PERSONAL DATA PROTECTION ACT 2010
Updated on May 28, 2018
Dear Valued Customers,
Pursuant to the Personal Data Protection Act 2010 which has come into force in Malaysia on 13 November 2013, we wish to notify you of our data protection practices and how your personal information is being used and processed by us.
Generally we use your personal information to process your reservations and in connection with your stay at our hotels as well as to send you updates on our latest services and promotions. Your personal data may have come into our possession from your stays at our hotel or from your interaction with us on previous occasions.
There has been no change in how we use your personal information, and our Personal Data Protection Notice below is to provide you with more transparency as to how your personal information is used by us.
Personal Data Protection Notice
- You understand and agree that the any information you have provided to the Hotel, such as your name, occupation, place of employment, residential address, email, telephone numbers, vehicle plate number, nationality, date of birth, passport number and membership number will be handled by the Hotel and its related corporations/affiliates (“we”, “us” or “our”) within the group of companies in accordance with the terms set forth below and applicable data protection laws and requirements. The Hotel may also collect your information from various sources such as from third party agents, via the Hotel’s website or within the group of companies.
- The provision of your information is mandatory when you make a reservation to stay at the Hotel and when you check into the Hotel. If you do not provide your information, the Hotel will not be able to process your registration or reservation, and will therefore result in you being unable to make a booking or stay at the Hotel. The provision of your personal data is voluntary for purposes of receiving marketing and you may indicate your consent to marketing in Paragraph 4 below.
- The information may be used by us, and transferred to other companies within the group and third parties engaged by the Hotel, such as our service providers, professional advisors, third party agents and external auditors who may be located both within and outside of the country or jurisdiction in which the Hotel is located, for purposes of managing and fulfilling your booking and matters relating to your Hotel stays (such as lost and found items, follow-up queries and survey), for enabling you to take advantage of any membership you may have with us including the Loyalty Club programme, for the group’s internal auditing and reporting purposes, and for managing our business relationship with you and such other purposes permitted and/or required under applicable law.
- Except as expressly permitted in paragraphs 1 to 4 above, we will not use your information for any other purpose unless you agree or unless we are required or permitted to do so by law.
- If you wish to withdraw the consent provided for marketing purposes, or access your personal data or update any of your contact particulars, or if you have any inquiries or complaints with regard to the use and processing of your information please contact us at the contact detail given to you by the Hotel or as follows:
Contact Person: Data Protection Compliance Officer
Phone No: 603 4042 5555
Fax No: 603 4043 5253
our personal information will be used for the following marketing purposes:
- Marketing by the Hotel
You agree that we can contact you to keep you informed about our special offers, promotions, products and services and events via the following channels:All channels / Mail / Fax / Phone / E-mail / Text messages (including but not limited to SMS)
- Third-Party Marketing
You agree that we can share your details with our selected business partners, associates and other third party providers (collectively “Associates”) so that they may contact you with details of products and services that may be of interest to you via the following channels:All channels / Mail / Fax / Phone / E-mail / Text messages (including but not limited to SMS)
Information you provide to us: we collect personal data (including where applicable sensitive personal data) you provide directly to us. This includes:
- your full name and contact information, passport and visa information;
- guest stay information, including the hotels where you have stayed, date of arrival and departure, goods and services purchased, special requests made, your service preferences, telephone numbers dialled and email, faxes, telephone and other messages received;
- your credit card, mobile payment and other payment details;
- your membership information, account details, profile or password details and any frequent flyer or travel partner programme affiliation;
- any information necessary to fulfill special requests (for example, leisure, travel and guest preferences);
- your reviews, feedback and opinions about our hotels, resorts, programmes and services;
- information collected through the use of closed circuit television systems and other security systems; and
- any other personal data you choose to provide to us.
Information We Collect Automatically When You Use the Site: when you access or use the Site, we automatically collect personal data about you, including:
- Log Information: we may collect system log information about your use of the Site, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Site.
- Device Information: we may collect information about the computer or mobile device you use to access our Site, including the hardware model, operating system and version, unique device identifiers (such as, IP address, IMEI number, the address of the device’s wireless network interface, or mobile phone number used by the device) and mobile network information.
- Location Information: we may collect information about the location of your device each time you access or use one of our mobile applications or otherwise consent to the collection of this information. You can turn off location services for a device at any time, but this may turn off some useful features.
- Information Collected by Cookies and Other Tracking Technologies: we and our service providers use various technologies to collect information, including cookies and web beacons. Cookies are small data files stored on your hard drive or in device memory that help us improve our Site and your experience, see which areas and features of our Site are popular and count visits. Web beacons are electronic images that may be used in our services or emails and help deliver cookies, count visits and understand usage and campaign effectiveness. For more information about cookies, and how to disable them, please see our Cookies Policy.
Information We Collect From Other Sources: we may also obtain personal data from our hotels and from our third party service providers (such as information relating to the credit of guests) and from public sources and combine that with information we collect through our Site where we believe that it is necessary to help manage our relationship with you.
How We Use Your Personal Data
We may use your personal data for the purposes set out below.
For the performance of our agreement with you, in order to:
- process, confirm, provide and charge for hotel arrangements and restaurant reservations and our goods and services, and administer mobile (where applicable) and in person check in and check out;
- fulfill contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) and vendors (e.g. credit card companies, airline operators and other loyalty programmes);
- provide you with access to the content on our Site, and respond to your enquiries and requests for information and services; and
- administer, and disclose the winner of, contests and lucky draw competitions conducted by us or on our behalf.
For our legitimate commercial interests, in order to:
- understand how our products and services impact you, provide you with a better, more personalised level of service, and further develop our products and services, including linking or combining with information we get from others to do so;
- provide privileges, benefits and services to you, process applications for and administer membership programmes, verify and validate your ability to access and use certain products, services and information;
- monitor your use of our Site and your bookings, and conduct analysis of the use of our Site in order to operate, evaluate and improve our Site and our services, understand your preferences, display customised content to you on our Site which may be of interest to you and troubleshoot any problems;
- conduct market analysis, market research, customer satisfaction and quality assurance surveys to improve our hotels, resorts and services; and
- provide for the safety and security of guests.
To comply with legal obligations to which we are subject:
- meet legal and regulatory requirements and administer general record keeping.
Use of information based on your consent:
- facilitate direct marketing, promotional and customer management purposes, including sending you promotional communications (including without limitation emails and push notifications) or special offers if you have consented to receive the same. Please see section “Direct Marketing” below;
- we may use special categories of data (e.g. health data). But we will only do so if we have received your consent thereto; and
- for any other purposes for which we have your consent.
Disclosures of Your Personal Data
We may share your personal data:
- between Seri Pacific and a limited number of our affiliates as are relevant for the above purposes and to facilitate the operation of our business, but we shall only do so on a need to know basis;
- with the operator of the hotel or the hub of hotels which you book, stay or visit for the above purposes;
- with third-party payment processors, payment service providers, IT and marketing support service providers and other consultants, vendors and service providers who need access to such information to carry out work or provide services on our behalf or who help us to provide the Site to you;
- with anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) in order to fulfill contractual obligations;
- with any law enforcement, courts, Government or regulatory bodies (in whatever jurisdiction), or otherwise in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, court order or legal process;
- if we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of Seri Pacific, our affiliates or others;
- in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company, or any change of management of a hotel;
- with our advisors, which includes our accountants, auditors, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations;
- with any other party at your consent or at your direction; and
- otherwise as permitted or required by applicable laws and regulations.
We may also disclose aggregate or de-identified data that is not personally identifiable with third parties, including our commercial and strategic partners.
From time to time, we would like to use your name, email address, mobile phone number, and other relevant contact information to send you either via emails, SMS messages, telephone calls, push notifications, post, or social media (e.g. WeChat and Facebook) information that we think may be of interest to you, including about our hotels, products and services, news about our membership programmes, satisfaction surveys, events, offers and promotions, but we can only do so with your consent.
We would also like to share (for gain) such data with the operator of the hotel or hub of hotels in which you stay or visit and with selected third party entities, so that they may send you information, news updates, special events, offers and promotions as regards their products and services, including travel, transportation, retail, food and beverage, hotel accommodation, credit cards, financial and investment services, real estate, entertainment, publications, fashion and jewellery, leisure and sports, health and wellness, non-profit and charitable activities, telecommunications, social networking, media and public relations, but we will not use your personal data for direct marketing without your consent.
You may opt-out from receiving marketing communications at any time, free of charge, by following the unsubscribe instructions contained in the marketing communications or contacting Seri Pacific in accordance with the section “Your Rights and Contact Us” below. If you opt out of these communications, we may still send you non-promotional communications, such as those about your reservation or programme members communications, unless we are prohibited from doing so by applicable laws.
Retention of Personal Data
Our Commitment to Data Security
We have in place reasonable technical and organisational measures to prevent unauthorised or accidental access, processing, erasure, loss or use of your personal data and to keep your personal data confidential. These measures are subject to ongoing review and monitoring. To protect your personal data, we also require our third party service providers to take reasonable precautions to keep your personal data confidential and to prevent unauthorised or accidental access, processing, erasure, loss or use of personal data, and to act at all times in compliance with applicable data protection laws.
We cannot guarantee that our Site will function faultless and without any interruptions. We shall not be liable for damages that may result from the use of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications, interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses.
Children and Minors
Except where required by local laws, we do not knowingly collect personal data from minors. If you are a minor, you may only use our Site and services with the permission of your parent or guardian.
If you are in the EU, our online services are not directed at children under the age of 13. If you believe we have collected information about a child under the age of 13, please contact us so that we may take appropriate steps to delete such information. If you are at least 13 but under the age of 16, please get the consent of your parent or legal guardian before giving us any personal data about yourself.
Third Party Sites
Your Rights and Contact Us
You are entitled to the following rights: right of access to the personal data we hold about you, right of rectification, right to erasure, right to restrict data processing, right to object against profiling and your personal right to data portability. Whenever reasonably possible and required, we will strive to grant these rights within one (1) month. You may also withdraw your consent to receiving direct marketing communications, or more generally to our processing of your personal data, at any time, and you may in certain circumstances ask us to delete your personal data. However, we may not be able to continue providing services to you if you entirely withdraw your consent or ask us to delete your personal data entirely. To make these requests, or if you have any questions or complaints about how we handle your personal data, or would like us to update the data we maintain about you and your preferences, please contact our data protection officer by email at firstname.lastname@example.org.