top of page

Privacy Policy

Hr Millennium Pte Ltd (together with its subsidiaries, affiliates, and managed venues, including The Riverhouse, collectively referred to as "the Company", "we", "us", or "our") is dedicated to protecting the privacy and security of your personal data.

This Privacy Policy explains how we collect, use, disclose, and manage personal data in compliance with the Singapore Personal Data Protection Act 2012 ("PDPA"), the Spam Control Act 2007, and other applicable data protection regulations.

1. Scope of This Policy

This Privacy Policy applies to all personal data collected by or on behalf of the Company through various interactions, including but not limited to:

  • Accessing or using our websites (such as www.theriverhouse.sg) and any related venue web pages.

  • Completing reservations, general enquiries, or booking forms for dining, nightlife, weddings, and private corporate events.

  • Participating in our loyalty programs, marketing distributions, or customer satisfaction surveys.

  • Visiting our physical venue premises where security or promotional media capturing may occur.

2. Personal Data We Collect

Depending on the nature of your interaction with us, we may collect the following categories of information:

  • Identity and Contact Information: Full name, title, date of birth, gender, nationality, email address, mailing address, and telephone number.

  • Reservation and Event Details: Specific booking information, including reservation dates and times, party sizes, seating preferences, dietary restrictions, special occasions, and host notes.

  • Financial and Transaction Data: Payment card details, billing addresses, and transaction histories associated with event deposits, ticket sales, or venue purchases.

  • Technical and Usage Data: IP addresses, browser types, operating systems, cookie identifiers, and analytical data regarding your interaction with our online platforms.

  • Media and Security Recordings: Photographs, video recordings, and CCTV footage captured during events or while visiting our physical venue space for security, operational, and promotional purposes.

  • Employment Application Data: Professional backgrounds, resumes, academic transcripts, employment histories, and references submitted through job application channels.

We do not knowingly collect personal data from individuals under the age of 13. If you believe we have inadvertently gathered information from a minor, please contact our Data Protection Officer immediately.

3. Methods of Data Collection

We collect personal data through various channels:

  • Direct Interactions: When you fill out booking forms, sign up for newsletters, submit event enquiries, complete feedback surveys, or contact our team via email, phone, or messaging applications.

  • Automated Technologies: As you browse our online platforms, we may utilize cookies, server logs, and tracking pixels to analyze site traffic and enhance user experiences.

  • Third Parties: We may receive data from external reservation platforms, event planners, ticketing partners, or recruitment agencies acting on your behalf.

4. Purposes for Processing Your Personal Data

We process your information based on your explicit consent, contractual requirements, legitimate business interests, or legal obligations. Primary purposes include:

  • Facilitating, managing, and confirming your restaurant reservations, event bookings, and entertainment ticketing.

  • Communicating with you regarding your enquiries, feedback, or administrative updates.

  • Processing financial transactions, deposits, and invoice verifications.

  • Customizing, evaluating, and improving our hospitality offerings, venue services, and digital platform functionalities.

  • Distributing marketing materials, newsletters, promotional offers, and loyalty program rewards (where you have opted-in to receive such communications).

  • Maintaining venue safety, operational security, and asset protection through closed-circuit monitoring.

  • Reviewing and processing career applications and recruitment communications.

  • Complying with regulatory, legal, and law enforcement directives.

5. Sharing and Disclosure of Personal Data

To fulfill the purposes outlined above, we may share your personal data with:

  • Internal business units, affiliated venues, and subsidiaries within the corporate umbrella to streamline services and operational support.

  • Trusted third-party service providers, including payment gateways, reservation software providers, cloud storage hosts, IT support vendors, and marketing delivery agencies.

  • Legal, financial, and auditing consultants to ensure corporate compliance.

  • Government agencies, statutory boards, or law enforcement entities when required by law or to defend our legal rights.

We mandate that all third-party partners handle your personal data with strict confidentiality and implement appropriate security measures in line with the PDPA.

6. International Data Transfers

If your personal data is transferred outside of Singapore for cloud storage, data processing, or vendor integration, we will implement appropriate safeguards. We ensure that receiving organizations provide a standard of protection to the transferred data that is at least comparable to the protections enforced under the PDPA.

7. Data Security and Safeguards

We implement robust administrative, technical, and physical security measures to protect your personal data from accidental loss, unauthorized access, alteration, disclosure, or misuse. These protections include secure server environments, encrypted payment handling, and restricted internal access permissions. However, please note that no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

8. Retention of Personal Data

Your personal data is retained only for as long as necessary to fulfill the original purposes for which it was collected, or as required to meet legal, accounting, tax, or operational obligations. Once the information is no longer deemed necessary, it will be securely anonymized or permanently destroyed.

9. Your Rights: Access, Correction, and Withdrawal

Under the PDPA, you maintain specific rights regarding your personal data:

  • Access: You have the right to request a copy of the personal data we hold about you, alongside information regarding how it has been used or disclosed over the past year.

  • Correction: You may request updates or corrections to any incomplete, outdated, or inaccurate personal information in our possession.

  • Withdrawal of Consent: You may withdraw your consent for the collection, use, or disclosure of your personal data at any time. Please note that withdrawing consent may limit our ability to provide certain services, manage your reservations, or fulfill event arrangements.

10. Data Protection Officer (DPO) and Contact Information

For any questions, concerns, requests for data access or correction, or to file a complaint regarding our data handling practices, please contact our Data Protection Officer using the details below:

  • Entity Name: Hr Millennium Pte Ltd (UEN: 201623286G)

  • Venue Reference: The Riverhouse

  • Postal Address: 3A River Valley Road, #01-02 Clarke Quay, Singapore 179020

  • Email Address: compliance@theriverhouse.sg (or enquiries@theriverhouse.sg)

  • Contact Number: +65 8879 0688

We aim to acknowledge and address all data protection inquiries within a reasonable timeframe.

11. Policy Revisions

We reserve the right to modify, amend, or update this Privacy Policy at any time to reflect adjustments in legal frameworks, regulatory requirements, or internal operational policies. The latest version will always be published on our website with its respective effective date.

Last Updated: May 21, 2026

12. Cookesand Online Tracking Mechanisms

Our website uses cookies, web beacons, and unique device identifiers to differentiate you from other users, map navigation trends, and preserve your configuration preferences. We deploy both session cookies (which expire once you close your browser) and persistent cookies (which remain on your device until deleted).

You can configure your internet browser to reject cookies or alert you when cookies are being sent. However, if you disable or refuse cookies, please note that certain components of our online reservation systems or website functionalities may become inaccessible or fail to operate optimally.

13. Third-Party Websites and Hyperlinks

Our digital platforms may contain links to external websites, plug-ins, or media networks operated by third parties (such as external ticketing platforms, entertainment artists, or delivery services). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party platforms and are not responsible for their independent privacy standards. We strongly advise reviewing the privacy policy of every external website you visit.

14. Photography, Video Recording, and Media Release

By entering physical premises managed by the Company (including but not limited to dining rooms, bar areas, outdoor courtyards, and nightlife spaces), or by attending our organized public activations, you acknowledge that photography, audio recording, and video recording may take place under our direction.

The Company may use these images, videos, and audio clips in digital marketing campaigns, social media channels, print publications, or website galleries for promotional and commercial purposes. If you do not wish to be captured in promotional media, please notify our venue staff or event coordinators upon arrival.

15. Intellectual Property Rights

All content displayed across our online platforms—including website text, graphics, logos, button icons, images, audio clips, digital downloads, data compilations, and software—is the exclusive property of the Company or its content suppliers and is protected by Singapore and international copyright, trademark, and intellectual property laws. Unauthorized reproduction, modification, distribution, or replication of any material without our explicit, written consent is strictly prohibited.

16. Data Accuracy and Your Obligations

We rely on the veracity and accuracy of the personal data you provide to deliver services safely and effectively. You are responsible for ensuring that all information submitted to us is accurate, complete, and updated. If there are changes to your personal data (such as a change in your contact email or phone number), please notify our Data Protection Officer immediately so we can update our records.

17. Security Breach Notification Protocol

In the highly unlikely event of a data security incident involving unauthorized access, loss, or alteration of personal data, the Company maintains a strict incident response plan. In accordance with our obligations under the PDPA, if a data breach is assessed to cause, or be likely to cause, significant harm to affected individuals, or involves a scale that meets regulatory thresholds, we will notify the Personal Data Protection Commission (PDPC) and the impacted individuals as soon as reasonably practicable.

18. Disclaimer and Limitation of Liability

While we implement rigorous security measures to shield your personal data, the transmission of information via the internet carries inherent risks. To the maximum extent permitted by Singapore law, the Company, its directors, employees, and affiliates shall not be liable for any direct, indirect, incidental, consequential, or punitive damages arising out of unauthorized access, interception, data leakage, or misuse of your personal data by malicious third parties acting outside our reasonable control.

19. Indemnity

You agree to indemnify, defend, and hold harmless the Company, its subsidiaries, officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, costs, or expenses (including legal fees on a full indemnity basis) arising out of or resulting from your breach of this Privacy Policy, your violation of any third-party rights, or your unlawful submission of personal data belonging to another individual without their prior consent.

20. Governing Law and Dispute Resolution

This Privacy Policy and our data management practices are governed exclusively by the laws of the Republic of Singapore. Any dispute, controversy, or claim arising out of or relating to this policy, including its validity, interpretation, or breach, shall first be referred to the Company's internal compliance channels for amicable resolution. If a resolution cannot be reached, the dispute shall be submitted to the exclusive jurisdiction of the courts of Singapore.

21. Severability

If any provision or part-provision of this Privacy Policy is found by a court or administrative body of competent jurisdiction to be invalid, illegal, or unenforceable, it shall be deemed modified to the minimum extent necessary to make it valid, legal, and enforceable. If such modification is not possible, the relevant provision or part-provision shall be deemed severed. The invalidity or unenforceability of any provision shall not affect the validity or enforceability of the remaining portions of this policy.

22. Language and Interpretation

In the event that this Privacy Policy is translated into languages other than English for promotional or accessibility purposes, the English language version shall remain the primary legal authority. In the case of any conflicts, ambiguities, or discrepancies in meaning between the English text and any translated version, the English text shall prevail.

23. Acknowledgement and Consent

By continuing to browse our websites, submitting reservation enquiries, confirming event bookings, or engaging with our venue services, you acknowledge that you have read and understood the terms of this Privacy Policy and explicitly consent to the collection, usage, disclosure, and processing of your personal data by Hr Millennium Pte Ltd in the manner described above.

Last Updated: May 21, 2026

bottom of page