Data Protection Policy
Data Protection Policy
The purpose of this document ("Data Protection Policy") is to inform you of how Singapore Hotel Association, SHATEC Institutes Pte. Ltd. and Singapore Hotel Association Holdings Pte. Ltd. and their related corporations (collectively, the "Entities") manage Personal Data which is subject to the Singapore Personal Data Protection Act (No. 26 of 2012) ("the Act"). Please take a moment to read this Data Protection Policy so that you know and understand the purposes for which we collect, use and disclose your Personal Data.
By interacting with us, submitting information to us, or signing up for any products and services offered by us, you agree and consent to the Entities, as well as their respective representatives and/or agents (collectively referred to herein as "SHA", "us", "we" or "our") collecting, using, disclosing and sharing amongst themselves your Personal Data, and disclosing such Personal Data to the Entities' authorised service providers and relevant third parties in the manner set forth in this Data Protection Policy.
This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to SHA in respect of your Personal Data, and your consents herein are additional to any rights which any of the Entities may have at law to collect, use or disclose your Personal Data.
SHA may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Protection Policy as updated from time to time on our website [www.sha.org.sg]. Please check back regularly for updated information on the handling of your Personal Data.
1. Personal Data
1.1 In this Data Protection Policy, "Personal Data" refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.
1.2 Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us) your name, NRIC, passport or other identification number, telephone number(s), mailing address, email address, photographs and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you.
2. Collection of Personal Data
2.1 Generally, we collect Personal Data in the following ways:
(a) when you submit an application form or registration form, or other forms relating to any of our products and services;
(b) when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
(c) when you interact with our officers, for example, via telephone calls, letters, face-to-face meetings, social media platforms and emails;
(d) when you use our electronic services, or interact with us via any of our websites or use services on any of our websites;
(e) when you request that we contact you or request that you be included in an email or other mailing list;
(f) when you respond to our promotions, initiatives or to any request for additional Personal Data;
(g) when you submit an employment application or when you provide documents or information including your resume and/or CVs in connection with any appointment as an officer, director, representative or any other position;
(h) when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events at our premises;
(i) when you are contacted by, and respond to, our marketing representatives and officers;
(j) when we receive references from business partners and third parties, for example, where you have been referred by them;
(k) when you fill up surveys administered by us or our third party surveying service providers;
(l) when we seek information from third parties about you in connection with the products and services you have applied for; and/or
(m) when you submit your Personal Data to us for any other reason.
2.2 When you browse our websites, you generally do so anonymously. We do not, at our websites, automatically collect Personal Data unless you provide such information or login with your account credentials.
2.3 If you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, customers, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.
2.4 You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested.
3. Purposes for the Collection, Use and Disclosure of Your Personal Data
3.1 Generally, SHA collects, uses and discloses your Personal Data for the following purposes:
(a) responding to your queries, feedback, complaints and requests;
(b) verifying your identity;
(c) managing the administrative and business operations of SHA and complying with internal policies and procedures;
(d) facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving any of the Entities;
(e) matching any Personal Data held which relates to you for any of the purposes listed herein;
(f) requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to review, develop and improve the quality of our products and services;
(g) preventing, detecting and investigating crime and analysing and managing commercial risks;
(h) facilities management (including but not limited to maintaining the security of our premises);
(i) managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
(j) monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
(k) in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
(l) conducting investigations relating to disputes, billing or fraud;
(m) meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on SHA (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
(n) purposes which are reasonably related to the aforesaid.
3.2 In addition, SHA collects, uses and discloses your Personal Data for the following purposes:
(a) If you have registered for our courses, events and programmes:
(i) assessing and processing any applications or requests made by you for any courses, events and programmes offered by us (including verifying your qualifications);
(ii) creating and maintaining student or participant profiles in our system database for internal records and reference;
(iii) providing customer service and support;
(iv) customer invoicing and collection;
(v) administering debt recovery and debt management;
(vi) administering and conducting information sessions, courses, events and programmes (including facilitating registration, recording attendance, processing payment for courses, conducting tests and examinations, facilitating course withdrawals, and contacting you for administrative purposes);
(vii) facilitating your applications to industrial attachments and events, external programmes and other educational institutions;
(viii) processing your applications for, and awarding, scholarships and bursaries;
(ix) maintaining an alumni network and organising alumni information activities, events and sessions;
(x) assisting with your student pass renewal, transfer, cancellation and loss reporting;
(xi) complying with reporting requirements of relevant authorities (including but not limited to the Council for Private Education and the Singapore Workforce Development Authority);
(xii) generating publicity materials for our courses, events and programmes; and/or
(xiii) purposes which are reasonably related to the aforesaid.
(b) If you use our Hotel Reservations or Housing Bureau services:
(i) processing hotel bookings (including but not limited to processing credit card payments, arranging reservations with hotels and verifying payment status);
(ii) providing customer service and support;
(iii) customer invoicing and collection; and/or
(iv) purposes which are reasonably related to the aforesaid.
(c) If you are a customer or guest at our restaurants or other food and beverage outlets:
(i) processing your reservations;
(ii) providing you with the products and services you have requested for;
(iii) providing customer service and support; and/or
(iv) purposes which are reasonably related to the aforesaid.
(d) If you are a SHA board member:
(i) facilitating appointment to the board;
(ii) facilitating local transport arrangements and overseas travel arrangements;
(iii) administrative matters including updating your personal particulars with the relevant registers; and/or
(iv) purposes which are reasonably related to the aforesaid.
(e) If you are a user of our online job portals:
(i) processing your application (including but not limited to sending potential job notifications to you and sending your resumes to potential employers);
(ii) providing customer service and support; and/or
(iii) purposes which are reasonably related to the aforesaid.
(f) If you have been nominated for any of our awards:
(i) processing your applications (including but not limited to profiling you to match you for workshops, shortlisting award winners, and verifying your entry);
(ii) evaluating your suitability for the awards (including but not limited to media profiling, conducting interviews, conducting internal meetings, and conducting on-site audits);
(iii) facilitating the awards (including but not limited to contacting you to invite you to award presentation ceremonies, publishing awards citation booklets for use at ceremonies, and mailing award certificates to you); and/or
(iv) purposes which are reasonably related to the aforesaid.
(g) If you are an employee of a member or prospective member of The Singapore Hotel Association:
(i) processing the hotel’s membership application and assessing the hotel's suitability for membership;
(ii) recording meeting minutes and your attendance at our seminars or meetings;
(iii) organising inter-hotel events (including but not limited to athletic meets and bowling tournaments);
(iv) providing member service and support; and/or
(v) business continuity and logistical management (including but not limited to emergency contact planning); and/or
(vi) purposes which are reasonably related to the aforesaid.
(h) If you submit an application to us as a candidate for employment:
(i) conducting interviews;
(ii) processing your application (including but not limited to pre-recruitment checks involving your qualifications and facilitating interviews);
(iii) obtaining employee references and for background screening;
(iv) assessing your suitability for the position applied for; and/or
(v) purposes which are reasonably related to the aforesaid.
(i) If you are an existing employee or academic, examination board or council member of SHA:
(i) conducting background screening;
(ii) administering compensation and benefits (including but not limited to staff insurance, medical schemes, processing claims to the Central Provident Fund and Ministry of Defence, and long-service incentives);
(iii) providing remuneration and reviewing salary and bonuses;
(iv) facilitating onboarding processes (including but not limited to creating system access profiles, processing work permits and medical screening);
(v) business continuity, manpower and logistical management (including but not limited to providing IT and administrative support, emergency contact planning, employee mobility management and leave management);
(vi) training, learning and talent development (including but not limited to registering trainers’ profiles for academic pathway purposes);
(vii) conducting evaluation, career planning and staff appraisals;
(viii) administering staff awards for exceptional performance;
(ix) facilitating local transport arrangements and overseas travel arrangements;
(x) conducting analytics, surveys and research for human resource planning and management, and for us to review, develop, optimise and improve work-related practices, environment and productivity;
(xi) where applicable, applying for EduTrust Certification;
(xii) facilitating offboarding and cessation processes; and/or
(xiii) purposes which are reasonably related to the aforesaid.
(j) If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by SHA:
(i) managing project tenders and quotations, processing orders or managing the supply of goods and services;
(ii) processing and payment of vendor invoices and bills;
(iii) managing business operations; and/or
(iv) purposes which are reasonably related to the aforesaid.
3.3 Furthermore, where permitted under the Act, SHA may also collect, use and disclose your Personal Data for the following “SHA Additional Purposes”:
(a) providing or marketing services, products and benefits to you, including but not limited to special events and promotions from SHA;
(b) matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision, marketing or offering of products and services by SHA;
(c) administering and organising contests, lucky draws, promotional events, competitions and marketing campaigns, and personalising your experience at SHA’s touchpoints;
(d) conducting market research, analytics and surveys to enable us to understand and determine customer preferences and demographics for us to offer you products and services as well as special offers and marketing programmes which may be relevant to your preferences and profile; and/or
(e) any other purpose reasonably related to the aforesaid.
3.4 If you have provided your Singapore telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your Singapore telephone number(s), then from time to time, SHA may contact you using such Singapore telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services.
3.5 In relation to particular products and services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
4. Disclosure of Personal Data
4.1 SHA will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
(a) our related corporations;
(b) companies providing services relating to medical screening, insurance, marketing, publicity and consultancy to SHA;
(c) recruitment and screening agencies;
(d) educational institutions;
(e) hotels (including but not limited to member hotels of SHA);
(f) airline companies;
(g) sponsorship or bursary sponsors;
(h) co-organisers and organising committees for our awards (including but not limited to the Food, Drinks and Allied Workers Union);
(i) participants and organising committees of our inter-hotel events and tournaments;
(j) The Football Association of Singapore;
(k) local media companies;
(l) hotel emergency contacts (including but not limited to the Changi Airport Group, Singapore Tourism Board, and Maritime and Port Authority of Singapore);
(m) agents, contractors or third party service providers who provide operational services to SHA, such as courier services, telecommunications, information technology, payment, printing, billing, payroll, processing, technical services, training, market research, call centre, security, employee recognition or other services to SHA;
(n) our partners or collaborators in our courses, events and programmes (including but not limited to training institutions and their trainers);
(o) industry event or industrial attachment organisers;
(p) agents, contractors or third party service providers who provide services for SHA’s courses, programmes and events;
(q) any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving any of the Entities;
(r) external banks, credit card companies and their respective service providers;
(s) our professional advisers such as consultants, auditors and lawyers;
(t) relevant government ministries, regulators, statutory boards or authorities (including but not limited to the Council for Private Education, the Singapore Workforce Development Authority, and the Immigration & Checkpoints Authority of Singapore) or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and
(u) any other party whom you authorise us to disclose your Personal Data to.
5. Use of Cookies
5.1 A cookie is a small piece of information that is placed on your computer when you visit certain websites. The cookies placed by the servers hosting our websites are readable only by us, and cookies cannot access, read or modify any other data on an electric device, nor does it capture any data which allows us to identify you individually. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
5.2 Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website.
6. Data Security
6.1 SHA will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example no harmful code will enter our websites (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites.
6.2 While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet or when you use our online portals, and we urge you to take every precaution to protect your Personal Data when you are on the Internet. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
6.3 If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
7. Third Party Sites
7.1 Our website may contain links to other websites operated by third parties. We are not responsible for the data protection or privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the data protection policies of such third party websites. Some of these third party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable data protection policy of the third party website to determine how they will handle any information they collect from you.
8. Contacting Us – Feedback, Withdrawal of Consent, Access and Correction of your Personal Data
8.1 If you:
(a) have any questions or feedback relating to your Personal Data or our Data Protection Policy;
(b) would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or
(c) would like to obtain access and make corrections to your Personal Data records,
you can contact our DPO via the following channels:
- Email: dpo@sha.org.sg
- Tel: 6517 9510
-
Address: Singapore Hotel Association
9 Jurong Town Hall Road, #02-05 Trade Association Hub, Singapore 609431
8.2 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, SHA may not be in a position to administer any contractual relationship in place, which in turn may also result in the termination of any agreements with SHA, and your being in breach of your contractual obligations or undertakings. SHA's legal rights and remedies in such event are expressly reserved.
9. Governing Law
9.1 This Data Protection Policy and your use of this website shall be governed in all respects by the laws of Singapore.