PERSONAL DATA PROTECTION POLICY

 

(Effective date: 2 July 2014) (Revised on: 26 August 2024)

 

FreeStyle Gaming Pte Ltd is a subsidiary of Resorts World Inc Pte. Ltd. Please refer to the privacy policy of Resorts World Inc Pte. Ltd. which will be equally applicable to us.

 

Your privacy is important to us. Please take a moment to read this Personal Data Protection Policy (“Policy”) to know and understand the purposes for which we may collect, use and/or disclose your Personal Data.

 

APPLICATION OF THIS POLICY

 

A.         Scope of Policy

 

1.             This Policy applies to Resorts World Inc. Pte Ltd and its subsidiaries (collectively known as “RWI Group”, “we”, “us” or “our”). Where the subsidiaries have their own specific personal data protection policy or equivalent, then such specific policies will prevail over this Policy. Where the subsidiary does not have its own data protection policy, this Policy shall apply.

 

2.         This Policy applies to personal data collected, stored, disclosed and/or processed by us with regards to your relationship with us as a job applicant, employee, business contact, or anyone who has an interest (for whatsoever reason) in the RWI Group and its subsidiaries. In short, all interactions with us will be subject to this Policy.

 

3.         In addition to this Policy, we may also through separate notices to investors or potential investors,  address our specific privacy practices with respect to any non-public personal data we may collect from you as an investor in us or in funds that we sponsor or manage.

 

4.             Our website may contain links to third party sites whose data protection and privacy practices may differ from ours. If you choose to visit these third party sites, please review their privacy policies to ensure that you understand and are comfortable with their practices concerning your personal data.

 

5.             In the course of processing your personal data, we may invariably come across a third party’s personal data, such as an individual shareholder or individual director’s personal data. It is your responsibility to ensure that you have obtained the necessary consents from these individual third parties prior to disclosing to us. In any event, we are entitled to assume that you have obtained the necessary consents.

 

6.         This Policy should be read as being subject to the provisions in and the exemptions provided for under the Personal Data Protection Act 2012 (“PDPA”) and its subsidiary legislation, as well as the guidelines that may from time to time be issued by the Personal Data Protection Commission ("PDPC") of Singapore.

 

DEFINITIONS USED IN THIS POLICY

 

B.         Definitions and explanations of key terms used in the PDPA

 

1.         The following are terms which have been defined either in the PDPA or the Advisory Guidelines on Key Concepts in the Personal Data Protection Act issued by the PDPC (the “PDPA Advisory Guidelines”). These definitions and explanations will similarly apply to the corresponding terms used in this Policy:-

 

(a)                Collection” means any act or set of acts through which an organisation obtains control over possession of Personal Data.

 

(b)                Data Intermediaries” means an organisation that processes Personal Data on behalf of another organisation but does not include an employee of that other organisation.

 

(c)                 Data in Transit” refers to Personal Data transferred out to another country and such Personal Data is not accessed, used by, or disclosed to any organisation other than the transferring organisation or an employee of the transferring organisation acting in the course of his employment with that organisation, except for the purpose of such transportation.

 

(d)                Disclosure means any act or a set of acts by which an organisation discloses, transfers or otherwise makes available Personal Data that is under its control or in its possession to any organisation.

 

(e)                Individual” means a natural person, whether living or deceased who is the subject of the Personal Data. Such Individuals include loyalty programme members, customers and web users, individuals on contact mailing lists or marketing databases, employees, contractors and suppliers.

 

(f)                  Organisation” includes any individual, company, association or body of persons, corporate or unincorporated whether or not formed under the law of Singapore or resident, or having an office or a place of business, in Singapore.

 

(g)                Personal Data” means data, whether true or not, about an individual who can be identified (i) from that data; or (ii) from that data and other information to which the organisation has or is likely to have access.

 

(h)                “Processing” means the carrying out of any operation or set of operations in relation to Personal Data, and includes recording, holding, organisation, adaptation or alteration, retrieval, combination, transmission and erasure or destruction.

 

(i)                  “Use means any act or a set of acts by which an organisation employs or utilises Personal Data.

 

PERSONAL DATA- TYPES COLLECTED, HOW AND WHEN COLLECTED

 

C.         Type of Personal Data we collect

 

1.                   Personal Data may be provided to RWI Group in a number of ways. We may collect Personal Data relating to our customers, suppliers, representatives of the authorities or non-governmental organizations. We may also collect Personal Data if it is relevant to our business relationship with you in any business entity.

 

2.                   The types of Personal Data which we may collect, use or disclose includes (but is not limited to):

 

(a)                Your personal details, which includes your name, date of birth, gender, nationality, passport number, including date and place of issue, NRIC number, signature;

 

(b)                Your contact information (including street or mailing address, telephone number(s), email addresses, mobile statement, or emergency contact);

 

(c)                 Your employment details, (including employment history, leave records, salary, benefits, income statement, title, tenure);

 

(d)                Your financial details which includes your bank account details, bank statements, tax identification, credit history, financial experience, the type of investor you are (e.g. individual, accredited investor, analyst, broker), source of funds and details relating to your investment activity, if you are an investor in us or the funds that we manage or sponsor;

 

(e)                Your utility bills and information relating to your Central/Employee Provident Fund accounts (where applicable);

 

(f)                  Health records and information about your medical condition which includes prior medical history (where applicable);

 

(g)                Photographs and other audio-visual information;

 

(h)                Sensitive personal data such as your religion and criminal convictions; and

 

(i)                  Any other types of information that you choose to provide to the RWI Group.

 

D.         How and when Personal Data is collected; Cookies and how We use them

 

1.                   Generally, we may collect personal data:

 

(a)                Directly from you, with your consent, either through our staff or representatives/ over the telephone/ by email/ through online interactions;

 

(b)                Through third party (duly authorised by you); or

 

(c)                 When you submit your Personal Data to us for any other reason.

 

2.               We may collect personal data about you, when You:

 

(a)                apply for a job with us;

 

(b)                enter into a business relationship with us;

 

(c)                 purchase / provide any products and/or services from / to us;

 

(d)                seek access to our business premises;

 

(e)                attend our exhibitions, conferences or events;

 

(f)                  contact us with feedback, queries or complaints;

 

(g)                visit our website (see “Cookies” below); or

 

(h)                share your Personal Data to us for any other reason.

 

3.                   Cookies and how We use them

 

(a)                When you visit our website, cookies (i.e. small text files) may be placed on your browser. Cookies are primarily used:

 

(i)            for administrative purposes, i.e. to improve your experience with our website; and/or

 

(ii)           to capture anonymous analytics to improve our web site experience and performance. This includes compiling statistical information such as the frequency of use of our site, the pages visited, and the length of each visit, as well as information about your computer operating system, browser, and country.

 

(b)                We do not use cookies to store any personal data that could be read or understood by others.

 

(c)                 You may modify your browser setting to manage or decline cookies. If you choose to decline cookies, you may not have access to many features that make your browsing of our website smoother, and some of our services may not function properly.

 

 

PURPOSE OF COLLECTING PERSONAL DATA

 

E.         Why do We collect Personal Data

 

1.         We collect your Personal Data as part of our normal business operations, i.e. to process your application or request to proceed with any business and/or contractual relationship with you and/or to contact you and/or to fulfill our legal obligations.

 

2.         As an employee of RWI Group, we may collect and use your Personal Data for:

 

(a)        managing your employment and/or working relationship with the RWI Group including training, employee benefits, secondment or transfer, health and safety administration;

 

(b)           posting your photograph on the staff directory page on RWI Group’s company intranet;

 

(c)        monitoring your usage of the computer network resources;

 

(d)                internal audit and/or investigations within the RWI Group;

 

(e)                record-keeping purposes;

 

(f)                  payment of your salary; and

 

(g)                any other purpose reasonably relating to the above.

 

3.        As non-employee, we may collect and use your Personal Data for:

 

(a)           processing job application including background screening, conducting interviews, assessing and evaluating your suitability for employment;

 

(b)           establishing, verifying your identify and conducting third party due diligence;

 

(c)           managing our administrative and business operations;

 

(d)           researching and marketing purposes;

 

(e)           managing and responding to your complaints, queries, requests, feedbacks or suggestions;

 

(f)            managing and preparing internal and external reporting;

 

(g)           determine whether to accept your subscription; assess your suitability as an investor; process your fund subscription application if you are an investor in us or the funds that we manage or sponsor;

 

(h)           complying with any applicable laws, regulations or guidelines issued by any legal or regulatory bodies which are binding on us including assisting law enforcement or investigations by relevant authorities;

 

(i)            preventing, detecting and investigating crime (including fraud, money-laundering and terrorist financing);

 

(j)            analyzing and managing commercial risks;

 

(k)           any other reasonable purpose relating to the above.

 

 

 

 

 

 

HOW SECURE IS YOUR PERSONAL DATA

 

F.         Security of Personal Data

 

1.         We have appropriate technical and organizational security measures in place to prevent personal data from being accidentally lost, or used or accessed unlawfully. While we are committed to ensuring appropriate technical and organizational measures are in place, all risks cannot reasonably be eliminated. The technical and organizational measures include:

 

(a)        designing and organising its security arrangements to fit the nature of the Personal Data held by RWI Group and the possible harm that might result from a security breach;

 

(h)                requiring employees to be bound by confidentiality obligation in their employment agreements;

 

(i)                  using technical measures such as access control, password protection, dedicated user ID for authentication and encryption (where necessary);

 

(j)                  ensuring all our personnel have been trained to handle and protect Personal Data and limiting the number of people who have access to the databases;

 

(k)                 implementing proper policies and procedures to ensure appropriate levels of security for Personal Data of varying levels of sensitivity; and

 

(l)                  conducting regular audits and risk assessment of our data protection compliance and adequacy.

 

HOW LONG DO WE KEEP YOUR PERSONAL DATA

 

G.         Retention of Personal Data

 

1.         RWI Group may retain your Personal Data for as long as it is necessary to fulfill the purpose for which they were collected, or as required or permitted by applicable laws.

 

2.             We will cease to retain your Personal Data as soon as it is reasonable to assume that such retention is no longer necessary for any other legal or business purposes.

 

WHOM DO WE DISCLOSE YOUR PERSONAL DATA TO; AND WHERE DO WE TRANFER YOUR PERSONAL DATA TO

 

H.         Disclosure and transfer of Personal Data

 

1.         RWI Group may, from time to time, for the same purposes as mentioned above, disclose and/or transfer your Personal Data to the following third parties:

 

(i)            RWI Group of companies and other companies bearing the Genting / Resorts World name;

 

(ii)           Agents, contractors, third party service providers (and their sub-contractors) who provide back-office services such as but not limited to information technology, payment, payroll, training, storage, audit, legal to RWI Group;

 

(iii)          RWI Group’s insurers and banks;

 

(iv)          medical practitioners appointed by the RWI Group;

 

(v)           governmental bodies, tax authorities, regulators or other industry-recognised bodies as required by any applicable law, rules and regulations, codes or practice or guidelines of any applicable jurisdictions, who may in turn and for reasons beyond our control, exchange this information with other foreign authorities, including tax authorities;

 

(vi)          companies within the Genting Group in the event you are transferred/seconded to any of such Companies; and

 

(vii)         any other person whom may be reasonably connected with the purposes set forth above.

 

HOW YOU CAN ACCESS, CORRECT AND WITHDRAW YOUR PERSONAL DATA

 

I.          Access and correction of Personal Data

 

1.             RWI Group takes reasonable steps to ensure that your Personal Data is processed in accordance with the details that have or may be provided, updated, amended and/or corrected by you from time to time.

 

2.             You may request to access or correct your Personal Data by writing to the designated Data Protection Officer appointed by the RWI Group at his/her email address provided below.

 

3.             RWI Group may charge a fee for processing your request for access or correction. Such fee depends on the nature and complexity of your request.

 

J.         Withdrawal of consent to processing Personal Data

 

1.             You may at any time withdraw your consent in respect of the collection, use or disclosure of your Personal Data by notifying the designated Data Protection Officer in writing at his/her email address provided below.

 

2.             In that event, you will be informed of the likely consequences of withdrawing your consent, and should you decide to proceed nonetheless, we will (and cause its data intermediaries and agents to) cease collecting, using or disclosing your Personal Data.

 

3.             Please note that if you withdraw your consent for a limited purpose, we may still use your information for other purposes for which you have not withdrawn your consent, and such Personal Data may still be shared, as permitted under the PDPA and other applicable law.

 

4.             If you do not want your Personal Data to be shared among affiliates or partners of the RWI Group, you may opt-out of such information sharing by notifying the designated Data Protection Officer in writing at his/her email address furnished below.

 

5.             RWI Group will respond to your access or correction or withdrawal of consent request or any other request within the timeframe permitted by law (“Legal Timeframe”). If we are unable to respond within the Legal Timeframe due to the nature and complexity of your request, we will inform you in writing, immediately before the expiry of the Timeframe, of the estimated time by which we will be able to respond to the request.

 

ENQUIRIES AND UPDATES

 

K.         Designated Data Protection Officers

 

1.         If you have any questions, complaints relating to your Personal Data, or you would like to obtain access and correct your Personal Data, or request to withdraw your consent to any use of your Personal data as set out in this Policy, please contact our Data Protection Officer at: dpo@rwi.genting.

 

L.            Review of Policy

 

1.             The RWI Group may review this Policy from time to time to ensure that this Policy is consistent with the PDPA or other applicable laws and regulations. If changes are made, we will update the Policy and reflect the date of such modification in the date above.