References to “CHRG” (Constance Hotels, Resorts and Golf) “we” and “our” throughout this Policy, collectively and individually refer to Constance Hospitality Management Ltd, to the distinct legal entities managed and/or operated by Constance Hospitality Management Ltd under any brand names, and to all entities owned/managed/operated by Constance Hotels Services Ltd.
- COMMITMENT TO PROTECTING PRIVACY
At CHRG, we recognise the importance of privacy. Consequently we make it a high priority to ensure that your personal information remains secure and confidential and is used only for the intended purpose.
“Personal data” means any information relating to you, such as your name or telephone number.
Before you provide us with your personal data, we recommend that you read this policy which explains how we collect data about you and the nature of that data, how we use that data, who that data may be sent to and how you can amend data you have submitted to us.
- PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
The seven principles below are applicable within our organisation throughout the world.
- Transparency: When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
- Legitimacy: We will collect and process your personal data only for the purposes described in this Policy.
- Relevance and accuracy: We will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
- Storage: We will hold your personal data for the period necessary for processing the same in compliance with the provisions of the law.
- Access, rectification, opposition: You may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information.
- Confidentiality and security: We will ensure reasonable technical and organizational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
- Sharing and international transfer: We may share your personal data within our organisation or with third parties (such as commercial partners and/or service providers) for the purposes set out in this Policy. We will take appropriate measures to guarantee security when sharing or transferring such data.
- SCOPE OF APPLICATION
- relating to guests, employees, and other individuals with whom we do business, who use our services or who visit us
- collected in any form, including oral, electronic and/or written
- gathered through our websites: www.constancehotels.com, www.c-palmar.com, www.c-resorts.com, www.constancehospitality.com and www.constancehrg.com
- TYPES OF PERSONAL DATA WE COLLECT
At various touch points, we may ask you or collect information about you and/or members of your family, such as:
¨ your name, gender, contact details, address, date of birth, anniversary date, nationality, profession and passport details
¨ guest stay information, including the CHRG hotels where you have stayed, dates of arrival and departure, special interests, specific requests made, observations about your service preferences (including room and vacation preferences, preferred floor, sports, special interests)
¨ special requirements and any information necessary to fulfil these requirements (e.g. allergies, dietary preferences/restrictions or health conditions requiring specific accommodation or service)
¨ your credit card details, payment method details
¨ information, feedback or content you provide in surveys following your stay in any of our establishments
¨ information captured while you access our websites, participate in sweepstakes, contests or promotional offers, or our third party partners
¨ information supplied when you apply for a job and through the use of our recruitment software
¨ contact and other relevant details of our suppliers, contractors and other business partners
The information collected in relation to persons under 16 years of age is limited to their name, nationality, address, date of birth, which can only be supplied to us by a parent or guardian. We would be grateful if you could ensure that your children, aged less than 16 years, do not send us any personal data without your consent (particularly via the Internet). If such data is sent, please notify our Privacy Team via contact details stated at section 14, to arrange for this information to be deleted.
We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation or character certificate.
However, you can also provide us with sensitive information if you consider that by providing such information we will be able to give you a better service.
- WHEN PERSONAL DATA IS COLLECTED
Personal data may be collected on a variety of occasions, including:
6.1 Hotel activities:
- Booking a room
- Checking-in and paying
- Using our facilities and services including bar, restaurant, SPA, Golf
- When making requests, complaints or providing feedback (including through Guest Satisfaction Surveys)
6.2 Participation in marketing programs or events:
- Online games or competitions
- Subscription to newsletters, in order to receive offers and promotions via email and general information about the group/hotels
6.3 Transmission of information from third parties:
- Tour operators, travel agencies, reservation systems, and others
- Leaders Club Member data
6.4 Internet activities:
- Connection to our organisation websites
- Online forms (online reservation, questionnaires, our organisation pages on social networks, network login devices, etc.).
- Through the various services on our website : ‘contact us’ , Newsletter subscription, ‘Your Request’
- Spa and Golf Reservation Systems
6.5 In other service contracts with CHRG, for example a commitment as model for photo/video shoots
6.6 Registration of children with the Constance Kids Club with the consent of parents or guardian
- PURPOSE OF COLLECTION OF PERSONAL DATA
We collect your personal data for the purposes of:
7.1 Meeting our obligations to our customers
7.2 Managing your booking and other services requested
7.3 Managing your stay at the hotel:
- Monitoring your use of services (telephone, bar, etc.)
- Updating your account and processing payment
- Managing access to rooms
- Handling requests, feedback and any complaints/incidents
7.4 Improving our products and services:
- Managing complaints and feedback
- Analysing results from guest satisfaction surveys to gain better understanding of guests requirements and wishes
- Predicting and anticipating future behaviours
- Adapting our products and services to better meet your requirements
- Developing statistics and commercial scores, and carrying out reporting
7.5 Managing our relationship with customers before, during and after your stay:
- Segmentation operations based on reservation history and customer travel preferences with a view to sending targeted communications
- Knowing and managing the preferences of new or repeat customers
- Sending you newsletters, promotions and informing you of special offers and any new services created by our organisation
- Managing subscription to our newsletters
- Managing data subject requests to access, modify, restrict or delete their data
7.6 Analysing your collected data in order to determine your interests and your customer profile and to allow us to send you personalised offers
7.7 Securing and enhancing your use of CHRG websites, especially:
- Improving navigation
- Implementing security measures
7.8 Conforming to local legislations (for example, storing of accounting documents)
- DISCLOSURE OF PERSONAL INFORMATION
As we are present in many countries, we endeavour to provide you with the same personalised services at all locations. We disclose personal data in limited circumstances and mainly in connection with services that you request including to manage your access and amendment requests, or for CHRG business purposes. For example, we share the required information:
8.1 Internally, with authorised personnel of CHRG, in order to manage your stay and offer you the best service
8.2 To third parties retained by CHRG for the processing of data on our behalf, for example for the handling of guest satisfaction survey, mailing of newsletters and campaigns, data analysis, statistics, or data storage
8.3 With commercial partners or third party service providers, for e.g. for booking of transfers or activities as requested by yourself
8.4 CHRG does not routinely disclose personal information to other organisations unless:
- It is required by law, for example to local authorities or as part of an enquiry and in accordance with local regulations
- In your own interests, for example for providing medical services
- To protect the rights, property or personal safety of any member of the public or a customer of CHRG or the interests of CHRG
- As permitted by this policy
- You give your consent
- LINKS TO THIRD PARTY WEBSITES
- INTERNATIONAL TRANSFERS
For the purposes set out in Clause 7 of this Policy, we may transfer your personal data to internal or external recipients who may be in countries offering different levels of personal data protection. Consequently, in addition to implementation of this Policy, CHRG employs appropriate measures to ensure secure transfer of your personal data to CHRG entities or to an external recipient located in a country offering a different level of privacy from that proposed in the country where the personal data is collected.
Such transfer of information does not change any of our commitments to safeguard your privacy and the information remains subject to existing confidentiality obligations.
- DATA SECURITY
CHRG takes appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.).
CHRG will endeavour to take all reasonable steps to keep secure any information which we hold about you, whether electronically or in hard copy, and to keep this information accurate and up to date. We also require our employees and data processors to respect the confidentiality of any personal information held by CHRG.
- COLLECTION OF OTHER INFORMATION
“Other Information” is any information that does not reveal your specific identity or does not directly relate to an individual, such as:
- Browser and device information
- App usage data
- Information collected through cookies, pixel tags and other technologies
- Demographic information and other information provided by you
- Aggregated information
If we are required to treat Other Information as personal information under applicable law, then we may use it for the required purposes and disclose personal information as detailed in this Statement. We and our third party service providers may collect Other Information in a variety of ways, including:
- Through your browser or device: Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the Online Services (such as the Apps) you are using. We use this information to ensure that the Online Services function properly.
- IP Address: Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address may be identified and logged automatically in our server log files whenever a user accesses the Online Services, along with the time of the visit and the page(s) that were visited. Collecting IP addresses is standard practice and is done automatically by many websites, applications and other services. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and administering the Online Services. We may also derive your approximate location from your IP address.
- By aggregating information: Aggregated Personal Information does not personally identify you or any other user of the Services (for example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code).
- STORAGE OF DATA
We retain your personal data only as long as necessary for the purposes set out in this Policy and in accordance with the provisions of applicable laws.
- ACCESS AND MODIFICATION
You have the right to access the personal data that CHRG holds on you. You also have the right to request rectification or erasure of the data held, or to restrict the processing of your data, subject to applicable legislations. You may exercise these rights by sending us a written request by email or letter to the following address,
Email: [email protected]
Postal: Constance Hospitality Management Ltd – Constance, 40609 Centre de Flacq, Mauritius, Indian Ocean
Please include your full name, address and telephone number when sending your request, in case we need to contact you to obtain any additional information. For the purpose of confidentiality and protection of your data, we will also require a proof of identity (such as an ID card or passport) before we act on your request.
Where you make more than one request in quick succession, we may respond to your subsequent request by referring to our earlier response and only identifying any items that have changed materially. In some cases we may also request an administrative fee to cover the cost of access.
All requests will receive a response as swiftly as possible and in accordance with applicable law.
Effective date: 28 June, 2018