6. NOTICE TO CALIFORNIA RESIDENTS

YOUR CALIFORNIA PRIVACY RIGHTS (SHINE THE LIGHT ACT)

We may share information with our affiliated companies and others for their direct marketing use unless you tell us not to. California residents who have an existing business relationship with us may opt out of such sharing by emailing us at ca-datarequest@langhamhotels.com. We will process your request promptly.

CALIFORNIA CONSUMER PRIVACY ACT RIGHTS (“CCPA”)

As of January 1, 2020 verified California residents have the right to:

  • Request and receive disclosure of our personal information collection practices during the prior 12 months, including the categories of personal information we collect, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties with whom we share such information.
  • Request and receive a copy of the personal information we have collected about them during the prior 12 months
  • Request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information sold with the category of third party recipients and a list of the categories of personal information that we disclosed for a business purpose
  • Request that we not sell personal information about them and
  • Request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.

For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

In order to make a request for disclosure California residents may contact us by calling us toll-free at (+1) 833-906-2154 or by visiting our CCPA request page here.  We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use that information only for that purpose. We may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be.  We will acknowledge receipt of your request within 10 days and will endeavor to respond within 45 days of receipt of your request, but if we require more time (up to an additional 45 days) we will notify you of our need for additional time. For requests that we not sell your information we will comply with your request within 15 days. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.

You may make a request for disclosure of our information collection practices, the information we collected about you, or our sharing practices up to twice within a 12-month period.  You may make a request that we not sell information or for deletion of your information at any time.

For requests for a copy of the personal information we have collected during the 12 months prior to your request we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us.

For requests for deletion of your information please understand that California law permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations. If we receive such a request from you we will notify any service providers we have engaged to delete your information as well.

We will not discriminate against you as a result of your exercise of any of these rights.

VISIT OUR CCPA REQUEST PAGE

OR call our toll-free number at (+1) 833-906-2154

 

SELLING INFORMATION

We do not sell you information for monetary consideration but we may transfer your information to a third party that provides us with services such as helping us with advertising, data analysis and security, which may fall under the definition of for “other valuable consideration” which may be considered a ‘sale’ under the CCPA. During the past 12 months we disclosed Identifiers, Commercial Information, Electronic Network Activity, Geolocation with third parties for a business purpose which may fall within the definition of a ‘sale’.  If you are a California resident over the age of 16 and would like to instruct us not to sell your personal information, please visit our Do-Not-Sell web page here.  We do not sell personal information of individuals we actually know are less than 16 years of age. If you request that we not sell your information we will honor your request within 15 days, will notify those who received your information in the 90 days before your request to not further sell your information and will notify you when this has been completed. Once we receive your Do-Not-Sell request we will wait at least 12 months before asking you to reauthorize personal information sales.

VISIT OUR DO-NOT-SELL WEB PAGE

OR call our toll-free number at (+1) 833-906-2154

 

USING AN AUTHORIZED AGENT

You may submit a request through someone holding a formal Power of Attorney.  Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us.  We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.

During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties.  The categories of information include information we collect from our website visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals.  For instance, we may collect different information from applicants for employment or from vendors or from customers.

Category of Information collected

Source

Business purposes* for use

Categories of third parties receiving information

Category of Information collected

Identifiers (name, alias, postal address, email address,  phone number, fax number, account name, Social Security number, driver's license number, passport number, unique personal identifier, IP address)

Source

individuals submitting information to us (including employment applications and employees)

information we may receive from third-party marketing and data partners (e.g., for making bookings and reservations)

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement;

ad customization

performing services for you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Sensitive Information (name with financial account, medical, health, and health insurance information, user name and password)

Source

individuals submitting information (including employment applications and employees)

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as payment processors, employee benefits partners)

affiliated companies

government regulators and  law enforcement (when lawfully requested)

Category of Information collected

Protected classification information (race, gender, ethnicity, religion)

Source

individuals submitting information (including employment applications and employees)

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

performing services for you

quality control

Categories of third parties receiving information

service providers (such as employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Commercial information (transaction history, products/services purchased, obtained or considered, product preference)

Source

individuals submitting information

information we automatically collect from website visitors

information we may receive from third-party marketing or data partners

information we collect for security purposes

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

ad customization

performing services to you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Electronic network activity (browsing or search history, website interactions, advertisement interactions)

Source

information automatically collected from website visitors

Business purposes* for use

functionality debugging/error repair

ad customization

internal research and development

quality control

Categories of third parties receiving information

service providers (such as marketing partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Audio, video or similar information (customer service calls, security monitoring)

Source

individuals submitting information

information we collect for security purposes

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as payment processors, employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Biometrics (fingerprints)

Source

information we collect from employees for administrative and/or security purposes

Business purposes* for use

security detection, protection and enforcement.

Categories of third parties receiving information

government regulators and law enforcement (when lawfully requested).

Category of Information collected

Geolocation (geo-targeting for digital and social media ads)

Source

information we automatically collect from site visitors

Business purposes* for use

ad customization

Categories of third parties receiving information

service providers (such as marketing partners)

Category of Information collected

Professional, educational or employment related information

Source

information submitted by individuals (including employment applications and employees)

information received from third party vendors (e.g., outsourced employees, recruitment agents)

information we observe in connection with vendor or employment oversight

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

performing services for you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as employee benefits partners)

affiliated companies

government regulators and law enforcement (when lawfully requested)

Category of Information collected

Inference from the above (preferences, characteristics, behavior, attitudes, abilities, etc.)

Source

internal analytics

Business purposes* for use

auditing relating to transactions

security detection, protection and enforcement

ad customization;

performing services for you

internal research and development

quality control

Categories of third parties receiving information

service providers (such as payment processors, mail houses, marketing partners)

affiliated companies

*MORE SPECIFICALLY, THE BUSINESS PURPOSES INCLUDE:

PERFORMING SERVICES FOR YOU

  • To administer or otherwise carry out our obligations in relation to any agreement to which we are a party
  • To assist you in completing a transaction or order
  • To prepare and process invoices
  • To respond to queries or requests and to provide services and support
  • To provide aftersales customer relationship management
  • To create and manage our customer accounts
  • To notify you about changes to our services and products
  • To administer any promotion, contest, survey, or competition
  • To provide you information regarding our products and services
  • To offer our products and services to you in a personalized way, for example, we may provide suggestions based on your previous requests to enable you to identify suitable products and services more quickly

ADVERTISING CUSTOMIZATION

For marketing and promotions we believe you may find of interest and to provide you, or allow selected third parties to provide you, with information about products and services that may interest you.

AUDITING RELATING TO TRANSACTIONS, INTERNAL RESEARCH AND DEVELOPMENT

  • To provide for internal business administration and operations, including troubleshooting, website customization, enhancement or development, testing, research, administration and operation of our websites and data analytics
  • To create products or services that may meet your needs
  • To measure performance of marketing initiatives, ads, and websites “powered by” another company on our behalf

SECURITY DETECTION, PROTECTION AND ENFORCEMENT; FUNCTIONALITY DEBUGGING, ERROR REPAIR

  • As part of our efforts to keep our property and websites safe and secure
  • To ensure the security of your account and our business, preventing or detecting fraud, malicious activity or abuses of our websites, for example, by requesting verification information in order to reset your account password (if applicable)
  • To ensure the physical security of our premises through the monitoring of surveillance images
  • To resolve disputes, to protect the rights, safety and interests ourselves, our users or others, and to comply with our legal obligations

Quality Control

    • To monitor quality control and ensure compliance with our legal obligations, codes and ordinances, policies and procedures
    • To develop and improve our products and services, for example, by reviewing visits to the websites and various subpages, demand for specific products and services and user comments
Back To Top