We take your privacy seriously and are committed to safeguarding your personal information at The National Aquarium LLC (“Company”, “we” or “us” or “The National Aquarium”). We value you as our customer, respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the sources of your personal information that we may collect from you or that you may provide to us, our purposes for collecting and processing your information, and our practices for collecting, using, maintaining, retaining, protecting and disclosing that information.
If you have any questions or concerns about this privacy policy or your personal information, please contact us using the details provided in Section – ‘How do you contact us?’.
The sources of your personal data collected (collectively referred to as “Platforms” in this policy) may include without limitation the following:
The National Aquarium websites: These are websites we created for you that are operated by us under our own domains and web addresses (URLs) and our own micro-sites that are part of a third-party social media networks such as Facebook, Twitter, or Instagram.
Emails, text messaging services, and other electronic messages: These are the electronic text-based interaction between you and The National Aquarium.
The National Aquarium mobile applications: These are smartphone applications created for you and operated by The National Aquarium or one of our partners.
Digi Kiosks: These are kiosks installed within our premises which can be utilized to purchase tickets for The National Aquarium.
The National Aquarium Counter: where you could purchase tickets for The National Aquarium.
The National Aquarium customer service: Any communication between you and our customer service center (e.g. phone, chatbot, email, etc.).
Online / Offline registration forms: These include printed/digital registrations, surveys, or questionnaires The National Aquarium collects via registration forms, contests, events, and various promotions.
Advertising: You might interact with one of our or our partners’ advertisements on our websites and apps and we might receive and collect this information.
Career Portal: These includes recruitment portal across The National Aquarium.
Data we create: The National Aquarium may also create data about you, when you avail our services.
Data from other sources: These include social media networks, market research agencies, The National Aquarium third party sales agents, registered brokers, The National Aquarium promotional partners, public sources, and data received when we acquire other companies.
CCTV cameras: Security footage (image and video) from CCTV cameras placed across our premises
Automatic Number Plate Registration: Vehicle registration number and details recorded through Automatic Number Plate Recognition (ANPR) systems at our premises’ car parks.
The National Aquarium Loyalty Program: Once you register for our loyalty program, we would collect and process your personal information and transaction history.
The National Aquarium Public WiFi: Any usage of the The National Aquarium public Wifi network at our premises.
This policy does not apply to information collected:
through any other means, including any other website operated by any third party; or
by any third party, including through any application or content (including advertising) that may link to the Website
The type of personal information we collect on or through our platforms, why we collect and how we use the personal information are explained in the following:
3.1 To respond to any queries made by you:
We would use your personal data to help us respond to your queries. We may receive your personal data through our website/social media page/call/mobile application. We collect the following personal information: name, email address, phone number, nationality and details of your enquiry pursuant to our legitimate business interests. In certain cases, your enquiry may relate to a specific service request, for example: raising an enquiry regarding Reel Cinemas. For such requests, we need to use your personal information to help us respond to your request and to fulfil our contractual obligations under the requested service. Additionally, when you call our customer service centre, we would maintain a record of the communications, including call recordings, in pursuit of our legitimate business interest to monitor and improve the quality of our customer support.
3.2 To request your feedback, and to respond to complaints:
Your satisfaction is our utmost priority and we proactively take necessary steps to ensure you are well satisfied with our services. To help us respond to your feedback or complaints, we collect the following personal information: name, email ID, transaction details (such as service you availed) and your feedback/ complaints in the “We Care submission form”, through a survey conducted after you complete a transaction or after the completion of your call with our customer service team. We collect and use your personal information in pursuit of our legitimate business interests to address your concerns and to take necessary steps towards continual improvement. In the event you prefer not to receive such information, you may opt out by following the instruction provided in Section – “How to opt out?”.
3.3 To provide the services requested by you:
We would process personal information that you provide when you wish to register your profile or purchase ticket or passes for our attractions to provide you the services requested by you. Further we would process any information that you provide when you wish to make reservation for parties & events, school visits, internship program, summer intensive courses or buy The National Aquarium gift card by contacting via calls or email.
We would need to collect and use the following personal information: name, email address, phone number, nationality, credit card details and payment transactions in order to provide the services requested by you and to fulfil our contractual obligations towards you.
3.4 To personalize and provide you with information about The National Aquarium’s services and latest offers:
We may combine the information we receive and collect about you to better understand your interests and preferences so that we can provide you with an experience that is tailored to those interests and preferences. For example, we may do this by notifying you of any events conducted by The National Aquarium, or sending you personalized offers, discounts or promotions by our mobile application, or email (where you have agreed to receive our emails), or advertising content that is relevant to your interests. It is in our legitimate business interests to send you information about The National Aquarium’s services and latest offers. We use your personal information such as email ID and/ or contact number to share information relating to The National Aquarium’s services and latest offers that may be of interest to you. In the event you prefer not to receive such information, you may opt-out by following the instruction provided Section – “How to opt-out?”.
3.5 To facilitate email campaigns carried out by our sales and marketing departments:
As part of our email campaigns, we track whenever you receive, open, click a link, or download any attachments from an e-mail you receive from The National Aquarium. We will carry out automated profiling of such information to evaluate your interest in our service offerings or promotions. This processing will enable us to identify and target potential customers or business partners, tailor our marketing and provide you with relevant and timely content based on your interests, in pursuit of our legitimate business interests. In the event you prefer not to receive such information, you may opt out by following the instruction provided in Section – “How to opt out?”.
3.6 To facilitate Advertisements:
The National Aquarium uses the personal information you provide us for a commercial purpose to help us tailor and show advertisements to you. We may partner with third parties to help us display relevant advertising and to manage our advertising across multiple channels including social media platforms. Our third-party partners may use cookies and non-cookie-based technologies to help us show you advertising based upon your browsing activities and interests. In the event you wish to opt-out, you may do so by following the instruction provided Section – “How to opt out?”
3.7 To establish a working relationship with our Business Partners:
We collect/ receive personal information about you through one of the following channels:
When you participate in any of our sales, marketing and thought leadership events (including webinars) organized or hosted by The National Aquarium; When our sales executive or business leaders visit events organized by external organizations (including the company you represent); We collect from our sales executives or business leaders who share a professional/ personal relationship with you; or We collect from publicly available information that you have shared on professional networking platforms such as LinkedIn.
We collect the following personal information: name, email ID, contact number, designation, and the company you represent. We use this information in pursuit of our legitimate business interests to share information relating to The National Aquarium services, to invite you to future events, that may be of interest to you and/ or the company you represent; and to establish a working relationship with the company you represent.
3.9 To enter, Commercial or Investment relationship:
We collect and use Information when you enter a commercial or investment relationship (as a shareholder or buyer of one or more assets from the Group’s portfolio) with an The National Aquarium Group company. It is in accordance with Contractual obligations to collect the following Data either directly from you, or from the company that you work or represent: Name, contact details, phone number, postal address, email address, date and place of birth, percentage of capital and voting rights held, other data but strictly linked to the investment, etc.
3.10 To comply with legal requirements and exercise or defend legal claims:
We may need to process and retain your personal information to comply with legal requirements to which we are subject (for example in relation to licensing, health and safety). It is in our legitimate interests to process personal information for the purposes of exercising and defending legal claims. Processing personal information may also be necessary to ensure compliance with the relevant legal and regulatory obligations.
3.11 To process your payments and protect against fraudulent transactions:
We may need to process your personal information to keep your payments safe and secure and protect against fraudulent transactions. It is in our legitimate interests to process personal information to keep your payments secure and to prevent fraud. Processing personal information in this way may also be necessary to ensure compliance with the relevant legal and regulatory obligations.
3.12 To comply with any opt-out or do not disturb requests we receive from you:
We understand that you may not prefer for us to contact you with any offers, promotions or details of our products and services. In the event you opt-out, we may be required to maintain information such as name, email ID/contact number and the subscription(s) that you have opted out of to ensure compliance with your requests. Also, in the future, if you wish to hear from us, you may at any time, contact us to opt-in and we would be happy to keep you posted about our latest offers, promotions and/ or details of our products and services.
3.13 To comply with health and safety obligations:
We may be required to process your medical information or any other health related information in the event of an accident or injury at any of the entertainment facilities we manage. It is our legitimate interest for the management of accidents and injuries occurring in our managed facilities. This information would also be required for the improvement of the accident prevention system (including fire protection and prevention against foreseeable natural and technological risks). It could also possibly be required for legal purposes or to prepare for and defend against legal claims.
3.14 To manage vehicle parking:
We would be required to record license plates through Automatic Number Plate Recognition (ANPR) systems and other vehicle details as well as parking records where it is in operation at our car parking facilities. These would be required for the management of our parking system as well as to maintain security within it and fulfil our contractual obligations effectively.
3.15 Other information we collect
There is other information we may collect that does not directly reveal your specific identity or does not directly relate to you as an individual. We may automatically collect the following information pursuant to our legitimate business interests when you visit our website or utilize our services:
The technologies we use for this automatic data collection may include:
Cookies: A cookie is a small piece of data, which includes an identifier made of letters and numbers that is sent by a web browser and stored on your computer. Cookies are used as a reliable mechanism to remember information about you, so your interaction with our website is seamlessly simple. Cookies typically do not contain any information that personally identify you, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Flash Cookies: Certain features of our Website may use local stored objects (or Flash cookies) to collect and store information about your preferences and navigation to, from and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies.
Web Beacons: Pages of the Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs. pixel tags and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an e-mail and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
We use these cookies for the following purposes:
3.16 Information we receive from others
We work closely with third parties and receive information about you from them as well. We also collect personal information from individuals who may refer you as a friend to our loyalty schemes or products or services. We ask these individuals to confirm that you are happy to hear from us.
3.17 Information about Children
Some of our entertainment attractions cater to and provide exceptional and unique experiences suited to both children and adults. As part of these attractions we may collect and process personal data including children’s data in order to facilitate the provision of our services. We make sure we only process your children’s data when it is absolutely necessary for us to do so. For instance, we may process your children’s data when it is provided in the course of using our services. Such data may include information provided to us from you before entering attraction, such as name, age, gender. Such data will also include your children’s image captured by our CCTV system during their visit at the attraction. The legal basis for us processing this is to fulfil our contractual obligations towards providing you the requested services and pursuant to our legitimate interest in properly administering your children’s ability to use our services (e.g. making adjustments to your children’s experience at attraction as necessary), to ensure that we provide a safe environment for our visitors and employees and to protect your legal rights, our legal rights and the legal rights of others.
We may share your personal information with any member of the The National Aquarium, including subsidiaries, affiliates and holding companies, in order to enable you to request our services, to process your payments, understand your preferences, conclude a sale, facilitate any maintenance/ service requests, send you information about products and services that may be of interest to you and conduct the other activities described in this privacy policy. Such group companies are located outside the European Economic Area (“EEA”). Please visit our website to see a list of locations within our corporate group.
We may use carefully selected third parties to perform services on our behalf or to assist us with the provision of services to you. For example, we may engage third party agents, distribution partners cloud service providers, IT service providers and other third parties to support and facilitate property sales and bookings, property handover, security services, brand promotions, marketing, advertising, communications, to personalize and optimize our service, to analyze and enhance data (including data about users’ interactions with our services), and to provide legal, accounting, insurance, audit and other professional services. While providing such services, these third parties may have access to your personal information.
We may share your personal information with select business partners in sectors including banking, travel, entertainment, lifestyle, and other industries to enable our customer to avail special offers. For example, our partnership with banks enables our customers to avail home financing options.
Where required or permitted by law, personal information may be provided to others, such as regulators and law enforcement agencies.
We may share to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by the Company about our Website users is among the assets transferred.
We may share with government or regulatory authorities upon request to comply with any court order, law or legal process
We may share with other companies and organizations for the purposes of fraud protection and credit risk reduction if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers or others.
The personal information that we collect from you may be transferred to, and stored at, a destination outside the EEA (for example, in Dubai). It may also be processed by staff operating outside the EEA who works for us or for one of our third-party vendors. We will take all steps that are reasonably necessary to ensure that your personal information is treated securely and in accordance with this privacy policy and applicable data protection laws, including, where relevant, entering EU standard contractual clauses (or equivalent measures) with the party outside the EEA receiving the personal information. We carry out such transfers to facilitate the performance of our contract and in pursuit of our legitimate business interests of helping us serve you better. We have implemented adequate safeguards to protect and secure the information involved in such transfers. Where we transfer personal information outside of EU, we either transfer personal information to countries that provide an adequate level of protection (as determined by the European Commission) or we have appropriate safeguards in place. Appropriate safeguards to cover these transfers are in the form of standard contractual/data protection clauses adopted by the European Commission.
If you would like more information on protection measures and transfer mechanisms, please contact us using the details provided in Section – ‘How do you contact us?’.
We will only keep your personal information for as long as is reasonably necessary taking into consideration our need to answer queries or resolve problems, any other purpose outlined above or to comply with legal requirements under applicable law(s). This means that we may retain your personal information for a reasonable period, for example, till the end of the leasing contract with the organization you represent, or after your query has been addressed. In certain cases, we may retain your personal information for a longer period where extended retention periods are required by law or regulation and to establish, exercise or defend our legal rights. We will ensure that it is disposed in a secure manner when it’s no longer needed.
For more information on where and how long your personal information is stored, and for more information on your rights of erasure and portability, please contact us using the details provided in Section – ‘How do you contact us?’.
Your personal data security is an important concern to us. We provide the utmost care in secure transmission of your personal information from your computer, smartphone, and other electronic devices to our servers. We use industry security standards to safeguard the confidentiality of your information (e.g. firewalls, Transport Security Layer (“TLS”) etc.) and to make sure that your personal information is secure with us.
We have implemented and maintained appropriate technical and organizational security measures, policies and procedures to protect your personal information from the accidental loss, unauthorized access, use, alteration and disclosure. All information you provide to us is stored on our secure servers behind firewalls. All payment transactions are encrypted using TLS technology. Ex: Measures we take includes:
Placing confidentiality requirements on our staff and service providers;
Restriction of access to your personal information to employees and third parties strictly on a need to know basis, such as to respond to your enquiry or request;
Destroying or anonymizing personal information if it is no longer needed for the purposes for which it was collected; and
Using secure communication channels for transmitting personal data.
The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
If you are subject to laws that provide you with such rights, you may have certain rights in relation to your personal information given below.
If you wish to access any of these rights, we may ask you for additional information to confirm your identity and for security purposes, before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for example, if your request is manifestly unfounded or excessive.
If you would like to access the below rights, you may contact us by completing a form on our website or by mailing us at [email protected]. We shall aim to comply with all requests within reasonable time in-line with applicable laws. We may not always be able to fully address your request, for example,
We will make every reasonable effort to honour your request in-line with applicable laws. In the event we require additional time due to the complexity of the request, we shall promptly inform you of the same.
The right to access
You have the right to obtain confirmation as to whether we process personal data about you, receive a copy of your personal data held by us, and obtain certain other information about how and why we process your personal data (like the information provided in this privacy statement).
The right to rectification
You have the right to request for your personal data to be amended or rectified where it is inaccurate (for example, if you change your name or address) and to have incomplete personal data completed.
You have the right to restrict our processing of your personal data in the following cases:
We can continue to use your personal information following a request for restriction, where:
You have the right to obtain deletion of your personal data in the following cases:
The personal data are no longer necessary in relation to the purposes for which they were collected and processed;
Our lawful basis for processing is consent, you withdraw consent and we have no other lawful basis for the processing;
Our lawful basis for processing is that the processing is necessary for a legitimate interest pursued by us, you object to our processing and we do not have overriding legitimate grounds;
You object to our processing for direct marketing purposes;
Your personal data have been unlawfully processed; and
Your personal data must be erased to comply with a legal obligation under EEA to which we are subject.
We are not required to comply with your request to erase personal information if the processing of your personal information is necessary:
For compliance with a legal obligation; or
For the establishment, exercise or defense of legal claims.
The right to object to the processing of personal data
You have the right to object to our processing of your personal data in the following cases:
our lawful basis for processing is that the processing is necessary for a legitimate interest pursued by us; and our processing for direct marketing purposes.
The right to data portability
You have the right to receive your personal data provided to us and have the right to send the data to another organization (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contract with you and the processing is carried out by automated means.
The right to withdraw consent at any time (where processing is based on consent)
Where we process personal data based on consent, individuals have a right to withdraw consent at any time.
The right to lodge a complaint with a supervisory authority
If you are not content with how we manage your personal information, you can lodge a complaint with a supervisory authority in your country of residence, place of work or the country in which an alleged infringement of data protection law has occurred within the EEA. We sincerely hope that you will never need to, but if you do want to complain about our use of personal data, you can contact us in one of the ways mentioned in Section – ‘How do you contact us?’. We will look into and respond to any complaints we receive.
This policy may change from time to time. Your continued use of our platforms after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
In case of any queries related to this policy, you can contact our Data Privacy Office using the email address [email protected]