Data
The Act requires us not to store personal data longer than necessary. We will cease to retain your personal data when we no longer require such personal data for the purposes we originally notified you of or for any business or legal needs. Therefore, SBR only retains Personal Data for long as the retention is required for the purpose for which we collected the Personal Data, the purposes described in this Policy or as otherwise required or permitted by law.

Overseas transfers of Personal Data
We do not practice transferring personal data overseas as we do not have properties or affiliated partners in overseas. Should we have any in future, we will update this policy and rest assured that we will comply with the Singapore Personal Data Protection Act 2012 (No. 26 of 2012) and the local Privacy Laws to ensure that your Personal Data is secured and protected.

If you have any questions, feedback or if you do not wish to receive any promotional updates or news from us, withdraw consent or to access and update your Personal Data, please contact our Data Protection Officers at
Mailing Address:
Data Protection Officer
Siloso Beach Resort
51 Imbiah Walk
Singapore 099538

Policy Update
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. Therefore, we invite you to read this Privacy Policy regularly and in any event when making reservation with us. This Policy was last updated on 30 December 2016.