This Personal Data Protection Policy (“Policy”) sets out the basis upon which YQueue
Singapore Pte. Ltd. (UEN No: 201624243Z), whose registered address is 400 Orchard Road, #05-16, Orchard
Towers, Singapore 238875 (“YQueue”, “we”, “us”, or “our”) may collect, use, disclose, and/or otherwise process personal data in accordance with the Personal Data
Protection Act 2012 (2020 Rev. Ed.) of Singapore (“PDPA”) and all the associated regulations
and guidelines as may from time to time be issued under it. Please read the following carefully to understand
our policies and practices regarding the handling of your personal data.
By continuing your interactions with us, such as by submitting personal data to us, or using our YQueue Services, you confirm that you understand and consent to the collection, use, disclosure, and processing of your personal data (or the personal data of any individual you provide) in the manner as set forth in this Policy.
Questions, comments and requests regarding this Policy are welcomed and should be addressed to:
As used in this Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we (and all our affiliated entities and relevant unaffiliated third parties) have or are likely to have access. Personal data may include (depending on the nature of your interaction with us), without limitation, your (or such person’s): name; address; telephone number(s); email addresses; date of birth; gender; nationality; marital status; passport number, date and place of issue; NRIC number; driver’s licence number and expiration; photographs and other audio-visual material; employment information; marketing preferences; and preferred communication methods.
However, “business contact information” (which means your or such person’s name, position name or title, business telephone number, business address, business electronic mail address or business fax number and other similar information about you or such person, not provided by you or such person solely for your or his/her personal purposes, as the case may be) is not regarded as personal data for the purposes of this Policy.
We may collect and process the following data about you:
Cookies are small text files stored in your computing or other electronic devices which allow us to remember you or other data about you. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on an electronic device. For the avoidance of doubt, our cookies do not collect personal data and we do not combine the general information collected through our cookies with other personal data such as to render you identifiable.
We use the following types of data held about you in the following ways:
We may associate any category of data with any other category of data and will treat the combined data as personal data in accordance with this Policy for as long as it is combined.
We may disclose your personal data to third parties:
The data that we collect from you may be transferred to, and stored at, a destination outside Singapore. It may also be processed by staff operating outside Singapore, who work for us or for one of our suppliers. These staff may be engaged in the fulfilment of your request, order or reservation, the processing of your payment details and the provision of support services. By submitting your personal data to us, you agree to such transfer, storage and processing of your personal data. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy and the applicable laws and regulations. When personal data is transferred to outside Singapore, we will ensure that the overseas recipients are bound by legally enforceable obligations to provide the transferred data a standard of protection that is at least comparable to the protection under the PDPA, unless the overseas transfer is otherwise permitted on other grounds under the PDPA.
All data you provide to us, except your credit card information, will be stored via cloud computing with a third party provider. We do not store your credit card information, or carry out any payment transactions. For the purposes of any such payment transactions, you will be directed to the payment webpage(s) of the relevant third-party provider of payment processing services. You may choose to save your credit card information on your Device for use in conjunction with the YQueue Services (where applicable). Our third-party providers of payment processing services are PCI DSS compliant and certified. Any payment transactions carried out by our chosen third-party provider of payment processing services will be encrypted using the following: Advance Encryption Standard (AES), RSA Algorithm, and Secure Sockets Layer (SSL) / Transport Layer Security (TLS). Further information on such encryption methods may be available on the payment webpage(s) and/or website(s) of the relevant third-party provider of payment processing services. Where we have given you (or where you have chosen) a password that enables you to access certain parts of the YQueue Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
As you will know, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, as we cannot guarantee the security of your data transmitted to the YQueue Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. We continuously educate and train our employees about the importance of confidentiality and protection of customer information. We maintain physical, electronic and procedural safeguards that comply with applicable laws and regulations (including, without limitation, the PDPA to protect your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks.
The YQueue Services may, from time to time, contain links to and from the websites of third parties, including but not limited to our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these have their own data protection or privacy policies and that we do not accept any responsibility or liability for them. Please check these respective policies before you submit any personal data to these websites.
We do not knowingly collect or retain personal data about persons under the age of 18 years. Any person who provides their personal data to us via the YQueue Services represents that they are 18 years of age and above. We encourage parents and legal guardians to monitor the activity of those under 18 years of age.
Parents or legal guardians of minors can contact us to review any personal data collected about their child or ward, have this information deleted, and/or request that there be no further collection or use of their child or ward’s personal data. We will take steps to verify the identity of anyone requesting personal data about a minor and to ensure that the person is in fact the minor’s parent or legal guardian.
You have certain rights in relation to the personal data we hold about you under the PDPA.
On giving reasonable notice to us, you have the right to ask to stop collecting, using, disclosing, and/or otherwise processing your personal data for any or all purposes, by contacting us at firstname.lastname@example.org and indicating the specific purposes for which you would like us to cease collecting, using, disclosing and/or otherwise processing your personal data
Within 5 Business Days from our receipt of your request, we will notify you of the consequences of our acceding to the same. Please note that, depending on the nature and scope of your request, we may not be in a position to continue providing our products or services to you. If you do not respond to our notice within 5 Business Days of such notice (e.g., by confirming or retracting your request), we will proceed to process your request.
Notwithstanding any such request, we may be entitled to continue retaining your personal data in accordance with applicable laws and regulations.
You also have the right to request access to your personal data that is in our possession or under our control, as well as information about the ways in which such personal data has been or may have been used or disclosed by us. To meet our costs in providing you with details of the information we hold about you, we may charge a reasonable fee. This fee will vary on a case by case basis, depending on the scope of the access request. Should a fee apply, we will inform you of the fee in writing for your agreement, prior to providing access to the personal data requested. We reserve the discretion to waive such fees and to refuse access to personal data where applicable laws and regulation allow us to do so. Within a reasonable period after receiving a request (not to exceed 30 days), we will take reasonable steps to respond to your request.
Subject to applicable laws and regulations, you may also have the right to request for us to correct your personal data that is in our possession or under our control.
If the correction request is made by a person other than the individual who is the subject of the personal data, the request will be refused unless the consent of the individual is obtained
All access and correction requests must be made in writing and delivered either by post or electronic mail to the DPO whose contact details are listed out in Clause 1 of this Policy
When contacting us, please provide as much as detail as possible in relation to the request, query, or complaint. All requests, queries and complaints will be taken seriously and will be assessed by an appropriate person. We will consider and respond in a timely and efficient manner. We request that you cooperate with us during this process and provide any relevant information that may be required.
You consent to us collecting, using and disclosing your personal data for marketing purposes. However,in the event that we will be conducting direct marketing to your email and/or your telephone number, we will send you such marketing messages only if you have clearly opted into these modes of communication where required by applicable law. If you wish to stop receiving marketing communications, you can click unsubscribe in any marketing e-mail or SMS from us, change your preferences in your account settings or contact us by e-mail at email@example.com.
The date of this Policy is set out below. We may change this Policy at any time in our discretion by posting a revised version on this page. The revised version will be effective once it is posted. Where we consider appropriate (for example, where we make significant changes to this Policy), we may notify you of those changes to this Policy by email. Please check back frequently to see if there are any updates or changes to our Policy. By continuing to use our YQueue Services or otherwise continuing to deal with us, you accept this Policy as it applies from time to time.