Your privacy is of utmost importance to Changi Airport Group (Singapore) Pte Ltd (“CAG”).
For the purposes of this Policy:
“Personal Data” means any information relating to an identified or identifiable natural person, where an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; and
2. Scope of this Policy
This Policy applies to all Personal Data processed online by CAG through all its websites, applications and domains, which include but are not limited to the following:
(collectively, the “Platforms”).
3. Personal Data collected by CAG
CAG will only collect Personal Data about an individual which it reasonably considers necessary for the relevant purposes underlying such processing.
Examples of your Personal Data which may be collected by us include the following:
4. How we collect your Personal Data
- your name, telephone number, mailing address, transaction details and any other information which you have provided to us in any forms you may have submitted to us or in other forms of interaction with you; and
- information about your usage of and interaction with the Platforms, including traffic data, location data, the originating domain name of your internet service provider, statistics on page views, cookies and IP addresses.
We use different methods to collect data about you, including the following:
5. How we use your Personal Data
Direct interactions. You may give us your Personal Data by filling in forms or by corresponding with us by post, phone, email, chatbot or otherwise. We may also directly collect Personal Data in other ways, including when:
- you apply for our products or services;
- you create an account on our Platforms;
- you subscribe to our service or publications;
- you request marketing to be sent to you;
- you enter a competition, promotion or survey;
- you give us feedback;
- you logon to Wi-Fi at our premises;
- you use mobile or web applications developed by us;
- you submit your resume or an application, or participate in interviews or testing, for employment or contracting opportunities with CAG; or
- your image is recorded through the use of close circuit television systems or other surveillance devices on our premises.
Automated technologies or interactions. As you interact with our Platforms, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this data by using cookies, server logs and other similar technologies. Please see our ‘Cookies Policy’ for further details at (“Cookies Policy”) .
Third parties or publicly available sources. We may receive Personal Data about you from various third parties and public sources, including financial and transaction data from providers of technical, payment and delivery services.
Your Personal Data is generally processed by us as necessary for purposes directly related to our functions and activities. This includes any one or more of the following purposes:
6. Disclosure of your Personal Data
to provide you with services and to help us develop, improve, manage and administer the services we provide to you, including services provided on and through our Platforms and Wi-Fi services;
to help us verify your identity for the purposes of processing and administering any membership application or registration;
to send you notifications and marketing messages in relation to our promotional events, offers, opportunities, products, benefits and programmes;
to conduct marketing activities including market research, customer profiling, customer insights and targeted marketing activities;
to carry out profiling and statistical analysis to improve the services provided to you;
to inform you of changes to our programmes, policies, terms and conditions, Platform updates and other administrative information;
to administer and conduct programmes, promotions, events and games;
to prevent, detect and investigate crime, including fraud, and analysing and managing other risk
to customise the Platforms and their content to your particular preferences;
to conduct surveys, questionnaires and requests for feedback;
to respond to your queries, requests, feedback and complaints;
for promotional and publicity purposes, including to record or take photographs of participants at events or functions organised, hosted or participated in by CAG;
to meet the requirements of any applicable laws/regulations, enforceable governmental request or court order;
to detect, prevent or otherwise address security or technical issues in connection with services provided through the Platforms; and/or
to fulfil such other purpose as may be specified in a data protection and privacy notice given to you at the time your Personal Data is collected.
In carrying out one or more of the purposes set out in section 5 above of this Policy, we may need to disclose your Personal Data to one or more of the following third parties:
- our agents;
- our authorised service providers such as marketing partners and web analysis companies, and their business partners;
- our auditors and professional advisors;
- our business partners;
- our underwriters and insurers;
- law enforcement agencies;
- any person to whom disclosure is permitted or required by any applicable laws/regulations, enforceable governmental request or court order; and/or
- any companies comprised in our group.
We impose strict obligations on the third parties mentioned above with which we share your Personal Data to maintain the integrity and security of that data.
We only allow the said third parties to use your Personal Data for specified purposes and in accordance with our instructions.
7. Legal basis for processing your Personal Data
The legal basis for the processing of your Personal Data will generally fall under one or more of the following:
- it is necessary for the performance of CAG’s contractual relationship with you, which is regulated by the applicable terms and conditions governing the use of the Platforms and by the specific forms collecting your data;
- it is necessary for our legitimate interests;
- it is necessary to comply with our legal obligations;
- it is authorised under any applicable law or regulations; and/or
- you are deemed to have consented to such processing under any applicable law or regulations.
Please note that we may process your Personal Data for more than one lawful ground depending on the specific purpose(s) for which we are using your data. Please contact us if you need details about the specific legal ground(s) we are relying on to process your Personal Data.
Where the processing of your Personal Data does not fall under one of the bases set out in section 7 of this Policy above, we will obtain express written consent from you for such processing by methods or means which include making you sign a form or check a box.
You can withdraw such express consent at any time by contacting our data protection officer at the contact details set out in section 15 of this Policy.
Depending on the extent to which you withdraw consent to the processing of your Personal Data by us, such withdrawal of consent may result in our inability to provide the relevant services to you and may be considered as a termination by you of any agreement between CAG and you. CAG’s legal rights and remedies are expressly reserved in such an event.
9. Links to third-party websites
We may provide links to third-party websites on the Platforms. Your use of such third-party websites will be subject to their privacy policies and is not covered by this Policy. We encourage you to read the privacy policies on the other websites you visit. As we cannot control or be responsible for the policies of other sites we may link to, or the use of any data you may share with them, you access these third-party websites at your own risk.
10. Keeping your Personal Data secure
We will use reasonable technical and procedural measures to safeguard your Personal Data, for example by:
- ensuring that access to any personal account you have with us is controlled by a password and username which are unique to you;
- storing your Personal Data on secured servers; and
- restricting access to Personal Data on a ‘need to know’ basis.
Whilst we will use all reasonable efforts to safeguard your Personal Data, please note that the use of the internet and/or our Platforms cannot be made entirely secure and we therefore are unable to guarantee the security or integrity of any Personal Data which is transferred from you or to you via the Platforms.
11. Access to Personal Data
Whilst we will take reasonable steps to accurately record your Personal Data, we require that you provide accurate and complete Personal Data, and update such Personal Data with us from time to time.
You may request access to, and correction of your Personal Data held by us by contacting us at the contact details set out in section 15 of this Policy. All requests for access and/or correction will be processed within a reasonable time except where we refuse such requests in accordance with any applicable laws or regulations. In some situations, you may be able to access and correct your personal information directly through our Platforms.
12. Further rights of data subjects in the European Union (“EU”)
If you are a data subject in the EU, you may contact us to exercise the following further rights:
- request for the erasure of your Personal Data;
- request for the restriction of processing of your Personal Data;
- object to the processing of your Personal Data; and/or
- request to transfer your personal Data to you or a third-party.
You also have the right to lodge a complaint with the relevant EU supervisory authority if we have contravened any applicable laws or regulations.
All requests made to us in exercising the rights above will be processed within a reasonable time except where we refuse such requests in accordance with any applicable laws or regulations.
13. Data Retention
We will cease to retain your Personal Data when the purposes for which we collected your Personal Data have ceased and/or when we are no longer required to continue retaining your Personal Data for any legal or business purposes.
14. Changes to this Policy
We may amend this Policy (including the Cookies Policy) from time to time. The updated versions will be posted on our Platforms and date stamped so that you are aware of when the Policy was last updated. If we make significant amendments to the Policy, we will notify you in advance and allow you the opportunity to review the revised Policy prior to such changes taking effect. We also recommend that you check the relevant websites or sections of the Platforms regularly for any updates.
15. How to contact us
We welcome your feedback, comments and any questions that you may have.
Data Protection Officer
Changi Airport Group (Singapore) Pte Ltd
PO Box 168
Singapore Changi Airport
Alternatively, for specific queries, you can send us an email at: