PRIVACY POLICY

We respect the privacy of all our customers and business partners, and treat personal information (personal data) provided by you to us as confidential. We know that you are concerned how information about you is collected, processed, used and stored, and we appreciate you trusting that we will do so with every due care and diligence.

 

We have provided this Privacy Policy as an explanation of the information we collect, how we process and use it, and how the use of this information can benefit your experience on our web sites and products and services we provide.

 

 

1. WHAT INFORMATION ABOUT YOU DO WE COLLECT

 

In order for us to operate effectively and provide you with the best experiences with our services, we may request and collect information about you, whether as hotel guests, loyalty programme members, web site visitors or you contacting us for any other purposes, that includes personal information that can identify you as an individual.

Your personal information can come to us via various channels, including but not limited to:

 

  • When you browse and interact with our website and/or use any mobile apps that we may make available -  such as make a booking via our Online  Reservation system, make an inquiry, sign up for newsletter subscription or make brochure  requests or download and use our mobile apps
  • Through your use of our products and services – such as when you stay as a guest or visits the hotels, restaurants or facilities managed by us
  • When you submit enquiries to us or provide us with you feedback
  • When you participate in our promotional offers, competitions or surveys
  • As a member of our loyalty programmes or when your friends refer you to our programmes
  • From third parties – such as partners we work with or public databases – where you have provided your consent to the third party or to us to that information sharing taking place or where we have a legitimate interest to use the personal information in order to provide you with our products and services

 

The types of personal information that we collect and process may include, but not be limited to (and may vary by jurisdiction):

 

  • Personal details, such as your name, gender, date of birth, nationality, passport and visa information, personal and work contact details (addresses, emails and telephone numbers) 
  • Payment and credit card information, such as bank accounts, name of cardholder, credit card number, credit card billing address and expiry date
  • Guest stay information and lifestyle information, such as hotels where you have stayed, arrival and departure dates, room preferences, leisure activities, names and ages of children, observation of your services preference, and other information necessary to fulfil special requests
  • Information, feedback or content you provide regarding your interests and preferences
  • Loyalty program member information, online account details, profile or password details
  • Information from our security systems such as from our closed circuit television system, card key, internet login and firewalls
  • Information relating to your use and interaction with our website and mobile apps

 

Some of the personal information which you provide to us are considered “sensitive personal information” under the privacy and data protection laws in specific jurisdiction – such as personal information from which we can determine or infer an individual’s racial or ethnic origin, health or biometric data. We only process sensitive personal information in such jurisdiction if and to the extent permitted or required by applicable law.

 

Except where required by local laws, we do not knowingly collect personal information from our websites from any children or minors. As a parent or legal guardian, please do not allow your children or minors to submit personal information without your permission.

 

We may also collect non-personally identifiable information about you, such as internet log information or visitor behaviour patterns when you visit our websites on your use of our websites, communication preferences, travel habits, aggregated data relative to your stays, and responses to promotional offers and surveys. Please also refer to our Cookies policy.

 

 

2. HOW WE PROCESS AND USE YOUR INFORMATION

 

We may collect, process and/or use the personal information which we collect in order to:

 

  • Deliver our products and services to you – such as completing your reservations, sending you reservation confirmations, supplying the purchased goods and services, registering you for program membership, fulfilling a request for information,  customising our services to your preferences, earning and redeeming rewards, keeping proper records of your transactions with us
  • Communicate and provide marketing  and promotion to you – such as sending you information and updates on our products and services and other products and services that we think may be of interests to you, including latest promotions,  competitions, joint- and cross promotions with our business partners, response to enquiries, to send you important information regarding our website, changes to our terms, conditions and policies
  • Develop and improve our services to you – such as performing market research, analytics and/or profiling, developing new products and services, improve the effectiveness of our website, your hotel experience, our various types of communications, advertising campaigns, and promotional activities
  • Work and cooperate with third party parties to deliver our products and services to you – such as travel agents, group travel organisation, or anyone involved in the process of making your travel arrangements, credit card companies, airline operators and third party loyalty programs
  • Maintain your safety and security as well as that of other guests and personnel – such as to make proper identification and verification in processing of transaction, implement security surveillance and access controls when you visit or stay at our hotels, and administer general record keeping
  • Meet applicable legal and regulatory requirements
  • Use it in other ways as required or permitted by law or with your consent

 

We will only collect, process and/or use the personal information where we are satisfied that we have an appropriate legal basis to do so. This may be because (i) you have provided your consent, (ii) our use of information is necessary for providing the products and/or services you have requested, (iii) our use of your information is in our legitimate interest as a commercial organisation, such as to operate and improve our services (including for profiling and targeted advertising) and in a way proportionate and respects your privacy rights, and/or (iv) necessary compliance with applicable laws, regulations, court orders or other legal process.

 

 

3. KEEPING AND SAFEGUARDING OF PERSONAL INFORMATION

 

To the extent permissible by applicable law, we generally only keep your information for as long as is reasonably required for:

 

  • The purposes for which that personal information was provided
  • Ongoing business need, including record keeping, fraud prevention, or if we reasonably believe there is a prospect of litigation
  • As necessary to meet legal, regulatory, tax or accounting needs

 

We take reasonable steps to safely and securely delete, dispose of, anonymise and/or block personal information when we no longer need it.

 

INFORMATION SECURITY

 

We endeavour to protect your personal information we maintain and have implemented reasonable technical, organisational and administrative measures to keep your personal information safe and secure and to protect it against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. We will review, monitor and update these security measures to meet our business needs, changes in technology and regulatory requirements.

 

INFORMATION TRANSFER OVERSEAS

 

We do business globally. In order for us to operate effectively and provide you with the best experiences with our services, we may centralise certain aspects of our information processing activities and may have databases in different countries (some of which are operated by our local group company and some of which are operated by third parties on our behalf). We may therefore have to share and transfer your personal information from one country to another, or even across multiple jurisdictions, such as:

 

  • In or to Hong Kong where our corporate office is located
  • In those countries in which we manage and operate hotels, residences, sales or representative offices
  • In those countries where our third party suppliers and/or services providers, agents, advisors or consultants are located

 

Your personal information may therefore be subject to privacy laws that are different from those in the country where the personal information is collected or those in your country of residences. We will endeavour that the transfer of your personal information is carried out in accordance with applicable privacy laws and that appropriate technical, organisation and administrative measures are in place for its safeguard.

 

INFORMATION SHARING

 

Insofar as reasonably necessary for us in delivering our products and services to you and for the purposes set out in this Privacy Policy, we may share your personal information with the below parties. The specific kind of information we share will depend on your activities with us and only to the extent as required or permitted by law, and/or with your consent.

 

  • Our group entities, hotels and residences managed and operated by us
  • Our business partners and third parties involved in the delivery of our products and services to you – including those involved in a sale of all or part of our business operations or assets and those for business, operational and general administration
  • Our marketing and advertisement partners
  • Third party services providers which process data (including personal information) for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures
  • Our agents, advisors, consultants, other third party suppliers and/or services providers to assist us to operate effectively and provide you with the best experiences with our services
  • Other third parties when we have your consent or are otherwise permitted by law to do so

 

INFORMATION PROCESSING BY THIRD PARTIES

 

Like most international hotel brands, we may outsource the processing of certain functions and/or information to third parties, which may be located in countries other than the country where your information is collected or your country of residences. We may also engage market research firms to assist us in contacting our guests for the purpose of market research and quality assurance. When we do outsource the processing of your personal information to third parties or provide your personal information to third-party services providers, we oblige those third parties to protect your personal information with appropriate security measures.

 

 

4. YOU CONTROL YOUR PERSONAL INFORMATION

 

You may always choose what personal information (if any) you wish to provide to us. Please note, however, some of our products and services to you may be affected if you choose not to provide certain details, for example, we cannot reply to you without a name or contact details.

 

If you provide us with your contact details (e.g. postal address, email address, telephone number or fax number), we may contact you to let you know about the products, services, promotions and events offered that we think you may be interested in. You can always choose whether or not to receive any or all of these communications by contacting us as described in Section 6 below.  In addition to your agreeing to this Privacy Policy, we may also ask you to give us a separate consent before we send you with promotional information or to indicate how you would like to receive any communication (e.g. via email or regular mail). After you have indicated your preferences, you can always change them.

 

 

5. NOTICE TO EUROPEAN UNION DATA SUBJECTS

 

You may be aware that the European Union General Data Protection Regulation gives certain rights to individuals in relation to their personal information - including the right of access to the personal information we hold about them, right of rectification, right to erasure, right to restrict data processing, right to object to processing, right to data portability, right to complain to a supervisory authority, and right to withdraw consent.

 

If you wish to exercise any of your rights in relation to your personal information, please contact us as described in Section 8 below.

 

 
6. NOTICE TO CALIFORNIA RESIDENTS

 

YOUR CALIFORNIA PRIVACY RIGHTS (SHINE THE LIGHT ACT)

 

We may share information with our affiliated companies and others for their direct marketing use unless you tell us not to. California residents who have an existing business relationship with us may opt out of such sharing by emailing us at ca-datarequest@langhamhotels.com. We will process your request promptly.

 

CALIFORNIA CONSUMER PRIVACY ACT RIGHTS (“CCPA”)

 

As of January 1, 2020 verified California residents have the right to:

 

  • Request and receive disclosure of our personal information collection practices during the prior 12 months, including the categories of personal information we collect, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties with whom we share such information.
  • Request and receive a copy of the personal information we have collected about them during the prior 12 months
  • Request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information sold with the category of third party recipients and a list of the categories of personal information that we disclosed for a business purpose
  • Request that we not sell personal information about them and
  • Request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.

 

For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

 

In order to make a request for disclosure California residents may contact us by calling us toll-free at (+1) 833-906-2154 or by visiting our CCPA request page here.  We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use that information only for that purpose. We may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be.  We will acknowledge receipt of your request within 10 days and will endeavor to respond within 45 days of receipt of your request, but if we require more time (up to an additional 45 days) we will notify you of our need for additional time. For requests that we not sell your information we will comply with your request within 15 days. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.

 

You may make a request for disclosure of our information collection practices, the information we collected about you, or our sharing practices up to twice within a 12-month period.  You may make a request that we not sell information or for deletion of your information at any time.

 

For requests for a copy of the personal information we have collected during the 12 months prior to your request we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us.

 

For requests for deletion of your information please understand that California law permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations. If we receive such a request from you we will notify any service providers we have engaged to delete your information as well.

 

We will not discriminate against you as a result of your exercise of any of these rights. 

 

VISIT OUR CCPA REQUEST PAGE

 

OR call our toll-free number at (+1) 833-906-2154

 

 

SELLING INORMATION

 

We do not sell you information for monetary consideration but we may transfer your information to a third party that provides us with services such as helping us with advertising, data analysis and security, which may fall under the definition of for “other valuable consideration” which may be considered a ‘sale’ under the CCPA. During the past 12 months we disclosed Identifiers, Commercial Information, Electronic Network Activity, Geolocation with third parties for a business purpose which may fall within the definition of a ‘sale’.  If you are a California resident over the age of 16 and would like to instruct us not to sell your personal information, please visit our Do-Not-Sell web page here.  We do not sell personal information of individuals we actually know are less than 16 years of age. If you request that we not sell your information we will honor your request within 15 days, will notify those who received your information in the 90 days before your request to not further sell your information and will notify you when this has been completed. Once we receive your Do-Not-Sell request we will wait at least 12 months before asking you to reauthorize personal information sales.

 

VISIT OUR DO-NOT-SELL WEB PAGE

 

OR call our toll-free number at (+1) 833-906-2154

 

 

USING AN AUTHORIZED AGENT

 

You may submit a request through someone holding a formal Power of Attorney.  Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us.  We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.

 

During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties.  The categories of information include information we collect from our website visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals.  For instance, we may collect different information from applicants for employment or from vendors or from customers.

 

 

Category of Information collected Source Business purposes* for use Categories of third parties receiving information
Identifiers (name, alias, postal address, email address,  phone number, fax number, account name, Social Security number, driver's license number, passport number, unique personal identifier, IP address)

individuals submitting information to us (including employment applications and employees)

information we may receive from third-party marketing and data partners (e.g., for making bookings and reservations)

auditing relating to transactions

security detection, protection and enforcement;

ad customization

performing services for you

internal research and development

quality control

service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

 

Sensitive Information (name with financial account, medical, health, and health insurance information, user name and password)

individuals submitting information (including employment applications and employees)

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

service providers (such as payment processors, employee benefits partners)

affiliated companies

government regulators and  law enforcement (when lawfully requested)

 

Protected classification information (race, gender, ethnicity, religion)

individuals submitting information (including employment applications and employees)

auditing relating to transactions

security detection, protection and enforcement

performing services for you

quality control

service providers (such as employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Commercial information (transaction history, products/services purchased, obtained or considered, product preference)

individuals submitting information

information we automatically collect from website visitors

information we may receive from third-party marketing or data partners

information we collect for security purposes

auditing relating to transactions

security detection, protection and enforcement

ad customization

performing services to you

internal research and development

quality control

service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested

Electronic network activity (browsing or search history, website interactions, advertisement interactions)

information automatically collected from website visitors

functionality debugging/error repair

ad customization

internal research and development

quality control

service providers (such as marketing partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

 

Audio, video or similar information (customer service calls, security monitoring)

individuals submitting information

information we collect for security purposes

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

service providers (such as payment processors, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

 

Biometrics (fingerprints)

information we collect from employees  for administrative and/or  security purposes

security detection, protection and enforcement.

 

government regulators and law enforcement (when lawfully requested). 

Geolocation (geo-targeting for digital and social media ads)

information we automatically collect from site visitors

ad customization

service providers (such as marketing partners)

Professional, educational or employment related information

information submitted by individuals (including employment applications and employees)

information received from third party vendors (e.g., outsourced employees, recruitment agents)

 information we observe in connection with vendor or employment oversight

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

service providers (such as employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Inference from the above (preferences, characteristics, behavior, attitudes, abilities, etc.)

internal analytics

auditing relating to transactions

security detection, protection and enforcement

ad customization;

performing services for you

internal research and development

quality control

service providers (such as payment processors, mail houses, marketing partners)

affiliated companies

 


 

*MORE SPECIFICALLY, THE BUSINESS PURPOSES INCLUDE:

 

PERFORMING SERVICES FOR YOU

 

  • To administer or otherwise carry out our obligations in relation to any agreement to which we are a party
  • To assist you in completing a transaction or order
  • To prepare and process invoices
  • To respond to queries or requests and to provide services and support
  • To provide aftersales customer relationship management
  • To create and manage our customer accounts
  • To notify you about changes to our services and products
  • To administer any promotion, contest, survey, or competition
  • To provide you information regarding our products and services
  • To offer our products and services to you in a personalized way, for example, we may provide suggestions based on your previous requests to enable you to identify suitable products and services more quickly

 

ADVERTISING CUSTOMIZATION

 

For marketing and promotions we believe you may find of interest and to provide you, or allow selected third parties to provide you, with information about products and services that may interest you.

 

AUDITING RELATING TO TRANSACTIONS, INTERNAL RESEARCH AND DEVELOPMENT

 

  • To provide for internal business administration and operations, including troubleshooting, website customization, enhancement or development, testing, research, administration and operation of our websites and data analytics
  • To create products or services that may meet your needs
  • To measure performance of marketing initiatives, ads, and websites “powered by” another company on our behalf

 

SECURITY DETECTION, PROTECTION AND ENFORCEMENT; FUNCTIONALITY DEBUGGING, ERROR REPAIR

 

  • As part of our efforts to keep our property and websites safe and secure
  • To ensure the security of your account and our business, preventing or detecting fraud, malicious activity or abuses of our websites, for example, by requesting verification information in order to reset your account password (if applicable)
  • To ensure the physical security of our premises through the monitoring of surveillance images
  • To resolve disputes, to protect the rights, safety and interests ourselves, our users or others, and to comply with our legal obligations

 

QUALITY CONTROL

 

  • To monitor quality control and ensure compliance with our legal obligations, codes and ordinances, policies and procedures
  • To develop and improve our products and services, for example, by reviewing visits to the websites and various subpages, demand for specific products and services and user comments

 

7. OTHER RELEVANT INFORMATION

 

Cookies

To enhance your experience on our web site, some of our web pages may use "cookies." Cookies are text files that we place in your computer's browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally-identifiable information unless you choose to provide this information to us by, for example, registering for one of our services. However, once you choose to furnish the site with your personal information, this information may be linked to the data stored in the cookie. We use cookies to understand site usage and to improve the content and offerings on our sites. For example, we may use cookies to personalize your experience at our web pages (such as to recognize you by name when you return to our site), save your username and/or password in password-protected areas, and to offer you products, programs, or services. We may allow select third parties to collect information about our site visitors’ online activities over time and across other websites. We do not control the third parties’ use of such information.  Please refer to our Cookies Policy.

 

Do Not Track

We currently do not recognize do not track signals from your web browser.  As technology develops, we may add this feature to our sites.

 

Links to other websites

For your convenience and information, we provide links to external third party websites, including web sites owned or controlled by independent franchisees, third party owners of hotel, resort, interval ownership, or residence properties that may use our brand name(s), or web sites not controlled or authorized by us. The linking of external third party websites to this website does not indicate any association with or endorsement from us. We cannot always ensure, and are not responsible or liable for, any content of these external third party websites, including, but not limited to, any advertising claims or marketing practices. Please note this Privacy Policy is limited to our own information collection practices. We strongly recommend that you read the separate privacy and security policies and the information collection practices of any external third party website before providing any personal information while accessing those websites.

 

 

8. HOW TO CONTACT US

 

For any questions, concerns or requests regarding this Privacy Policy or our information collection practices, please contact us by email at dataprotection@langhamhotels.com or by post at 2701, Great Eagle Centre, 23 Harbour Road, Wanchai, Hong Kong.

 

 

9. ABOUT THIS PRIVACY POLICY

 

This Privacy Policy is in accordance with the relevant laws of the Hong Kong Special Administrative Region but may be applied to personal information processing activities globally. The processing activities may be more limited in some jurisdictions due to the restrictions of their laws. For example, the laws of a particular country may limit the types of personal information we can collect or the manner in which we process that personal information. In those instances, we may adjust our internal policies and/or practices to adapt to the requirements of local law.

 

This Privacy Policy is effective from 31 Dec 2019. From time to time, we may have to update, change, modify or amend this Privacy Policy. Subject to any applicable legal requirements to provide additional notice, when we make material changes to this Privacy Policy, we will provide you with notice as appropriate under the circumstances such as through our website or by sending you an email.

 

“We”, “us”, “ourselves” and “our Group” refers to Langham Hotels International Limited and its affiliates directly involved in the group’s management and operations of properties around the world, including hotels, residences, outlets, local management entities and sales offices in the following jurisdictions: Australia, Hong Kong Special Administrative Region, Indonesia, Mainland China, Middle East, New Zealand, Singapore, Thailand, United Kingdom, and United States of America.

 

This Privacy Statement is written in the English language and may be translated into other languages.  In the event of any inconsistency between the English version and the translated version of this Privacy Statement, the English version shall prevail.

 

Legal Disclaimer

In addition to our rights of disclosure as mentioned hereinabove, we may also disclose your personal information when required by law or court order, or as requested by other government or law enforcement authorities, or in the good faith that disclosure is otherwise necessary or advisable including and without limitation to protect the rights or properties of our Group. This also applies when, in compliance with applicable laws, we have reason to believe that disclosing the personal information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

 

Contents

The information and material contained in this site are for general references only. Our Group disclaims any warranty or representation of any kind, express or implied, as to any matter whatsoever relating to this site or any linked site. To the fullest extent allowed by law, our Group shall accept no responsibility or liability in respect of any loss or damage howsoever arising.

 

Use of or visit this site does not constitute any binding contract over any goods and services provided by our Group, nor does it constitute an offer of any goods and services provided by our Group. Goods and services may only be available in certain countries and any offer to purchase goods or to retain services from our Group are subject to acceptance by our Group and in accordance with specific terms and conditions on which they are offered.

 

Copyright and Trademark Notices

All contents of this website are: ©2011-2020 Langham Hotels International Limited. 2701, Great Eagle Centre, 23 Harbour Road, Wanchai, Hong Kong. All rights reserved. This websites may contain or reference trademarks, patents, copyrighted materials, trade secrets, technologies, products, processes or other intellectual property or proprietary rights of Langham Hotels International Limited and/or our Group. No license to or right in any such trademarks, patents, copyrighted materials, trade secrets, technologies, products, processes and other intellectual property or proprietary rights is granted to or conferred upon you.