Straco Leisure Pte Ltd, hereinafter referred to as “the Organisation”, recognises the importance of protecting Personal Data. We respect the privacy and confidentiality of the personal data of all whom we interact with in the course of providing our products and services. We are committed to implementing policies, practices and processes to safeguard the collection, use and disclosure of the personal data you provide us, in compliance with the Singapore Personal Data Protection Act 2012 (the “PDPA”).
We have developed this Data Protection Notice to assist you in understanding how we collect, use, disclose, process, protect and retain your personal data that is in our possession
We collect your personal data which you provide voluntarily:
• When you visit our attraction (including through ticket purchases, entry registrations, or participation in our rides, events, or activities)
• When you join as a member or create an account on our membership app
• When you make enquiries about our attractions, events, membership, or services through our website, app, social media platforms, phone, email, or in person
• When you dine at our restaurants
• When you apply for or maintain season parking with us
• When you are engaged as an external tour guide or facilitator to conduct tours, lead activities, or support our visitor programmes
• When you participate in our promotions, surveys, contests, or feedback exercises
• When you access or interact with us through our digital platforms (including websites, apps, Wi-Fi services, and social media)
• When you enter our physical premises where we may have visitor registration, security checks, or CCTV monitoring in operation
• When you or your employer provide goods and services to us as a vendor, contractor, or service provider, including where your employees or representatives share their personal data with us in the course of business engagements
• When you communicate with us directly via phone, email, letters, or other forms of correspondence
The types of personal data we collect about you include:
• Personal Contact Information such as Name, Residential Address, Phone Number, Email Address
• Government-Issued Identification Numbers such as NRIC, Passport, FIN, Work Permit — where required by law or necessary to accurately establish or verify your identity
• Identity Data such as Photographs, Video Footage from CCTV or Event Coverage, and Facial Images captured during visits, participation in activities, or events
• Professional Profile where you are engaged as a tour guide
• Membership and Account Information such as Membership ID, User Account Details, Transaction History
• Vehicle Information such as Vehicle Number when you apply for or maintain season parking
• Payment and Financial Information such as Bank Account Details for payment processing
• Communication Records such as Email Correspondence, Feedback Submissions, Enquiry Records, Call Logs, or Messages submitted via forms on our website or app
We use the personal data you provide us for one or more of the following purposes:
For Visitors and General Public:
• To process ticket purchases, admission, and registration for entry to our attraction, rides or events
• To ensure safety, security, and incident management within our premises, including through CCTV monitoring and visitor registration systems
• To communicate with you regarding your visit, provide customer service, and respond to your enquiries or feedback
• To apply or maintain season parking
• To manage lost-and-found processes and handle emergency or incident reporting
For Contractors, Vendors, and Service Providers (including Tour Guides):
• To assess and manage business engagements, contracts, and service delivery
• To verify identity for compliance, safety, and operational requirements
• To process payments, invoicing, and other business-related transactions
For Diners at Our Restaurants:
• To process reservations, purchases, or orders at our restaurants
• To respond to your feedback, manage refunds or customer service matters, and improve the quality of our dining and retail services
For Members and Users of Our Membership App:
• To create and manage your membership or user account
• To administer membership benefits, loyalty programmes, event registrations, and member-exclusive promotions
• To process transactions, payments, or renewals related to your membership account
• To send service updates, administrative communications, and relevant promotional offers (where you have consented)
For Publicity, Marketing, and Promotional Activities:
• To capture photographs or video recordings during events, activities, or visits for use in publicity materials, social media platforms, and promotional content (subject to applicable consent and notification requirements)
• To administer surveys, contests, and promotional campaigns (where you have agreed to participate)
For Legal, Compliance, and Security Purposes:
• To comply with applicable laws, regulations, licensing conditions, and audit requirements
• To prevent, detect, and investigate incidents of crime, misconduct, or regulatory breaches
We may disclose some of the personal data you provide us to the following entities or organisations outside the Organisation in order to fulfil our services to you:
• Government Agencies & Regulatory Authorities such as Ministry of Manpower, Health Promotion Board, Central Provident Fund
• Providers of Professional Services such as Auditors, Lawyers, Consultants
• Banks, Payment Card Processing Companies, and other Financial Institutions
• Data Processing and Hosting Companies such as IT Service Providers, Web Hosting Companies and Cloud Service Providers
• Providers of Goods or Services such as Security, Marketing, Ticketing, Call Centre, Training, Tour Guides, Contractors, Freight and Courier Services
Where required to do so by law, we may disclose personal data about you to the relevant authorities or to law enforcement agencies.
We only collect, use and disclose personal data with your consent or deemed consent or as otherwise permitted under the PDPA or other applicable laws and regulations.
Where appropriate and in accordance with applicable law, your provision of personal data to us may constitute deemed consent for the purposes for which the personal data is provided.
Before we collect, use or disclose your personal data, we will notify you of the purpose of data collection. We will obtain consent through appropriate means, which may include written, electronic or verbal channels, depending on the context and in accordance with applicable law. We may obtain verbal confirmation from you on your expressed consent, with an acknowledgement sent via email/text afterwards. We will not collect more personal data than is necessary for the stated purpose. We will seek fresh consent from you if the original purpose for the collection, use or disclosure of your personal data has changed.
If you provide us with personal data of another person (for instance, a potential employee/referral), you are responsible for ensuring that such person is made aware of the data contained in this Privacy Policy and that the person has given you his / her consent for sharing the data with us.
In order to provide you with the best service, we need to process certain personal data about you. We will only ask for and use information that we genuinely need to provide you with the best possible service. You can refuse to provide us with your personal data. However, if you do not give us certain information, we may not be able to provide our services to you.
We may rely on the legitimate interests exception to consent where appropriate. When we rely on this exception, we conduct an assessment as required under the law and will provide such documented assessments to the PDPC upon their request. We will assess the likely adverse effects on the individual and determine whether the legitimate interests outweigh such adverse effects.
If you wish to withdraw consent, you should give us reasonable advance notice. We will advise you of the likely consequences of your withdrawal of consent, e.g., without your personal contact information, we may not be able to inform you of future employment opportunities with us or with our clients.
In the event that you wish to withdraw consent to our use of your personal data, please drop us an email at dpo@singaporeflyer.com with the subject title “Withdrawal of Consent Request”, stating the following details:
1. Your full name; and
2. Your email address
We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete and kept up-to-date. From time to time, we may do a data verification exercise for you to update us on any changes to the personal data we hold about you. If we are in an ongoing relationship with you, it is important that you update us of any changes to your personal data (such as a change in your mailing address)
We have implemented appropriate information security and technical measures (such as data encryption, firewalls and secure network protocols) to protect the personal data we hold about you against loss, misuse, destruction, unauthorised alteration/modification, access, disclosure; or similar risks.
We have also put in place reasonable and appropriate organisational measures to maintain the confidentiality and integrity of your personal data and will only share your data with authorised persons on a ‘need to know’ basis.
You should be aware, however, that no method of transmission over the internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
We have a document retention policy that keeps track of the retention schedules of the personal data you provide us, in paper or electronic form. We will not retain any of your personal data when it is no longer needed for any business or legal purposes.
We will dispose of or destroy such documents containing your personal data in a proper and secure manner when the retention limit is reached. When we act as a data processor to our clients, we will retain your personal data in accordance with the retention periods prescribed by our clients.
You may write to us to find out what personal data about you that we have in our possession or under our control and how it may have been used and/or disclosed by us in the previous one year. Before we accede to your request, we may need to verify your identity by checking your NRIC or other legal identification document. We will respond to your request as soon as possible, or within 30 days from the date we receive your request. If we are unable to do so within the 30 days, we will let you know and give you an estimate of how much longer we require. We may also charge you a reasonable fee for the cost involved in processing your access request.
If you find that the personal data we hold about you is inaccurate, incomplete or not up-to-date you may ask us to correct the data. Where we are satisfied on reasonable grounds that a correction should be made, we will correct the data as soon as possible, or within 30 days from the date we receive your request.
If you have any queries regarding access or correction to your personal data about you, please email us at: dpo@singaporeflyer.com with the subject title “Access Request” or “Correction Request”, stating the following details:
1. Your full name and contact information; and
2. The nature of your Access or Correction Request.
If there is a need for us to transfer your personal data to another organisation outside of Singapore, we will ensure that the standard of data protection in the recipient country is comparable to that of Singapore’s PDPA. If this is not so, we will enter into a contractual agreement with the receiving party to accord similar levels of data protection as that in Singapore.
If you have any query or feedback regarding this Data Protection Notice, or any complaint you have relating to how we manage your personal data, please email us at: dpo@singaporeflyer.com with the subject title “Data Protection Query” or “Data Protection Feedback”, stating the following details:
1. Your full name and contact information; and
2. The nature of your query or feedback.
We treat such queries and feedback seriously and will deal with them confidentially and within a reasonable time.
This Notice applies in conjunction with other policies, notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data to us.
We may update this Data Protection Notice from time to time. We will notify you of any changes by posting the latest Notice on our website. Please visit our website periodically to note any changes.
Changes to this Notice take effect when they are posted on our website.
Last updated: June 2026