This Personal Data Protection Policy (“PDPA Policy”) explains the manner in which your personal information collected from or provided by you is processed, disclosed and safeguarded by Areca Hotel Sdn Bhd (“the Company”).
The Company is committed to ensuring your personal information is protected. The Company understands and appreciates you are concerned about your privacy and about the confidentiality and security of information we may collect about you. We pledge to fully comply with the requirements of the Personal Data Protection Act 2010 (“PDPA”) which came into effect on 15th November 2013. The following discloses our information gathering and dissemination practices.
This PDPA Policy applies to personal data and information in any form, whether electronic or written, regarding guests and other individuals who enters into transaction with us.
This PDPA Policy conveys our commitment to protect your personal information and has been adopted by all the hotel and resort properties owned, managed and/or operated by the Company or its affiliated or associated companies. References to “Areca Hotel“, “we”, “our” and “us” hereinafter, depending on the context, collectively refer to the Company or its affiliated or associated companies.
The term “personal data” in this PDPA Policy refers to personal information which is capable of identifying you as an individual. You can visit our website without providing any personal data or information. When we need to collect personal data from you to provide you with a particular service, we will ask you to voluntarily supply us with the information we need. Personal data may be collected for purposes including but not limited to:
(i) fulfilling reservations or requests for information or services,
(ii) accommodating your personal preferences,
(iii) purchasing our products or services,
(iv) registering for our program memberships,
(v) submitting job applications; and/or
(vi) facilitating communications
The types of personal data that we process include but not limited to:
• your name and address, contact information, Identity Card/Passport and Visa information;
• guest stay information, including the hotels where you have stayed, date of arrival and departure, goods and services purchased, special requests made, observations about your service preferences, telephone numbers dialled and faxes and telephone messages received;
• your credit card details, CVC number, bank account details, email address, profile or password details and any frequent flyer or travel partner programme affiliation;
• any information necessary to fulfill special requests (for example, leisure, travel and guest preferences);
• your reviews and opinions about our services;
• Information derived from cookies (small text files placed on our computer which uniquely identify your browser the next time you visit this Areca Hotel Site, save where you disable cookies or otherwise manage them, or do not use any of the Company’s services which require cookies to be enabled.
• Information gathered automatically by our computer systems programmed to gather certain anonymous data to help us understand how this Areca Hotel Site is being used and how we can improve it. This automatically gathered data includes your computer’s IP or “Internet Protocol” address, browser type, browser language, the pages visited, previous or subsequent sites visited, length of user sessions, access status or conditions.
• Information shared with third party social media websites and services through our site (such as Facebook/Twitter) will be governed by their privacy policies. You may also be able to modify your privacy settings with these third party social media web sites.
• Information that is gathered through registration that you specifically give the Company.
• CCTV recording of you in our premises.
To maintain the accuracy of your personal data, as well as preventing unauthorised access to and ensuring the correct use of your personal data, we have carried out appropriate physical, electronic and managerial measures to safeguard and secure the personal data we collect. These measures are subject to ongoing review and monitoring. Whilst we make every effort to protect your personal data, no security measures can guarantee that your personal data and information will not be subject to interference, misuse or hacking and we shall not be responsible for any loss, misuse or alteration arising as a result of such incidents.
The information that we collect about you is used to help you access the services or acquire the goods that the Company provides more easily. The Company will use reasonable endeavors to keep the information we collect from you confidential. We do not sell, rent, loan, trade or lease your personal data stored in our database to any third parties. We may disclose the personal information, other information or data we collect from you if:
• disclosure of information to our service providers, agents or business partners and affiliates that we work with in connection with our business;
• The Company may contract with third parties who do analysis and development on our behalf. We may share your information with such a third party provided that such third party uses the information only to perform services as requested by the Company and agrees to maintain the information as strictly confidential.
• We may also use your information to send you promotional material, which you may find of interest. If you do not wish to receive any such material you may simply choose to “unsubscribe” from our mailing lists or inform our Personal Data Protection Officer in writing and no further material will be sent to you.
You have the right to request to access and correct your Personal Data in our records (subject always to exemptions provided under the PDPA or other laws). We will make every endeavour to ensure that your personal information is accurate and up to date but you are responsible for informing us about changes in your Personal Data and for ensuring that such information is accurate and current.
You have the right to:
• request access and access to your Personal Data in our records for verification purposes;
• request the correction of your Personal Data in our records in the event the information is inaccurate, misleading, out-of-date or incomplete upon validation and verification of the new information;
• request that your Personal Data shall only be kept for the fulfilment of the purpose of the collection of such information;
• communicate to us your objection to the use of your Personal Data for marketing purposes; and
• withdraw, in full or in part, your given consent, subject to any applicable legal restrictions, contractual conditions and a reasonable time;
You may request for access to or correction of your Personal Data or limit the processing thereof by submitting your written request to us via :
Personal Data Protection Officer
Areca Hotel Sdn Bhd
Suite 1.03, Level 1, Wisma E & C
No. 2 Lorong Dungun Kiri
Damansara Heights 50490
Kuala Lumpur, Malaysia.
Tel : +603-2095 6393
Fax : +603-2095 6390
Email : email@example.com
We reserve the right to impose a reasonable administrative fee for access of your Personal Data by you as permitted under the Personal Data Protection Act.
In respect of your right to access and/or correct your Personal Data, we have the right to refuse the request to access and/or make any correction to your Personal Data for the reasons permitted under the law, such as where the expense of providing access to you is disproportionate to the risk to your or another person’s privacy.
The provision of your personal data to us is voluntary. If you do not provide your personal data to us, we may not be able to provide you the services which you require, may not be able to accomplish the Purpose and may not be able to communicate with you.
By providing your personal data and information to us, you are hereby deemed to have consented to us processing your personal data in the manner identified in this PDPA Policy. However, if you wish to withdraw or limit your consent, kindly notify us in writing immediately.
You have the right to limit in part or wholly any other processes of your personal data other that the Purpose it was initially given. If you wish to limit, kindly inform us immediately your request and the details on how the processing of your personal data is to be limited.
You may at any time withdraw or amend, in full or in part, your processing consent given subject always to any applicable legal restrictions, contractual conditions by contacting us at the details provided in Section 6 above. Kindly inform us immediately your request for withdrawal or amendment.
Your visit to our public website may be recorded for analysis on the number of visitors to the site and general usage patterns. Some of this information will be gathered through the use of “cookies”.
If you do not wish your Personal Data to be collected via cookies on the Websites, you may deactivate cookies by adjusting your internet settings to disable, block or deactivate cookies, by deleting your browsing history and clearing the cache from your internet browser.
The Personal Data provided to us are wholly voluntary in nature. However should your refusal or failure to provide the Personal Data results in the following, we shall not be held liable for any of the consequences arising therefrom:
a. the inability of parties to formalize and/or carry out the relevant agreement or transaction in relation to our product and/or services;
b. the inability for us to provide you with the information, notices, services and/or products requested;
c. the inability for us to update you with the latest promotion, product and/or services and obtaining your feedbacks on our products and/or services;
d. the inability of the relevant third parties to provide product and/or services to you on our behalf.
In the event of any inconsistency between the English language version of the Personal Data Protection Notice and Policy and their corresponding Bahasa Malaysia and Chinese language version, the terms in the English language version shall prevail.
In the event you have provided personal data of third parties (e.g. your emergency contact person, authorised representatives) to us, we rely on you to and deem that you have sufficiently obtained the prior consent of such third parties to allow us to process their personal data in relation to the Purpose and you have advised them to read our Personal Data Protection Notice and Policy.
We may, from time to time, without prior notice to you, be required to change our Personal Data Protection Policy to comply with or be consistent with changes in the applicable law and regulations as well as our business operations or policies. As such, we encourage you to check our Personal Data Protection Policy at our website from time to time.