Reservation
Reservation
Privacy Policy

1-Arden Privacy Notice

Last updated: 20 May 2026

1. About this Privacy Notice

This Privacy Notice (“this Notice”) explains how 1-Arden Bar & Lounge (“1-Arden”, “we”, “us” or “our”) collects, uses, discloses and otherwise handles your personal data when you interact with us, whether at our venue, on our website (www.1-arden.sg), through our reservation systems, by phone or email, on our social-media channels, or through our 1-Insider loyalty programme. This Notice is provided in accordance with the Personal Data Protection Act 2012 of Singapore (the “PDPA”) and its subsidiary regulations.

For the purposes of this Notice, “personal data” has the meaning given in the PDPA: data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access.

2. Who We Are

1-Arden Bar & Lounge is operated by 1-Spring Pte Ltd, a private limited company incorporated in Singapore under UEN 202100939Z. Our registered office is at 88 Market Street, #51-01, Singapore 048948. We act as the data controller (and, where the term applies, the organisation under the PDPA) in respect of the personal data we collect about you in connection with 1-Arden.

3. Our Data Protection Officer

We have appointed a Data Protection Officer who is responsible for overseeing our compliance with the PDPA. You may contact our Data Protection Officer at:

Immelia Izalena, Data Protection Officer

1-Spring Pte Ltd

88 Market Street, #51-01

Singapore 048948

Email: marketing@1-group.com.sg

4. Who This Notice Applies To

This Notice applies to all individuals whose personal data we collect or process in connection with 1-Arden, including:

  • guests who dine at, attend events at, or otherwise visit 1-Arden;
  • users who make reservations, enquiries, purchases or registrations through our website, reservation systems or 1-Insider loyalty programme;
  • individuals who contact us by phone, email, social media or any other channel;
  • individuals whose personal data has been provided to us by a third party (for example, by a member of a dining party); and
  • candidates who apply for a job at 1-Arden or with 1-Spring Pte Ltd.

5. Personal Data We Collect

The types of personal data we may collect about you include the following:

Identity and contact information

Your name, salutation, date of birth (where you choose to share it), nationality, gender, photograph (where applicable), postal address, email address, telephone number, social-media handles, and any other contact details you provide to us.

Reservation and event information

The date, time, table or area reserved, party size, names and contact details of guests in your party, dietary requirements, allergy information, occasion notes, accessibility needs, special requests, and your booking history and attendance record.

1-Insider loyalty programme information

Your membership identifier, membership tier, points balance, redemption history, member preferences, marketing-communication preferences, and your interaction history across the 1-Group venues participating in the programme.

Financial information

Where you make a payment, purchase a gift voucher, or place a deposit through our website or our reservation systems, we (or our payment processor) may collect billing information, the last four digits of your payment card, the card brand, transaction details and any associated invoicing data. Full payment-card data is processed directly by our payment processor and is not retained by us in clear text.

Marketing and communication preferences

The channels through which you have consented (or declined to consent) to receive marketing communications, the content categories you are interested in, your engagement with our marketing communications (such as opens, clicks and unsubscribes), and any opt-out signals you have indicated.

Website, device and cookie information

Your IP address (and any related geolocation information at city or country level), device type and model, operating system, browser type and version, language settings, time-zone setting, pages visited on our website, referring URL, links clicked, time spent on pages, session identifiers and cookie identifiers, including those set by us and by our third-party analytics, advertising and attribution providers.

CCTV and photographic information

Closed-circuit television footage captured at 1-Arden and at other venues that we operate, and photographs or video taken at events held at 1-Arden, as described in Section 15 (CCTV) and Section 16 (Photography).

Job applicant information

For job applicants, the information set out in your CV, application form, cover letter or interview notes, including educational background, employment history, professional qualifications, references, immigration status (where relevant to employment eligibility in Singapore), and any other information you choose to provide.

Correspondence and feedback

Any correspondence, feedback, reviews, complaints or other communications you send us (and our responses to them), whether through our website, by email, by phone, through social media, or by any other channel.

6. How We Collect Personal Data

We collect personal data through the following channels:

  • directly from you, when you make a reservation, register for the 1-Insider loyalty programme, make a purchase, send us an enquiry, attend an event, fill in a form on our website, communicate with us, or interact with our staff at 1-Arden;
  • from third parties acting on your behalf, such as someone in your party who books a table for you, an event organiser, a corporate client, a concierge service, or a hotel booking on your behalf;
  • from third-party reservation, payment and loyalty platforms that we use to operate 1-Arden (including SevenRooms for table reservations, Tripleseat for event enquiries, Stripe for payment processing, and Eber for our 1-Insider loyalty programme);
  • automatically, when you visit our website or interact with our digital channels, through cookies, pixels and similar technologies (see Section 13);
  • through publicly available sources (such as professional or media profiles, where we may use these for due diligence, marketing or recruitment); and
  • through CCTV cameras installed at 1-Arden and at venues we operate (see Section 15).

7. How We Use Personal Data

We use personal data for the following purposes:

  • to provide our services to you, including processing reservations, fulfilling event bookings, processing payments and refunds, communicating with you about your reservation or visit, and providing post-visit follow-up;
  • to operate the 1-Insider loyalty programme, including registering you, tracking points, processing redemptions, and managing tier benefits;
  • to personalise your experience, including remembering your dietary requirements, preferences, allergies and accessibility needs across visits;
  • to send you marketing communications about 1-Arden, 1-Spring Pte Ltd and our other concepts, where you have consented to receive them, or where the law otherwise permits;
  • to operate, maintain, secure and improve our website, our reservation systems and our digital channels, including diagnosing technical issues and analysing performance;
  • to measure and improve the effectiveness of our marketing campaigns, including through analytics, advertising-platform measurement, and first-party attribution;
  • to conduct internal business analysis and improvement, including menu development, service-quality analysis, and operational planning;
  • to manage incidents and security, including investigating complaints, accidents, disputes and possible misconduct, both at our venue and on our digital channels;
  • to assess and select job applicants, manage recruitment processes, and (where you are not hired) keep your application on file in accordance with Section 17;
  • to comply with applicable laws and regulations (including the PDPA, accounting and tax laws, food-safety laws and licensing requirements), and to respond to lawful requests from regulators or law-enforcement agencies; and
  • to establish, exercise or defend legal claims, including in connection with disputes about reservations, transactions, or workplace matters.

8. The Legal Bases on Which We Rely

Under the PDPA, we collect, use and disclose personal data on one or more of the following bases:

  • your consent (which may be express or, where the PDPA permits, deemed by virtue of your voluntary provision of personal data for a clearly notified purpose);
  • the “legitimate interests” exception under the PDPA, where the legitimate interests of 1-Arden or another person clearly outweigh the adverse effect on you (for example, in connection with venue security, fraud prevention, and managing operational risk);
  • the “business improvement” exception under the PDPA, for purposes such as improving our goods and services, learning more about our customers, and developing or enhancing our offerings;
  • the performance of a contract with you (for example, fulfilling a reservation or a confirmed event booking); and
  • compliance with legal obligations to which we are subject (for example, retention of accounting records under the Companies Act 1967, the Income Tax Act 1947 and the Goods and Services Tax Act 1993).

Where we rely on your consent, you may withdraw that consent at any time by contacting our Data Protection Officer using the details in Section 3. Withdrawing your consent will not affect the lawfulness of processing carried out before the withdrawal, and may mean that we are no longer able to provide certain services to you.

9. How We Share Personal Data

We share personal data with the following categories of recipient, in each case only to the extent reasonably necessary for the purposes set out in Section 7:

Within the 1-Spring Pte Ltd group

We share personal data with personnel and affiliated entities under common ownership or operating relationship with 1-Spring Pte Ltd, including for the purpose of operating the 1-Insider loyalty programme across participating venues.

Service providers and processors

We share personal data with service providers that process personal data on our behalf under written contracts that include PDPA-aligned data-protection terms. Our key service providers currently include:

  • SevenRooms (table reservation and guest-management platform);
  • Tripleseat (private-events and event-enquiries platform);
  • Eber (1-Insider loyalty-programme platform);
  • Stripe (payment processing);
  • Google Cloud and Amazon Web Services (hosting and infrastructure);
  • Vercel and Supabase (web hosting and managed database for our digital channels);
  • Google Workspace (productivity, email and document collaboration);
  • Slack (internal communications);
  • Google Analytics, Google Ads, Meta and TikTok (analytics, advertising and attribution); and
  • Mailchimp and similar email-service providers (marketing communications).

Other recipients

We may also share personal data with our professional advisers (lawyers, accountants, auditors and tax advisers); with insurers; with banks and payment networks in connection with transactions and chargebacks; with regulatory and law-enforcement authorities, where required by law or where we consider disclosure necessary to protect our rights or the rights of others; and with any successor in interest in connection with a merger, acquisition or sale of business or assets.

We do not sell personal data.

10. Transfers of Personal Data Outside Singapore

Some of our service providers (including SevenRooms, Tripleseat, Eber, Stripe, Google, Amazon Web Services, Vercel, Supabase, Meta and TikTok) are based outside Singapore, and personal data may accordingly be transferred to, stored in, or accessed from countries other than Singapore (including the United States, the European Union, Australia, the United Kingdom and other jurisdictions where these providers operate).

Where we transfer personal data outside Singapore, we take steps as required by the PDPA to ensure that the recipient is bound by legally enforceable obligations that provide a standard of protection comparable to the protection under the PDPA. These steps may include contractual safeguards (for example, data-processing agreements containing PDPA-aligned data-protection clauses), reliance on the recipient’s applicable certifications, or other measures permitted by the Personal Data Protection (Transfer of Personal Data Outside Singapore) Regulations 2014.

11. How Long We Keep Personal Data

We keep personal data only for as long as is necessary for the purposes for which it was collected, including for the purpose of meeting any legal, accounting, tax, audit or reporting requirements. In particular:

  • reservation and guest-profile records are kept for as long as your account or profile is active, and for a reasonable period thereafter for record-keeping, dispute-handling and audit purposes;
  • 1-Insider loyalty-programme records are kept while you remain a member, and for a reasonable period thereafter, in accordance with the loyalty-programme terms;
  • financial records (including invoices, deposits and refunds) are kept in accordance with the retention periods required under the Companies Act 1967, the Income Tax Act 1947 and the Goods and Services Tax Act 1993 (generally at least five years);
  • CCTV recordings are normally retained for approximately 30 days from recording, after which they are securely overwritten, except where they are retained for a longer period in connection with an investigation, dispute or legal matter; and
  • job-applicant records are kept for up to twelve (12) months from the conclusion of the relevant recruitment cycle, unless we have your consent to keep them for a longer period.

Where personal data is no longer needed for any legal or business purpose, we will securely delete or anonymise it.

12. How We Protect Personal Data

We maintain reasonable security arrangements designed to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. These arrangements include access controls, encryption in transit, role-based access permissions, secure server hosting, periodic reviews of our security practices, training for staff who handle personal data, and contractual safeguards in our agreements with service providers.

Despite our efforts, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security, and you provide personal data to us at your own risk.

13. Cookies, Analytics and Marketing Attribution

Our website uses cookies and similar tracking technologies. Cookies are small text files that are placed on your device when you visit a website. We use cookies in the following ways:

  • strictly necessary cookies, which are required for the website to function;
  • preference cookies, which remember your settings (such as language);
  • analytics cookies, which help us understand how visitors use our website (for example, through Google Analytics);
  • advertising and attribution cookies, which help us measure the effectiveness of our advertising and personalise the advertisements you see on third-party platforms (for example, through Google Ads, Meta and TikTok); and
  • a first-party attribution cookie called “_1g_attr”, which we use to measure the channels through which visitors arrive at our website and to attribute marketing performance more reliably as third-party cookie support declines.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our website.

14. Marketing Communications, the DNC Registry and the Spam Control Act

Where you have consented (or where the PDPA otherwise permits us), we may send you marketing communications by email, SMS, push notification, in-app message, postal mail, or by other channels, about 1-Arden, the 1-Insider loyalty programme, and other concepts operated by 1-Spring Pte Ltd that we believe may interest you.

You can opt out of marketing communications at any time:

  • by clicking the “unsubscribe” link in any marketing email;
  • by replying with the indicated stop word to a marketing SMS;
  • by adjusting your marketing preferences in your 1-Insider account; or
  • by contacting our Data Protection Officer using the details in Section 3.

Before sending marketing messages to a Singapore telephone number by voice call, SMS or fax, we check that number against the relevant Do Not Call (“DNC”) registers maintained by the Personal Data Protection Commission, except where an exemption applies (for example, where you have given clear and unambiguous consent in writing or in another accessible form, or where the message is an “ongoing relationship” message). Our commercial electronic messages are sent in accordance with the Spam Control Act 2007 of Singapore, including unsubscribe and sender-identification requirements.

15. CCTV at Our Venues

1-Arden operates closed-circuit television cameras at 1-Arden Bar & Lounge for the purposes of safety, security, incident investigation, fraud prevention, loss prevention, service-quality assurance and the protection of our property, our staff and our guests. Notices indicating that CCTV is in operation are displayed in the relevant areas. CCTV recordings are retained for a limited period (normally around 30 days) and are accessible only by authorised personnel. CCTV is not used to monitor staff productivity in the ordinary course of operations.

16. Photography and Videography at Events

We may take photographs and video at events held at 1-Arden (including private events, media events and brand activations) for marketing, communications, social-media and editorial purposes. Where this is the case, we will use reasonable efforts to give guests advance notice (for example, through signage at the venue or messaging in the event invitation), and we will accommodate reasonable requests not to be photographed or filmed where this is operationally practicable. Where we use a photograph or video for marketing purposes, we rely on the PDPA bases set out in Section 8.

17. Job Applicants

When you apply for a position with 1-Arden or 1-Spring Pte Ltd, we collect and process the personal data you submit in your application (including CV, cover letter, application form, references and any interview notes), for the purposes of assessing your suitability, conducting interviews, performing background and reference checks (where applicable and lawful), making employment decisions, and complying with employment, immigration and other applicable laws. If your application is unsuccessful, we may retain your details for up to twelve (12) months in case other suitable opportunities arise, unless you tell us that you would prefer us to delete them sooner.

18. Your Rights Under the PDPA

Subject to the conditions and exceptions set out in the PDPA, you have the following rights in respect of your personal data:

  • Access (section 21 of the PDPA): you may ask us for information about the personal data we hold about you, and about the ways in which we have used or disclosed your personal data in the year preceding the request.
  • Correction (section 22 of the PDPA): you may ask us to correct an error or omission in the personal data we hold about you.
  • Withdrawal of consent (section 16 of the PDPA): you may withdraw any consent you have given to the collection, use or disclosure of your personal data. Withdrawing consent may mean that we are no longer able to provide certain services to you.
  • Data portability (sections 26F to 26J of the PDPA, once they come into operation): you may, in respect of certain categories of data, ask us to transmit your data to another organisation that has the capacity to receive it.

To exercise any of these rights, please contact our Data Protection Officer using the details in Section 3. We may need to verify your identity before processing a request. The PDPA permits us to charge a reasonable fee for responding to certain requests; if a fee applies, we will inform you in advance and the request will not be processed until you confirm that you will pay the fee. We will respond to a valid request within the time period required by the PDPA (currently within thirty (30) days, where reasonably possible).

19. How to Contact Us

For any questions about this Notice or about our handling of your personal data, please contact:

Immelia Izalena, Data Protection Officer

1-Spring Pte Ltd

(operator of 1-Arden Bar & Lounge)

88 Market Street, #51-01

Singapore 048948

Email: marketing@1-group.com.sg

General enquiries: enquiry@1-arden.sg

Phone: +65 9837 8248

20. Complaints to the PDPC

If you are not satisfied with our response to a query or complaint, you may refer the matter to the Personal Data Protection Commission of Singapore (“PDPC”). The PDPC may be contacted at:

Personal Data Protection Commission of Singapore

10 Pasir Panjang Road, #03-01

Mapletree Business City

Singapore 117438

Website: www.pdpc.gov.sg

21. Updates to this Notice

We may update this Notice from time to time to reflect changes in our practices, in the services we offer, or in applicable law. The current version is published at www.1-arden.sg/privacy, and the date at the top of this Notice indicates when it was last updated. Where a change is material, we will use reasonable efforts to bring the change to your attention (for example, by a notice on our website or, where appropriate, by direct communication).

22. Governing Law

This Notice is governed by, and is to be construed in accordance with, the laws of Singapore.

— End of Privacy Notice —

Open chat
Powered by Joinchat
Hello 👋
Can we help you?