Global Privacy Policy for Melco Club App

 

Purpose and Scope

This Privacy Policy provides an overview of how Melco Resorts Services Limited (“MRSL”), Melco Resorts (Macau) Limited (“MRM”), Melco Resorts Leisure (PHP) Corporation (“MRL”), and Integrated Casino Resorts Cyprus Limited (“ICR”) process your Personal Data in connection with your use of the “Melco Club App”. MRSL, MRM, MRL, and ICR are members of the worldwide Melco group (collectively referred to as "Melco", "we", "us" or "our" in this Privacy Policy), which is active in, among others, the hospitality, casino and entertainment industry across various locations.

“Personal Data” refers to any information relating to or about you that Melco obtains from you or about you from other parties.

We are committed to protecting your privacy – in this Privacy Policy, we set out how we collect your Personal Data, how we use it, and what rights and choices you have in relation to the Personal Data we hold and process.

Who decides why and how we process your Personal Data? 
Melco determines why and how we process your Personal Data and as such is considered a Data Controller for the purpose of Data Protection Legislations.

What Personal Data might we collect about you?
As appropriate, Melco may collect different types of Personal Data from you voluntarily for different reasons, including to provide you with a particular service – this may include:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Credit/Financial Data includes credit history, gaming activities, gaming history, bank account and payment card details.
  • Transaction Data includes data necessary for us to process payments and implement fraud prevention measures, including credit / debit card numbers, security code numbers and other such relevant billing details.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. 
  • Profile Data includes your username and password for platforms maintained by Melco (where you have access to any), purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Location Data. Our mobile application(s) may collect geo-location data (which determines your current location) to provide location- related service functionality. We may link location data to other information we have collected about you for the purposes described in this Privacy Policy. You may stop sharing your location data by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer.
  • Usage Data includes information about how you use our website, mobile application, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences. Marketing Data also includes any Personal Data you may provide us with in order to enter any competition, tournament and/or prize draw.
  • Compliance Data includes Personal Data we may have collected on you for the purposes of complying with our legal obligations.
  • Recruitment Data such as previous employers, references by previous employers or colleagues, type of job held at other companies, previous or expected salaries, skills and qualifications obtained through education or experience. This Personal Data will help us make a decision on your suitability for employment and in case your application is for future vacancies the aforesaid Personal Data will help us to decide which department you may be most suitable in.

We may occasionally collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, information about your health and genetic and biometric data). In some instances, this may also include information about criminal convictions and offences.

When do we collect your Personal Data? 
We may collect Personal Data about you in various cases, such as for example:

  • When you or your business seek our products or services (including gaming related services) or use any of our online services, including but not limited to setting up an account through our mobile application or by any other electronic means;
  • When you or your organization make an enquiry through our application, in person, over email or over the telephone, including but not limited to applying for a position with us;
  • When you attend an event we may organize, or sign up to receive communications from us;
  • When a corporate entity engages us to provide services and you hold an office or an interest in or have certain relationships with that entity (e.g. as a director or employee);
  • When you or your organization provide services to us, or otherwise offer to do so;
  • When you or your organization provide us with feedback;
  • When we collect information based on your behavior, preferences, patterns and similar to tailor our services and to enable us to provide you with privileges and special access on that basis;
  • When we receive Personal Data such as Contact, Financial and Transaction Data from third party providers of technical, payment and delivery services.

How will we use your Personal Data? 
We will use your Personal Data, for the following purposes (“Permitted Purposes”):

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • To provide you with services or other similar services you may have requested, including online services, as instructed or requested by you or your organization;
  • To manage and administer your or your organization’s business relationship with us, including processing payments, accounting, billing, and collection or support services;
  • For compliance with our legal or tax obligations (such as anti-money laundering, regulatory or tax reporting);
  • To analyze and improve our services and communications to you;
  • To process suggestions, recommendations, or complaints in relation to our services and products;
  • To communicate with you through the channels you have approved to keep you up to date on the latest developments, announcements, and other information about our services, products and technologies as well as events we may organize;
  • To comply with court orders and exercise and/or defend our legal rights;
  • To review your application for an employment position with us.

Where you have expressly given us your consent, we may process your Personal Data also for the following purposes:

  • For customer surveys, marketing campaigns, market analysis, contests or other promotional activities or events; or
  • To collect information about your preferences to create a user profile to personalize and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking).

With regard to newsletters, legal updates and other general communications, you will always have the option to opt out of receiving such communications at any time.

Information on our promotional offers

We may use your Identity, Contact, Technical, Service, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have consented to it or if you have requested information or purchased services from us or if you provided us with your details when you entered a competition or registered for a promotion and in each case, you have not opted out of receiving marketing communications.

Treatment of third-party marketing 

We will always get your express opt-in consent before we share your Personal Data with any company outside Melco group (including affiliates and group companies) for marketing purposes. 

Legal grounds for processing

Depending on which of the above Permitted Purposes we use your Personal Data for, we may process your Personal Data on one or more of the following legal grounds provided for under applicable data protection legislation:

  • Where processing is necessary for the performance of a contract with you or your organization;
  • Where we need to comply with a legal or regulatory obligation;
  • Where it is necessary for our legitimate interests (or those of third parties including our contractors) and your interests and fundamental rights do not override those interests.
  • We may also use your information in the following situations, which are likely to be rare:
    • Where we need to protect your interests (or someone else’s interests);
    • Where it is needed in the public interest or for official purposes.
      Examples of the 'legitimate interests' referred to above are:
      • Fraud detection and prevention (crime prevention);
      • Ensuring the integrity of Melco’s information, systems, network and cyber security;
      • Processing of employment data;
      • Product development and enhancement;
      • General Corporate Operations;
      • When we have your consent to do so, where you have expressly given this to us.

How might we share your Personal Data?

We may disclose your Personal Data where we may instruct service providers within or outside the Melco group (including affiliates and group companies), domestically or abroad, e.g. IT services or server providers, to process Personal Data for the Permitted Purposes on our behalf and in accordance with our instructions only. In certain cases, this may also mean that your Personal Data may be transferred to locations outside your country, Macau, the Philippines, or the EU or EEA. Melco will retain control over and will remain fully responsible for your Personal Data and will use appropriate safeguards as required by applicable laws to ensure the integrity and security of your Personal Data when engaging such service providers;

We will otherwise only disclose your Personal Data when you direct us or give us permission to do so or otherwise as required by law, such as for meeting legal and tax obligations.

Transfers of Personal Data abroad

Melco is active across the world – this means that we may transfer your Personal Data abroad if required to do so for the Permitted Purposes. In certain cases, this may include transferring data to countries or regions which do not offer the same level of protection as the laws of your country (such as for example the data protection legislation of Macau, the Philippines, or the EU/EEA).

When making such transfers, we will ensure that they are subject to appropriate safeguards in accordance with, as applicable, the Macau Personal Data Protection Act (Law 8/2005), the Philippine Data Privacy Act of 2012 (Republic Act No. 10173), the EU General Data Protection Regulation (Regulation 2016/679) or other relevant data protection legislation (“Data Protection Legislations”), or that we otherwise comply with the requirements and standards under the applicable Data Protection Legislations for transferring Personal Data abroad. For example, in some cases we may rely upon your explicit consent when transferring your Personal Data abroad if required to do so for the Permitted Purposes, pursuant to Article 49(1)(a) of Regulation 2016/679. Please get in touch with us if you wish to obtain further information on the appropriate safeguards to which we are adhering.

Can you refuse to share your Personal Data with us?

In general, we receive your Personal Data where you provide this on a voluntary basis, and there will typically be no detrimental effect for you if you wish not to provide this or otherwise withhold your consent for it to be processed. However, there are certain cases where we will unfortunately be unable to act without receiving such data, for example where we need to carry out legally required compliance screening or require such data to process your instructions or orders, or otherwise to provide you with our online services or communications.
Where it is not possible for us to provide you with what you request without the relevant Personal Data, we will let you know accordingly.

How do we keep your Personal Data safe?

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. 

We have put in place procedures to deal with any suspected Personal Data breach and, where necessary, will notify you and any applicable regulator of a breach in accordance with applicable legal procedures.

Personal Data we receive from you about other people

Where you provide us with the Personal Data of other people, such as your employees, directors of your companies, or other persons you may have dealings with, you must ensure that you are entitled to disclose that Personal Data to us and you acknowledge to us that you have obtained any consents from those people and any authorizations as may be required under any applicable laws to provide us with such Personal Data, without us being required to take any further steps to collect, use, and disclose that data in the manner described in this Policy.

 

How long do we keep your Personal Data for?

We delete your Personal Data once it is no longer reasonably necessary for us to keep it for the Permitted Purposes, or, where we have relied on your consent to keep your Personal Data, once you withdraw your consent for us to do so, and we are not otherwise legally permitted or required to keep the data.

Melco will keep your Personal Data as necessary for the purposes of defending or making legal claims until the end of the period during which we may retain the data and otherwise until the settlement of any such claims, as relevant.

For further information on how long we may keep your data for please get in touch with us.

What rights do you have? 
Subject to certain circumstances under applicable legislation, you have the right to: 

  • Request a copy of the Personal Data which we hold about you or in certain cases request us to transfer the data we hold about you to another provider;
  • Have any inaccurate data we hold about you corrected;
  • Object or restrict our use of your Personal Data, including but not limited to object to our use of automated decision making in certain cases;
  • Submit a complaint if you have concerns about the way in which we are handling your data;
  • Request that we delete the Personal Data we hold on you;
  • Where we have relied on consent to process your Personal Data, withdraw your consent.

To do any of the above, please get in touch with us. To enable us to process your request, we may require that you provide us with proof of your identity, such as by providing us with a copy of a valid form of identification – this is to protect the Personal Data we hold from unauthorized access requests and comply with our security obligations.

We may charge you a reasonable administrative fee for any unreasonable or excessive requests we may receive, and for any additional copies of the data you may request.

Corrections, updates and complaints
Where any Personal Data you have provided us with has changed, or where you believe the Personal Data we hold is inaccurate, or where you wish to make a complaint regarding our handling of your Personal Data, please get in touch with us at:

Macau The Philippines Cyprus Hong Kong & others
dataprivacy@melco-resorts.com dataprivacyofficer@cod-manila.com dpo@melco-resorts.com.cy dataprivacy@melco-resorts.com
Avenida da Praia Grande n.° 594, 15.° andar A, Macau, Macau SAR City of Dreams Manila, Asean Avenue corner Roxas Boulevard, Barangay Tambo, Paranaque City, 1701 Philippines Data Protection Officer
Zavos Pavilion Tower
2nd Floor, Suite 202
Corner of Pafou No.50 & Omonoias Avenue 
3052 Limassol 		36/F, The Centrium, 60 Wyndham Street, Central, Hong Kong, Hong Kong SAR

Melco will promptly respond to your requests and complaints. In the event that you are unhappy with our response, you may submit a complaint to the relevant privacy regulator. We can provide details of the relevant privacy regulator upon request.

In addition, please note that if you have certain relationships with us or a Third Party Entity to which we provide services, you and/or the third party entity may have a contractual or legal obligation to notify us of any change within a prescribed time period. We cannot be responsible for any loss that may arise due to us having any inaccurate, incomplete, inauthentic or otherwise deficient Personal Data which you or a third party entity have provided to us. Please also let us know if you wish to withdraw any request.

Get in touch

We would be happy to hear your views about this Privacy Policy – please let us know any questions, comments or clarifications you may have at the following contacts:

Macau The Philippines Cyprus Hong Kong & others
dataprivacy@melco-resorts.com dataprivacyofficer@cod-manila.com dpo@melco-resorts.com.cy dataprivacy@melco-resorts.com
Avenida da Praia Grande n.° 594, 15.° andar A, Macau, Macau SAR City of Dreams Manila, Asean Avenue corner Roxas Boulevard, Barangay Tambo, Paranaque City, 1701 Philippines Data Protection Officer
Zavos Pavilion Tower
2nd Floor, Suite 202
Corner of Pafou No.50 & Omonoias Avenue 
3052 Limassol 		36/F, The Centrium, 60 Wyndham Street, Central, Hong Kong, Hong Kong SAR

 

 

Changes to our Privacy Policy

This Privacy Policy was last updated in April 2021. We have the right to update the contents of this Privacy Policy from time to time to reflect any changes in the way in which we process your Personal Data or to reflect legal requirements as these may change. If any change to the contents of this Privacy Policy is indicative of a fundamental change to the nature of the processing or a change which may not be fundamental in terms of the processing operation but which may be relevant to and impact upon you, then we will notify you of such change in advance of the change taking effect.