RESERVE A TABLE
!
RESERVE A TABLE

Privacy Policy

Home   >   Privacy Policy

Last updated: 22 September 2025

 

Who we are
This Privacy Policy explains how The Buffet Club Singapore Pte. Ltd. (UEN: 202523820N) (“TBC”, “we”, “us”, or “our”) collects, uses, discloses and protects personal data in Singapore in accordance with the Personal Data Protection Act 2012 (“PDPA”). Our registered office is 86 East Coast Rd, #02-01, Singapore 428788.

 

Contact – Data Protection
For PDPA requests (access/correction/withdrawal/complaint), contact our Data Protection Officer at sales@thebuffetclub.sg or by mail to the registered address above.

 

1) The data we collect

  • Identity & contact: name, email address, mobile/phone number.
  • Booking details: party size, date/time/session, special requests.
  • Payment flow metadata: transaction reference/ID, status, and amount as returned by our payment providers.
  • Technical data: device/browser info, IP address, and cookies necessary to operate the site and reservation plug-in.

 

We do not store full payment card or bank details. Payments are processed by third-party providers (e.g., card payments and PayNow through our payment partners).

 

2) Purpose and legal basis

We collect and process personal data to:

  • create, manage, and verify online buffet reservations and required pre-payments;
  • send booking confirmations, operational notices, and support messages;
  • administer customer accounts, prevent fraud/abuse, and ensure venue safety;
  • comply with applicable laws, regulations, and legitimate requests from authorities;
  • operate and improve our website, plugins, and service experience.

Where PDPA consent applies, we rely on your consent for these purposes. You may withdraw consent at any time; withdrawal may affect our ability to provide services that require the data.

 

3) Disclosure to third parties

We disclose data strictly on a need-to-know basis to:

  • Payment processors and reservation technology providers who execute your payment and booking;
  • IT/hosting and support vendors who maintain our systems;
  • Professional advisers (legal, accounting) and government authorities where required by law.

 

We require these parties to protect your data and use it only for the intended purpose.

 

4) Overseas transfers

Our vendors (including payment providers) may process data in jurisdictions outside Singapore. Where data is transferred overseas, we ensure such transfers comply with the PDPA’s transfer requirements (e.g., legally enforceable obligations to provide a standard of protection comparable to the PDPA).

 

5) Data retention

We retain data only as long as necessary for the purposes above, to meet legal/accounting/reporting requirements, to resolve disputes, and to enforce our agreements. When no longer needed, data is securely deleted or anonymised.

 

6) Data security

We implement administrative, technical, and physical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks.

 

7) Your rights

Subject to PDPA exceptions, you may:

  • request access to your personal data;
  • request correction of inaccurate or incomplete data;
  • withdraw consent to the continued use/disclosure of your data (which may affect your booking/payment).

 

Submit requests to our DPO (see “Contact”). We may require reasonable verification and may charge a reasonable fee where permitted by law.

 

8) Cookies

We use essential cookies for site operation, security, session management, and the reservation/payment process. You may block cookies in your browser; doing so may impair site or booking functionality.

 

9) Third-party sites

Our site may link to third-party websites. We are not responsible for their privacy practices. Review their policies before providing personal data.

 

10) Updates to this Policy

We may update this Privacy Policy from time to time. Changes take effect upon posting on this page with a revised “Last updated” date.