The Sukhothai Hotels & Resorts (hereinafter referred to as either “The Company” or “we” or “us” or “our” ) respects the privacy of all our customers and business partners, and treats personal information (personal data) provided by you as confidential. We understand your concern We know that you are concerned how information about you is collected, used and stored, and we appreciate your trust that we will do so with every due care and diligence in accordance with all applicable laws.
The Private Policy (“the Policy”) applies to personal data and information collected via the hotel website and collected via third parties such as OTAs, etc regarding guests, web-users and other individuals with whom we do business and to the management of that data and information in any form, where electronic or written.
Purposes for which data are used
The purposes for which we may use the data collected or to be collected by the Hotel are divided into obligatory purposes and voluntary purposes. If the data is to be used for an obligatory purpose, you MUST provide the data to the Company if you want the Company to provide the services for which you are applying. If the data is only to be used for voluntary purpose, the Company will obtain your consent and you can tell the Company not to use the data for that purpose and we will not do so.
Purposes for which it is obligatory for you to provide the data area
- Handling and following up enquiries and matters related hereto;
- Identifying the winners or customers identity when collecting the winning prize or gifts from the company;
- Meeting the requirements to make disclosure under requirements of any law binding on the Company;
- To process your requests or enquiries;
- To process and complete transaction requested by you;
- Designing new or enhancing existing services provided by us for guests’ use;
- To send your administrative communications, such as information about any account you may have with us or about future changes to this Private Policy statement
- To administer and enforce the rules of contests, promotions and games offered by us and/or the terms of our commercial dealings;
- For our internal business and administrative purposes;
- To ensure ongoing credit worthiness of you;
- To determine the amounts owed to or by you;
- To enforce your obligations, including without limitation the collection of amounts outstanding from you and those providing security for you;
Purposes for which it is only voluntary for you to provide the data area:-
- Sending to you direct marketing, promotional information and / or materials and / or offers and news of hotel’s products and services
- Sending you our future marketing purposes and / or joint promotion with our subsidiaries, holding companies, associated companies, affiliates or in conjunction with products / services offered by our affiliates or business partners; and
- Conducting customer and service surveys
Collection of Personal Information
The term “personal data” in this Policy refers to personal information which is capable of identifying you as an individual. You can visit our website without providing any personal data or information. When we need to collect personal data from you to provide you with a particular service, we will ask you to obligatory supply us with the information we need. Personal data may be collected as part of: (i) fulfilling reservations or requests for information or services, (ii) accommodating your personal preferences, (iii) purchasing our products and services, (iv) registering for our programme memberships, (v) submitting job applications and (vi) facilitating communications. We may also request your personal data to verify your identity, to protect your interests and implement security measures in compliance with the law.
Types of Personal Information we collect
The types of personal data that we process include:
- Your personal details, contact information, passport and visa information, identity card
- Guest stay information, including the hotels where you have stayed, date of arrival and departure, goods and services purchased, special requests made, observations about your service preferences, telephone numbers dialed and faxes and telephone messages received;
- Your credit card details, membership information, account details, profile or password details and any frequent flyer or travel partner programme affiliation;
- Any information necessary to fulfill special requests (for example leisure, travel and guest preferences);
- Your reviews and opinions about our services;
- Information collected through the use of closed circuit television systems and other security systems; and information relating to the credit of customers.
Notice for Direct Marketing or e-Direct Marketing
We intend to use your personal information (including your name, address, telephone numbers, email and other contact details) to send you marketing communications such as direct-mail, email, telephone calls and SMS containing news, offers, promotions, events to be offered by us or by our business partners and / or our subsidiaries, holding companies, associated companies, affiliates or in conjunction with products / services offered by our affiliates or business partners in relation to the following classes of products and services: travel, transportation, retail, food and beverage, credit cards, financial and investment services, real estate, entertainment, publications, fashion and jewellery, leisure and sports, health and wellness, non-profit and charitable activities, telecommunications, social networking, media and public relations.
We may not use your personal information for direct or e-marketing without your consent. If you do not allow or agree us to use the data, you may opt-out from receiving marketing communications at any time, free of charge, by following the “opt-out” instructions contained in the communications.
Disclosure of Personal Data
Data held by the Company relating to you will be kept confidential. In cases where the Company do collect the data from you, we will:
- where relevant, give you the opportunity to “opt out” (that is to restrict the uses the Company will make of such data);
- tell you how the Company will store the data and how you can review, change and delete the data the Company has stored.
The Company may, where such disclosure is necessary to satisfy the purpose, or a directly related purpose, for which the data was collected provide such data to the following parties:
- any subsidiaries, holding companies, associated companies, or affiliates of the Company;
- any agent, contractor or third party service provider who provides services to the Company, its subsidiaries, holding companies, affiliates, and associated companies in connection with the operation of their business;
- any credit reference agencies, in the event of default, to debt collection agencies; and
- any other person or company who is under a duty of confidentiality to the Company, its subsidiaries, holding companies, affiliates, and associated companies and has undertaken to keep such information confidential.
Access and Correction of Personal Data
You have the right to:
- a) request access to your personal data;
- b) receive a copy of the personal data that you have provided to the Hotel in a structured, commonly used and machine readable format so that you can share it with others;
- c) where personal data is inaccurate or incomplete, ask for personal data to be rectified or completed;
- d) request the transfer of your personal data to another party;
- e) ask that personal data be erased;
- f) make a complaint to a European data protection authority about the manner in which the Hotel processes your personal data;
- g) object to us processing your personal data by asking for the processing of that personal data to be restricted or stopped. For example, if we use personal data for marketing purposes; and
- h) withdraw your consent to processing, in the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law. Please note that the withdrawal of your consent will not affect the lawfulness of any processing of personal data based on your consent before its withdrawal
Our Commitment to Data Security
To maintain the accuracy of your personal data, as well as preventing unauthorized access to and ensuring the correct use of your personal data, we have carried out appropriate physical, electronic and managerial measures to safeguard and secure the personal data we collect. These measures are subject to ongoing review and monitoring. Whilst we make every effort to protect your personal data, no security measures can guarantee that your personal data and information will not be subject to interference, misuse or hacking and we shall not be responsible for any loss, misuse or alteration arising as a result of such incidents.
On our website, we offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.
After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers. The Hotel cannot guarantee that these security measures will prevent other third parties from unlawfully obtaining the data or misusing it. Any transmission of personal data is at the users/guests' own risk.
Storage and transfer of personal data to other countries
"The Hotel is located in the People's Republic of China, which is a country that is not deemed to offer adequate data protection by the European Commission. If you provide your personal data to us, please note that you are doing so on the basis that you explicitly consent to the transfer of your personal data outside the European Economic Area."
Visitors to our website do so on an anonymous basis. We have not configured our website to collect any information from your computer without your input. This means that unless you voluntarily and knowingly provide us with your information, we will not know your identity, your email address, or any other information identifiable to you.
Yes (Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information).
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still place orders over the telephone or by contacting customer service.
Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential with adequate levels of protection. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
California Online Privacy Protection Act Compliance
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
Childrens Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
If you are located in the European Economic Area, you always have the right to make a complaint concerning processing of your personal data by contacting the relevant supervisory authority. You can do this with the data protection authority at your place of residence, or at your place of work. You can find contact details for all EU data protection authorities at https://edpb.europa.eu/about-edpb/board/members
This policy was last modified on 02/04/19.
380 Weihai Road
You may always choose what personal data and information (if any) you wish to provide to us. However, if you choose not to provide certain details, some of your experiences with us may be affected (for example, we cannot take a reservation without a name or credit card).
We will abide by any request from you not to send you direct or e-marketing materials. When such a request is received, your contact details will be deleted.
Website design & development: Positioner