What Personal Data do we collect?
Your Personal Data collected by Cape & Kantary Hotels can be classified into the following:
|Type of Personal Data
|1. Personal details
|Such as full name, ID number, facial photo, gender, date of birth, nationality, country of residence - all information pertaining to your official documents such as your passport or national ID – as well as other identification numbers such as identification numbers of family members and children, ages of children.
|Such as Addresses, phone numbers, fax numbers, email addresses, LINE IDs, Facebook accounts, Instagram accounts, Facebook IDs, Twitter ID, Tiktok ID, Google IDs, and any other social media platform IDs that are affiliated to your online accounts which may be used to contact you.
|Such as bank account number, credit card number and debit card number, and any form of payment information that we may have to process when welcoming You as a guest or customer.
|Such as account details, membership card numbers, reward points, member type, customer type, member join/registration date and month, membership period, bank account and payment details, service and product applications (e.g.membership application, insurance application) or any other form of personal information related to our membership system and programs.
|Such as IP address of computer, type of browser, cookies data, time zone setting, operational system, platform and all other aspects of the technology of the equipment used to access the website and online application systems that belong to Cape and Kantary Hotels.
|Such as username and password, purchase history, interests, likes and information from survey responses. This also includes any personal characteristics that may be indicated from your profile information which You provide us with or / and has been processed by our systems.
|Such as ethnicity, beliefs, religion, health information (including food and general allergies) and biometric data including criminal history data. In the event that we have unintentionally receired It and have no intention of collecting such data, and the data is not intended to be used to faciltate your stays at our hotels, we will not process your sensitive data.
Purposes and legal ground for processing personal data
We will use your Personal Data for a number of different purposes. In all case we must have a reason and a legal ground for processing your personal data. Some of the most common legal grounds we rely on are briefly described as follows:
We process Personal Data based on consensual basis. In the event that you have provided us with explicit consent, we will process your Personal Data within the scope of the purpose of which we have informed you such as:
|2. PERFORMANCE OF CONTRACT
|To provide products and services to you - such as completing your reservations, sending you reservation confirmations, carrying out financial transactions and registering you for programme membership, fulfilling a request for information, customising our services to your preferences, earning and redeeming rewards, keeping proper records of your transactions with us.
|3. LEGAL OBLIGATION
|We process personal data in accordance with any applicable law, regulation, legal process or enforceable governmental request.
|4. VITAL INTEREST
|We process personal data under the necessity of emergency medical situations to protect your life or that of another natural person.
|5. LEGITIMATE INTEREST
We process Personal Data under the necessity of taking steps for our legitimate interests or those of other individual or juristic persons who are not overriding your interests or your fundamental rights and freedoms.
Period of storage of personal data and criteria for defining such period
We process and store your personal data for as long as required for us to fulfil the purpose for which we obtained it, and to comply with our legal and regulatory obligations. We will then erase and destroy your Personal Data except as may be required, by applicable laws or for protection of our interest. However, we may have to retain your Personal Data for a longer duration, as required by applicable law.
Sharing & Disclosure
How we protect your Personal Data?
We take appropriate technical and organizational measures pursuant to applicable laws to protect your personal data against illegal or accidental destruction, loss or alteration as well as unauthorized disclosure and access.. We implement appropriate technical and organizational measures that seek to ensure a level of security appropriate to the risk, taking into account technological reality, cost, the scope, context and purposes of processing weighted against the severity and likelihood that the processing could threaten individual rights and freedoms.
Data Subject Rights
Changes to the Privacy Notice
We reserve the right to make changes to this Notice from time to time to ensure that it is appropriate and in accordance with the applicable laws. Please check frequently to see any update or change to our Privacy Notice.
The website may contain links to other third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third-party websites.
To contact us
If you wish to exercise data subject rights or if you have any question or complaint, you can contact us via email@example.com
Updated: June 1, 2022