Babilou Family Singapore Privacy & Cookies Policy

1. Introduction

This Privacy and Cookies Policy (“Policy”) sets out the privacy and cookies policy of Babilou Family Singapore Pte. Ltd., and its subsidiaries, related companies and affiliates (“Babilou Family Singapore”, “we”, “our”, or “us”).

At Babilou Family Singapore, we are committed to the privacy and security of your personal data. This Policy provides detailed information on how your personal data is collected, used, and protected.

For the purpose of this Policy, “personal data” means data, whether true or not, about an individual who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

2. Personal Data Processing Purposes

We generally do not collect your personal data unless:

  • it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”); or
  • collection and use of personal data without consent is permitted or required by the Personal Data Protection Act 2012 (“PDPA”) or other laws.

This section outlines the purposes for which we may process your personal data:

  • To facilitate the operation of our centres and our and/or our partners’ provision of products and services to you;
  • To manage our administrative and business operations;
  • To manage all aspects of your relationship with us;
  • To facilitate effective communication with you (including but not limited to addressing and assisting with your requests, enquiries and feedback);
  • To engage and manage third parties or data processors that provide services to us (including but not limited to IT services, marketing services, and other professional services);
  • To facilitate the use of our platforms and services;
  • To provide accurate, current and complete information about yourself as prompted by the relevant registration form and child portal;
  • To maintain and promptly update the child portal to keep it fully up to date;
  • To conduct marketing activities;
  • To verify your identity or eligibility for discounts, promotions or activities or events organised by us or on our behalf;
  • To provide high-quality childcare;
  • To record calls for training and quality control purposes;
  • To monitor and ensure health and safety;
  • To manage the safety and security of our assets, premises, platforms and services;
  • To support educational activities and development;
  • To manage our financial processes (including but not limited to billing and invoicing);
  • To enforce our contractual and legal rights and obligations;
  • To facilitate investigations and manage and prepare any reports relating to incidents or accidents;
  • To manage and facilitate insurance related matters;
  • To carry out targeted marketing efforts and support marketing initiatives;
  • To engage in business development activities;
  • To ensure website functionality and performance;
  • To enhance user experience and satisfaction;
  • To manage recruitment processes;
  • To process job applications and assess suitability;
  • To carry out research, data and statistical analysis;
  • To facilitate business asset transactions, including but not limited to, asset sales and mergers or acquisitions involving any of our companies;
  • To provide media announcements or responses;
  • To comply with all applicable laws, rules, regulations codes of practice and/or guidelines issued by any legal, statutory or regulatory bodies (including but not limited to disclosure to regulatory bodies, conducting audit, due diligence and investigations which may be carried out by legal, statutory or regulatory bodies), and our internal policies and procedures; and/or
  • Any other purposes reasonably related to any of the above.

We will seek your consent before collecting any additional personal data and/or before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).

The purposes listed in above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including but not limited to, a period to enable us to enforce our rights under a contract with you).

3. Personal Data We Process

Within the context of your use of our services and your navigation of our website, we may process several categories of personal data, which are detailed in the table below. We may collect personal data from you in the following ways:

  • When you visit our centres and/or premises;
  • When you register or enrol your child with us;
  • When you update your contact information or your child’s information;
  • When you interact with us;
  • When you use our services;
  • When you transact with us;
  • When you express interest in using our services or transacting with us;
  • When you respond to our promotions, events or campaigns;
  • When you respond to our recruitment advertisements or campaigns;
  • When you visit our websites (for example, when you book a tour on our websites);
  • When you subscribe to our newsletter;
  • When you communicate or interact with us or our staff through various channels (for example, social media platforms, messaging platforms, our websites, walk-in enquiries, face-to-face meetings, telephone calls, or emails);
  • When your photographs or videos are captured by us when you are within our premises or attend our events;
  • When you participate in activities, events or programs organised by us;
  • From your authorised representatives and/or third parties authorised by you to provide your personal data to us on your behalf (for example, your family members or friends, or recruitment agencies);
  • From public agencies or other public sources; and/or
  • When you provide your personal data to us for any other reason.

We may also collect information about the services you use and how you use them. For example, data concerning your interactions with our staff, data about your navigation of the site, the pages you have visited, your activities within Babilou Family Singapore.


Category


Examples

Identity and personal information
  • Full name
  • Date of birth
  • Contact number
  • Nationality
  • Race
  • Gender
  • Marital status
  • Religion
  • Mailing and residential addresses
  • Email addresses
  • Social media account username
  • mages or photographs
  • NRIC, passport or other form of identification number
  • Medical data
  • Dietary restrictions
  • Personal preferences
  • Details of emergency contacts

Professional information

 
  • Employment history and details
  • Educational background
  • Qualifications
  • Languages written and/or spoken

Financial information
  • Bank details
  • Income

4. Legal Basis and Aims

We may collect, use, disclose and process personal data relating to you:

  • Where you have given your consent;
  • To perform a contract or transaction you have entered into with us, or provide a service that you have requested or require from us;
  • On account of our legal and/or regulatory obligations; or
  • In line with our research, business improvement and/or legitimate interest purposes, in accordance with the PDPA. In this regard, we may use the personal data to provide, manage, protect, and improve our services, to develop new services, to ensure security of individuals at our premises, and to safeguard both our users and us against potential fraudulent use. This includes ensuring the safety and well-being of the children, maintaining efficient administrative operations, and enhancing the overall experience of Babilou Family Singapore.

We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing us in writing or via email at the contact details provided below.

5. Recipients of Personal Data

Your personal data may be shared with the following third parties. The examples listed below are non-exhaustive:

  • Related corporations or affiliates of Babilou Family Singapore;
  • Government agencies and regulatory authorities (including but not limited to, Early Childhood Development Agency and Ministry of Manpower);
  • Banks or other financial institutions, credit card companies, payment processors or gateways, or billing organisations;
  • Third party service providers (including but not limited to, IT support and educational software providers (such as LittleLives), training providers, insurers, and marketing and advertising service providers);
  • Our business associates or partners, investors, assignees, or transferees (actual or prospective) to facilitate any business transactions (including but not limited to merger, acquisition or asset sale or transfer);
  • Our professional advisors (including but not limited to legal advisors, financial advisors, auditors, accountants, or other consultants); or
  • Any other person to whom you authorise us to disclose your personal data to.

6. Personal Data Retention and Deletion

Your personal data may be retained for as long as it is necessary to fulfil the purposes for which it was collected or as required or permitted by the applicable laws (including but not limited to, (i) as long as necessary for the activity involved; (ii) any retention period required by law; or (iii) the statute of limitations during which legal proceedings may be brought for the purpose of defending our interests).

We will cease to retain your personal data, or remove the means by which the personal data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

Deletion processes will be conducted in accordance with applicable regulations and policies. Your personal data may be backed up to ensure integrity and availability.

7. Data Subject Rights

You have the right to:

  • Access your personal data;
  • Correct any inaccuracies; and
  • Withdraw your consent for our use of your personal data at any time.

For access and correction requests

You may submit your access and/or correction request via email at the contact details provided at paragraph 11 below.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your access request.

We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your access request within thirty (30) business days after receiving your access request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

For withdrawal requests

You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request via email at the contact details provided at paragraph 11 below.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within thirty (30) business days of receiving it.

Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described above.

Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.

8.  Data Security

We implement appropriate administrative, technical and organisational measures to ensure the continued security, confidentiality, integrity, availability, and resilience of our information system and your personal data and to protect your personal data against destruction, loss, alteration, and unauthorised disclosure of / access to personal data that is transmitted, stored, or otherwise processed.

These include without limitation:

  • Data encryption using SSL/TLS Protocol;
  • Secure storage solutions;
  • Restricted access to authorised employees and contractors only who require access in order to process it on our behalf. Access is protected by multi-factor authentication (MFA), ensuring that even if login credentials are compromised, an additional layer of security is in place. These individuals are subject to strict confidentiality obligations and may be subject to disciplinary action, up to and including dismissal, in the event of a breach; and
  • Conduct of internal audits and reviews regarding data collection, storage and processing, to prevent unauthorised access to our systems.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures, we cannot guarantee the security of the information you transmit to us. We strongly encourage you to take every precaution to protect your personal data when you are on the Internet or when you browse our website.

9. Transfer of Personal Data Outside of Singapore

As some of our service providers whose principal places of business are in countries outside of Singapore, we may need to transfer, store and/or process your personal data outside of Singapore. By submitting your personal data to us, you agree to such transfer, storing and/or processing for the purposes set out in this Policy. We will take steps that are reasonably necessary (such as the standard contractual clauses (SCCs)) to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

10. Cookies

On our website, we use authentication cookies, security and site integrity cookies, location cookies, cookies relating to site functionality and services, analytics and search cookies, and cookies to deliver advertising messages. We manage these cookies and trackers using a consent management platform. You can accept, decline, or set your cookie choices when you first visit our website, and you can amend your choices at any time by visiting the Cookie Settings on the website. You will also find a more detailed description of the cookies we use.

We can use cookies to:

  • Measure content performance;
  • Store and/or access information on a device;
  • Develop and improve services;
  • Understand audiences through statistics or combinations of data from different sources;
  • Measure advertising performance;
  • Use profiles to select personalised content;
  • Create profiles to personalise content;
  • Use limited data to select advertising;
  • Use profiles to select personalised advertising; and/or
  • Create profiles for personalised advertising.

Our cookies partners, and their settings can also be adjusted through the consent management platform. This allows you to have control over cookies from third-party partners involved in analytics, advertising, and functionality enhancements. You can manage these preferences to tailor your experience according to your privacy choices.

In addition to cookies, tracking gifs may be set by us or third parties in respect of your use of the Site. Tracking gifs are small image files within the content of our site or the body of our newsletters so we or third parties can understand which parts of the website are visited or whether content is of interest.

Please be aware that we do not control and are not responsible for websites that are referred to or linked from its own websites and that use of your personal information on these websites is not subject to this Privacy and Cookies Policy.

You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browsers. Please note however, that by blocking or deleting cookies used on our website(s) you may not be able to take full advantage of the website(s) if you do so.

11.  Contact Details

You may contact us if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

Email address:  [email protected]

Please note that for any personal data provided to us by a third party, including but not limited to, your recruitment agency or authorised representatives, you should inform such party to write to us for any queries, feedback, complaints, and access and correction requests on your behalf.

12.  Updates to this Policy

This Policy may be updated periodically without any prior notice to reflect changes in our practices or the laws and regulations applicable to us. The latest version will always be posted on our website.

Please ensure that you check our website from time to time to review the latest version of the Policy and to update your preferences.

This Policy was last updated on 3 March 2025.