5. Personal Data We Collect

The types of personal data we collect depend on how you interact with The Garage Singapore, Wildseed Cafe, and il Giardino. This may include identity and contact information such as your name, salutation, title, date of birth, gender, nationality, residential or business address, postal code, country of residence, email address, mobile number, and other contact details.

Where necessary and legally permitted, we may also collect identification details such as NRIC, FIN, passport information, or other identity-document details for verification, invoicing, tax, licensing, or event-related purposes. We do not collect or retain full NRIC numbers unless required under applicable Singapore laws or regulations.

For reservations, dining experiences, events, weddings, and private functions, we may collect reservation dates and timings, party size, table preferences, occasion details, guest counts, budget ranges, event requirements, vendor preferences, and notes or requests submitted to our team. We may also collect dietary requirements, allergy information, accessibility requests, and other health-related preferences voluntarily provided by you to ensure guest safety and service quality. By providing such information, you consent to our use of that information for those purposes.

We may collect purchase history, transaction details, billing information, deposits, refunds, invoicing records, and other financial information required to process payments and provide our services. Payment information such as credit or debit card details may be processed securely through our third-party payment providers, and we do not store complete card numbers directly on our systems.

Where applicable, we may collect loyalty programme information relating to the 1-Insider programme operated through Eber, including membership tier status, points balances, redemption history, transaction activity, preferences, feedback, and communication settings associated with your membership account.

We may also collect marketing and communications data, including your preferred communication channels, subscription preferences, language preferences, opt-in and opt-out history, and engagement information relating to our marketing emails, advertisements, newsletters, promotions, and campaigns, including whether emails are opened or links are clicked.

When you visit our website or interact with our digital platforms, we may automatically collect technical and online usage data such as your IP address, browser type and version, operating system, device identifiers, referral URLs, pages visited, links clicked, search activity, time spent on pages, navigation behaviour, and dates or times of website visits.

We may additionally collect attribution and analytics data through cookies, pixels, scripts, and marketing technologies used on our website, including campaign source, medium, and referral tracking information linked to reservations or enquiries submitted through our website or marketing channels.

CCTV systems operate within our premises, and we may collect CCTV footage for purposes relating to security, safety, incident investigation, loss prevention, operational monitoring, and the protection of guests, staff, and property.

Photographs and video recordings may also be taken during dining experiences, events, weddings, launches, workshops, activations, and private functions held at The Garage Singapore. Such imagery may be used for marketing, editorial, promotional, social media, and advertising purposes where appropriate.

For recruitment and employment-related matters, we may collect personal data including your name, contact information, date of birth, nationality, work permit or employment eligibility information, CV or resume, employment history, educational qualifications, references, interview notes, and information obtained from recruitment agencies or publicly available professional sources such as LinkedIn. Where legally required for specific roles, we may also collect background-check, right-to-work, or criminal-record information.

We may retain records of correspondence and interactions between you and our team, including emails, phone calls, WhatsApp messages, social media conversations, reservation enquiries, customer support discussions, event-planning communications, reviews, survey responses, complaints, feedback submissions, and other communications relating to our services and operations.

Our website, reservation forms, and loyalty programmes are not directed at children under the age of 13, and we do not knowingly collect personal data from children through these platforms. If you believe that a child has provided personal data to us without appropriate consent, please contact our Data Protection Officer so that we may take the necessary steps to remove the information where appropriate.

6. How We Collect Personal Data

We collect personal data when you make reservations, submit event or wedding enquiries, sign up for newsletters, participate in promotions or loyalty programmes, contact us by phone, email, WhatsApp, or social media, attend events at our venue, or otherwise interact with us online or in person.

We may also collect information automatically through cookies, analytics tools, advertising technologies, reservation systems such as SevenRooms, and third-party service providers acting on our behalf.

In some cases, personal data may also be provided to us by another individual, such as a guest making a reservation on your behalf or an organiser coordinating an event.

7. How We Use Personal Data

We use personal data to manage reservations and guest experiences, process payments and refunds, coordinate events and weddings, respond to enquiries, personalise customer experiences, administer loyalty programmes, send service-related communications, improve our website and operations, conduct analytics and marketing activities, maintain venue safety and security, manage recruitment processes, comply with legal obligations, and protect our business interests where necessary.

Where permitted by law, we may also use personal data to send marketing communications relating to promotions, dining experiences, seasonal campaigns, workshops, and upcoming events at The Garage Singapore.

8. Access And Correction of Personal Data

Under the PDPA, we may only collect, use, or disclose personal data with the individual’s consent unless an exception applies under applicable laws. The legal bases on which we rely are set out below.

Consent

Where we request your consent, such as when you subscribe to marketing communications, join the 1-Insider loyalty programme, submit a reservation request, or send an event or wedding enquiry, we will use your personal data for the purposes communicated to you at the time of collection.

Deemed Consent

In certain situations, consent may be deemed to have been given under the PDPA. For example, where you voluntarily provide your personal data for an obvious purpose, such as providing your phone number for a dining reservation so that we may contact you regarding the booking, you are deemed to have consented to the use of that information for that purpose.

We may also rely on deemed consent by notification under Section 15A of the PDPA for certain secondary purposes that are reasonably necessary for our operations, where appropriate notification has been provided and a reasonable opportunity to opt out has been given.

Legitimate Interests

We may rely on the legitimate interests exception under the PDPA for activities where our legitimate business interests in operating, securing, improving, and managing The Garage Singapore are not outweighed by any adverse effect on individuals.

This may include fraud prevention, cybersecurity protection, CCTV and venue security, incident investigations, internal reporting, operational management, analytics, service improvements, and protecting our legal rights and business interests.

Business Improvement

We may also rely on the business improvement exception under the PDPA for internal analyses and operational activities intended to improve our products, services, guest experiences, operational efficiency, customer engagement, and marketing effectiveness across The Garage Singapore, Wildseed Cafe, and il Giardino.

Where appropriate, aggregated or anonymised data may be used for these purposes.

Legal Obligations and Vital Interests

We may collect, use, or disclose personal data without consent where required or authorised under applicable laws, regulations, licensing requirements, court orders, or requests from regulatory or government authorities.

We may also do so where necessary to respond to emergencies involving life, health, safety, security, or other situations permitted under the PDPA and Singapore law.

Withdrawing Consent

Where we rely on your consent, you may withdraw that consent at any time by contacting our Data Protection Officer.

Withdrawal of consent does not affect the legality of any collection, use, or disclosure carried out before the withdrawal request was made. Please note that if consent is withdrawn for certain purposes, we may not be able to continue providing some services, experiences, or benefits to you. For example, we may be unable to manage your participation in the 1-Insider loyalty programme if consent relating to membership data is withdrawn.

Access and Correction Requests

Subject to the PDPA and applicable legal exceptions, you may request access to personal data we hold about you, request information regarding how your personal data has been used or disclosed, or request corrections to inaccurate or incomplete personal data.

We may require reasonable verification of identity before processing such requests and may charge a reasonable administrative fee where permitted under applicable law.

Requests relating to access, correction, or withdrawal of consent may be submitted to our Data Protection Officer using the contact details provided in this Privacy Policy.

9. Sharing of Personal Data

We may share your personal data within The Garage Singapore, including Wildseed Cafe and il Giardino, where necessary for operational, customer-service, reservation-management, marketing, analytics, loyalty-programme, and guest-experience purposes. Where applicable, information relating to the 1-Insider loyalty programme may also be shared with relevant 1-Group operational or customer-experience teams so that members may be recognised across participating venues and experiences.

10. Overseas Transfers of Personal Data

Some of our service providers and technology platforms may process personal data outside Singapore. Where personal data is transferred internationally, we take reasonable steps to ensure that recipients provide a standard of protection comparable to the requirements under Singapore’s PDPA, including through contractual safeguards and data protection agreements where appropriate.

11. Retention of Personal Data

We retain personal data only for as long as reasonably necessary for operational, legal, accounting, regulatory, or business purposes.

Reservation and customer records may be retained to support future guest experiences and customer service. Financial and transaction records are retained in accordance with applicable tax and accounting requirements. CCTV footage is generally retained for a limited period unless required for investigations or legal purposes. Recruitment records may be retained for future employment opportunities unless deletion is requested earlier.

When personal data is no longer required, it will be securely deleted, anonymised, or disposed of appropriately.

12. Protection of Personal Data

We implement reasonable administrative, technical, and physical safeguards to protect personal data against unauthorised access, disclosure, misuse, loss, or alteration. These measures may include restricted system access, secure hosting environments, encryption technologies, staff confidentiality obligations, and internal security procedures.

While we take reasonable steps to protect personal data, no system can guarantee complete security. In the event of a notifiable data breach, we will comply with applicable obligations under Singapore law.

13. Cookies & Website Analytics

We use cookies and similar technologies, including pixels, scripts, tags, and SDKs, on our website and within certain marketing communications. These technologies help us recognise your device, remember your preferences, improve website functionality, understand how visitors interact with our website, measure the effectiveness of marketing campaigns, personalise user experiences, and assist with fraud prevention and security monitoring.

The cookies and technologies we use may include strictly necessary cookies required for essential website functions such as session management, navigation, and form submissions. We may also use performance and analytics cookies to understand how visitors use our website, including pages visited, time spent on pages, navigation behaviour, and interactions with our content. These analytics tools may include services such as Google Analytics and related analytics platforms.

Marketing and advertising cookies may also be used to deliver relevant advertisements, measure campaign effectiveness, understand customer interests, and improve the relevance of our advertising across platforms such as Google, Meta, TikTok, and other advertising or social media networks.

We may additionally use attribution and tracking technologies, including first-party attribution cookies, to identify the source, medium, campaign, or referral channel that directed visitors to our website. Where a reservation, enquiry, or booking is subsequently made, this attribution information may be associated with the booking or enquiry record to help us understand the effectiveness of our marketing activities and customer acquisition channels.

You may control or disable cookies through your browser settings or through cookie-preference tools made available on our website where applicable. Please note that disabling certain cookies or tracking technologies may affect website functionality, performance, or your overall browsing experience.

For additional information regarding our use of cookies and tracking technologies, you may refer to any separate Cookie Notice published on our website or contact our Data Protection Officer for further assistance.

14. Marketing Communications & DNC Compliance

We send marketing communications only where we have a lawful basis to do so and in compliance with applicable Singapore laws and regulations, including the Personal Data Protection Act 2012, the Spam Control Act 2007, and the Do Not Call (“DNC”) provisions administered by the Personal Data Protection Commission (“PDPC”).

15. CCTV at Our Venue

CCTV systems are in operation within our premises for security, safety, incident investigation, and loss prevention purposes. Appropriate signage is displayed within the venue, and access to CCTV footage is restricted to authorised personnel only.

16. Photography & Videography

Photography and videography may take place during dining experiences, weddings, private events, workshops, launches, and other activities held at The Garage Singapore.

Images and video recordings may be used for social media, marketing, editorial, promotional, and advertising purposes. Guests who prefer not to appear in published content may inform our team or contact our Data Protection Officer.

17. Job Applicants

Personal data submitted during recruitment processes will only be used for recruitment, hiring, onboarding, and employment-related purposes.

We may retain recruitment information for future job opportunities unless deletion is requested earlier by the applicant.

We do not rely solely on automated decision-making in assessing employment applications.

18. Your Rights Under the PDPA

Subject to applicable laws and regulations, you may request access to your personal data, request corrections to inaccurate information, withdraw consent for certain uses of your data, or enquire about how your personal data has been used or disclosed.

Requests relating to personal data may be submitted to our Data Protection Officer. We may require verification of identity before processing such requests.

19. Contact Us

If you have any questions regarding this Privacy Policy or the way we handle personal data, please contact:

Data Protection Officer
Immelia Izalena
1-Garage Pte Ltd
211 Henderson Road, #04-03, Singapore 159552
Email: enquiry@thegarage.sg
Phone: +65 9815 3213

20. Complaints to the PDPC

If you believe your personal data has been handled improperly, you may contact the Personal Data Protection Commission (“PDPC”) of Singapore through their official website at https://www.pdpc.gov.sg.

We would appreciate the opportunity to address your concerns directly before escalation where possible.

21. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. Updated versions will be published on our website together with the revised effective date.

22. Governing Law

This Privacy Policy shall be governed by and interpreted in accordance with the laws of Singapore.