Privacy Policy

Privacy Policy

Burger King Singapore Pte. Ltd. (“BKS”, “we” or “us”) is committed to protecting the privacy of all users of our burgerking.com.sg website, mobile application, social media platforms, digital in-restaurant kiosk, or other related services or platforms (collectively, the “Platform”) . This Privacy Policy (“Policy”) sets out the basis which we may collect, use, disclose or otherwise process your personal data in accordance with the Personal Data Protection Act 2012 (“PDPA”). This Policy applies to your personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process your personal data for our purposes.

 

By accessing the Platform or using the Services, whether you have provided such personal data through our website, newsletter, marketing or promotional materials, smart phone or social media application, through a third party such as your employer or otherwise, you agree to the collection, use and disclosure of your personal data as described in this Policy. If you do not consent to such collection, use or disclosure of your personal data, we may not be able to provide you with certain information, offers, goods or services.

 

Collection, Use and Disclosure of Personal Data

 

Collection of Personal Data

When you visit or place an order through our Platform, including through any websites or mobile app of our vendors or third-party services providers (“Partners”) with whom we work to provide our services, we will collect your information in the following ways:

• When you create an account with us or change your account settings, we collect your name and contact details, phone number, email address and delivery address.
• When you use our Platform to place an order, we collect information including items purchased, your location (longitude and latitude), any order notes you may provide to help with the delivery and loyalty scheme details or vouchers (where applicable). Our payment providers also collect payment information, including your debit or credit card number to enable payment. 
• When you participate or enter into sweepstakes or contest, participate in a loyalty or rewards program, purchase gift certificates, gift cards, or other merchandise, competitions, prize draws, or promotions run by us for our own benefit or on behalf of our Partners we collect information to register you.
• When you participate in market research and surveys, provide content submissions, make suggestions for the operation of our Platform, leave messages or comments on our Platform, or give feedback, we collect your responses and reviews.
• When you contact us (through the Platform or using any in-app function) about the order you placed, we collect the information you share during the conversation. If you contact us by phone, we may record the call and take notes, including for training and service improvement purposes. If you contact us about a problem with your order, we may ask you for a description or photograph of your order or receipt showing the problem (if it is something that can be seen by inspecting the items). We may also collect health information about you only where you volunteer and agree to this, for example if you report an allergic reaction after consuming an order.
• When you interact with us or contact us, including on our social media accounts with a comment or question, to receive marketing material, engaging in online interactive activity or marketing research, or create an account with us, we collect your contact preferences and any other information you share with us.

Other information about you

• We also collect your information from third parties, such as fraud detection providers, online advertising platforms and data brokers, from the person completing the order if you are the recipient of a gift. 
• We collect information from your use of our Platform, such as to understand your preferences, demographic information and how you use our Platform and services. 
• We collect information from the device you use to access our Platform, such as the IP address you are using and other unique identifiers associated with your device and, if you use your mobile device, we automatically collect information such as your mobile carrier, location and how you interact with other retail technology (for example, QR Codes and/or mobile vouchers), unless you have elected to remain anonymous through your mobile settings.

Mandatory information

• If you fail to provide your information, you may not be able to use our Platform and services (or any part thereof) and we may not be able to continue providing you services, which we will notify you of in advance.

 

Use of Personal Data

BKS and our Partners may use the personal information collected for any of the following purposes:

1. processing your application, registration of your membership and verifying your identity for identification;
2. performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;
3. verifying your identity and the accuracy of your personal data and other information provided by you;
4. using your credit card details or other payment method for processing payment purposes or credit transactions;
5. to send marketing and other communications to our visitors about BURGER KING® products or about the products and services of promotional partners that are not owned or affiliated with BKS;
6. to allow visitors to communicate with others, such as their friends,
7. providing marketing messages, promotional materials, or newsletters if you have consented to receive such communications;
8. assessing and evaluating your suitability for employment or other engagement in any current or prospective position with us;
9. verifying if you are eligible for offers, promotions, discounts, or benefits or other related purposes;
10. responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
11. to provide any necessary notices to our visitors;
12. conducting research, analysis, and development activities to improve our services and facilities in order to enhance your membership with us or for your benefit, or to improve any of our products or services for your benefit;
13. to protect the security or integrity of the BKS website;
14. complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
15. transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes;
16. any other purposes for which you have provided the information; and
17. any other incidental business purposes related to or in connection with the above.

 

App/SMS Notifications and Email Newsletters

We may send you in-app or push notifications, as well as newsletters via email, or SMS/text messages informing you about new products, offers and promotions on our platform.

 

To make this possible, we use your account data, location data, as well as order and delivery data. This information enables us to promote products and services available on our platform. You are always free to opt-out from such communications. To ensure we comply with your choice to opt-out, we will keep your contact details on a separate list of customers who prefer not to receive direct marketing communications. In this case, we will unsubscribe you from customised communications and you will not receive such communications in the future.

 

To opt out of emails or SMS communications or in-app notifications, please follow the instructions in the email or SMS message or by switching off the notification feature for the mobile application in your mobile device. You can stop any further collection of information by the mobile application by uninstalling the mobile application from your mobile device. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network.

 

Incentives

We use a variety of incentives to make our platform more attractive to you and to ensure that you enjoy all the advantages that our platform has to offer. These incentives include, promotional codes, vouchers, customer competitions, and bonus programs.

 

When you use vouchers on our platform, we may process your account data, and the associated discount or promotion. We process this data to apply the voucher to your order, and ensure the proper functioning of this feature.

 

When you participate in user competitions or bonus programs on our platform, we may process your account data, data relevant to the program, including your status, points and rewards earned. This data is processed to administer those programs and grant you prizes or discounts.

 

If you participate in incentives (e.g. bonus programs) offered by third parties, your data might be passed onto them. In such cases, processing of your data is based on your consent given.

 

Online Marketing

We utilise marketing processes to reach as many potential customers as possible. These processes encompass a range of marketing strategies, including targeted advertisements, both on our own platform, or on online media properties (e.g, websites, social platforms) owned and operated by third-party publishers.

 

For this purpose, we process account data, location data, order and delivery data, and device information such as session information, your configuration settings, platform interactions such as items added to the cart, and data obtained through web-trackers (e.g. cookies, SDKs, pixels).

 

When we perform targeted advertisements for our platform, we use customer segmentation based on the data we collect from you. This segmentation may include predictions about our users’ demographics (e.g., age, gender) or consumption preferences. These insights are typically aggregated and pseudonymized, which means that we cannot identify you individually. We use these insights when defining our online marketing strategies.

 

Your prior explicit consent is requested to show you our online targeted advertisements. If you do not consent to personalized online advertisements, please note that you may still receive ads related to our service and products. However, these ads will be generic and not result from specific targeting processes.

 

Social Media Pages

We maintain profiles on various social media platforms through which we advertise our products and engage with customers. When you visit our pages on social media platforms such as Facebook, Instagram and TikTok, the operators of these platforms process your personal data, as explained in their own privacy statements.

 

Disclosure of Personal Data

We may disclose your personal data:

1. where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you; 
2. where we employ data intermediaries or third-party service providers (other companies and individuals), agents and other organisations to perform functions on our behalf. They will need access to your personal data needed to perform their functions;
3. where such disclosure is required for assessing and evaluating your suitability for employment or other engagement in any current or prospective position with us; and
4. where such disclosure is required to verify your identity and the accuracy of your personal details and other information provided by you.

 

The purposes listed in the above clauses may continue to apply even in situations where your relationship with us has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under a contract with you).

 

In compliance with the PDPA, we may collect, use or disclose your personal data without your consent for our legitimate interests or another person. In relying on the legitimate interests exception of the PDPA, we will assess the likely adverse effects on the individual and determine that the legitimate interests outweigh any adverse effect. In line with the legitimate interests’ exception, we will collect, use or disclose your personal data for the following non-exhaustive purposes:

1. Fraud detection and prevention.
2. Detection and prevention of misuse of services.
3. Network analysis to prevent fraud and financial crime, and perform credit analysis.
4. Collection and use of personal data on company-issued devices to prevent data loss.

 

The purposes listed in the above clause may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter.

 

We may collect, disclose or use your personal data pursuant to an exception under the PDPA or other written law such as during the following situations:

1. To respond to an emergency that threatens your life, health and safety or of another individual; and
2. Necessary in the national interest, for any investigation or proceedings.

 

Consent to Third Party Acquisition

In the event of a merger with, or acquisition by, another company or group of undertakings, we may need to disclose limited information to that company and their advisors who are under professional obligations to maintain the confidentiality of your personal data. This may occur in circumstances such as mutual due diligence assessments and regulatory disclosures.

 

In any event, we will ensure that we only disclose the minimum amount of information necessary to conduct the transaction, while also carefully considering the feasibility of removing or anonymising any data that could identify individuals.

 

Withdrawal of Consent

You have choices regarding our collection, use or disclosure of your personal data. You have the right to object to the processing of your personal data and withdraw your consent in the manner described below. However, if you choose not to provide us with the personal data intended for the purpose(s) for which you have been notified, we may not be able to fulfil the said purpose(s):

• The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in via email to our Data Protection Officer in writing or via email at the contact details provided below.
• Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities with us. In general, we shall seek to process your request within ten (10) business days of receiving it.
• Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you, or provide you with certain products or services you have requested for, or continue the existing relationship you have with us. In such circumstances, we shall notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing via email to our Data Protection Officer in writing or via email at the contact details provided below.
• Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.

 

Security of Personal Data

To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date authentication and access controls (such as good password practices, need-to-basis for data disclosure, etc.), encryption of data, up-to-date antivirus protection, regular patching of operating system and other software, and securely erase storage media in devices before disposal and disclosing personal data both internally and to our authorised third-party service providers and agents only on a need-to-know basis.

 

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

 

Access to and Correction of Personal Data

If you wish to make:

• an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or
• a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer in writing or via email at the contact details provided below.

Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

 

We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) business days after receiving your request, we will inform you in writing within thirty (30) business days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

 

Accuracy of Personal Data

We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below. We will take reasonable steps to ensure that the personal data we collect about you is accurate, complete, and kept up-to-date, taking into account its intended use.

 

Retention of Personal Data

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as agreed between you and us, or as required or permitted by applicable laws.

 

We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

 

Transfers of Personal Data Outside of Singapore

We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

 

Data Breach Notification

In the event a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, we shall promptly assess the impact and once assessed that it is a notifiable data breach, we shall report this breach as soon as practicable, but in any case, no later than within three (3) calendar days to the Personal Data Protection Commission (“PDPC”). We will notify you when the data breach is likely to result in significant harm to you after our notification to PDPC. We may also notify other government enforcement or regulatory agencies, where required.

 

Cookies

Our website uses cookies to improve your browsing experience. These cookies are essential for the working of basic functionalities of our website and to help us analyse and understand how you use our website generally, recognise your repeat visits and preferences, as well as to measure and analyse traffic.

 

These cookies will be stored in your browser only with your consent. By clicking “Accept” on our cookie banner, or if you continue to explore our website without changing your cookie settings, you consent to the use of the cookies on our website. You also have the option to opt-out of these cookies by changing your cookie settings anytime. But opting out of some of the cookies may have an effect on your browsing experience.

 

When you access our websites, data (e.g. type of Internet browser and operating system used, domain name of the website from which you came, number of visits, average time spent on the site, pages viewed) may be collected by the servers hosting our websites. This data may be used to monitor the attractiveness of our website and improve their performance or content.

 

Third Party Website

BKS is not responsible for the policies, content, and practices of third party websites to which a BKS Website may link. Please refer to those sites’ own privacy policies to learn how they collect and use personal information.

 

Contact Us

You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

 

Attention:           Data Protection Officer

Email Address:   atyourservice@burgerking.com.sg

 

Subject Matter: Data Protection Matter

 

Changes to This Privacy

This Policy shall be read with and incorporated by reference in any other notices, terms and conditions, order forms that apply in relation to the collection, use and disclosure of your personal data by us.

 

We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Your continued use of our website or our services constitutes your acknowledgement and acceptance of such changes.

 

Last updated: September 2025