3. HOTEL FLIPPER SEVEN PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
The seven principles below are applicable within hotel Flipper throughout the world.
1. Transparency: When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose and recipients of the data.
2. Legitimacy: We will collect and process your personal data only for the purposes described in this Charter.
3. Relevance and accuracy: We will only collect personal data that is necessary for data processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
4. Storage: We will hold your personal data for the period necessary for processing the same in compliance with the provisions of the law.
5. Access, rectification, opposition: You may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving sales and marketing information. The details of the department to contact in this respect are shown below (13) in the clause "Access and modification".
6. Confidentiality and security: We will ensure reasonable technical and organizational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
7. Sharing and international transfer: We may share your personal data within our hotel or with third parties (such as commercial partners and/or service providers) for the purposes set out in this Charter. We will take appropriate measures to guarantee security when sharing or transferring such data.
For any questions concerning the seven principles of our hotels Data Protection, please contact the Data Privacy department whose details appear in the clause "Access and modification".
4. SCOPE OF APPLICATION
This Charter applies:
1. To all data processing implemented in our hotel.
Hotel Flipper will do its utmost to promote the seven principles set out in this Charter so that our subsidiaries comply with the applicable laws in relation to the processing of your personal data.
5. WHAT PERSONAL DATA IS COLLECTED?
At various times, we will be obliged to ask you, as our customer, for information about you and/or members of your family, such as:
• Contact details (for example, last name, first name, telephone number, email)
• Personal information (for example, date of birth, nationality)
• Information relating to your children (for example, first name, date of birth, age)
• Your credit card number (for transaction and reservation purposes)
• or another partner program (for example, the airline loyalty program)
• Your arrival and departure dates
• Your preferences and interests (for example, smoking or non-smoking room, preferred floor, type of bedding, type of newspapers/magazines, sports, cultural interests)
• Your questions/comments, during or following a stay in one of our establishments.
The information collected in relation to persons under 18 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult. We would be grateful if you could ensure that your children do not send us any personal data without your consent (particularly via the Internet). If such data is sent, you can contact the Data Privacy department ("Access and modification" clause) to arrange for this information to be deleted.
We do not deliberately collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation.
Moreover, depending on applicable local laws, other information could be considered sensitive, such as your credit card number, your leisure activities, personal activities and hobbies, and whether you are a smoker. We may be obliged to collect such information to meet your requirements or provide you with an appropriate service, such as a specific diet.
In this case, depending on the laws in force in certain countries, your prior consent may be required about the collection of sensitive information.
6. WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
1. Hotel activities:
o Booking a room
o Checking-in and paying
o Requests, complaints and/or disputes.
2. Participation in marketing programs or events:
o Signing up for the loyalty programs
o Participation in customer surveys (for example, the Guest Satisfaction Survey)
o Online games or competitions
o Subscription to newsletters, to receive offers and promotions via email.
3. Transmission of information from third parties:
o Tour operators, travel agencies, review management system, GDS reservation systems, and others
4. Internet activities:
o Connection to our websites (IP address, cookies)
o Online forms (online reservation, questionnaires, our hotel pages on social networks, network login devices such as Facebook login etc.).
7. FOR WHAT PURPOSES?
We collect your personal data for the purposes of:
1. Meeting our obligations to our customers.
2. Managing the reservation of rooms and accommodation requests:
o Creation and storage of legal documents in compliance with accounting standards.
3. Managing your stay at the hotel:
o Monitoring your use of services (telephone, bar, pay TV etc.)
o Managing access to rooms
o Internal management of lists of customers having behaved inappropriately during their stay at the hotel (aggressive and anti-social behavior, non-compliance with the hotel contract, non-compliance with safety regulations, theft, damage and vandalism, or payment incidents).
4. Improving our hotel service, especially:
o Processing your personal data in our customer marketing program to carry out marketing operations, promote brands and gain a better understanding of your requirements and wishes
o Adapting our products and services to better meet your requirements
o Customizing commercial offers and the promotional messages we send to you
o Informing you of special offers and any new services created us.
5. Managing our relationship with customers before, during and after your stay:
o Managing the loyalty program
o Providing details for the customer database
o Segmentation operations based on reservation history and customer travel preferences with a view to sending targeted communications
o Predicting and anticipating future behaviors
o Developing statistics and commercial scores, and carrying out reporting
o Providing context data for the offer push tool when a customer visits a Group website or makes a reservation
o Knowing and managing the preferences of new or repeat customers
o Sending you newsletters, promotions and tourist, hotel or service offers, or offers from hotel partners, or contacting you by telephone
o Managing requests to unsubscribe from newsletters, promotions, tourist offers and satisfaction surveys
o Considering the right to object
o Using a dedicated telephone service to search for persons staying in our hotel in the event of serious events affecting the hotel in question (natural disasters, terrorist attacks etc.).
6. Use a trusted third party to cross-check, analyze and apply certain devices to your collected data at the time of booking or at the time of your stay, to determine your interests and your customer profile, and to allow us to send you personalized offers.
7. Improving our hotels services, especially:
o Carrying out surveys and analyses of questionnaires and customer comments
o Managing claims/complaints
o Offering you the benefits of our loyalty program.
8. Securing and enhancing your use of our websites, especially:
o Improving navigation
o Implementing security and fraud prevention.
9. Conforming to local legislation (for example, storing of accounting documents).
8. CONDITIONS OF THIRD-PARTY ACCESS TO YOUR PERSONAL DATA
As we have many sister organizations and subsidiaries, we endeavor to provide you with the same services for all. Thus, to guarantee you the right of access and amendment ("Access and modification" clause), we have to share your personal data with internal and external recipients subject to the following conditions:
a. Within the WIN Hotels Group, to offer you the best service, we can share your personal data and give access to authorized personnel from the Group, including:
• Hotel staff
• Reservation staff using WIN Hotels reservation tools
• IT departments
• Commercial partners and marketing services
• Medical services if applicable
• Legal services if applicable
• Generally, any appropriate person within WIN Hotels entities for certain specific categories of personal data.
b. With service providers and partners: your personal data may be sent to a third party for the purposes of supplying you with services and improving your stay, for example:
1. External service providers: IT sub-contractors, international call centers, banks, credit card issuers, external lawyers, dispatchers, printers.
2. Commercial partners: hotel Flipper may, unless you specify otherwise to the Data Privacy department, enhance your profile by sharing certain personal information with its preferred commercial partners. In this case, a trusted third party may cross-check, analyze and apply certain devices to your data. This data processing will allow us and its privileged contractual partners to determine your interests and your customer profile and will allow us to send you personalized offers.
3. Social networking sites: To allow you to be identified on the website without the need to fill out a registration form, we may use the social network log in ID such as Facebook/Google login system. If you log in using a social network login system, you explicitly authorize us to access and store the public data on your social network account, as well as the other data mentioned during use of the social network login system. We may also communicate your email address to your social network to identify whether you use the specified social network, in order to post personalized and relevant ads on your social network account if appropriate.
c. Local authorities: We may also be obliged to send your information to local authorities if this is required by law or as part of an inquiry and in accordance with local regulations.
9. PROTECTION OF YOUR PERSONAL DATA DURING INTERNATIONAL TRANSFERS
For the purposes set out in Clause 7 of this Charter, we may transfer your personal data to internal or external recipients who may be in countries offering different levels of personal data protection.
Consequently, in addition to implementation of this Charter, hotel Flipper employs appropriate measures to ensure secure transfer of your personal data to our entity or to an external recipient located in a country offering a different level of privacy from that proposed in the country where the personal data is collected.
Other than those that are required to carry out your reservation, dataflows to countries having different levels of personal data protection are regulated by standard contractual manager-to-subcontractor clauses defined by the European Commission. Dataflows to the United States are made to entities that belong to Safe Harbor.
10. DATA SECURITY
Hotel Flipper takes appropriate technical and organizational measures, in accordance with applicable legal provisions, to protect your personal data against illicit or accidental destruction, accidental alteration or loss, and unauthorized access or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.).
When you submit credit card data when making a reservation, SSL (Secure Socket Layer) encryption technology is used to guarantee a secure transaction.
These tracers may be installed on your device depending on the preferences that you expressed or may express at any time in accordance with this policy.
1. Why have a cookies policy?
With a view to provide information and ensure transparency, we established this policy so that you can learn more about:
• The origin and purpose of the information processed when you brows our Websites
• Your rights with regard to cookies and other tracers used by us
2. What is a cookie?
Cookies and other similar tracers are packets of data used by servers to send status information to a user’s browser and return status information to the original server through this same browser.
The status information can be a session identifier, a language, an expiration date, a response field or other types of information.
During their validity period, cookies are used to store status information when a browser accesses various pages of a website or when the browser returns to this website at a later point.
There are different types of cookies:
• Session cookies, which are deleted as soon as you exit the browser or leave the website
• Persistent cookies, which remain on your device until their expiration or until you delete them using the features of your browser
Cookies strictly necessary for browsing our websites and the ability to use all of their features, and intended in particular to:
• Manage authentication of website visitors and the associated security measures, and ensure proper functioning of the authentication module
• Optimize the user experience and facilitate browsing, in particular determining "technical routes" for browsing
• Store information regarding the "cookies" information banner seen by website visitors who then continue to browse the website after agreeing to accept cookies on their device
• Implement security measures (for example, when you are asked to log in again for content or a service after a certain period of time, or to ensure basic operation and use of their major technical features, such as monitoring of performance and browsing errors, management of user sessions, etc.)
Cookies for features intended in particular to:
• Adapt our Websites to the display preferences of your device (language, currency, display resolution, operating system used, configuration and settings of the display of web pages based on the device you are using and its location, etc.)
• Store specific information that you enter on our Websites in order to facilitate and customize your subsequent visits (including displaying the visitor’s first and last names if the visitor has a user account)
• Allow you to access your personal pages more quickly by storing the login details or information that you previously entered
Cookies for visitor tracking are aimed at improving the comfort of users by helping us understand your interactions with our Websites (most visited pages, applications used, etc.); these cookies may collect statistics or test different ways of displaying information in order to improve the relevance and usability of our services.
Advertising cookies are intended to (i) offer you, in advertising spaces, relevant, targeted content that may be of interest to you (best offers, other destinations, etc.) based on your interests, browsing behavior, preferences, and other factors, and (ii) reduce the number of times that the advertisements appear.
Affiliate cookies identify the third-party website that redirected a visitor to our hotel Websites.
Social network cookies, set by third parties, allow you to share your opinion about and content from our Websites on social networks (for example, the "Share" or "Like" application buttons for social networks).
The social network applications on our Websites as mentioned above can in some cases allow the social networks concerned to identify you even if you did not click on the application button. This type of button can allow a social network to track your browsing on our Websites, simply because your account in the social network concerned is enabled on your device (open session) while you are browsing.
We recommend that you read the policies of these social networks to familiarize yourself with how they use the browsing information they may collect, especially with regard to advertising. These policies must specifically allow you to make choices on these social networks, particularly by configuring your user accounts for each of them.
The installation of certain cookies is subject to your consent. Also, when you first visit our Websites, you are asked whether you agree to the installation of this type of cookie, which is only activated after your acceptance.
This process is supported by means of an information banner on the home page of our Websites, which informs you that by continuing to browse, you are agreeing to the installation of cookies that require consent on your device.
You can change your mind at any time using the various methods described in section "Deleting and/or blocking cookies".
5. Deleting and/or blocking cookies
You have several options for deleting cookies and other tracers.
Although most browsers are set by default to accept cookies, you can, if you desire, choose to accept all cookies, always block cookies, or choose which cookies to accept based on their senders.
You can also set your browser to accept or block cookies on a case-by-case basis before they are installed. Your browser also allows you to regularly delete cookies from your device. Remember to configure all the browsers in your different devices (tablets, smartphones, computers, etc.).
Regarding management of cookies and your preferences, configuration varies for each browser. This is described in the Help menu of your browser, as well as how to edit your preferences with regard to cookies. For example:
• For Internet Explorer™: http://windows.microsoft.com/en-US/windows-vista/Block-or-allow-cookies
• For Safari™: http://www.apple.com/legal/privacy/en-ww/cookies
• For Chrome™: http://support.google.com/chrome/bin/answer.py?hl=en&hlrm=en&answer=95647
• For Firefox™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• For Opera™: http://help.opera.com/Windows/10.20/en/cookies.html
Saving a cookie to your device depends on your wishes, which you can exercise and change at any time and free of charge using the settings offered by your browser software.
If your browser is set to accept cookies on your device, the cookies embedded in the pages and content that you view may be temporarily stored in a dedicated space on your device. They can only be read by their issuer.
However, you can set your browser to block cookies. Keep in mind that if you set your browser to block cookies, some features, pages and spaces on our Websites will not be accessible, and we cannot be held responsible in this case.
Specialized advertising platforms
Several professional advertising platforms also give you the option to accept or block cookies used by companies that are members. These centralized mechanisms do not block the display of ads; they simply prevent the installation of cookies that tailor ads to your interests.
For example, you can visit the website http://www.youronlinechoices.com to prohibit the installation of these cookies on your device. This website is offered by digital advertising professionals brought together within the European Digital Advertising Alliance (EDAA) and managed in France by Interactive Advertising Bureau France.
12. STORAGE OF DATA
We retain your personal data only for the period necessary for the purposes set out in this Charter or in accordance with the provisions of applicable law.
13. ACCESS AND MODIFICATION
You have the right to access your personal data collected by us and to modify it subject to applicable legal provisions.
You may also exercise your right to object by writing to the address below.
In the event of difficulty exercising your rights, please contact the Data Privacy department directly by sending an email to firstname.lastname@example.org or by writing to the address below:
1078 VA Amsterdam
For the purposes of confidentiality and personal data protection, we will need to identify you in order to respond to your request. You will be asked to include a copy of an official piece of identification, such as a driver’s license or passport, along with your request.
If your personal data is inaccurate, incomplete or not up to date, please send the appropriate amendments to the Data Privacy department as indicated above.
All requests will receive a response as swiftly as possible and in accordance with applicable law.
You may also exercise your rights in respect of your personal data that is stored and processed by a hotel following a stay. To do this, you must contact the hotel directly.
We may modify this Charter from time to time. Consequently, we recommend that you consult it regularly, particularly when making a reservation at one of our hotels.
15. QUESTIONS AND CONTACTS
For any questions concerning our personal data protection policy, please contact the Data Privacy department ("Access and modification" clause).