Orion Hotels & Resorts strives to deliver excellent products and services to all our guests and customers. We value your business and loyalty and we understand that your privacy is an important issue for you.
This policy has been developed to answer your questions regarding the personal information we collect when you visit our sites and to re-assure you of our respect at all times for your privacy and the need to protect your personal information.
Please read this Policy carefully before submitting your personal information to us. If after reviewing this Policy, you have any questions or privacy concerns please send an email to email@example.com or send a letter to:
Orion Hotel Group
Corporate Head Office
16th Floor, Orion House
49 Jorissen Street
This Statement was updated in accordance with the provisions of the GDPR and has been updated as at the 25th of May 2018.
PROTECTION OF PERSONAL INFORMATION UNDER THE GDPR
HOW THE GDPR PROTECTS YOU
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA).
It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
The GDPR protects EU citizens and residents by affording them certain protections and rights in relation to their personal information collected by enterprises and businesses dealing with these citizens / residents.
Essentially the GDPR now affords EU guests and Customers (“the information providers”) the following:
1. Confidence to the information provider that personal data is better protected;
2. More control and easier access to the personal information held;
3. Choice of method of contact;
4. Confidence that personal information can only be used in certain instance such as:
4.1 where the use has been consented to by the information provider; or
4.2 to fulfil a contract between Orion Hotels and Resorts and the information provider; or
4.3 Where it is as a result of a legal duty imposed upon Orion Hotels and Resorts; or
4.4 Where there is a legitimate interest of which the information provider has been advised.
1. Unless you provide it to us, we do not collect personally identifiable information when you browse our web sites and request pages from our servers. This means that we will not know your name, email address, or any other personally identifiable information just because you browse the Web site unless you:
• access the Website from a link in an email that we sent; or
• choose to be remembered via your cookie.
In these cases we will know who you are based on the information you previously supplied to us.
2. When you request a page from our Web sites, our servers log the information provided in the HTTP request header (includes your IP number, the time of the request, the URL of your request). We collect this information to make our web sites function correctly and to provide you the functionality that you use on the web site. We also use this information to help us understand how people use our web site so that we can continue to improve it to better meet your needs.
INFORMATION WE COLLECT AND HOW WE USE IT
3. When we need to collect personally identifiable information from you in order to provide a particular service, we will request you to supply us with the relevant information.
4. For example, in order to process your reservation we ask you for:
4.1 your name, address, telephone number, email address; and
4.2 credit card details (type of card, credit card number, name and surname on card, expiration date and security code); and
4.3 Guest stay data, guest reviews, including date or arrival and departure, special requests made, observations about your service and room preferences, facilities and other services used; and
4.4 Data you provide regarding your marketing preferences or in the course of participating in surveys, contests or promotional offers. We use your email address to send a confirmation and, we might use the other information to contact you when processing your reservation. Other things we may do with your contact information are:
• Send you a pre-arrival email confirming the details of your reservation and providing further information about the hotel and local area.
• Send you emails about special offers and promotions.
• Send you satisfaction or market research surveys.
4. As per the Consumer Protection Act you can opt out of marketing communications at any time.
5. You may be requested to provide personal information about other parties to us (for example, information about other parties traveling with you). In such cases, we assume that you will have obtained consent from the other person to provide us with their information, or in the case of a minor that you have the necessary capacity to consent on their behalf as parent or guardian, and informed them of how we use personal information.
6. To provide you with a consistent level of service, we may share your personal information with service providers.
7. Other types of information which we may collect is usage data in terms whereof we collect information as to how the services is accessed and used (“Usage Data”). This may include information such as your computer’s internet protocol address (“IP Address”), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic information.
8. We may also collect information to provide a better service to you which includes information given to us through our website, through our social media channels, when you contact us via phone or e-mail or when you make a reservation or enquiry via third party travel agent or online through a booking website through which we sell our products. The different types of information we may collect are (this is not an exhaustive list of the information which we may retain):
8.1 Registration details (name, postal address, email address, location, mobile or other telephone number);
8.2 Date of Birth and Gender;
8.3 Business information (your company name, address, VAT number and vehicle registration number;
8.4 Customer service info that may include comments you made either on line when booking or speaking to one of our reservation co-ordinators;
8.5 Any information you give to third parties on line through booking websites or travel agents;
8.6 Any other information you may provide when making a reservation;
8.7 Residencey Status, Passport Number and Id numbers.
9. In addition should you make use of our spa treatment applications, membership applications or guest forms, the following information may be acquired and retained namely:
9.1 Your name and contact details;
9.2 Details of your partner or spouse;
9.3 Your special dietary requirements;
9.4 Your medical history and details of your current physical health
USE AND PROTECTION OF PERSONAL INFORMATION
HOW WE USE THE INFORMATION THAT WE COLLECT FROM YOU
10. We may use the information described above for the purposes for which you provide with the information for by accepting these terms hereunder as well as for the undermentioned purposes namely:
10.1 To provide our products and services to you;
10.2 To create a profile in our hotel system to manage you’re booking;
10.3 To verify your identity;
10.4 To communicate with you and answer any questions that you may have;
10.5 To analyse your interactions with our website;
10.6 To keep track of your preferences and habits when you visit us;
10.7 To allow you to participate in our service offerings;
10.8 To conduct statistical analysis to improve our services and our website;
PROTECTION OF PERSONAL INFORMATION
11. Orion Hotels & Resorts will take appropriate measures to: (i) protect personal information collected against unauthorized access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date, consistent with applicable law. We also seek to require our affiliates and service providers to exercise reasonable efforts to maintain the confidentiality of personal information. For online transactions, we use secure technology to protect the personal information that you transmit to us via our site. Unfortunately, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
12. For your own privacy protection, we encourage you not to include sensitive personal information in any emails you may send to us. Please do not send credit card numbers or any sensitive personal information to us via email.
13. We will not contact you by mobile / text messaging or email to ask for your confidential personal information or credit card details. We will only ask for your confidential personal information or credit card details by telephone or when you are booking a reservation or promotional package by telephone. If you receive this type of request, you should not respond to it. We also ask that you please notify us at firstname.lastname@example.org.
14. This Website is not intended for children and we do not knowingly solicit or collect personally identifiable information from children.
ACCESSING AND AMENDING YOUR DATA
15. You have the right to access a copy of the Data which we hold pertaining to you. Should you require access to a copy of the information, please e-mail us at email@example.com with a copy to firstname.lastname@example.org and email@example.com. As per the tersm of the GDR, we will provide you with the Data which we have on record for you within 30 (thirty) days of receipt of your written request. This is a free service.
16. You may need or require to modify or update your Data if your circumstances change. Additional Data as to your marketing preferences may also be stored and you may change this at any time.
17. You are further entitled to make amendments, or withdraw your consent for use by telling our reception staff when you check in or by contacting us via e-mail at firstname.lastname@example.org and email@example.com.
18. Please note that if you withdraw your consent to the use of any or all of your personal Data, depending upon the nature of your request, we may not be able then to provide or continue providing the products and services to you or administer any contractual relationship already in place. By accepting these terms you understand and agree that in such instances where we require your personal Data to fulfil a contractual obligation to you where you have withdrawn consent to collect, use or disclose the relevant personal Data for those contractual or legal purposes, Orion Hotels and Resorts cannot be held liable for any breach of that agreement and as such Orion Hotels and Resorts legal rights and remedies in such instance are expressly reserved.
SECURING THE TRANSMISSION AND STORAGE OF INFORMATION AND RETENTION OF INFORMATION
19. We treat the information you provide to us as confidential information. It is therefore subject to our company’s security policies regarding confidential information. When we ask you for credit card data, it is transferred over a Secured Sockets Layer (SSL) line, provided you are using a SSL enabled browser such as Microsoft Internet Explorer or Mozilla Firefox. We also use SSL on other pages where you would enter personally identifiable information. This ensures that your information is encrypted as it is transmitted over the Internet. You can recognise that you are in a secure mode when a locked padlock or key icon appears in the lower right- or left-hand corner of the computer screen. Also the first characters of the site address will change from “http” to “https.” when you access a secure server.
20. After information reaches Orion Hotels & Resorts, it is stored on a secure managed server that resides behind firewalls that are designed to block unauthorized access.
21. We will retain your information, which may include personal data, for as long as it is necessary to fulfil the purpose for which it was collected, whether business or legal purposes, and to provide the contracted service to you or to comply with the applicable laws. All personal data we retain will be subject to this Privacy Statement. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via e-mail at firstname.lastname@example.org and email@example.com
22. Our web site uses “cookie” technology. “Cookies” are encrypted strings of text that a web site stores on a user’s computer. Our web site requires the use of a Cookie in the reservation process. For example, we must remember your search dates in order to be able to check availability. In addition, Cookies are used to:
• Measure usage of various pages on our Web site to help us make our information more relevant to your needs and easy for you to access; and
• Provide functionality that we believe would be of interest and value to you; and
• To customise our pages based on your needs.
23. The types of Cookies are referred to as “session” Cookies and “persistent” Cookies. Session Cookies are temporary and automatically deleted when you close your internet browser. Persistent Cookies remain on your computer hard drive until you delete them or are deleted when they expire. Cookies do not corrupt or damage your computer, programs, or computer files.
24. We do not use third-party advertising cookies.
25. You may set your browser to block Cookies (consult the instructions for your particular browser on how to do this), although doing so may adversely affect your ability to perform certain transactions, and access certain content on our web site.
26. If you have given us your contact information we may want to inform you about our products and services or invite you to events by email, telephone, mobile / text messaging or post.
27. If you are a SNPL member, you may receive additional communications from us, including SNPL statements, third-party news and offers specifically for SNPL members.
28. If you prefer not to receive marketing materials from us, you may change your preferences at any time by: (i) sending us an email to firstname.lastname@example.org; (ii) writing to us (and include your email address) at Orion Hotel Group Corporate Head Office, 16th Floor, Orion House, 49 Jorissen Street, Braamfontein, Johannesburg 2001; or (iii) using the unsubscribe function in the email you receive from us. We will update your preferences as soon as possible.
29. Orion Hotels and Resorts is only responsible for the privacy statement and content of this web site and information we collect. We are not responsible for web sites that you have accessed from our web site.
OTHER LEGAL ISSUES
30. This is a South African Web site and is subject to laws of the Republic of South Africa. Orion Hotels and Resorts will disclose personally identifiable information without your permission when required by law, or in good faith belief that such action is necessary to investigate or protect against harmful activities to Orion Hotels and Resorts guests, visitors, associates, or property (including this site), or to others.
OTHER ORION HOTEL SITES
31. Within Orionhotels.co.za are numerous other Orion Web sites that are accessible from links within www.orionhotels.co.za or via separate URLs.
32. We may modify this Policy from time to time. When we make material changes to this policy we will post a link to the revised policy on the homepage of our site. You can tell when this Policy was last updated by looking at the link and at the date at the top of the Policy. Any changes to our Policy will become effective upon posting of the revised Policy on the site. Use of the site following such changes constitutes your acceptance of the revised Policy then in effect.
If you have any questions about this Policy or how Orion processes your personal information, please contact us by email to email@example.com or by postal mail to
Orion Hotel Group Corporate Head Office
16th Floor, Orion House
49 Jorissen Street