OUR COMMITMENT TO PRIVACY
Your privacy is important to us. To better protect your privacy, we set out our policy relating to the collection, usage, storage, and disclosure of your personal data (this "Policy"). This Policy is part of the Terms and Conditions governing this Website and should be read in conjunction therewith.
MELCO RESORTS AND ENTERTAINMENT (PHILIPPINES) CORPORATION
PRIVACY NOTICE
PURPOSE AND SCOPE
This privacy notice provides an overview of how Melco Resorts
and Entertainment (Philippines) Corporation (referred to as “MRP”, “Company",
"we", "us" or "our" in this privacy notice)
processes your personal data. MRP is a member of the worldwide Melco Resorts group,
which is active in the gaming industry across various locations. “Personal
data” refers to any information relating to you that MRP obtains from you or
about you from other parties.
We are committed to protecting your privacy – in
this Privacy Policy, we set out how we collect your personal data, how we use
it, and what rights and choices you have in relation to the personal data we
hold and process.
WHO DECIDES WHY AND HOW WE PROCESS YOUR PERSONAL DATA?
MRP
determines why and how we process your personal data and is considered as a Data
Controller that is responsible for your personal data. What personal data might
we collect about you?
We collect different types of personal data for different reasons – these may
include:
• Identity Data includes first name, maiden name, last name, username or
similar identifier, marital status, title, date of birth and gender.
• Contact Data includes billing address, delivery address, email address
and telephone numbers.
• Technical Data includes internet protocol (IP) address, your login
data, browser type and version, time zone setting and location, browser plug-in
types and versions, operating system and platform and other technology on the
devices you use to access this website.
• Compliance Data includes personal data we may collected on you for the
purposes of complying with our legal obligations.
• Recruitment Data such as previous employers, references by previous
employers or colleagues, type of job held at other companies, previous or
expected salaries, skills and qualifications obtained through education or
experience. This personal data will help us make a decision on your suitability
for employment and in case your application is for future vacancies the
aforesaid personal data will help us to decide which department you may be most
suitable in.
We may occasionally collect Special Categories of Personal Data about you (this
includes details about your race or ethnicity, religious or philosophical
beliefs, information about your health and genetic and biometric data). In some
instances, this may also include information about criminal convictions and
offences.
WHEN DO WE COLLECT YOUR PERSONAL DATA?
We may
collect personal data about you in various cases, such as for example:
• When you or your organization make an enquiry through our website, in person,
over email or over the telephone, including but not limited to applying for a
position at MRP;
• When you attend an event we may organize, or sign up to receive
communications from us;
• When you or your organization provide services to us, or otherwise offer to
do so;
• When you or your organization provide us with feedback;
• When you apply for a job or position in one of our affiliates using our online application process (through a link in this website), and if such application is successful, upon joining our organization.
HOW WILL WE USE YOUR PERSONAL DATA?
We will use your personal
data, for the following purposes (“Permitted Purposes”):
• Where we need to perform the contract we are about to enter into or have
entered into with you.
• To provide you with services or other similar services you may have
requested, including online services, as instructed or requested by you or your
organization;
• To manage and administer your or your organization’s business relationship
with us, if any;
• For compliance with our legal or tax obligations (such as anti-money
laundering, regulatory or tax reporting);
• To analyze and improve our services and communications to you;
• To process complaints in relation to our services and products;
• To communicate with you through the channels you have approved to keep you up
to date on the latest developments, announcements, and other information about
MRP as well as events we may organize;
• To comply with court orders and exercises and/or defend our legal rights;
• To review your application for an employment position with us.
With regard to newsletters, legal updates and other general communications, you
will always have the option to opt out of receiving such communications at any
time.
Due to the
sensitive and confidential nature of the Personal Data that you have shared
with us, only authorized personnel of the Company shall be allowed access to
such information for any purpose, except for those contrary to law, public
policy, public order or moral. Each of our teams develop, implement, and
review: (a) their respective internal procedures for the collection,
processing, retention, storage, and sharing of such personal data, including
procedures for obtaining your consent; and (b) to ensure that these internal
procedures limit the processing of your personal data, to ensure that it is
adequate, relevant, and limited to what is necessary in relation to the
purposes for which they are processed (data minimization).
Legal grounds for processing:
Depending on which of the above Permitted Purposes we use your personal data
for, we may process your personal data on one or more of the following legal
grounds provided for under applicable data protection legislation:
• Where processing is necessary for the performance of a contract with you or
your organization.
• Where we need to comply with a legal or regulatory obligation.
• Where it is necessary for our or our contractors’ (where applicable)
legitimate interests (or those of a third party) and your interests and
fundamental rights do not override those interests.
• When we have your consent to do so, where you have expressly given this to
us.
HOW MIGHT WE SHARE YOUR PERSONAL INFORMATION?
We may disclose your
personal data where we may instruct service providers within or outside MRP
(including affiliates and group companies), domestically or abroad, e.g., IT
services or server providers, to process personal data for the Permitted
Purposes on our behalf and in accordance with our instructions only. In certain
cases, this may also mean that your personal data may be transferred to
locations outside the Philippines. MRP will retain control over and will remain
fully responsible for your personal data and will use appropriate safeguards as
required by applicable law to ensure the integrity and security of your
personal data when engaging such service providers.
Except as stated above, we will only disclose your personal data when you
direct us or give us permission to do so or as otherwise required by law, such
as for meeting legal and tax obligations.
TRANSFERS OF PERSONAL DATA ABROAD
Melco is active across
the world – this means that we may transfer your personal data abroad if
required to do so for the Permitted Purposes. In certain cases, this may
include transferring data to countries which do not offer the same level of
protection as the laws of your country.
When making such transfers, we will ensure that such transfers are subject to
appropriate safeguards in accordance with the Data Privacy Act of 2012
(Republic Act No. 10173) or other relevant data protection legislation, or that
we otherwise comply with the requirements and standards under Republic Act No.
10173 for transferring personal data abroad. Please contact mrp@cod-manila.com if you wish to obtain further information on the
appropriate safeguards which we adhere to.
CAN YOU REFUSE TO SHARE YOUR PERSONAL DATA WITH US?
In general, we receive your personal data where you provide this on a voluntary basis, and there will typically be no detrimental effect for you if you wish not to provide this or otherwise withhold your consent for it to be processed. However, there are certain cases where we will unfortunately be unable to act without receiving such data, for example where we need to carry out legally required compliance screening or require such data to process your instructions or orders, or otherwise to provide you with our online services or communications. Where it is not possible for us to provide you with what you request without the relevant personal data, we will let you know accordingly.
HOW DO WE KEEP YOUR PERSONAL DATA SAFE (ORGANIzATIONAL, PHYSICAL, TECHNOLOGICAL SECURITY MEASURES)?
We store information collected through our website on secure servers, protected by industry standard security measures, designed to prevent confidentiality, integrity, or availability breaches. We strictly enforce this Privacy Policy within MRP, and we have implemented organizational, physical, and technological security measures to protect your Personal Data from loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction. The following safeguards and measures are currently being implemented by MRP:
· Appointment of a Data Protection Officer to ensure that Personal Data is collected, use, stored, and disposed in accordance with the requirements of the Data Privacy Act of 2012, its implementing rules and regulations, and the issuances of the National Privacy Commission (“Philippine Privacy Legislations”).
· Conduct of regular trainings to all our personnel, especially those who are tasked to collect and process your Personal Data.
· The conduct of Privacy Impact Assessments on all of the Company’s data processing systems, and the regular review of such assessments.
· The proper recording and documentation of activities carried out by the Company to ensure compliance with Philippine Privacy Legislations.
· We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality even after they leave or are separated from our Company.
· We regularly review the Company’s Forms, Contracts, and Policies and Procedures involving the collection and processing of your personal data.
· Entrance to our premises is strictly monitored, and entrance to back-of-house offices where your personal data are stored can only be accessed by our employees. In addition, access to particular personal information, especially sensitive personal information, are further restricted and only select employees who have a business to know your personal data based on the purpose for which these were collected have access to these personal data.
· All data rooms are locked with keycards and may only be accessed by employees who have a certain level of authority. Certain locations are physically locked and access is restricted to authorized employees only such as Server Rooms, Data Center, and Control Rooms, among others.
· All users are identified and authenticated through a centralized network system.
· Passwords are protected using irreversible password encryption and employees are required to regularly change their passwords in compliance with industry best practices.
· Only certain employees have access to applications/data/data processing systems, which they need based on their respective roles and job description. On the other hand, portal access for customers, patrons, and guests are done securely, and they are only able to view their own information.
However, we have no control and therefore cannot enforce the same amount of security on any of the devices that you use to access our site, or to send us information via e-mail, messaging apps, social media, or our website. We are therefore not responsible for the security and protection of information that may have been intercepted prior to our receipt of your personal data.
PERSONAL DATA WE RECEIVE FROM YOU ABOUT OTHER PEOPLE
Where you provide us with the personal data of other people, such as your employees, directors of your companies, or other persons you may have dealings with, you must ensure that you have the right to disclose that personal data to us and furthermore, without being required to take further steps, that we can collect, use and disclose such data in the manner described in this Policy.
HOW LONG CAN WE STORE YOUR PERSONAL DATA?
We delete your personal
data once it is no longer reasonably necessary for us to keep it for the
Permitted Purposes, or, where we have relied on your consent to keep your
personal data, once you withdraw your consent for us to do so, and we are not
otherwise legally permitted or required to keep the data.
We shall retain personal data for as long as it is necessary:
· As allowed or required by government regulators or agencies that oversee the business operations of City of Dreams Manila (i.e. PAGCOR and the Anti-Money Laundering Council, among others);
· For the fulfillment of the declared, specified, and legitimate purpose;
· For the establishment, exercise or defense of legal claims;
· For legitimate business purposes consistent with the standards followed by integrated resorts; and
· As allowed in cases provided by law and Philippine Privacy Legislations.
In relation to CVs and related information which we may receive for potential
employment with MRP or an affiliated company, we will delete such information
from company records after the lapse of seven (7) years, unless we receive an
earlier request to delete.
Importantly, MRP will keep your personal data as necessary for the purposes of
defending or making legal claims until the end of the period during which we
may retain the data and otherwise until the settlement of any such claims, as
relevant.
Upon the lapse of the allowable retention periods, we physically destroy paper-based personal data and ensure that this may no longer be re-used after destruction. For personal data in electronic or digital format, these are deleted and purged from our systems. Our Data Protection Officer is actively involved in the entire destruction process, as well as other relevant teams such as our IT and Information Security teams.
For further information on how long we may
store your data, please get in touch with mrp@cod-manila.com.
WHAT RIGHTS DO YOU HAVE?
Subject to
certain circumstances under applicable legislation, you have the right to:
• Know when your personal data was, is, or have been processed by us (Right to
be informed);
• Request a copy of the personal data which we hold about you (Right to
access);
• Refuse to provide consent in the processing of your personal data, as well as
the choice to withdraw such consent (if one has already been given), as regards
collection and processing of your personal data (Right to object)
• Suspend, withdraw or order the blocking, removal, destruction of your
personal data from our systems upon discovery and proof that your personal data
is either incomplete, outdated, false, unlawfully obtained, used for
unauthorized purposes, or are no longer necessary for the purposes for which
they were collected (Right to erasure or blocking)
• Have any inaccurate data we hold about you corrected (Right to
rectification);
• Request us to transfer the data we hold about you to another provider (Right
to data portability);
• Submit a complaint before the National Privacy Commission if you have
concerns about the way in which we are handling your personal data (Right to
file a complaint); and
• Be indemnified for any damages you sustained due to inaccurate, incomplete,
outdated, false, unlawfully obtained, or unauthorized use of your personal data
(Right to damages).
For the above, please contact us at mrp@cod-manila.com. To enable us to process your request, we may require
that you provide us with proof of your identity to protect the personal data we
hold from unauthorized access requests and comply with our security
obligations.
We may charge you a reasonable administrative fee for any unreasonable or
excessive requests we may receive, and for any additional copies of the data
you may request.
CORRECTIONS, UPDATES AND COMPLAINTS
Where any personal data you have provided us with has changed, or where you believe the personal data we hold is inaccurate, or where you wish to make a complaint regarding our handling of your personal data, please let us know at mrp@cod-manila.com or send us a letter addressed to:
Data Protection Officer
Legal Affairs Department, City of Dreams Manila,
Asean Avenue corner Roxas
Boulevard,
Barangay Tambo, Parañaque City,
1701 Philippines
We will promptly respond to your requests and complaints. Should
you be unhappy with our response, you may submit a complaint to the relevant
privacy regulator. We can provide details of the relevant privacy regulator
upon request.
In addition, please note that if you have
certain relationships with us as a Third-Party Entity to which we provide
services, you and/or the Third-Party entity may have a contractual or legal
obligation to notify us of any change in your or the Third-Party Entity’s
personal data within a prescribed time period. We cannot be responsible for any
loss that may arise due to us having any inaccurate, incomplete, inauthentic, or
otherwise deficient personal data which you or a third-party entity have
provided to us.
GET IN TOUCH
We would be happy to hear
your views about this Privacy Policy. Please let us know of any questions,
comments. or
clarifications you may have at mrp@cod-manila.com or
send us a letter at:
Data Protection Officer
Legal Affairs Department, City of Dreams Manila,
Asean Avenue corner Roxas Boulevard,
Barangay Tambo, Parañaque City,
1701 Philippines
CHANGES TO OUR PRIVACY POLICY
This Privacy Policy is updated as of June 2024. We have the right to update the contents of this Privacy Policy from time to time to reflect any changes in the way in which we process your personal data or to reflect legal requirements as these may change.
INFORMATION ABOUT OUR USE OF COOKIES
WHAT ARE COOKIES?
Our website
uses cookies to distinguish you from other users of our website. This helps us
to improve user experience when you browse our website, also allows us to
improve our site and provide the business with marketing information about the
site’s visitors. This page explains what cookies are, what they are used for
and how you can adjust your settings to manage cookies.
A cookie is a small file of letters and numbers that we store on your browser
or the hard drive of your device (be it a computer, tablet, mobile phone or any
other device that can access the internet) if you agree. The information in the
cookie can be used to track your internet usage.
WHAT COOKIES DO WE USE?
We use the
following cookies:
• Strictly necessary cookies. These are cookies that are required for the
operation of our website. They include, for example, cookies that enable you to
log into secure areas of our website.
• Analytical/performance cookies. They allow us to recognize and count the
number of visitors and to see how visitors move around our website when they
are using it. This helps us to improve the way our website works, for example,
by ensuring that users are finding what they are looking for easily.
• Functionality cookies. These are used to recognize you when you return to our
website. This enables us to personalize our content for you, greet you by name
and remember your preferences (for example, your choice of language or region).
• Targeting cookies. These cookies record your visit to our website, the pages
you have visited and the links you have followed. We will use this information
to make our website and the advertising displayed on it more relevant to your
interests. We may also share this information with third parties for this
purpose.
You can find more information about the individual cookies we use and the
purposes for which we use them in the table below:
Cookie |
Name |
Purpose |
Age Confirmation |
Age Compliance |
This cookie is essential to fulfil our legal obligations. |
Policy Acknowledgement |
Policy Compliance |
Recognize you when you return to our site. |
You have the choice to block all or some cookies on your browser or the hard drive of your computer by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Except for essential cookies, all cookies will expire after 28 days. Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.
MANAGING COOKIES
A. ACCEPTANCE OR BLOCKING OF COOKIES
You can manage cookies by activating the setting on your Internet browser that allows you to accept or refuse the setting of all or some cookies. You can accept or block cookies on a case-by-case basis, or you can block all cookies. Please note, that changing your settings to block all cookies (including essential cookies) may affect your access to content and services on our site that require the use of cookies. We do not accept any responsibility for any consequences relating to improper operation of our services where it results from our inability to save or consult cookies necessary for the operation of those services or if you have blocked or deleted those cookies. If you consent to the saving of cookies contained in content that you have accessed, those cookies will be stored temporarily in a dedicated location on your device. Please note that you can also adjust the settings on your browser so that it indicates the cookies that are being stored on your device and asks you whether you want to accept them.
B. ADJUSTING YOUR SETTINGS ON DIFFERENT BROWSERS
Each browser has a
different set up for the management of cookies and on this basis we provide
below (for convenience purposes) the link for the adjustment of cookies to the
four most frequently used browsers:
• Microsoft Edge
• Google Chrome
• Safari
• Firefox
If your browser is not mentioned hereinabove, you should examine the
possibilities of your browser in relation to the adjustment of your cookie
settings.
Depending on the type of cookie, there are other ways of managing cookies that
do not involve adjusting your browser's settings.
C. BLOCKING GOOGLE ANALYTICS’ COOKIES
Google Analytics mainly
uses audience-measuring cookies to report on user interactions on Google
Analytics customers’ websites and such cookies have been placed on our site by
Google Analytics. Google Analytics uses cookies to collect information in an anonymous
form (aggregated) about how visitors use the website, for example, the number
of page views, how visitors have arrived at the website, and the number of
visits. The purpose is to help us improve the usability of the website. The
information generated through your website usage is redirected to and stored by
Google Inc. You can block these specific cookies by clicking on the
deactivation link below, downloading the add-on and installing it on your
browser. Please check compatibility of the add on with your browser.
Google Analytics deactivation link: Deactivate Google
Analytics
We would like to highlight that the downloaded add-on will save a cookie on
your device, but that cookie will be used only to prevent your browser from
transmitting data to Google Analytics.
For more information on deactivating Google Analytics and installing the
browser add-on, click here: Browser add-on to
deactivate Google Analytics
For more information on how Google Analytics’ treats personal information when
you use Google's products and services click
here: https://policies.google.com/privacy?hl=en
D. BLOCKING SOCIAL NETWORK COOKIES
To block cookies used by
social networks (e.g. via sharing buttons), follow the instructions in the
links below:
• Facebook
• Twitter
• Google+ and
YouTube