Cookie Maison Singapore (“us”, “we”, “our”) is the operator of www.cookiemaison.sg (the “website”). We take our obligations and responsibilities under Singapore’s Personal Data Protection Act 2012 (the “PDPA”) seriously. We also recognise the utmost importance of the personal information you have entrusted to us and believe that it is our obligation and responsibility to properly manage, safeguard and protect your privacy and the security of your personal information.
Unless restricted by the PDPA or any other applicable law, you acknowledge and agree that we may process your personal information that we have in our possession or under our control, including personal information in the possession of third party service providers whom we have engaged to collect, use, disclose or otherwise process your personal information, in the manner, and for the purposes set out in the terms described above. You are also deemed to have acknowledged and agreed to any amended version of this policy if you continue to use the website after the changes have taken place. As such, please check this page periodically to ensure that you are well informed of any changes in relation to personal data protection or where applicable.
If you have any questions about this policy, please click on our “Contact” page to get in touch with us via our electronic feedback form.
“Personal Information” means information, whether true or not, about an individual, person or entity who can be identified from that information, or from information and other data which an organisation has or is likely to have access to. This information may be obtained directly and voluntarily by the individual, person or entity, or via a third party who is duly authorised to disclose the information about the individual, person or entity.
The information on our website are directed towards and designed for use by persons of age 18 and above. We do not retain the registration with any person whom we have determined to be under the age of 18. We also do not intentionally seek or solicit the collection of personally identifiable information from persons under the age of 18. In the event we determine that we are in receipt of such information from any person who indicates that he or she is under the age of 18, or whom we otherwise have reason to believe is under the age of 18, we will automatically delete such information from our database.
How we collect information about you.
We collect your personal information in the following ways:
- When you register to be in our mailing list or set up a customer account via our website.
- When you visit and browse the products and services on our website
- When you make or attempt to make a purchase through our website.
- When you submit a query, enquiry or complaint in relation to our products and services via our “Contact” page.
- When you interact with us via our website or social media platforms during promotions, giveaways or special events.
Similar to almost any other website that you visit and browse daily, our website also takes advantage of technological devices such as cookies.
If you prefer not to receive cookies from us, you can opt by taking the following steps:
- Erase all cookies from your hard drive.
- Configure the internet browser on your computer or mobile device to automatically block all cookies or to receive a warning before a cookie is stored.
What personal information we collect from our users.
When you visit our website, we automatically collect information such as your computer or mobile device IP address, time and date stamps, internet browser type, internet service provider etc. Additionally, as you browse and navigate through our website, we collect information about the web pages and products you click on, the websites or search terms that referred you to our website and any other ways you interact with our website.
When you set up an account at our website, you are required to provide us with your full legal name, date of birth and email address. You must also choose an eligible password and provide your password to us.
Every time you use our online ordering service to make a purchase, you are required to provide us with your name, billing and shipping addresses including postal codes, telephone number, email address and payment information (including credit card and debit card information). We will also collect information about the about the purchases you make. In certain circumstances when you provide us with personal information relating to third parties (your next-of-kin or any person who may receive delivery of your purchases on your behalf), you are deemed to have represented and confirmed to us that you have obtained the consent of such third party to provide his or her personal information to us.
If you get in touch with us via email or through the electronic feedback form on our “Contact” page, we will collect your sender information and other information you voluntarily disclose to us.
How we store the information we collect.
We store all information provided to us and the information we collect electronically in our computer databases. We own, maintain and operate the computer servers containing our databases. Access to our computer servers is controlled and regulated by up-to-date antivirus protection, firewalls, encryption and other security gatekeepers targeted to adequately safeguard and protect against unauthorised access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of the personally identifiable information you provide.
For credit card and debit card information, we use a validated Level 1 PCI DSS compliant service provider to process all online payment transactions. Our payment gateway is also on Visa’s Global Compliant Provider and Mastercard’s SDP List. We do not store raw magnetic stripe, card validation code, or PIN block data.
You should be informed, however, that no method of transmission over the Internet or method of electronic storage is completely secure and protected. While security and protection cannot be guaranteed, we strive to protect the privacy and security of your personal information and are constantly improving and optimising our security measures.
How we use the information we collect.
We use the personal information collected in our member database in various ways:
Each time you enter your email address and password, we will call up your information from our database to enable faster and easier processing of your purchase. This enables us to expediently facilitate the delivery of the services you have requested.
We will send you targeted advertisements and marketing communications regarding our products, giveaways and special events via text, email and/or social media platforms or any other appropriate communication channels in accordance with your preference. When you use your member account, we also keep records of the preferences and transactions history. This allows us to send you targeted advertisements and marketing communications that we believe may be of interest to you from time to time.
We may also use the information to contact you concerning your level of satisfaction with our products and services, to respond to your enquiries or complaints, to verify incomplete orders, to resolve any disputes or delays with your order(s), to screen for potentially fraudulent activities or otherwise communicate with you concerning your transactions with us.
We also aggregate and analyse information about how our online ordering service is used (without specific identification to any particular user) to help improve and optimise our service and make it more responsive to our customers’ preferences. The information allows us to generate analytics about how users browse and interact with our website, assess the success of our marketing campaigns and review our advertisements, promotions and notices to be more relevant and applicable to our website users.
Disclosing or sharing the personal information collected
In order to efficiently conduct our business operations and to fulfil our obligations and responsibilities to you, we may also disclose the personal information that you have provided to us to third party service providers, who may be situated in Singapore or elsewhere, whose services we use for hosting and managing the information and content provided on our website. In the course of providing such services, third party service providers may collect and store information provided on our website via cookies or other means employed by them. This information will strictly be in connection with the information and content we provide on our website and not the personal information we collect from you. Access to information by third party service providers is also limited to the extent necessary to provide the services for which they were hired and for no other purposes whatsoever. As part of our agreement with them, third party service providers are bound by confidentiality obligations and are required to adhere to the PDPA and any policies that we provide. They also have to take reasonable measures to ensure your personal information is kept secure. We do not assume responsibility for any unauthorized use of your personal information by third party service providers which are wholly attributable to factors beyond our control.
Examples of third party service providers that we disclose your personal information to include:
- Data entry service providers
- Professional advisors, agencies, consultants and external auditors
- Service providers who provide operational services in connection with our business such as information technology, logistics and delivery
- Service providers who provide services relating to marketing and promotional activity
- Relevant government regulators or authorities
We also use Google Analytics to help us understand how our customers use the website. You can read more about how Google uses your personal information here: https://www.google.com/intl/en/policies/privacy/.
If you do not wish for your personal information to be made available to Google, you can opt out here: https://tools.google.com/dlpage/gaoptout.
Once you leave our website or are redirected to a third party website or application, you are no longer governed by this policy or our website’s Terms and Conditions.
We will disclose your personal information without notice to government regulators or authorities, only if required to comply with our obligations under any laws, rules, guidelines, legislations, regulations, codes of practice, directions, court orders, by-laws, circulars or schemes applicable to us or in the good belief that such action is necessary to (a) conform to the statutes and edicts of the law or comply with legal process served on Cookie Maison Singapore; (b) enforce, protect and defend the rights, property or legitimate business interests of Cookie Maison Singapore as provided on our website; and (c) act under exigent circumstances to protect the personal safety of users of our website, or the public.
How you can control the use of the personal information collected.
If you have registered an account at our website, and prefer not to receive emails from us about promotional advertisements, offers and notices, please click on our “Contact” page to get in touch with us via our electronic feedback form. And our emails to you will stop within ten (10) business days.
We may from time to time, send non-promotional emails to all registered users of our website for the purpose of gathering and dispersing information to provide better services to our customers. Non-promotional email may include, but will not be limited to, maintenance notices, system updates and confirmation or other notices necessary to complete a transaction initiated by a registered user.
You may also request to access, amend or delete your personal information that is in our possession or under our control by getting in touch with us via the electronic feedback form on our “Contact” page.
Upon receipt of your request to access your personal information, we will take the adequate measures to provide you with the relevant personal information within thirty (30) business days. Where a request cannot be complied with within the time frame, we will inform you of the reasonably soonest time in which we will respond.
Upon receipt of your request to amend your personal information, we will amend your personal information as soon as practicable unless we have reasonable grounds not to do so.
Upon receipt of your request to delete your personal information, we will delete your personal information as soon as practicable unless we have reasonable grounds not to do so.
How your personal information is protected.
The personal information you provide to us is password-protected. In order to maintain this protection, we caution you not to provide your password to any other person. At our end, we do not give your password to anyone. If you share your computer with other persons or are using a computer in a public place, we advise and recommend that you protect your information by signing out of your account and closing your internet browser window after you have completed your purchase.
When you make a purchase through our website, unless and until we receive your request to delete this information, such information we receive through your purchase(s) will be retained electronically as records in our computer databases.
Upon receipt of your request to delete your information, we will take adequate measures to ensure that your personal information that is in our possession or under our control is destroyed and/or made anonymous as soon as it is reasonable to assume that:
- The purpose for which that personal information was collected is no longer being served by the retention of such personal information.
- Retention of personal information is no longer necessary for any legal or business purposes.
However, you understand that notwithstanding your request, we will thereafter still be entitled to collect, use or disclose your personal information if we are required or authorised to do so under the PDPA or any other applicable law.
We intend for you to have a pleasant and enjoyable experience when using our services. If you have any questions or comments, or believe that a violation of this policy may have occurred, please get in touch with us. Our complete contact information is provided on the “Contact” page of our website.
For more information about the PDPA, please visit https://www.pdpc.gov.sg