Purpose and Scope
By using our websites you authorize us and grant your express consent to us:
- to collect, use, store, process, transfer and/or disclose and to treat automatically or mechanically any data (the “Data”) provided by you (including without limitation, Data considered personal, private, sensitive or confidential) in connection with the operation of the websites and/or our business;
- to process, transfer and/or disclose any or all of your Personal Data (including any worldwide data processing, which may be located in a country other than the country of your residence or Macau); and
- to transfer or to disclose any or all the Data to any other person, company or entity directly or indirectly under the control, or owned by any of us, Melco International Development Limited, which may be located in a region or jurisdiction other than Macau.
Who decides why and how we process your Personal Data?
We determine why and how we process your Personal Data and we are responsible for your personal data.
What Personal Data might we collect about you?
We collect different types of Personal Data for different reasons – this may include:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes data necessary for us to process payments and implement fraud prevention measures, including credit / debit card numbers, security code numbers and other such relevant billing details.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. Please also see our Cookies Policy.
- Profile Data includes your username and password for platforms maintained by the ICR (where you have access to any), purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Compliance Data includes personal data we may collected on you for the purposes of complying with our legal obligations.
- Recruitment Data such as previous employers, references by previous employers or colleagues, type of job held at other companies, previous or expected salaries, skills and qualifications obtained through education or experience. This personal data will help us make a decision on your suitability for employment and in case your application is for future vacancies the aforesaid personal data will help us to decide which department you may be most suitable in.
We may occasionally collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, information about your health and genetic and biometric data). In some instances, this may also include information about criminal convictions and offences.
When do we collect your Personal Data?
We may collect Personal Data about you in various cases, such as for example:
- When you or your business seek our products or services or use any of our online services, including but not limited to setting up an account through our websites;
- When you or your organization make an enquiry through our website, in person, over email or over the telephone, including but not limited to applying for a position with us;
- When you attend an event we may organize, or sign up to receive communications from us;
- When a corporate entity engages us to provide services and you hold an office or an interest in or have certain relationships with that entity (e.g. as a director or employee);
- When you or your organization provide services to us, or otherwise offer to do so;
- When you or your organization provide us with feedback;
- When we collect information based on your behavior, preferences, patterns and similar to tailor our services and to enable us to provide you with privileges and special access on that basis;
- When we receive personal data such as Contact, Financial and Transaction Data from third party providers of technical, payment and delivery services.
How will we use your Personal Data?
We will use your personal data, for the following purposes (“Permitted Purposes”):
- Where we need to perform the contract we are about to enter into or have entered into with you;
- To provide you with the services or other similar services you may have requested, including online services, as instructed or requested by you or your organization;
- To manage and administer your or your organization’s business relationship with us, including processing payments, accounting, billing, and collection or support services;
- For compliance with our legal or tax obligations (such as anti-money laundering, regulatory or tax reporting);
- To analyze and improve our services and communications to you;
- To process suggestions, recommendations, or complaints in relation to our services and products;
- To communicate with you through the channels you have approved to keep you up to date on the latest developments, announcements, and other information about our services, products and technologies, as well as events we may organize;
- To comply with court orders and exercise and/or defend our legal rights;
- To review your application for an employment position with us.
Where you have expressly given us your consent, we may process your Personal Data also for the following purposes:
- For customer surveys, marketing campaigns, market analysis, contests or other promotional activities or events; or
- To collect information about your preferences to create a user profile to personalize and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking).
With regard to newsletters, legal updates, and other general communications, you will always have the option to opt out of receiving such communications at any time.
Information on our promotional offers
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have consented to it or if you have requested information or purchased services from us or if you provided us with your details when you entered a competition or registered for a promotion and in each case, you have not opted out of receiving marketing communications.
Treatment of third-party marketing
We will always get your express opt-in consent before we share your Personal Data with any company outside the Melco Group for marketing purposes.
Legal grounds for processing
Depending on which of the above Permitted Purposes we use your Personal Data for, we may process your personal data on one or more of the following legal grounds provided for under applicable data protection legislation:
- Where processing is necessary for the performance of a contract with you or your organization;
- Where we need to comply with a legal or regulatory obligation;
- Where it is necessary for our or our contractors’ (where applicable) legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- When we have your consent to do so, where you have expressly given this to us.
How might we share your Personal Data?
We may disclose your personal data where we may instruct service providers within or outside the Melco Group, domestically or abroad, e.g. IT services or server providers, to process Personal Data for the Permitted Purposes on our behalf and in accordance with our instructions only. In certain cases, this may also mean that your Personal Data may be transferred to locations outside Macau. We will retain control over and will remain fully responsible for your personal data and will use appropriate safeguards as required by the applicable laws to ensure the integrity and security of your Personal Data when engaging such service providers;
We will otherwise only disclose your Personal Data when you direct us or give us permission to do so or otherwise as required by law, such as for meeting legal and tax obligations.
Transfers of Personal Data abroad
We are active across the world – this means that we may transfer your Personal Data abroad if required to do so for the Permitted Purposes. In certain cases, this may include transferring data to countries which do not offer the same level of protection as the laws of your country or Macau (such as for example the data protection legislation of Macau).
When making such transfers, we will ensure that they are subject to appropriate safeguards in accordance with the Macau Personal Data Protection Act (Law 8/2005) or other relevant data protection legislation, or that we otherwise comply with the requirements and standards under the Macau Personal Data Protection Act (Law 8/2005) for transferring Personal Data abroad. Please get in touch at email@example.com if you wish to obtain further information on the appropriate safeguards which we are adhering to.
Can you refuse to share your personal data with us?
In general, we receive your Personal Data where you provide this on a voluntary basis, and there will typically be no detrimental effect for you if you wish not to provide this or otherwise withhold your consent for it to be processed. However, there are certain cases where we will unfortunately be unable to act without receiving such data, for example where we need to carry out legally required compliance screening or require such data to process your instructions or orders, or otherwise to provide you with our online services or communications.
Where it is not possible for us to provide you with what you request without the relevant Personal Data, we will let you know accordingly.
How do we keep your Personal Data safe?
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors, and other third parties who have a business need-to-know only. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach in accordance with the applicable legal procedures.
Personal Data we receive from you about other people
How long do we keep your personal data for?
We delete your Personal Data once it is no longer reasonably necessary for us to keep it for the Permitted Purposes or, where we have relied on your consent to keep your personal data, once you withdraw your consent for us to do so, and we are not otherwise legally permitted or required to keep the Data.
Importantly, we will keep your Personal Data as necessary for the purposes of defending or making legal claims until the end of the period during which we may retain the Data and otherwise until the settlement of any such claims, as relevant.
For further information on how long we may keep your Data for please get in touch at firstname.lastname@example.org.
What rights do you have?
Subject to certain circumstances under the applicable legislation, you have the right to:
- Request a copy of the Personal Data which we hold about you or in certain cases request us to transfer the Data we hold about you to another provider;
- Have any inaccurate Data we hold about you corrected;
- Object or restrict our use of your Personal Data;
- Submit a complaint if you have concerns about the way in which we are handling your Data;
- Request that we delete the Personal Data we hold on you;
- Where we have relied on consent to process your Personal Data, to withdraw your consent.
To do any of the above, please contact us at email@example.com. To enable us to process your request, we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification – this is to protect the Personal Data we hold from unauthorized access requests and comply with our security obligations.
We may charge you a reasonable administrative fee for any unreasonable or excessive requests we may receive, and for any additional copies of the Data you may request.
Corrections, updates and complaints
Where any Personal Data you have provided us with has changed, or where you believe the Personal Data we hold is inaccurate, or where you wish to make a complaint regarding our handling of your Personal Data, please let us know at firstname.lastname@example.org or send us a letter addressed to:
Data Protection Officer
Rua de Évora, nos. 199-207
Edifício Flower City, 1.° andar A1
We will promptly respond to your requests and complaints. In the event that you are unhappy with our response, you may submit a complaint to the relevant privacy regulator. We can provide details of the relevant privacy regulator upon request.
In addition, please note that if you have certain relationships with us or a third party entity to which we provide services, you and/or the third party entity may have a contractual or legal obligation to notify us of any change within a prescribed time period. We cannot be responsible for any loss that may arise due to us having any inaccurate, incomplete, inauthentic or otherwise deficient Personal Data which you or a third party entity have provided to us. Please also let us know if you wish to withdraw any request.
Get in touch
Data Protection Officer
Rua de Évora, nos. 199-207
Edifício Flower City, 1.° andar A1