At Bali Weight Loss Retreat we are committed to our guests and long-term clients to not only provide the best services we possibly can, yet also ensure we are fully transparent and protect and use information in a safe and positive way.
This Policy sets out the manner in which The Verdure Group Private Limited (“VG”) collects, uses, manages and protects Personal Data (as defined below) in accordance with the provisions of the Personal Data Protection Act 2012 (“PDPA”).
This Policy applies to all persons who are Individuals (as defined below) and who provide VG with Personal Data or whose Personal Data is collected, used and/or disclosed by VG in connection with and/or for the purposes of its business and operations.
This Policy supplements but does not supersede or replace any previous consent which an Individual may have provided to VG, nor does it affect any rights that VG may have at law in connection with the collection, use and/or disclosure of any Individual’s Personal Data.
Subject to that, VG will not collect any Personal Data from an Individual unless the Individual has voluntarily chosen to provide it with the Personal Data or as required for the purposes of providing services to the Individual or by law.
VG may from time to time update this Policy to ensure it is consistent with its future developments or business purposes or to accommodate future changes to applicable legal or regulatory requirements. All updates to this Policy will be published at www.baliweightloss.com (“VG Website”), and appropriate notifications of any material revisions will be published on the VG Website and may be issued separately to relevant persons such as may be determined by VG.
Subject to an Individual’s rights at law, the prevailing terms of the Policy from time to time shall apply. By continuing their relationship with VG after any amendments have been introduced and published on the VG Website, Individuals shall be deemed to have accepted the Policy as amended. For the avoidance of doubt, this Policy forms part of the terms and conditions, if any, governing an Individual’s specific relationship with VG (“Terms and Conditions”) and should be read in conjunction with such Terms and Conditions. In the event of any conflict or inconsistency between the provisions of this Policy and the Terms and Conditions, the provisions of the Terms and Conditions shall prevail to the fullest extent permissible by law.
For purposes of this Policy: “Individual”; means a natural person, whether living or deceased and “Individuals”; shall be construed accordingly;
“CCTV” means Closed-circuit Television; Personal Data means data that is capable of identifying an Individual, whether on its own or in conjunction with other data accessible to VG;
“Personnel” means any Individual engaged under a contract of service with VG, a contract for service with VG, permanent or temporary employees as well as trainees and interns engaged by VG from time to time; and
“Potential Personnel” means any Individual who has submitted an application to be engaged by VG as Personnel.
Personal Data collected by VG
VG will only collect, use or disclose Personal Data about an Individual which it reasonably considers necessary for the relevant purposes underlying such collection, use or disclosure. Depending on the specific nature of an Individual’s interaction with VG, Personal Data which VG collects, uses or discloses concerning an Individual may variously include but is not limited to the following:
a. the Individual’s name, gender and contact particulars, including telephone number(s), residential/mailing address(es) and email address;
b. details of the Individual’s identification documents (such as, NRIC or passport numbers), and applicable visa or permits (such as employment pass, work permit, permanent residency status);
c. details of the Individual’s health conditions;
d. the name and contact particulars of the Individual’s next-of- kin;
e. the Individual’s network usage data and other information gathered automatically by our computer systems, including the Individual’s computer IP address, links visited and other activities conducted online or using our computer systems;
f. photographs and video or CCTV recordings of the Individual; and
g. other information which the Individual may provide to VG, from time to time, in the course of such Individual’s interaction with VG.
How VG collects Personal Data
Generally, VG may collect Personal Data from an Individual in one or more of the following ways or circumstances:
a. when the Individual interacts with VG’s staff via telephone calls, emails, other correspondence and/or face-to- face meetings;
b. when the Individual visits VG’s premises or the premises where VG operates its business from;
c. when the Individual specifically requests that VG contact him or her or requests to be included in an email or any mailing list maintained by VG;
d. when the Individual responds to any request by VG for the provision of Personal Data;
e. when VG receives references or referrals from its business partners or other third parties;
f. when the Individual attends or participates in any event organised by VG;
g. when the Individual submits his or her Personal Data to VG pursuant to a job application;
h. when the Individual subscribes to VG’s publication(s) where in print or electronically; and/or
i. when the Individual submits his or her Personal Data to VG for any other reason related to VG’s ordinary course of business operations.
Purposes of collection, use and disclosure of Personal Data
Generally, VG collects, uses and/or discloses Personal Data from Individuals for one or more of the following purposes:
A. Provision of services
a. administering and managing the Individual’s relationship with VG;
b. providing the Individual with information about VG’s services and/or the services of any external vendor that is providing services or products in partnership or collaboration with VG;
c. responding to the Individual’s complaints, queries and/or requests;
d. facilitating and/or organising events;
e. informing the Individual of changes and/or updates to VG’s policies, terms and conditions and/or other administrative information;
B. Security measures
a. verifying the Individual’s identity or monitoring the Individual’s activities, including without limitation via CCTV observation and/or recording;
b. preventing, detecting and investigating fraud, misconduct, any unlawful action, omission or dispute, and whether or not there is any suspicion of the aforementioned;
C. General business operations of VG
a. staff training, quality assurance and performance evaluation;
c. legal purposes (including but not limited to the Individual obtaining legal advice and dispute resolution);
d. meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines which are binding on VG (including but
not limited to responding to regulatory complaints, disclosure to regulatory bodies and conducting audit checks, due diligence and investigations);
D. Managing Personnel
a. administering, managing and/or terminating VG’s relationship with
b. evaluating the performance of Personnel;
c. undertaking staff training and quality assurance activities;
d. providing Personnel with services, facilities and/or other benefits being offered or made available by VG to such Personnel as well as information about such services, facilities and benefits;
E. Managing Potential Personnel
a. administering and managing VG’s relationship with Potential Personnel;
b. evaluating the suitability and eligibility of Potential Personnel to be engaged by VG;
a. where VG circulates VG’s publications or marketing information to an
Individual or to any person which may be disseminated to an individual relating to services offered by VG (whether by VG or VG’s business partners) which VG thinks is or may be of benefit or interest to him/her via postal mail, electronic transmission to his or her or any email
address(es), and/or voice call or phone call and/or fax to his or her or any telephone number(s);
b. for promotional and publicity purposes, including recording or taking photographs of participants at events or functions organised, hosted or participated by VG;
a. for transfer to third party data intermediaries to facilitate any of the aforesaid purposes;
b. for any purposes reasonably related to any of the above purposes; and
c. for any other purposes in relation to which VG has specifically obtained the Individual’s consent.
Unless otherwise authorised under the PDPA or any other applicable law, VG will not collect, use or disclose an Individual’s Personal Data without his or her consent.
VG will take reasonable steps to highlight the purposes relevant to an Individual, by appropriate means, at the point or time of collection of the Personal Data from such Individual, including:
a. via express provisions in contracts, application forms and/or registration forms to be signed with or submitted to VG;
b. via notifications on VG’s websites;
c. in the course of verbal communications;
Where feasible, VG will inform the Individual of purposes that are intrinsic to the relationship between VG or to the provision of services to such Individual, as well as purposes that are optional.
In so far as any purpose(s) are intrinsic to the relationship or provision of services, VG reserves the right to decline to engage in the relevant relationship or to provide the relevant services to the Individual if he or she does not consent to VG’s collection, use or disclosure of his or her Personal Data for such purpose.
d. voluntarily provide their Personal Data to VG for the specified purposes;
e. use or access VG’s website(s) or computer network;
f. enter VG’s premises OR VG partner premises or using any of the facilities thereon; and/or
In so far as VG collects Personal Data of an Individual from any third party(ies), VG will take reasonable steps to inform the relevant third party(ies) of VG’s purposes for collecting the Personal Data and to verify that consent from the Individual has been obtained by the relevant third party(ies) to such disclosure for the intended purpose.
Disclosure of Personal Data
In carrying out one or more of the above Purposes, VG may need to disclose Individuals’ Personal Data to the following third parties for one or more of the above Purposes:
a. to VG’s third party service providers or agents;
b. any external vendor that is providing services or products in partnership or collaboration with VG;
c. to VG’s auditors and professional advisors;
d. any person to whom disclosure is permitted or required by any statutory provision or law;
e. any permitted assigns; and/or
f. to any local or foreign regulatory body, government agency, statutory board, ministry, department or other government body and/or its officials.
Withdrawal of Consent
Any Individual who wishes to withdraw his or her consent to any use or disclosure of his or her Personal Data by VG as set out in this Policy may do so by contacting VG’s Data Protection Officer at www.verduregroup.sg. Depending on the extent to which an Individual withdraws consent to the use or disclosure of his or her Personal Data by VG, such withdrawal of consent may result in VG’s inability to provide services to the Individual and may be considered as a termination by the Individual of any agreement between VG and the Individual. VG’s legal rights and remedies are expressly reserved in such event.
Verification of Personal Data & Notification of Changes
Where feasible, VG will take reasonable steps to verify the accuracy of Personal Data received at the point of collection but Individuals remain primarily responsible and liable to ensure that all Personal Data submitted by them to VG is complete and accurate. Information voluntarily provided by an Individual to VG shall prima facie be deemed complete and accurate.
VG will also take reasonable steps to periodically verify Personal Data in its possession, taking into account the exigencies of its operations, but Individuals are nonetheless responsible for notifying VG, from time to time, of any applicable changes to such Personal Data. VG shall not be held liable for any inability on its part to provide services to an Individual who fails to ensure that his or her Personal Data submitted to VG is complete and accurate or who fails to notify VG of any relevant changes to such Personal Data.
Protection of Personal Data
VG shall make reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks to Personal Data in its possession. If VG transfers Personal Data outside Singapore, VG will take reasonable steps to ensure that such Personal Data transferred receives a standard of protection comparable to the protection received under the PDPA and such transfer shall be
subject to this Policy.
VG will ensure that third parties who receive Personal Data from VG protect such Personal Data in a manner consistent with this Policy and not use such Personal Data for any purposes other than those specified by VG, by incorporating appropriate contractual terms in its written agreements with these third parties.
VG is not responsible in any way for the security and/or management of Personal
Data shared by Individuals with third party websites accessible via links on VG’s website.
Contacting VG-Access and Correction of Personal Data
Any Individual who:
a. has questions or feedback relating to this Policy;
b. would like to obtain access to his or her Personal Data held by VG;
c. would like to obtain information about the ways in which his or her Personal Data held by VG has been or may have been used or disclosed by VG in the year preceding the request; and/or
d. would like to update or make corrections to his or her Personal Data held by VG, should contact VG’s Data Protection Officer at www.verduregroup.sg. Individuals should note that VG is not required, under the PDPA, to provide access and correction to Personal Data in certain exempted situations as set out in the PDPA.
The PDPA allows and VG reserves the right to charge a reasonable fee for the handling and/or processing of access requests by an Individual pursuant to paragraphs (b) or (c) above.
This Policy shall be governed by and construed in accordance with the laws of Singapore. Any dispute arising out of or in connection with this Policy including any question regarding its existence, validity or termination, shall be referred to and finally resolved by the Courts of Singapore.
What personal information do we collect from the people on BaliWeightLoss.com
We collect on the website:
Your information optionally submitted to us regarding your goals and current health condition
Upon booking we also collect:
Your gender, age and country
Health declaration information
Payment information stored securely in PayPal (we never have a record of your credit card information, it is stored with PayPal.com you can view their terms here: https://www.paypal.com/us/webapps/mpp/ua/useragreement-full)
Arrival date, time and associated information
Flight arrival and departure for our included airport transfer service
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, respond to a survey, fill out a form, Use Live Chat, Open a Support Ticket or enter information on our site.
Provide us with feedback on our products or services
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
To personalise your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to better serve you.
To allow us to better service you in responding to your customer service requests.
To administer a contest, promotion, survey or other site feature.
To ask for ratings and reviews of services or products
To follow up with them after correspondence (live chat, email or phone inquiries)
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
Help remember and process the items in the shopping cart.
Understand and save user’s preferences for future visits.
Keep track of advertisements.
Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, some features will be disabled. It won’t affect the user’s experience that make your site experience more efficient and may not function properly.
However, you will still be able to place orders .
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
We do not include or offer third-party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
Bali Weight Loss Retreats advertise on Google Ads Network.
We use Googles advertising network, called Google Ads, to promote Katrina Love Senn’s and Bali Weight Loss retreats to Google users. We have read and tried to apply all the terms of the advertising network to our website and ads to ensure a clear and transparent experience for users.
Google Ads are shown on search results and sometimes on websites and link to our site to showcase our retreats and services. These ads help us get more people to see our retreats and offerings.
We also track when Google Ads has provided us with a lead, conversion, and this information goes into Google Ads allowing us to better optimize and fit our services to more clients in the future.
Google & Cookies
Please also see here for Google Analytics opt-out browser add-on: https://tools.google.com/dlpage/gaoptout/
We may implement the following:
Remarketing with Google AdSense
Google Search & Display Network Impression Reporting
Demographics and Interests Reporting
DoubleClick Platform Integration
We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt Out page or by using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Can change your personal information:
By emailing us
By calling us
By chatting with us or by sending us a support ticket
How does our site handle Do Not Track signals?
We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioural tracking?
It’s also important to note that we do not allow third-party behavioural tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email within 1 business day.
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions
To be in accordance with CANSPAM, we agree to the following:
Not use false or misleading subjects or email addresses.
Identify the message as an advertisement in some reasonable way.
Include the physical address of our business or site headquarters.
Monitor third-party email marketing services for compliance, if one is used.
Honour opt-out/unsubscribe requests quickly.
Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at:
Follow the instructions at the bottom of each email.
and we will promptly remove you from ALL correspondence.
Bali Weight Loss Retreat
ARMA Art & Detox-Spa Resort,
Jalan Raya, Ubud, Bali 80571