1. PRIVACY POLICY – GENERAL

1.1 INTRODUCTION

We respect the privacy of all our customers and business partners, and treat personal information provided by you to us as confidential. “We”, “us”, “ourselves” and “our Group” refers to Langham Hotels International Limited and its affiliates directly involved in the group’s management and operations of properties around the world, including hotels, residences, outlets, local management entities and sales offices in the following jurisdictions: Australia, Canada, European Union, Hong Kong Special Administrative Region, Indonesia, Mainland China, Middle East, New Zealand, Singapore, Thailand, United Kingdom, and United States of America. In particular, Langham Hotels International Limited processes your personal information for the purposes set out in this Privacy Policy and is the controller of customer personal information; and Langham Hotels (Shanghai) Company Limited (an affiliate of Langham Hotels International Limited and Brilliant Loyalty Program Limited) is the regional Mainland China management entity and, together with Langham Hotels International Limited, are the controllers of customer personal information as set out in section 4 “Notice to Mainland China Residents”; and Brilliant Loyalty Program Limited (an affiliate of Langham Hotels (Shanghai) Company Limited and Langham Hotels International Limited) operates the loyalty programme and is the controller of the personal information of loyalty programme members. Guest and members’ personal information will also be shared with other entities within the Group for the purpose of operating the loyalty programme and providing goods and services to its members in accordance with this Privacy Policy.

Please read this Privacy Policy (together with the country specific portions applicable to you) and any other privacy notice or fair processing notice we may provide on specific occasions carefully, as it is meant to help you understand what information we collect, why we collect it, and how you can manage it.

This Privacy Policy supplements and updates any other policies, notices or statements that we may have provided you, and is not intended to override them.

1.2 HOW WE GET THE INFORMATION ABOUT YOU

In order for us to operate effectively, we may collect information about you, whether as hotel guests, loyalty programme members, website visitors or contact for any other purposes, where personal information is provided to us that can identify you as an individual.

Your personal information can come to us via various channels, including but not limited to:

Personal information provided directly by you

  • Through your use of our products and services – such as when you make a reservation, stay as a guest or visit the hotels, restaurants, spa or facilities managed by us
  • When you submit enquiries to us or provide us with your feedback
  • When you participate in our promotional offers, competitions or surveys
  • As a member of our loyalty programmes

Data we collect when you use our Websites and Apps

  • When you browse and interact with our website and/or use any mobile applications including WeChat mini program (“mobile App”) that we may make available - such as make a booking via our Online Reservation system, make an inquiry, sign up for newsletter subscription or make brochure requests or download and use our mobile Apps

Information we receive from third parties or public sources

  • We may receive information from third party organisations, such as partners we work with, where you have provided your consent to that information sharing taking place or where we have a legitimate interest to use the personal information in order to provide you with our products and services

1.3 WHAT INFORMATION ABOUT YOU DO WE COLLECT AND WHY

We may collect, use, store and transfer different kinds of personal information about you depending on our relationship with you and where you are located, this information may include:

Identity details: such as your name, gender, age, date of birth, nationality, and identification document information (including passport, identity card, driver’s licence or other official government documentation)

Contact Details: personal and work contact details (addresses, emails and telephone numbers)

Payment and credit card information: such as bank accounts, name of cardholder, credit card number, credit card billing address and expiry date

Guest stay information and lifestyle information: such as hotels where you have stayed, arrival and departure dates and times, room preferences, leisure activities, names and ages of children, observation of your services preference, and other information necessary to fulfil special requests, your goods and/or services purchase information (including delivery address in case of purchasing goods), history and/or language preference. Information, feedback or content you provide regarding your interests and preferences

Profile Information: includes loyalty programme member information (including membership number and membership tier), online account details, profile or password details

Technical Information: includes information from our security systems such as from our closed-circuit television system, card key, internet login and firewalls

Usage data: includes information about how you use and interact with our website and mobile Apps and the services you use (such as IP address and web browsing information), your fingerprint or facial verification results if you use fingerprint or facial information to unlock or sign in the mobile App or use functions such as payment verification, as well as your location data if you permit us to access it on the website or mobile App

Sensitive Personal Information: some of the personal information which you provide to us may be considered “sensitive personal information” under the privacy and data protection laws in specific jurisdictions – such as personal information from which we can determine or infer an individual’s racial or ethnic origin, health or biometric data. We only process sensitive personal information to the extent permitted or required by applicable law

Please note that, in respect of minor’s personal information, except where required by local laws, we do not knowingly collect personal information from our websites from any children or minors. As a parent or legal guardian, please do not allow your children or minors to submit personal information without your permission.

1.4 HOW WE PROCESS AND USE YOUR INFORMATION

We may collect, process and/or use the personal information which we collect in order to:

  • Deliver our products and services to you – such as completing your reservations, sending you reservation confirmations, supplying the purchased goods and services, registering you for program membership and administering such program, fulfilling a request for information, customising our services to your preferences, earning and redeeming rewards, keeping proper records of your transactions with us
  • Communicate and provide marketing and promotion to you – such as sending you information and updates on our products and services and other products and services that we think may be of interests to you, including latest promotions, competitions, joint- and cross promotions with our business partners, response to enquiries, to send you important information regarding our website, changes to our terms, conditions and policies
  • Develop and improve our services to you – such as performing market research, analytics and/or profiling, developing new products and services, improve the effectiveness of our website, your hotel experience, our various types of communications, advertising campaigns, and promotional activities
  • Work and cooperate with third parties to deliver our products and services to you – such as travel agents, group travel organisation, or anyone involved in the process of making your travel arrangements, credit card companies, airline operators and third party loyalty programs
  • Maintain your safety and security as well as that of other guests and personnel – such as to make proper identification and verification in processing of transaction, implement security surveillance and access controls when you visit or stay at our hotels, and administer general record keeping
  • Operate the website and mobile App – allowing you to use certain functionalities in the website or mobile App
  • Meet applicable legal and regulatory requirements
  • Use it in other ways as required or permitted by law or with your consent

We will only collect, process and/or use the personal information where we are satisfied that we have an appropriate lawful basis to do so.

1.5 WHAT INFORMATION WE PROCESS, AND HOW WE PROCESS AND USE YOUR INFORMATION IF YOU ARE A LOYALTY PROGRAMME MEMBER

If you join the loyalty programme, we may process (including collect, store, use, edit, transfer, provide, publish or delete) your personal information (including information deemed sensitive personal information in Mainland China highlighted in bold) for operating the basic business functions of the loyalty programme, its website and mobile App. Unless otherwise stated, the personal information we process is necessary for the relevant business functions and processing purposes. If you refuse to provide the relevant personal information for our processing, we may not be able to operate the relevant business function and provide those services to you.

You need to carefully consider whether your sensitive personal information should be disclosed to us. It is necessary for you to provide us with such sensitive personal information, so that we can provide certain services to you. (If you are based in certain jurisdictions, including Mainland China, and if you do not provide us with your separate consent to process your sensitive personal information, we may not be able to provide certain services to you).

If you are based in the UK/EU then the applicable lawful bases for processing of your personal data in connection with each of the purposes below is set out in the final column.

   Processing Purposes and Means  Personal Information Processed  UK/EU Lawful Basis
1.For administering your loyalty programme membership (including membership registration and managing your membership tiers)Name, date of birth, loyalty programme membership number, membership tier, contact details (residential addresses, work address, emails and telephone numbers), loyalty programme account log in credentials, your guest stay information and lifestyle information, your goods and/or services purchase information/history, language preferenceTo perform a contract with you
2.For earning loyalty pointsName, loyalty programme membership number, membership tier, your goods and/or services purchase information/historyTo perform a contract with you
3.For spending loyalty points to redeem goods and/or services

For spending points: your name, loyalty programme membership number, membership tier

For redeeming goods and/or services by points: name of the recipient of goods and/or services, contact details (emails and telephone numbers), (in the case of purchasing goods) delivery address, goods and/or services redemption details, airline loyalty programme membership number

To perform a contract with you
4.For spending loyalty points to book hotel services

For spending points: your name, loyalty programme membership number, membership tier

For booking hotel services on our website: your name, name of hotel, contact details (emails and telephone numbers), hotel check in and check out time

To perform a contract with you
5.For facilitating payment for hotel services on our systemName, loyalty programme membership number, membership tier, payment informationTo perform a contract with you
6.For providing customer support services (e.g. administrative communications about your loyalty programme membership)Name, loyalty programme membership number, contact details (residential addresses, work addresses, emails and telephone numbers), your guest stay information, your goods and/or services purchase or redemption information/historyLegitimate interests (for running our business)
7.For fraud prevention and investigating any potential violation of applicable lawsName, date of birth, nationality, identification document information (including passport, identity card, driver’s licence or other official government documentation), loyalty programme membership number, personal and work contact details (residential addresses, work addresses, emails and telephone numbers), IP addressLegal obligations (to comply with lawful request(s) from regulatory, government or judicial body, process information from accident reports, require processing of health and/or safety records)
8.For undertaking identity check and investigating any potential violation of our Group’s policiesName, date of birth, nationality, identification document information (including passport, HKID, driver’s licence or other official government documentation), loyalty programme membership number, personal and work contact details (residential addresses, work addresses, emails and telephone numbers), IP addressLegitimate interests (for running our business, ensuring compliance with Group policies)
9.For resolving any issues with the loyalty programme website or mobile App and/or improving user experience of the website or mobile Apployalty programme membership number, membership tier, IP address and web browsing informationLegitimate interests (for running our business, ensuring compliance with Group policies)

Business functions aimed at improving our products / services

When necessary, we will collect your personal information for the purposes of improving our service quality, including providing you with better-performing services and personalised content, functions and recommendations, etc. If you refuse to provide the relevant personal information for our processing, we may not be able to provide certain services to you, but it will not affect your use of the basic business functions and other extended business functions.

Your personal information may be processed as follows:

   Processing Purposes and Means  Personal Information Processed  UK/EU Lawful Basis
1.For designing personalised content on the loyalty programme website or mobile AppName,  date of birth, loyalty programme membership number, membership tier, contact details (residential addresses, work addresses, emails and telephone numbers), your guest stay information and lifestyle information, your goods and/or service purchase or redemption information/history,  (for website only) IP address and web browsing informationLegitimate interests (to keep the website and mobile App updated and relevant to you, to grow our business) Consent (to the extent we use cookies or similar technologies for this purpose)
2.For marketing goods and/or services of our Group or our business partnersName, age, loyalty programme membership number, membership tier, your guest stay information and lifestyle information, your goods and/or service purchase or redemption information/history, IP address and web browsing informationConsent (to the extent you have provided the consent for the purpose of our marketing) Legitimate interests  (to grow our business and provide you with information about similar products and services which may be of interest to you)
3.For conducting data analytics, profiling, information management and database administration for the purpose of the operation of the loyalty programme website or mobile AppName, age, loyalty programme membership number, membership tier, your guest stay information and lifestyle information, your goods and/or service purchase or redemption information/history and partially redacted IP address and web browsing informationLegitimate interests (to inform our strategy and to study how our customers use our services) Consent (to the extent we use cookies or similar technologies for this purpose)
4.For conducting market research, for statistical, data analytics, actuarial research or other purposesName, age, loyalty programme membership number, membership tier, your guest stay information and lifestyle information, your goods and/or service purchase or redemption information/historyLegitimate interests (to inform our marketing strategy and grow our business)

Other extended business functions and system permissions

To provide you with a greater user experience on the loyalty programme website or mobile App, we may also process your personal information for other extended business functions. If you do not provide your personal information for an extended business function, you will not be able to use the corresponding services, but it will not affect your use of the basic business functions. You could choose to provide your personal information to us and select to use the extended business functions at your preference.

If you are using the mobile App, we will ask for your consent to our processing of your personal information for each of the following purposes and business functions in this paragraph. You can withdraw your consent to each of the following at any time by disabling our access rights in your device settings or mobile App settings:

  • we will use GPS technology to determine your current location, and use your location data to locate the hotels in proximity with your location and sorting the offers by these hotels. During your registration on the mobile App, we will pre-populate the location field and the country code based on your location. You can withdraw your consent at any time by disabling Location Data in your device settings;
  • for you to leave comments, feedback or complaints on or through our mobile App, you may choose to upload images. We would, therefore, need to obtain your authorisation to use your device camera for photo-taking and photo gallery access;
  • when you unlock or sign in, or use certain functions such as payment verification in the mobile App by using your fingerprint or facial information, your fingerprint or facial information (as applicable) is only stored on your device locally, and we will only receive your fingerprint or facial verification results without storing or retaining your original facial information;
  • to enable you to call us using your mobile device directly through the mobile App, we will need your authorisation to use your phone functionalities; and
  • to enable you to receive our marketing information, as well as member status changes and in-app alerts (e.g. messages from our hotels), we will need your authorisation to turn on the notifications in your device.

Separately, the mobile App offers the function to chat within the mobile App with our personnel in the form of text messaging. Please note, any personal information provided by you in such conversations with our hotel staff will be treated as being provided to us for use in providing our customer support services, and such personal information will be processed in accordance with this Privacy Policy.

We may access your device clipboard, but we will not collect the clipboard information.

1.6 HOW LONG WE KEEP YOUR PERSONAL INFORMATION

We will keep your personal information in line with our data retention policy for no longer than is necessary to fulfil the purposes we collected it for, unless we have a lawful ground for holding it for longer.

To determine the appropriate retention period for your personal information we consider the amount, nature and sensitivity of the information, the risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

For the purpose of the loyalty programme, unless required by applicable laws and regulations or with your consent, we will generally retain your personal information processed only for the loyalty programme for three (3) years after your membership account status becomes “dormant” (i.e. when there is no transaction involving your membership account for 24 consecutive months).

We will safely and securely delete, dispose of or anonymise personal information after the applicable retention period or when we no longer need it.

1.7 INFORMATION SECURITY

We endeavour to protect your personal information we maintain and have implemented reasonable technical, organisational and administrative measures to keep your personal information safe and secure and to protect it against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties that have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

When we outsource the processing of your personal information to third parties or provide your personal information to third-party services providers, we oblige those third parties to protect your personal information with appropriate security measures.

1.8 INFORMATION TRANSFER OVERSEAS

We do business globally. In order for us to operate effectively and provide you with the best experiences with our services, we may centralise certain aspects of our information processing activities and may have databases in different countries or regions (some of which are operated by our local group company and some of which are operated by third parties on our behalf). We may therefore have to share and transfer your personal information from one country or region to another, or even across multiple jurisdictions, such as:

  • In or to Hong Kong where our corporate office is located
  • In those countries in which we manage and operate hotels, residences, sales or representative offices
  • In those countries where our third-party suppliers and/or services providers, agents, advisors or consultants are located

Your personal information may therefore be subject to privacy laws that are different from those in the country or region where the personal information is collected or those in your country or region of residences. We will endeavour that the transfer of your personal information is carried out in accordance with applicable privacy laws and that appropriate technical, organisational and administrative measures are in place for its safeguard. For information on international transfers from the EU or UK, please also see section 2.7.

1.9 INFORMATION SHARING

Insofar as reasonably necessary for us in delivering our products and services to you and for the purposes set out in this Privacy Policy, we may share your personal information with the below parties. The specific kind of information we share will depend on your activities with us and only to the extent as required or permitted by law, and/or with your consent.

  • Our group entities, hotels and residences managed and operated by us available here. Owners of our hotels and branded properties have a limited right to use certain personal information for their own purposes such as for complying with their own legal obligations (including maintaining books and records and other compliance obligations).
  • Our business partners and third parties involved in the delivery of our products and services to you – including those involved in a sale of all or part of our business operations or assets and those for business, operational and general administration. In particular, we may partner with certain third parties to allow you to enrol, register, link accounts or use their services. These companies may include business such as airlines, rental car providers, car services partners, travel agents or spa and other facilities provider and we may provide your name, account or membership details, and stay information (such as hotels where you have stayed, arrival and departure dates) to them so you can obtain their reward points (such as frequent flyer points) or provide you with a single source for purchasing packages that include travel-related services (such as airline tickets, rental cars or vacation packages).
  • Our marketing and advertisement partners. These partners may use your personal data to provide promotions to you, such as sweepstakes, contests, or other offers and events, etc.
  • Third party services providers in Australia, Canada, Hong Kong, Japan, Mainland China, New Zealand, Singapore, USA, which process data (including personal information) for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures. Examples of these service providers include companies that provide website hosting, data analysis, payment processing, order completion, information technology and related infrastructure services, customer service, email delivery, marketing, and other services, etc.. Particularly for the mobile App, to ensure reliable services, we work with our authorised business partners which provide their plug-in programs or software development kits (“SDK”), and which may process your personal information with your consent. You may see the details of these SDKs here.
  • Our agents, advisors, consultants, other third-party suppliers and/or services providers such as our accountants, auditors, lawyers, other professional advisors and business contacts for the purpose of assisting us to operate effectively, provide you with the best experiences with our services and comply with our legal and regulatory obligations.
  • Relevant law enforcement body, regulatory, government agency, court or other third party where we believe that such disclosure is to (1) comply with an applicable law or regulation; (2) exercise, establish or defend our legal rights; or (3) protect your vital interests or those of any other person.
  • Other third parties when we have your consent or are otherwise permitted or obliged by law to do so.

We are always looking to continuously develop and expand our business. Accordingly, an entity of our Group may engage in mergers, acquisitions, dissolution, liquidation, transfer of assets or similar transactions, and in such cases, (i) we shall inform you of information that is required under applicable data protection laws; and (ii) your personal information may be transferred to any actual assignee or purchaser of all or any part of our (and/or our affiliates’) business and/or assets; and our service providers in these situations. In this case, we will ask the new company or organisation holding your personal information to continue to process your personal information in accordance with this Privacy Policy. If the new company or organisation needs to use your personal information for purposes not stated in this Privacy Policy, they will obtain your consent where required to do so in accordance with the applicable laws and regulations.

1.10 WHAT HAPPENS IF I DO NOT PROVIDE YOU WITH MY INFORMATION?

You may always choose what personal information (if any) you wish to provide to us. Please note, however, some of our products and services to you may be affected if you choose not to provide certain details, for example, we cannot reply to you without a name or contact details.

1.11 MARKETING AND COMMUNICATIONS

If you provide us with your contact details (e.g. postal address, email address, telephone number or fax number), we may contact you to let you know about the products, services, promotions and events offered that we think you may be interested in. You can always choose whether or not to receive any or all of these communications by contacting us as described in section 6 below. In addition to your agreeing to this Privacy Policy, we may also ask you to give us a separate consent before we send you with promotional information or to indicate how you would like to receive any communication (e.g. via email or regular mail). After you have indicated your preferences, you can always change them.

2. RESIDENTS OF THE EUROPEAN UNION AND UNITED KINGDOM

European Union (EU) or United Kingdom (UK) data protection law applies to the processing of information of residents of the European Union and United Kingdom.

2.1 CONTROLLER

We are the Controller and responsible for your Personal information under this Privacy Policy. This means we decide why we collect your data, how we collect it, what data is collected, how this data is going to be used and how this data is protected. Please refer to section 1.1 for further details.

2.2 DATA PROTECTION OFFICER (DPO)

We have appointed GRCI Law Limited as our DPO, who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, our privacy practices or how we handle your personal information please contact us in the first instance via email to dataprotection@langhamhotels.com or, alternatively, you can contact our DPO directly via email to dpoaas@grcilaw.com.

2.3 OUR EU REPRESENTATIVE

We have appointed IT Governance Europe Ltd to act as our EU representative. If you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters, please contact us in the first instance via email to dataprotection@langhamhotels.com or, alternatively, you can contact our EU Representative directly via email to eurep@itgovernance.eu (please ensure you include our company name, Langham Hotels International Limited in any correspondence you send to our representative).

2.4 UK GDPR/EU GDPR LAWFUL BASIS TABLE

The table below describes the ways we plan to use your Personal information, and which Lawful Basis we rely on to do so. We have also identified what our legitimate interests are where appropriate.
If you join the loyalty programme, we may also process your personal information in accordance with section 1.5 above.

LAWFUL BASIS TABLE

  LAWFUL BASIS  PURPOSE EXAMPLES

Contractual

We use your Personal information on the basis that it is necessary for us to fulfil a contract with you.

Onboarding
When you register as a new client, or supplier and we interview and onboard you.

Service delivery
In order to be able to deliver our products and services to you 

Account administration 

Relationship management 

Communication
To be able to contact you regarding updates or informative communications 

Legitimate interest

Our legitimate business interests do not automatically override your interests – we will not use your Personal information for activities where our interests are overridden by the impact on you unless we have your consent or are otherwise required or permitted to by law.

Managing our business
Developing and improving our services to you – such as performing market research, analytics and/or profiling, developing new products and services, improve the effectiveness of our website, your hotel experience, our various types of communications, advertising campaigns, and promotional activities

Cooperation with third parties

Recommendations, communications and marketing

Advertising Effectiveness

Safety and security

Service reviews

Data analytics
We use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

Rights and claims

Data subject rights
Including verifying your identity when you exercise your data subject rights

Legal obligations

We may use your Personal information to comply with any laws or regulatory requirements applicable to us. An example might be to detect fraudulent or criminal activity, whereby we may share information with forces such as the police.

Legal requirement

Criminal activity

Consent

We may have to get your consent to use your Personal information, such as when we collect and use Special Category Personal information about you or when we want to send you electronic marketing.
Where we rely on your consent for processing, it can be withdrawn at any time. Please see the “Right to withdraw consent” paragraph of section 2.5 Data Subject Rights below for details of how to withdraw your consent.

Marketing
To measure and analyse the effectiveness of the advertising we serve you.
We may collect IP addresses and store Cookies on visitors’ devices.
Sending third-party direct marketing communications to you via email, letters or phone calls.Special Category Personal information
Express consent for collecting and processing sensitive data also known as special category personal information (such as biometric data or data concerning health).

2.5 DATA SUBJECT RIGHTS

You have several rights under UK and EU data protection law. The rights available to you depend on our reason for processing your information and are set out in the below.

TABLE OF YOUR RIGHTS

  YOUR RIGHT  DETAILS
Right to be informedWe have a legal obligation to provide you with concise, transparent, intelligible, and easily accessible information about your personal information and our use of it.
Right of accessYou have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information. When you request this data, this is known as making a data subject access request (DSAR). In most cases, this will be free of charge; however, in some limited circumstances, for example repeated requests for further copies, we may apply an administration fee.
Right to rectificationYou have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Right to erasure

You have the right to ask us to erase your personal information in certain circumstances. We have the right to refuse to comply with a request for erasure if we are processing the personal information for one of the following reasons:

  • To exercise the right of freedom of expression and information.
  • To comply with a legal obligation.
  • To perform a task in the public interest or exercise official authority.
  • For archiving purposes in the public interest, scientific research, historical research or statistical purposes.
  • For the exercise or defence of legal claims.
Right to restriction of processing

You may ask us to stop processing your personal information. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies, you may exercise the right to restrict processing:

The accuracy of the personal information is contested.

Processing of the personal information is unlawful.

We no longer need the personal information for processing, but the personal information is required for part of a legal process.

The right to object has been exercised and processing is restricted pending a decision on the status of the processing.

Right to data portabilityThis right only applies if we are processing information based on your consent or for the performance of a contract and the processing is automated.
Right to withdraw consent

You may ask us to stop processing your personal information. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies, you may exercise the right to restrict processing:

  • For marketing-related emails, you may use the unsubscribe link at the bottom of any of our communications or opt out by following the instructions set out in the relevant communications. Please note that, even if you choose to opt out of marketing-related emails, you will continue to receive transactional messages, such as information about reservations or stays, including confirmation and pre-arrival emails, or account security updates.
  • For cookie usage on websites, you may reject these/withdraw consent within our cookie banner.
  • In general, you may also withdraw consent via email to dataprotection@langhamhotels.com or (for Brilliant loyalty program) enquiry@brilliantbylangham.com, as well as through prescribed forms on our websites.

2.6 HOW TO EXERCISE YOUR RIGHTS

In most circumstances, you do not need to pay any charge for exercising your rights. We have one month to respond to you. This may in certain circumstances be extended if your request is particularly complex or you have made a number of requests.

To exercise your rights or get more information about exercising them, please contact us using the contact details provided in “HOW TO CONTACT US”, giving us enough information to identify you.

2.7 INFORMATION TRANSFER OVERSEAS

Please refer to section 1.8 above for general details of transfers of personal information overseas.

Whenever we transfer your personal information out of the EU or the UK, we ensure that a similar degree of protection is afforded to it by ensuring one of the following safeguards is implemented:

  • the recipient country ensures an adequate level of protection for personal information;
  • the recipient or recipient country is subject to an approved certification mechanism or code of conduct with binding and enforceable commitments which amount to appropriate safeguards for personal information;
  • we have put in place appropriate safeguards to protect any transferred personal information, such as a contract with the person or entity receiving the personal information which incorporates specific provisions as directed by the UK Information Commissioner’s Office or the European Commission;
  • the transfer is permitted by applicable laws; or
  • your explicit consent to the transfer has been obtained.

For further details on the mechanisms used by us when transferring your personal information out of the UK, please contact us via email to dataprotection@langhamhotels.com or by post at 27/F, Great Eagle Centre, 23 Harbour Road, Wanchai, Hong Kong.

2.8 INFORMATION SHARING

Please refer to section 1.9 above for information on how we may share your personal information.

You can contact us for the relevant information regarding the third party personal information recipients that are processing of your personal information or are based outside of the EU or UK, such as their identity, contact information, retention period, location, the processing activities undertaken by them (including types of personal information being processed, and the purposes and means of processing), their responsibilities in relation to processing of your personal information, (where applicable) the legal bases for such transfers to outside of the EU or UK and how you may exercise your personal information privacy rights against them. Our contact details are set out in section 6 “HOW TO CONTACT US”.

2.9 HOW YOU CAN COMPLAIN TO OR ABOUT US

We hope that we can resolve any query or concern you raise about our use of your information. Please contact us first using the contact details provided in section 6 “HOW TO CONTACT US” and title your email “Complaint”. All complaints will be treated in a confidential manner, and we will try our best to deal with your concerns.

You have the right to lodge a complaint with a supervisory authority in the EEA member state where you work or normally live, or where any alleged infringement of data privacy legislation occurred. A list of these and their contact details can be found here: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

The supervisory authority in the UK is the ICO, which may be contacted at https://ico.org.uk/make-a-complaint/ or by telephone on 0303 123 1113.

3. NOTICE TO CALIFORNIA RESIDENTS

VIEW SECTION 3

4. NOTICE TO MAINLAND CHINA RESIDENTS

VIEW SECTION 3

5. OTHER RELEVANT INFORMATION

5.1 COOKIES

To enhance your experience on our website, some of our web pages may use “cookies.” Cookies are text files that we place in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information unless you choose to provide this information to us by, for example, registering for one of our services. However, once you choose to furnish the site with your personal information, this information may be linked to the data stored in the cookie. We use cookies to understand site usage and to improve the content and offerings on our sites. For example, we may use cookies to personalise your experience at our web pages (such as to recognise you by name when you return to our site), save your username and/or password in password-protected areas, and to offer you products, programs, or services. We may allow select third parties to collect information about our site visitors’ online activities over time and across other websites. We do not control the third parties’ use of such information. Please refer to our Cookies Policy.

5.2 DO NOT TRACK

We currently do not recognise do not track signals from your web browser. As technology develops, we may add this feature to our sites.

5.3 LINKS TO OTHER WEBSITES

For your convenience and information, we provide links to external third-party websites, including web sites owned or controlled by independent franchisees, third party owners of hotel, resort, interval ownership, or residence properties that may use our brand name(s), or web sites not controlled or authorised by us. The linking of external third-party websites to this website does not indicate any association with or endorsement from us. We cannot always ensure, and are not responsible or liable for, any content of these external third-party websites, including, but not limited to, any advertising claims or marketing practices. Please note this Privacy Policy is limited to our own information collection practices. We strongly recommend that you read the separate privacy and security policies and the information collection practices of any external third-party website before providing any personal information while accessing those websites.

6. HOW TO CONTACT US

For any questions, concerns or requests regarding this Privacy Policy or our information collection practices, please contact us via email to dataprotection@langhamhotels.com or by post at 27/F, Great Eagle Centre, 23 Harbour Road, Wanchai, Hong Kong.

7. ABOUT THIS PRIVACY POLICY

This Privacy Policy is in accordance with the relevant laws of the Hong Kong Special Administrative Region but may be applied to personal information processing activities globally. The processing activities may be more limited in some jurisdictions due to the restrictions of their laws. For example, the laws of a particular country may limit the types of personal information we can collect or the manner in which we process that personal information. In those instances, we may adjust our internal policies and/or practices to adapt to the requirements of local law.

This Privacy Policy is effective from 29 February 2024 . From time to time, we may have to update, change, modify or amend this Privacy Policy. Subject to any applicable legal requirements to provide additional notice, when we make material changes to this Privacy Policy, we will provide you with notice as appropriate under the circumstances such as through our website or by sending you an email.

This Privacy Policy is written in the English language and may be translated into other languages.  In the event of any inconsistency between the English version and the translated version of this Privacy Statement, the English version shall prevail.

Legal Disclaimer

In addition to our rights of disclosure as mentioned hereinabove, we may also disclose your personal information when required by law or court order, or as requested by other government or law enforcement authorities, or in the good faith that disclosure is otherwise necessary or advisable including and without limitation to protect the rights or properties of our Group. This also applies when, in compliance with applicable laws, we have reason to believe that disclosing the personal information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

Contents

The information and material contained in this site are for general references only. Our Group disclaims any warranty or representation of any kind, express or implied, as to any matter whatsoever relating to this site or any linked site. To the fullest extent allowed by law, our Group shall accept no responsibility or liability in respect of any loss or damage howsoever arising. Use of or visit this site does not constitute any binding contract over any goods and services provided by our Group, nor does it constitute an offer of any goods and services provided by our Group. Goods and services may only be available in certain countries and any offer to purchase goods or to retain services from our Group are subject to acceptance by our Group and in accordance with specific terms and conditions on which they are offered.

Copyright and Trademark Notices

All contents of this website are: ©2011-2024 Langham Hotels International Limited. 2701, Great Eagle Centre, 23 Harbour Road, Wanchai, Hong Kong. All rights reserved. This website may contain or reference trademarks, patents, copyrighted materials, trade secrets, technologies, products, processes or other intellectual property or proprietary rights of Langham Hotels International Limited and/or our Group. No license to or right in any such trademarks, patents, copyrighted materials, trade secrets, technologies, products, processes and other intellectual property or proprietary rights is granted to or conferred upon you.

 
 
 
 

 

Back To Top