Changed Date: 23 May 2018
General statement of policy
General Data Protection Regulation (GDPR)
On 25th May 2018, the European Union upgraded its privacy laws to require greater transparency for how people’s private information is used online. HotelQuickly is committed to the new higher standards of transparency for the way we protect the privacy of our customers and we are fully compliant with these new protective standards. GDPR requires that company’s such as HotelQuickly comply with the following:
- Data-driven consent (optic policy, be transparent on how we view, access, and process data.
- Right to be forgotten (delete data, access & rectification, portability).
- Breach notifications (inform users and local authorities within 72 hours).
- Parental Control (we cannot collect data from children under 16 without verifiable parental consent).
- Compliance with all subjects for third parties (all third parties companies we are using to collect/analyze data must be GDPR compliant).
- Data protection officer (DPO): Emmanuel Fauvel (firstname.lastname@example.org), CIO of Rising Sun group (HotelQuickly is a subsidiary of Rising Sun) has been formally appointed.
- Comprehensible policy (policies to be easily understandable and in your language).
- Ensure privacy notices are present wherever personal data is collected.
- Implement controls to limit the organization’s use of data to the purposes for which it collected the data.
What types of my personal information is collected by HotelQuickly and what are the purpose for its collection?
- User email (authentication, newsletter).
- User full name (authentication, newsletter).
- User last name (authentication, newsletter).
- User telephone number (authentication).
- Hotel Name, booking dates, country of origin and info (booking purpose).
- User payment method (debit card, credit card, PayPal, etc).
User ID/ passport/driving license (Fraud, Support).
What do you require for my consent and is there an option to opt-out?
For consent to be valid under GDPR, a customer must actively confirm their consent, such as ticking an unchecked opt-in box. You’re are given a clear option to opt-out of any sharing of your personal information.
You may “opt out” of receiving marketing or promotional emails from us by request. To opt out follow the instructions within said emails or contact us at info@HotelQuickly.com. If you opt out, we may still send you non-promotional emails, such as emails about your account or our ongoing business relations.
How else do you collect my personal data?
Passive Collection: When you use the Service, information may be automatically collected, such as your Internet Protocol (IP) address, your operating system, the browser type, the address of a referring website, your activity on the Service, certain logistical information in server logs, including information about various features of the Service, frequency and length of each session.
Cookies: We may rely on the use of “cookies” to collect certain information. Cookies are small data files stored on your hard drive at the request of a website. Cookies are employed to improve the Service and your user experience. If you elect to block, erase, or be warned of cookies, your browser may contain settings which allow you to remove or reject cookies. please be advised this could affect certain features or services made available through the Service.
Anonymous Identifiers: We may also use anonymous identifiers. Anonymous identifiers are random strings of characters used in place of cookies on platforms, including certain mobile devices, where cookie technology is not applicable.
Web Beacons: We may employ Web beacons. Web beacons are small, invisible graphic images that may be used on the Service or in emails relating to the Service to collect certain information and monitor user activity on the Service, such as counting visits, understanding usage effectiveness and to verify if an email has been opened.
Device Specific Information: We may collect device-specific information related to hardware model, operating system version, unique device identifiers, and mobile network information including phone number). We may associate your device identifiers or phone number with your HotelQuickly account.
Registration details from Facebook and Google: We may also receive your personal details that are stored with Facebook or Google Plus if you choose to register for convenience through Facebook registration or through Gmail registration.
Will you disclose any of my personal information publicly?
By affirmatively opting in your consent, information you provide will be available to other users and in some cases may be publicly available (with the exception of personally identifiable information, which shall not become publicly available, unless such personally identifiable information is shared by you as part of a review, photo submission or other similar method).
To whom, in what manner, and under what circumstances may my information be disclosed to a third party?
Information we collect about you will not be disclosed by us to any other party in a form that would identify you. Further, any such personal information cannot be disclosed unless the third-party company we are using is GDPR compliant.
Links to other websites
How long is each class of information kept?
The information listed above is stored for a maximum of 60 months.
Where is my data stored?
Personally identifiable information (such as email, username, and address) will be stored in the application’s database on secured servers based in Singapore, Hong Kong, the US, and other countries. Your user media (text, photos) data is stored securely on our cloud servers in Taiwan.
How is my information cross-referenced?
The information is being verified in the application’s database.
How is each class of data being used?
To cater to the user and/or customer based on their preferences.
When is information belonging to each class destroyed?
The information listed above is stored for up to 60 months and then destroyed.
Who is responsible for its destruction and how is it destroyed?
The person in charge of our DPO (Data Protection Officer) is Mr. Emmanuel Fauvel (email@example.com).
How is the accuracy of my collected information guaranteed?
The reliability of the collection of information relies on data input by the user either on HotelQuickly website or Application directly or through Facebook or Google Plus. You have the right to request access to and correction of information about you held by us.
Are there access mechanisms in place that allow me to alter/update inaccurate or obsolete information?
Users have access to their user information and are able to update them when necessary through our Login area.
What steps do you take to maintain the security of my personal data and information?
HotelQuickly takes all necessary reasonable steps to maintain the security, privacy and accuracy of all data we collect. Despite these steps we offer no warranty against third parties breaching security or any other unauthorized access to the data. Despite our efforts, no security measures are impenetrable. To assist with the integrity of data protection take steps to keep your password confidential and do not disclose it to any other person. Please advise us immediately if you believe your password has been misused.
Will you report to the local authorities and to the people (data subjects) for data breaches involving personal data?
- Personal data breaches will be reported within 72 hours of our knowledge to the local authorities.
- We will report what data has been lost, what the consequences are and what countermeasures are/will be taken.
- Unless the data leaked was encrypted, we will report the breach to the user (data subject).