1. General

1. This privacy policy (“Privacy Policy”) sets out the basis on which One RQ Pte Ltd trading as Nanson Club (“Club”), its affiliates, subsidiaries and other related companies (collectively, “Nanson Group”, “us”, “we” or “our”) may collect, use, disclose or process Personal Data about you. We respect your privacy and are committed to handling your Personal Data in accordance with this Privacy Policy and the Personal Data Protection Act 2012 of Singapore, as may be amended from time to time (“PDPA”).

2. This Privacy Policy governs the use of this website (“Website”) and all other web pages owned, controlled, or operated by the Nanson Group (collectively with the Website, the “Sites”), our mobile and web software applications (collectively, our “Apps”), our interactions with you, and all products and services offered or provided by us, whether via the Website/Sites or on the Club premises (collectively, “Services”).

3. In this Privacy Policy:
   3.1. “You” or “Your” means a user of the Website/Sites, a registered member of the Club (“Member”), a prospective Member, a guest of the Member, a user of our Services or any of the facilities offered by the Club, an individual who has contacted us to find out more about the Club or our Services, or a vendor or supplier to the Club.
   3.2. “Personal Data” means data, whether true or not, about you who can be identified either (a) from that data or (b) from that data and other information to which we have or are likely to have access of our members, customers, vendors, suppliers, partners, contractors or users of our Services (as defined below).
   3.3. Other terms used in this Privacy Policy shall have the meanings given to them in the PDPA (where the context so permits).

4. By accessing, visiting, or using our Club or the Website/Sites or our Apps, submitting an application to register as a Member, purchasing or obtaining any Services from us, providing any product or service to us, contacting or interacting with us, or submitting any information to us, you agree to be bound by the terms of this Privacy Policy and are deemed to have notice of this Privacy Policy.

5. If you do not agree to this Privacy Policy, please do not access the Website/Sites or the Club or otherwise submit any Personal Data to us.

2. Types of Personal Data We Collect

2.1. This Privacy Policy applies to the Personal Data in our possession or under our control, including Personal Data in the possession of third parties which we have engaged to collect, use, disclose or process the data for the purposes stated in Clause 4.1.

2.2. We may collect and process the following types of Personal Data about you:
2.2.1. Name;
2.2.2. Age;
2.2.3. Gender;
2.2.4. Contact information, such as email address, mailing address and telephone number;
2.2.5. Language preference;
2.2.6. Date and place of birth;
2.2.7. Nationality, passport, visa or other government-issued identification data;
2.2.8. Financial information, such as bank account details, credit or debit card details or other payment data;
2.2.9. [Social media account ID, profile photo and other data publicly available, or data made available by linking your social media account and your membership account with us];
2.2.10. Information about your “preferences”, including but not limited to:
(i) your interests and other information that we learn about you during your visit(s) to the Club, including any feedback about our Services that you tell us about;
(ii) specific dietary restrictions or personal needs;
(iii) your important dates, such as anniversaries and special occasions; and
(iv) details about your guests in attendance with you during your visits to the Club, their relationship to you, and your marital status;
2.2.11. Images, video and audio data, via CCTVs located in the Club premises; and
2.2.12. Internet or Wi-Fi activity information, including but not limited to information regarding your use of the Sites or Apps, such as your IP address and session ID.

2.3. If you provide any Personal Data about any other individuals to us (such as a guest accompanying you during your visit to the Club), you represent and warrant that you have the authority to do so and you permit us to collect, use and disclose such Personal Data in accordance with this Privacy Policy.

2.4. If you provide the Personal Data of a minor to us, you represent and warrant that you are the parent or legal guardian of such minor, and hereby consent to the collection, use, and processing of the minor’s Personal Data in accordance with this Privacy Policy.

2.5. If you are a minor or not of legal age, please inform and seek the consent of your parent or guardian before you provide your Personal Data to us. If you are a parent or guardian and have reason to believe that your child or ward has provided us with their Personal Data without your consent, please contact us to request for deletion of his or her personal data.

3. How We Collect Your Personal Data

3.1. We collect your Personal Data in different ways, which include but are not limited to the following:
3.1.1. when you visit the Club premises;
3.1.2. when you visit or connect with us through the Website/Sites or our pages on social media or through our Apps;
3.1.3. when you contact us for queries or when you request us to contact you or otherwise communicate with us;
3.1.4. when you apply to register as a Member, whether your membership account (“Membership Account”) is created on the Website or via any of our Business Partners’ (if any) websites, which are then redirected to the Website. “Business Partner” refers to any partner, collaborator, individual or organisation who has entered into an agreement or arrangement with us to manage a business or to share responsibilities or resources for the purposes of a business venture or collaboration;
3.1.5. when you access any of our Services or request any other form of assistance;
3.1.6. when you enter into an agreement or contract with us in relation to our Services;
3.1.7. when we generate or derive information about you based on our analysis of the data we collect, or from combining such data with other data or information in our possession, such as data provided to us by any of our Business Partners;
3.1.8. when you enquire, register for or participate in our events, programmes, surveys, contests or other activities, whether held in-person or virtually. At such activities, your images may also be captured via photographs or videos taken by us or our service providers;
3.1.9. when you respond to our promotions or subscribe to our mailing list;
3.1.10. when you use an internet-connected device at the Club premises which is connected to the Club’s Wi-Fi network; and
3.1.11. when you report a problem with the Website/Sites or our Apps;
3.1.12. when you provide your Personal Data to us for any other reason.

3.2. We shall seek your consent before collecting any additional Personal Data and before using your Personal Data for any purpose which has not been notified to you, save where we are permitted or authorised by law to do so without your consent.

4. Purposes of the Collection, Use, and Disclosure of Personal Data

4.1. We collect, retain, use, and process your Personal Data for the following purposes:

Membership
• Recording and processing applications for memberships.
• Administering, renewing, suspending or terminating your membership.
• Verifying your identity.
• Managing your relationship with us.

Club operation and the provision of Services
• Managing and operating the Club and its facilities.
• Providing our Services to you and performing all obligations in the course of and/or in connection with such Services.
• Processing your orders, bookings, reservations and purchases in relation to the Club or its facilities.
• Recording your preferences and dietary requirements.
• Customising your experiences as a Member.
• Assessing eligibility for age-restricted goods, including alcohol.
• Facilitating access to the Club’s Wi-Fi network.

Payments
Processing billing, payment, or credit transactions, including payment for the use of our Services or that of third-party providers’ services offered in connection with our Services.

Communications
• Communicating with you about your membership.
• Communicating with you about Club activities or events, including the registration of your attendance at such events, the planning and preparation for the events, and the billing and recovery of amounts owed.
• Responding to or handling or processing any request, query, feedback or complaint from you, whether in person, through the Website/Sites, by phone, email or via social media.

Marketing
• Marketing communications, including communicating about Services that may be of interest, special offers, marketing events, initiatives, and other promotions and personalised advertisements for products on third-party websites.
• Conducting joint marketing with third-party providers.

Health, safety and security
• Monitoring the Club premises through CCTV or other method for security purposes.
• Responding to, handling and recording any accidents or incidents and requesting assistance from emergency services as appropriate.
• Protecting our operations, the rights, privacy and safety of our Members, guests and visitors to our Sites and our Apps or the Club premises.

Maintaining and improving the Sites
• Ensuring the content of the Sites and our Apps are presented in the best way for you or your computer or mobile device.
• Maintaining or improving the Sites and our Apps including the content, appearance, design, utility, and performance thereof.
• Notifying you of updates to any of the Sites or our Apps.

Improvement of products and services
• Improving, enhancing, or developing new products and services or new methods of processes for our business operations.
• Conducting research in relation to our Services and the needs of our Members.
• Identifying products or services that may be suitable for you, personalising or customising such products and/or services where we deem appropriate.
• Performing statistical analysis of your behaviour in order to measure interest in and use of our Services and various features of the Sites and our Apps.

Internal processes
• Internal record-keeping.

Legal and regulatory purposes
• Complying with legal processes, applicable laws, regulations, codes of practice, guidelines or rules.
• Assisting in law enforcement and investigations conducted by any governmental and/or regulatory authority.
• Enforcing the terms and conditions applicable to the Club membership and/or the provision of our Services.
• Monitoring, detecting or investigating any potential disputes, fraud, misconduct, or any unlawful action or omission, including the conduct of proceedings.
• Enforcing any legal or other rights we may have in any manner that we see fit.

Other purposes
• Undertaking any dealings or transactions with you.
• Any other purposes for which you have provided the Personal Data.
• Transmitting to any unaffiliated third parties including third-party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes.
• Any other incidental business purposes related to or in connection with the abovementioned purposes, including but not limited to where you request to gain access to any other private membership club outside of Singapore, with whom we may have Business Partner relationship from time to time.
• Any other specific purpose which we may inform you of in writing from time to time, but for which we will seek your separate consent (except where permitted or authorised by law).

4.2. We may disclose your Personal Data:
4.2.1. where such disclosure is required for performing obligations in connection with our provision of the Services;
4.2.2. to other entities in the Nanson Group for the purposes of providing a consistent and, where appropriate, personalised service to our Members, or evaluating or improving our Services;
4.2.3. to third-party service providers, agents and organisations we have engaged to provide any of the Services or perform any functions in relation to the purposes listed in Clause 4.1 on our behalf, or to evaluate or improve our Services;
4.2.4. to our suppliers, partners or contractors in connection with services they perform for us or pursuant to our agreements with them, including but not limited to email service vendors, website hosting, automated chat functionalities, cloud service providers, payment service providers, and other IT, customer service and marketing service providers;
4.2.5. to enforce or apply our terms or other contractual rights or pursue any action or remedies;
4.2.6. to monitor, detect or investigate fraud or other wrongdoing;
4.2.7. to comply with a court or tribunal order or legal process served on us;
4.2.8. where required under the law to relevant authorities, statutory boards, or law enforcement agencies;
4.2.9. to any third party to the extent necessary with respect to a sale of all or part of our business operations or assets;
4.2.10. to any other party whom you give your consent for us to disclose your Personal Data; and
4.2.11. any other purpose permitted under applicable laws.

4.3. The purposes listed above may continue to apply even in situations where your relationship with us has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

4.4. In certain circumstances, we may need you to provide your Personal Data where it is necessary to conclude a contract with you, or to comply with legal requirements and other contractual obligations. Failure to sufficiently provide such Personal Data, under such circumstance, may be deemed to be a failure to comply with legal requirements or contractual obligations, or may result in us being unable to conclude a contract with you. In such event, we may not be able to provide you with the information or any of the Services that you request from us, or may not accept your application for registration as a Member and/or registration of a Membership Account.

5. Legitimate interests exception

5.1. In compliance with the PDPA, we may collect, use or disclose your Personal Data without your consent for the legitimate interests of The Nanson Group or another person. In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on you and determine whether the legitimate interests outweigh any adverse effect.

5.2. In line with the legitimate interests exception, we may collect, use or disclose Personal Data for the following purposes:
5.2.1. Fraud detection and prevention.
5.2.2. Detection and prevention of misuse of our Services or other related services.
5.2.3. Network analysis to prevent fraud and financial crime, and perform credit analysis.
5.2.4. Collection and use of Personal Data on our company-issued devices to prevent data loss.

5.3. The aforementioned purposes may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

6. Cookies

6.1. Cookies are small data files that are stored by your computer’s web browser. A cookie file may contain certain information about your usage of the Website/Sites, such as a user identification code or IP address, or the number of times you have visited.

6.2. We use cookies to allow us to gather statistics on and better understand how you use the Website/Sites, enable the efficient operation of the Website/Sites, and improve the use of the Website/Sites.

6.3. By using the Website, you consent to our use of cookies and similar technologies.

6.4. You may be able to refuse or disable cookies by adjusting your web browser settings. Please refer to the instructions provided by your web browser. Please note that if you choose to refuse or disable certain cookies, certain functionalities on the Website/Sites may no longer function for you and you may not have full access to the features of the Website/Sites.

7. Retention of Personal Data

7.1. We may store your Personal Data in our servers or the servers of third-party service providers.

7.2. We will retain your Personal Data for so long as it is necessary to fulfil any of the purposes for which it was collected, and to satisfy our business and legal purposes, including archival, audit, accounting, compliance or reporting requirements as required or permitted by applicable laws.

7.3. In order to determine our retention period for Personal Data, we will consider:
7.3.1. any legal obligation applicable to us (for example the length of time for which we must retain a record of any transaction completed by us).
7.3.2. whether it is reasonable to retain it to protect our legal position (considering, for example, the statute of limitations, any disputes or regulatory investigations).

7.4. In the event of any dispute involving you or your Personal Data, we will retain the relevant Personal Data until the outstanding dispute is resolved.

7.5. We do not sell your Personal Data to any third party.

7.6. In some circumstances, we may anonymise your Personal Data so that it will no longer identify you.

8. Protection of Personal Data

8.1. We will put in place appropriate and reasonable security measures to protect your Personal Data from unauthorised access, alteration, disclosure, or destruction.

8.2. You should be aware, however, that no method of transmission over the Internet or method of storage can be completely secure. To the fullest extent permitted by law, we do not give any representation or warranty that your Personal Data will be secure at all times. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

8.3. You are responsible for keeping your login information and password for your Membership Account confidential.

8.4. We are not responsible for the personal data policies, procedures and practices of any entities outside of The Nanson Group, or that of any third-party websites (whether of a service provider or social media platform provider) which our Website/Sites may link to. The inclusion of a link to a third-party website on our Website/Sites does not imply endorsement of such linked site. We are not responsible for any Personal Data that you provide to any third-party websites.

8.5. If you believe that your use of the Website/Sites is no longer secure, you can notify us through the “Contact” section on our Website.

9. Withdrawal of Consent

9.1. The consent that you provide for the collection, use, and disclosure of your Personal Data will remain valid until such time it is withdrawn by you in writing.

9.2. You may, at any time, withdraw your consent in relation to the collection, use, disclosure, and retention of your Personal Data, by writing to the Data Protection Officer at the contact details provided in Clause 13 below.

9.3. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it or such longer period that we may notify you of.

9.4. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our Services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform the Data Protection Officer in writing at the contact details provided in Clause 13 below.

9.5. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use, and disclosure without consent is permitted or required under applicable laws.

10. Access to and Correction of Personal Data

10.1. If you wish to make:
10.1.1. an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data; or
10.1.2. a correction request to correct or update any of your Personal Data which we hold,
you may submit your request to our Data Protection Officer at the contact details provided in Clause 13 below.

10.2. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

10.3. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable laws).

11. Accuracy of Personal Data

11.1. We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete, and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer at the contact details provided in Clause 13 below.

11.2. We will not be responsible for relying on any inaccurate or incomplete Personal Data arising from your failure to update us of any changes in your Personal Data that you had initially provided us with.

12. Transfer of Personal Data outside of Singapore

12.1. By accessing or using any of our Services, you understand that we may transfer your Personal Data globally and accordingly, subject to applicable law, we may transfer your Personal Data collected in connection with the Services to recipients in countries where data protection standards may differ from those in the country where you reside, including to countries outside Singapore.

12.2. Before transferring any Personal Data outside Singapore, we will take appropriate steps to ensure that the recipient is bound by legally enforceable obligations to provide to the transferred personal data a standard of protection that is at least comparable to that under the PDPA.

13. Data Protection Officer

13.1. If you wish to access your Personal Data, correct any Personal Data in our possession, withdraw your consent for the collection, use, and disclosure of your Personal Data, or if you have any queries or feedback on this Privacy Policy, please contact our Data Protection Officer in the following manner:

Attention: Data Protection Officer
Email Address: it@thenanson.com.sg
Phone Number: +65 8803 8001

14. Applicable Law

14.1. This Privacy Policy shall be governed by the laws of Singapore.

15. Effect of Privacy Policy and Variations

15.1. This Privacy Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to our collection, use and disclosure of your Personal Data.

15.2. We may amend or vary the terms of this Privacy Policy from time to time, without any prior notice to you. The amended Privacy Policy will supersede the earlier versions of the Privacy Policy and will apply to Personal Data provided to us previously. You may determine if any such revision has taken place by referring to the date on which this Privacy Policy was last updated.

15.3. Your continued use of the Website/Sites, our Apps or our Services constitutes your acknowledgement and acceptance of such changes and notice of this Privacy Policy.

Last updated: 1 November 2025