Scope of This Policy
This Policy is made in compliance with the Macao SAR Law No. 8/2005 - the Personal Data Protection Act (“PDPA”) and under the Macao jurisdiction, and all the associated regulations and guidelines as may from time to time be issued by the Office for Personal Data Protection (“GPDP”) of Macao.
Personal Data We Collect
Information You Provide to Us
When you visit our website(s)/app(s), you may provide us with personal information such as your name, postal address, e-mail address, telephone number and mobile number (“contact information”). It also includes, where applicable, your travel details, such as booking confirmation numbers, number of rooms, arrival and departure dates, payment information and other relevant information in connection with the purpose for which the personal information we collected via website(s)/app(s). When you make a purchase or engage in other transactions, you may provide us with your contact information and, in addition, other information such as your date of birth, passport or ID number (or copy thereof) and your credit, debit card and e-payment number or info. For particular types of purchases or transactions, you may provide us with other additional information, such as your profession, name of your employer and your professional address. When you use integrated social media features on our Website(s)/App(s) or other social media platforms, your personal information may be collected by COMPANY for such purpose.
There are also other instances where you’ll provide us with information. For example, when you register a user account on our Website, you may provide us your personal information as mentioned above.
There are also other information that we may collect from you:
Information We Collect Automatically
When you visit our website(s)/app(s) or use Wi-Fi services we make available at our properties, we automatically collect the following information:
Information Received from Third Parties
We also collect information about you (as relevant and appropriate to the COMPANY Service you have requested) from third parties, including online travel agencies and other third party hotel booking partners; consumer reporting agencies, in connection with a credit application or financial account with COMPANY, as further disclosed and described to you at the time of your application; COMPANY event ticket sales management partners, ticket brokers, and club promoters; social media channels, such as Facebook, WeChat or Instagram, consistent with your settings on such services; marketing and analytics providers; and third party analytics services and content from third party businesses, including as described in our Cookie Notice below.
Personal Data We Use
We collect personal data to deliver superior quality of service. We will use the information you provide to us for the purpose you provided it to us (e.g., to make a reservation and book a suite at one of our properties), which is stated when information is collected. We may also use your information in other ways for our business purposes and to provide you with the products, services, and experiences you request and expect from us, including but not limited to the following purposes:
A “cookie” is a small text file that a website(s)/app(s) can place on your computer/device to store your preferences. Cookies are not personally identifiable by themselves, but they can be linked to personal data you provide to us.
You have many choices to manage cookies on your computer/device. Most browsers allow you to block or delete cookies from your system, and you can set most browsers to prevent cookies from being placed on your devices. If you do this, however, you may have to manually adjust preferences every time you visit our Website(s)/App(s) and it may not be possible to use the full functionality of the website(s)/app(s).
Personal Data We Share with Third Parties
Provided that we are allowed (or required) to, we may share the information we collect with other companies within SJM Group, our agents, our service providers, our contractors, our business partners; with governmental authorities, statutory boards, government officials, law enforcement authorities, industry associations, legal process participants such as our legal advisers, courts, or other alternative dispute forums; and/or with other third parties in connection with any proposed or actual changes in our business structure or ownership. We will always require any third party with which information is shared to exercise reasonable care to protect such information and restrict the use of such information to the purposes for which the information is shared. In some cases, we will seek or may be required to collect your specific consent.
Although you may opt out of the use and sharing of personal information for marketing purposes, there may be situations in which we are still allowed (or required) to use and share information we collect to the authorities for the purpose of legal compliance.
We use the services of third party service providers, such as e-mail service providers, website, app and system development service providers, platform owners or providers of logistic support to systems websites and apps, data management service providers, and/or marketing companies assisting with the development and support to marketing campaigns or events of us. These service providers act as contractors under the authority of COMPANY and COMPANY may share your personal information with these service providers. These service providers are contractually prohibited from using personally identifiable information for any purpose other than for the purposes COMPANY consented to by you.
We prohibit the sale of personal information by said service providers. We also prohibit the transfer of personal information by said service providers to other entities outside the SJM Group without your approval. We contractually require these service providers to implement technical and organizational security measures designed and appropriate to protect personal data due to be processed against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against other unlawful forms of processing. The measures adopted should ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected. These measures may vary depending on the applicable legal requirements.
Protection and storage
The information we collect may be processed through manual or automated means, and may be digitally stored on premise. Our staff is required to take reasonable measures to ensure that unauthorized persons cannot view or access your personal information.
While stored, the information we collect is kept strictly confidential and not made accessible to any third parties. Security and confidentiality of the data is protected by systems and procedures no less protective than those followed by the industry standards. However, no security system is impenetrable, and these systems could become accessible in the event of a security breach. While we cannot guarantee that loss, misuse, or alteration of information will never occur, we use reasonable efforts to prevent it. Please keep in mind that no method of storage or transmission over the Internet is completely secure, so your use of our products and services and provision of information to us that was not specifically requested is at your own risk.
We will retain your personal data for no longer than is necessary for the purposes for which it was collected or for which it is further processed, unless the data is also retained to satisfy any applicable legal, regulatory or contractual obligations.
We reserve the right to revise this Policy at any time without prior notice. When this Policy is revised in a material way, the revised Policy will be posted in our Website(s)/App(s).
In case any provision of this Policy is deemed invalid, illegal or unenforceable, the validity, legality and enforceability of the remaining provisions of this Policy shall not in any way be affected or impaired thereby.
Governing Law and Jurisdiction
Official Address: SJM Resorts, Limited, Rua do Tiro, Cotai, Macau
You, as data subject, may access, rectify or update any of your personal information at any time in accordance with the PDPA. Further, if you wish to opt-out of receiving marketing communications or other promotional materials from us, or do not want us to use or share your personal information for marketing purposes with SJM Group or with our business partners, please contact us by the abovementioned means.