PERSONAL DATA PRIVACY NOTICE
This Privacy Notice sets out the basis on which we collect and process your personal data through your use of our website(s), our digital applications (Apps), online profiles, signing up for newsletters, request for proposal, competitions and/or other marketing activities on online or through digital communications.
Any changes we make to this Privacy Notice in the future will be posted on this page with or without prior notice so please check this page regularly.
For the purpose of applicable data protection laws, Wharf Hotels Management Limited is the data controller responsible for your personal data. We respect the privacy of all our customers, web users and or business partners, and treat all personal information as confidential. All personal data we collect and process is handled in accordance with the applicable data protection laws, including the General Data Protection Regulation (EU) (2016/679), the Personal Data (Privacy) Ordinance of Hong Kong SAR of China and, where feasible, internationally recognised standards of personal data privacy protection.
Our Commitment to Protect Personal Data Privacy
This Personal Data Privacy Notice (the “Notice”) applies to personal data (defined as data from which a living individual is identifiable (by anyone) directly or indirectly) and information regarding guests and any other individuals with whom we do business with and to the management of that data and information in any form, whether electronic or written.
This Notice gives effect to our commitment to protect your personal and sensitive information and has been adopted by all the hotel properties owned, managed and/or operated by Wharf Hotels Management Limited or its affiliated or associated companies. References to “Marco Polo Hotels”, "Niccolo Hotels", “we”, “our” and “us” hereinafter, depending on the context, collectively refer to those separate and distinct properties or entities.
Collection of Personal Data
The term “personal data” in this Notice refers to any information relating to an identified or identifiable natural person ("data subject") which we, in the process of providing you with a particular service, may ask you to supply to us. Personal data may be collected as part of but not limited to:
(i) Fulfilling reservations or requests for information or services,
(ii) Meeting local legal requirements for registering guests,
(iii) Browsing of website (please see our Cookies policy below for more information),
(iv) Purchasing our products or services,
(v) Registering for programme memberships or online profile,
(vi) Meeting for sales calls/appointments, attending of trade and road shows or requesting for proposals via our procurement team;
(vii) Submitting job applications; or
YOUR PERSONAL DATA
Information You Provide to Us
- You will provide some or all of the following information to us when you make reservations from our website, enrol as a member, register an online profile, use one of our Apps, contact us, sign up for newsletters, request for proposal, register to check-in at one of our hotels, and other marketing activities, either in one of our hotels or online:
- Your Identity and Contact Details -includes your name, date of birth, travel ID, email address, home postal address/billing address, delivery address (if different), and your contact telephone number;
- Your Payment Details - your bank details and payment card details, however your payment transactions will be encrypted during our booking journey and by the acquiring bank so we will not retain any payment card details submitted by you;
- Your Profile Data - if you register an online profile, this includes the profile you create to identify yourself when connecting to our website and Apps (including your username and password) and other data about reservations and your personal preferences; and
- Additional Personal Details - At your option, you can also provide additional personal data to us such as your gender, product preferences and interests. This additional information would only be collected and stored by us for the purposes of analysing your sales to help us understand and improve our services and for the purposes of any direct marketing emails, pushed messages, telephone calls, social media posts (such as Facebook or WeChat) or SMS , in line with your marketing preferences and provided you have expressly consented to receiving such emails, pushed messages, telephone calls, social media (such as Facebook or Wechat) or SMS .
Direct Marketing includes but not limited to:
- Room offer Promotional
- Restaurant, Bars and Events promotions
- Celebratory Offers
- Hotel Opening
- Hotel News and Updates
- DISCOVERY and Wharf Hotels Rewards Membership News and Updates
- Guest Experience Surveys
Information We Collect When You Use Our Website or Our Apps
Usage Data- includes details of Wharf Hotel, dining restaurants and services you have viewed and reserved, and information about how you use our website and our Apps;
Technical Data - includes:
- your Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page, mobile applications traffic data, weblogs and other communication data;
- if you use a mobile device to access our website or one of our Apps, the type of mobile device you use, a unique device identifier (for example, your device’s IMEI number, the MAC address of the device’s wireless network interface, or the mobile phone number used by the device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone settings).
Other - We may also receive information from third parties we work closely with such as wifi service provider, online reservation and review platforms, reference agencies and fraud prevention agencies. These third parties may share information with us in accordance with their own data protection policies and procedures.
HOW WE USE YOUR PERSONAL DATA
Below are the ways we will use your personal data to fulfil our contractual obligations to you, for our legitimate business interests, and/or where you have provided your consent to processing for specific purposes.
Please note that when we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests - we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
|We may use your personal information to:||How do we use personal information for this purpose?||What is the legal basis for us processing your information in this way?
|Process your reservations and managing your booking at one of our hotels, including taking payment, responding to enquiries and requests and any after-sales services such as amendments or cancellations.
||We will need to use your personal information (such as your name, email address, phone number and credit card details) to set up and manage your booking (for example by sending you reminders about upcoming hotel stays or processing payment for your booking).
||We need to process your information in this way in order to perform our contractual obligations to you in relation to your booking or other services.
|Manage and conduct our competitions and promotions, or to manage and analyse survey entries we receive from you, including post-stay experience surveys.||We will need to use your personal information (such as your name, email and phone number) to manage and process your entries to our competitions or promotions, and to inform you if you have won a prize. We will also use your information in order to process, manage and/or aggregate data from surveys.
||We will ask for your consent at the time at which you enter a competition/promotion, or provide responses to our surveys, before processing your information in this way.|
|Process and administer your online and or membership profile with Wharf Hotels and or DISCOVERY programme provided you have signed up with us and consented to this.
||We will use your personal information (such as your email address or other contact details) to manage your online profile provided this is in line with your online preferences.
||We will only process your information in this way if you have provided consent.
|Deliver direct marketing, advertising and updates to you to inform you about forthcoming offers, products, features and updates and information about us, and to make suggestions and recommendations to you about our goods or services that may interest you.
||We will use your personal information (such as your email address or other contact details) to send you information and promotional material about Wharf Hotels, Marco Polo Hotels and or Niccolo Hotels provided this is in line with your marketing preferences.
||We will only send marketing communications to you if you have expressly consented to receive direct marketing emails and/or pushed messages, telephone calls or SMS from us, whether via our website, apps or in person at any of our hotels.
There are certain types of promotional material that we will only send if you have specifically consented to this, for example if we send you promotional materials about products and services offered by third party organisations.
|Measure and analyse the effectiveness of advertising we serve to you. We will use your personal information to analyse our marketing practices to ensure that can provide you with a more personalised marketing experience.
||We will analyse information on your recent visits to our site and your past purchases to measure and understand the effectiveness of any advertising we may serve to you and others
||It is in our legitimate business interests to track the effectiveness of our marketing and online advertising practices.
|Administer, analyse and assess the performance and usability of our website and apps,
||We use technical information about your visits to our website and apps, and information about your behaviour on our website (such as the services you have searched for and the length of time spent browsing) to improve our website and apps.
||It is in our legitimate interests to administer, analyse and assess our website and apps to ensure that they are functioning properly, and to enhance our users' experience.
|Comply with legal requirements.
||We may sometimes need to process personal information to comply with legal requirements to which we are subject (for example tax or financial reporting requirements).
||It is in our legitimate interests to process personal information for the purposes of complying with legal requirements to which we are subject.
|To protect and secure our website and apps against cyber crime including fraudulent transactions.
||We may need to process your personal information (including financial information ) in order to protect and secure our website and apps, including to keep your payments secure, and to protect against fraudulent transactions.
||It is in our legitimate interests to process personal information to keep our customers' payments secure.
|Where you have consented to this, we may publish customers' reviews and feedback in the testimonial section of our website, which were received via email, social media, online travel review platforms or the Wharf Hotels guest comment card.
||We will use your personal information when publishing your customer review, in accordance with your preferences (eg, via a pseudonym or fully-anonymised), which enables us to be honest and transparent with our customers regarding the nature and quality of our services.
||We will ask for your consent before processing your information in this way .
WHO WE SHARE YOUR PERSONAL DATA WITH
- We may share your information within the Wharf Hotels owned and managed hotels, Global Hotels Alliance for DISCOVERY membership purposes and with our selected third parties for the purposes referred to above. For example:
- Payment Acquiring Services to process your payment;
- Confirmation, amendments, up-grading and cancellation of your reservation to manage your reservation;
- Credit Reference & Fraud Prevention Agencies for credit checking and identity verification;
- Analytics and search engine providers that assist us in the improvement and optimisation of our website and Apps; and for user personalisation and experience
- Where you have provided consent to direct marketing, personal pricing recommendation engines, third party advertisers, affiliate marketing agencies and advertising networks engaged by us to select and serve relevant communications to you on our behalf, provided this is in line for your marketing preferences.
We require all third parties engaged by us to respect the security of your personal data and to treat it in accordance with the law. Such third parties are only allowed to process your personal data in accordance with our instructions, and not for their own purposes.
From time to time, we may ask you if you would like to be contacted by other selected third parties, such as part of a joint promotion or a collaboration. If we do this, we will also provide you with a link to that third party’s privacy notice to help you decide whether or not you wish to be contacted by them. If you do consent to this (by an express opt in), that third party would be the data controller in respect of any activity by them that you have consented to, in accordance with their own data protection policies and procedures.
Links to Other Organisations
Our website and/or our Apps may, from time to time, contain links to and from websites of our partner networks, advertisers and affiliates. If you follow a link these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Cookies (including those which enable banner advertising) require a separate opt out and please Click here for more details.
We need your consent for direct marketing communications. If you have expressly given your consent to receive direct marketing from us, whether via our website, Apps or at any of our hotels, we may use the information you have given us for:
- delivering direct marketing, advertising and updates from us to you, such as telling you about forthcoming offers, products, features and updates and information about us;
- measuring and understanding the effectiveness of advertising we serve to you and others; and
- making suggestions and recommendations to you and other users of our website and our Apps about goods or services that may interest you or them.
If you have previously given your consent to us, but now no longer wish to receive direct marketing and updates from Wharf Hotels, Marco Polo and or Niccolo Hotels, you can unsubscribe at any time by clicking the ‘unsubscribe’ link available in each email you receive from us. You can also amend
your preferences by contacting customer services on +852 2118-7232 or by emailing email@example.com.
If you are a registered online profile user you can also opt out by contacting customer services on +852 2118-7232 or by emailing firstname.lastname@example.org.
Please Note: It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.
Our website is not intended for use or access by children and we do not knowingly collect personal data relating to children under 16 years of age. In the event that we are required to process children's personal data, we will obtain verifiable parental/guardian consent .
SECURITY OF YOUR PERSONAL DATA
Our website and Apps have appropriate security measures in place to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. All information you provide to us is stored on secure servers. We have also put in place procedures to deal with any suspected or actual data breach.
Where you have chosen a password which enables you to access certain parts of our website or our Apps, you are responsible for keeping this password confidential. We ask you to choose an effective, secure password and not to share your password with anyone.
We recommend only connecting to secure wireless networks that you trust to reduce the risk of unauthorised people intercepting your online activity. Beware of the risks of using public wifi.
If you receive an email purporting to be from Wharf Hotels, Marco Polo Hotels and or Niccolo Hotels for personal data, please do not respond to the email but please let us know that this has happened so we can check whether the email is genuine. email@example.com
PROCESSING PERSONAL DATA OUTSIDE THE EEA - DATA STORAGE & TRANSFER
Your personal data will be transferred to, and stored at, locations in Hong Kong and Singapore and in the location of the hotel in which you stay or visit. It will also be accessed and processed by our personnel and the personnel of our partners, affiliates and third party service providers, who operate outside of Hong Kong and Singapore. Your personal data will only be transferred to locations outside of Hong Kong and Singapore where we are satisfied that adequate or comparable levels of protection are in place to protect personal data held in that jurisdiction, and (where we are required to do so) with your consent.
When personal data is transferred from the EEA to outside the EEA, we use Model Clauses, so ensuring that such data transfers are compliant with applicable privacy legislation.
HOW LONG WE KEEP YOUR PERSONAL DATA
Your personal data is processed by us and/or our service providers only for the period necessary for the purposes for which the information is collected. Generally, we will keep your personal data for up to 24 months from the date of collection and will be for as long as you are a customer, although we may keep it longer in order to response to any questions or complaints. When we no longer need to use your information for those purposes, we will remove it from our systems and records or take steps to anonymise it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject).
If you are a resident in the European Economic Area (EEA), your rights under data protection laws in relation to your personal data are briefly summarised below. You can exercise these rights by emailing us at firstname.lastname@example.org or by writing to us at Branding and Communications Department, Wharf Hotels Management Limited, 5/F Marco Polo Hongkong Hotels, Canton Road, Harbour City, TST, Kowloon, Hong Kong SAR, China.
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Please note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which we will tell you about, if applicable, after receiving your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms.
- Request restriction of processing of your personal data. You can ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, electronic, machine-readable format. Please note that this right only applies to automated information which you initially provided consent for us to use (such as for direct marketing communications) or where we used the information to perform a contract with you (such as to manage your booking).
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal data and we will respond to all requests within one month.
You can make any of these requests in relation to your personal data, and ask questions about this privacy notice, by sending an email to email@example.com
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use or may use the following cookies:
- We use Google AdWords re-marketing technology to market our sites across the Internet. We place a cookie on your browser, and then a 3rd party (Google) reads these cookies and may serve an ad on a 3rd party site, after you have visited our website.
a) Necessary cookies
Necessary cookies are essential and help you navigate the Site. These cookies make sure your basket is saved during all steps of the checkout process. This helps to support security and basic functionality of the Site. These cookies are necessary for the proper operation of our Site, so if you block these cookies we cannot guarantee your use or the security of our Site during your visit.
|Cookie Name||Type||Description||Expiry Duration|
|OptanonAlertBoxClosed||First Party||This cookie is set by websites using certain versions of the cookie law compliance solution from OneTrust. It is set after visitors have seen a cookie information notice and in some cases only when they actively close the notice down. It enables the website not to show the message more than once to a user. The cookie has a one year lifespan and contains no personal information.||364 Days|
|.AspNetCore.Antiforgery.IQFWmQb-upA||First Party||A cookie used by ASP.NET Core web applications to prevent Cross-Site Request Forgery (CSRF) attacks.||Session|
|OptanonConsent||First Party||This cookie is set by the cookie compliance solution from OneTrust. It stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category. This enables site owners to prevent cookies in each category from being set in the users browser, when consent is not given. The cookie has a normal lifespan of one year, so that returning visitors to the site will have their preferences remembered. It contains no information that can identify the site visitor.||364 Days|
|.AspNetCore.Mvc.CookieTempDataProvider||First Party||A cookie used by ASP.NET Core web applications to store temporary data, such as form data, between requests.||Session|
b) Functional cookies
Functional cookies are used to provide you the best user experience. These cookies are for instances used to save and remind you about reservations you have started to make, so will save you time if you want to complete your reservation at a later stage. These cookies could also recognise if a Site user has already signed up for our newsletter/requested information about a service or if the user is seeing a certain page for the first time.
|Cookie Name||Type||Description||Expiry Duration|
|_gd#############||First Party||This cookie contains no identifying information and is used for diagnostic purposes by Impact Radius, a service we use to track signup commissions for our affiliate program. We have categorized it under Functionality because it is necessary for the operation of our affiliate program.||Session|
c) Performance cookies
Performance cookies help us to understand the behaviour of our visitors and the usage of the Site. This allows us to continuously improve the Site to provide you the best user experience. These cookies are also used to help us understand what interests our users, and measure how effective our advertising is. Some of these cookies are managed by third parties, and you may refer to the third parties' own website privacy notifications for further information.
By way of example, we use Google Analytics cookies to obtain an overall view of visitor habits and visitor volumes, and to help improve the overall experience on our Site. Google Analytics is a third-party web analysis service provided by Google Inc, which uses "performance cookies" and "targeting cookies" to analyse how you use the Site. The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google on servers in the United States. However, this website uses Google Analytics with the expansion '_anonymizeIp()' which means that Google will truncate/anonymise the last octet of the IP address for Member States of the European Union.
If you do not accept the use of these cookies, we cannot guarantee how our Site will perform for you.
|Cookie Name||Type||Description||Expiry Duration|
|_ga||First Party||This cookie name is associated with Google Universal Analytics - which is a significant update to Google's more commonly used analytics service. This cookie is used to distinguish unique users by assigning a randomly generated number as a client identifier. It is included in each page request in a site and used to calculate visitor, session and campaign data for the sites analytics reports. By default it is set to expire after 2 years.||729 Days|
d) Advertising cookies
Advertising cookies will remember your preferences and, in general, that you visited the Site. We strive to provide you with advertisements for hotels, resorts, and other products and services relevant to you and your interests on other online platforms, where available. These cookies are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of advertisements.
|Cookie Name||Type||Description||Expiry Duration|
|tint-anonymous-uid||First Party||This domain is owned by Pubmatic. It operates an advertising exchange platform where online publishers can sell targeted advertising space to media buyers using real time bidding.||364 Days|
|__sharethis_cookie_test__||Third Party||Tracks which pages are being shared and by whom||Session|
|fpestid||First Party||ShareThis cookie ID set in the domain of the website operator.||364 Days|
|MUID||Third Party||This domain is owned by Microsoft - it is the site for the search engine Bing. This domain is associated with Microsoft Clarity.||390 Days|
Most cookies (other than essential cookies) will expire within 24 months
If you have any questions or concerns about how we treat your personal information, you wish to ask us to stop processing your personal information, or you would like to request a copy of the personal information we hold about you, please email us at firstname.lastname@example.org