Asian Tour Limited Personal Data Protection Policy
At Asian Tour, we respect your privacy. This Personal Data Protection Policy (“this Policy”) is administered in accordance to the Personal Data Protection Act of Singapore (“the PDPA”). Unless otherwise authorised under the PDPA or any other applicable law, we will not collect, use or disclose your personal data without your consent.
This Policy sets out the manner in which we collect, use, disclose, manage and protect your personal data (as defined below) in compliance with the PDPA. It applies to all individuals (including our members) who provide us with personal data or whose personal data is in our possession and control – that is not already in the public domain – in connection with or for the purposes of our operations.
This Policy supplements and forms part of the terms and conditions of Asian Tour membership or that governing your specific relationship with Asian Tour. It covers the Asian Tour Group, our websites, mobile applications and mobile/ micro-websites (collectively, “the Platforms”).
We may from time to time amend this Policy to ensure it is consistent with our future developments or businesses or with future changes to the applicable legal or regulatory requirements. By continuing your membership or other relationship with Asian Tour, you shall be deemed to have accepted this Policy (as amended).
Our Personal Data Protection Officer is: Director of Legal & Corporate Affairs.
“Asian Tour Group” means Asian Tour Limited and its subsidiaries, affiliates and joint venture companies in and outside of Singapore;
“Authorities” means any government agencies, statutory authorities, industry regulators and courts having jurisdiction over any entity of Asian Tour Group;
“Event Participants” means individuals (whether or not Asian Tour members) who participate in or attend events or programs promoted or organised by Asian Tour;
“PDPA” means the Personal Data Protection Act 2012 of Singapore;
“personal data” means any data that is capable of identifying a natural person, whether on its own or in conjunction with other data that is accessible to Asian Tour. Some examples and details of personal data are set out in Clause 2.2 below;
“Platforms” means websites, mobile applications and mobile/ micro-websites.
- Collection of Personal Data
2.1 When you interact with us, we collect, use and disclose your personal data which we reasonably consider necessary for the relevant purposes as mentioned in this Policy. By this Policy, you consent to our collection, use and disclosure of your personal data for such purposes and in the manner set out in this Policy.
2.2 Depending on the specific nature of your relationship and/or interaction with us and the relevant purposes, the personal data which we collect, use or disclose may variously include the following:
(a) your personal particulars such as name, title, gender, nationality, date of birth, marital status and contact particulars including telephone number(s), residential/ mailing address(es) and email address;
(b) details of your identification documents (e.g. NRIC or passport numbers) and applicable visa or permits such as employment pass, work permit, permanent residency status;
(c) the name and contact particulars of your next-of-kin;
(d) details of your credit card, bank account, tax residency status;
(e) details of your insurance policies;
(f) details of your professional golf experience;
(g) details of your personal preferences or other special requests or special conditions applicable to you;
(h) details of your hobbies or special interest areas;
(i) your photographs and images; and video/ CCTV recordings of you in action;
(j) your feedback/ opinion; and
(k) other information which you may voluntarily provide to us, from time to time, in the course of your interaction with us.
- Purposes of Collection, Use and/or Disclosure of Personal Data
3.1 Generally, we may collect, use and/or disclose your personal data for one or more of the various business purposes connected with the services we provide to you, such as the following:
(a) processing and assessing your application/ request to join as our member or to participate in our event or for other services;
(b) administering and managing your membership and/or relationship with us, including the provision of services to members and/or Event Participants, verifying your identity, communicating with you;
(c) providing you with information about services, facilities and/or other benefits being offered or made available by us to members and/or Event Participants;
(d) processing billing and payment transactions (e.g. collecting fees from you, paying prize money to you);
(e) internal record-keeping purposes; accounting or auditing purposes;
(f) providing you with information about a third party’s or external vendor/supplier’s promotions, special offers and/or other services being offered or made available to members and/or Event Participants, through our partnerships, associations and/or other collaborations with such third parties and external vendors/ suppliers (subject to Clause 6.2 hereof);
(g) organising and/or facilitating events or programmes involving members or Event Participants, verifying your eligibility to participate in such events or programmes;
(h) transmitting personal data to our service providers, agents and/or contractors working in collaboration with us to deliver or facilitate any of the abovementioned purposes.
(i) safety, emergency purposes;
(j) statutory or regulatory compliance purposes; legal purposes;
(k) marketing/ promotional purposes (subject to Clause 6.2 hereof);
(l) conducting market surveys and research for trend and statistical analysis and other purposes in order to enhance our services;
(m) responding to/ investigating claims, complaints and/or queries;
(n) other purposes reasonably related and/or ancillary to any of the abovementioned purposes;
(o) any other purposes for which your consent was specifically requested by us and given by you
(collectively, “the Purposes”).
3.2 If we request for your specific consent to our collection, use and/or disclosure of your personal data for any purposes other than the Purposes stated in this Policy, where feasible, we will inform you of those unstated purposes. We will explain to you whether such a purpose is intrinsic to your relationship with us or to our provision of services to you, or it is optional. In so far as a purpose is intrinsic to the relationship or provision of services, we reserve the right to decline to engage in the relationship or provide the services if you do not consent to our collection, use or disclosure of your personal data for such purpose.
3.4 We may use/ will continue to use personal data of individuals which had been collected before July 2014 (when the PDPA came into force) for purposes for which the personal data was collected then, unless consent is withdrawn in the manner set out in this Policy.
- Withdrawal of Consent
4.1 You may at any time, with reasonable notice, withdraw your consent to our use or disclosure of your personal data or any part thereof for any purposes by notifying us in writing. We may require up to 2 weeks from the receipt of your notification to respond and effect any change.
4.2 Upon withdrawal of your consent, we will take all necessary measures to cease collection, use or disclosure of your personal data or such part notified by you, to the extent that such withdrawal does not conflict with any of our statutory or legal obligations.
4.3 Depending on the extent of your withdrawal of consent, it may result in our inability to continue to provide services to you. We shall inform you of the likely consequences, and will advise you if we consider your withdrawal of consent as a termination by you of any agreement or relationship between you and us. Our legal rights and remedies are reserved in such event.
- Individual’s Obligations
5.1 Integrity of personal data. You are responsible for ensuring that the personal data you provide us is accurate, complete and not misleading and that it is kept up to date.
5.2 Verification of personal data and notification of changes. While we will take reasonable steps to periodically verify personal data in our possession, you are nonetheless required to notify us, from time to time, of any changes to your personal data.
5.3 Third party personal data. If you provide us with personal data of a third party (e.g. information of your spouse/ partner, children) for any particular purpose, you represent and warrant to us that you have obtained the consent of such third party to our collection, use and or disclosing such third party personal data as provided for the relevant purpose.
- Disclosure or Sharing of Personal Data
6.1 Subject to the following provisions of Clause 6, we do not pass on your personal data gained from your engagement with us without your consent to do so. Notwithstanding the foregoing, we may disclose your personal data:
(a) to meet our legal obligations;
(b) to comply with regulations or court order or a legitimate governmental request;
(c) to pursue our legitimate organisational interests;
(e) to protect the rights of the members of the Asian Tour Group, our partners and/or clients; or
(f) to uphold the integrity of the sport of golf.
6.2 We will use your personal data only for the Purposes or in accordance to law. In this respect, we may disclose or share your personal data to/ with the following parties in connection with the Purposes on condition that they use it only for the Purposes (and, where necessary, under an obligation of confidentiality to us):
(a) within the Asian Tour Group;
(b) our agents, contractors and service providers appointed in fulfilling or in connection with our services to you or to facilitate your dealings with us;
(c) our strategic partners (e.g. other golf sanctioning bodies, tournament promoters, insurers);
(d) banks, operators of any payment systems/ processes;
(e) our auditors, consultants, professional advisers;
(f) tax authorities (with respect to withholding taxes on prize monies);
(g) any Authorities to whom we are required to disclose information required by them pursuant to any law/ regulations or order.
6.3 Use for marketing/ promotion purpose. We may, on occasions, send information on behalf of our business partners or associates about offers and promotions for their products or services that we think may be of interest to you. Before we send anything to you, we may ask you if you wish to receive marketing materials from our business partners or associates. If you choose to receive them, nevertheless we will not disclose your personal data to such parties but rather will forward emails on their behalf to you. If subsequently you do not wish to receive such marketing materials, you may opt out anytime by contacting us.
6.4 Transferring of personal data to overseas. It may be necessary, if so required for the relevant business or legal purposes, to transfer your personal data outside of Singapore or to share it with Asian Tour Group entities or disclose it to Authorities located outside Singapore. If we do so, we will comply with the PDPA.
- Access and Correction of Personal Data
7.1 You may write to us to request:
(a) to obtain access to your personal data held by us;
(b) to obtain information about the ways in which your personal data has been or may have been used or disclosed by us in the year preceding the request; and/or
(c) to correct your personal data held by us
7.2 You may also request, in writing, the following information from us:
(a) the identity of the person or organisation that has determined how and why to process your personal data;
(b) the source of your personal data if it was not collected directly from you;
(c) the purpose of the processing of your personal data;
(d) the categories of your personal data collected, stored and processed;
(e) the categories of recipients whom your personal data is/ will be disclosed/ transferred to; and/or
(f) information on your right to object to or restrict the processing of your personal data, or your right to withdraw consent at any time.
7.3 However, under the PDPA, we are prohibited from providing you access in certain situations.
7.4 As allowed under the PDPA, we reserve the right to charge a reasonable fee for the handling and/or processing of access request by you pursuant to Clause 7.1 above.
7.5 We shall correct any error or omission in your personal data upon your request. Unless we are satisfied on reasonable grounds that the correction should not be made, we shall make correction as soon as practicable and send the corrected data to other organisations to which the data was disclosed within the past year before the correction is made, or with your consent, only to selected organisations.
- Protection of Personal Data
8.1 We make reasonable security arrangements to protect the personal data that we possess or control in order to prevent unauthorised access, collection, use, disclosure or similar risks.
8.2 We will use reasonable means to ensure that third parties who receive personal data from us protect it in a manner consistent with this Policy and not use it for any purposes other than those specified by us, by incorporating appropriate contractual terms in our agreements with these third parties.
- Limitation on Retention of Personal Data
9.1 We shall store and retain all personal data only for as long as required for the fulfilment of the Purposes or pursuant to any statutory or legal obligations imposed upon us by virtue of any applicable laws that are then in force.
9.2 We will cease retention of your personal data or remove the means by which personal data can be associated with you when it is no longer necessary for any business or statutory/ legal purposes.
- Exclusion of Liability
10.1 We shall not be liable for any purported breach of or non-compliance with any obligation of protection of personal data in the following instances:
(a) Where an act of nature or event outside our (or our contractor’s) control results in the damage or malfunction in any hardware used to store or process the personal data concerned;
(b) Where the personal data concerned is public information and is readily available in the public domain;
(c) Where, despite our reasonable effort, there is unauthorised access, modification, alteration or misuse of personal data caused by the malicious or fraudulent or criminal acts or conduct of a stranger not being under our control.
- Governing Law
11.1 This Policy shall be governed by and construed in accordance with the laws of Singapore.
11.2 Subject to Clause 11.1, we believe this Policy is also generally in compliance with the European Union General Data Protection Regulation (GDPR) which came into force in May 2018.