The privacy and security of your personal information is very important to us. We want you to trust that the information that you have provided to us is being properly managed and protected. This policy sets out how we collect, process and look after your personal data and tells you about your rights and how the law protects you.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
PURPOSE AND DATA RETENTION
We only process personal information for a specific purpose for which the data was collected and will only store and use personal information for as long as necessary for this purpose including for the purposes of satisfying any legal, accounting, or reporting requirements. You do not have to provide us with your personal information but in some cases, this means we’ll be unable to fulfill your request.
We are committed to collecting and using your information in accordance with applicable data protection laws. We will only collect, use and share information where we are satisfied that we have an appropriate legal basis. This may be because:
you have provided your consent to us using the personal information;
our use of your information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities.
SECURE ENVIRONMENT FOR PERSONAL INFORMATION
We are committed to protecting the confidentiality and security of the information that you provide to us. To do this, security measures are put in place to protect against any unauthorized access, disclosure, damage or loss of your information. The collection and storage of information can never be guaranteed to be completely secure, however, we take steps to ensure that appropriate security safeguards are in place to protect your information.
CONTROL AND GOVERNANCE
To ensure your data is and stays secure, we have a Privacy Council. Our Privacy Council is a dedicated group, consisting of members of our executive management, that ensures that we are compliant with data protection rules.
YOUR RIGHTS UNDER EU DATA PROTECTION LAWS
You have legal rights under EU data protection laws in relation to your personal information.
- Right of access by the data subject
Right of access means, in short, that we are required to provide you a copy of your processed personal data upon request. This enables you to check that we are lawfully processing it.
- Right to rectification and erasure
Because ownership of your personal information is very important, you have the right to ask us to rectify any information about you which is incorrect and ask us to erase your personal information if you think we no longer need to use it for the purpose we collected it from you. This applies also to the following situations: if you have either withdrawn your consent to us using your information (if we originally asked for your consent to use your information), or exercised your right to object to further legitimate use of your information, or where we have used it unlawfully or where we are subject to a legal obligation to erase your personal information.
- Right to restriction of processing
In certain circumstances you can ask us to restrict our use of your information, for example:
where you think the information is inaccurate and we need to verify it; where our use of your information is unlawful, but you do not want us to erase it; where the information is no longer required for the purposes for which it was collected but we need it to establish, exercise or defend legal claims; or where you have objected to our use of your personal information but we still need to verify if we have overriding grounds to use it.
- Right to object
EU data protection laws give you the right to object to the processing of your personal information in certain circumstances if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information. If you raise an objection, we may continue to use your information if we can demonstrate that we have compelling legitimate interests to use the information. You can also ask us to stop using your data for direct marketing purposes.
- Data Portability
Where applicable, it is also your right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if: The processing is based on consent or on a contract, and the processing is carried out by automated means.
You have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will then tell you of the progress and outcome of your complaint. The supervisory authority in the UK is the Information Commissioner’s Office.
We also use third party advertising technology to serve hotel advertisements to you on other sites. The technology gathers anonymous data about your Site visits and visits to other sites where hotel advertisements appear in order to serve you with hotel advertisements on third party sites. When these advertisements are served to you, third party persistent cookies may be put on your computer.
For example, we use AdRoll (www.adroll.com, https://www.adroll.com/about/privacy/ to serve you customized advertisements on third party sites based on your interaction with the Site. As you browse the Site, advertising cookies will be placed on your computer so that we can understand what you are interested in. Our display advertising partner, AdRoll, then enables us to present you with retargeting advertising on other sites based on your previous interaction with the Site. The techniques our partners employ do not collect personal data. You can visit https://www.networkadvertising.org/choices/ to opt out of AdRoll and its partners’ targeted advertising.
The hotels, through their respective third party advertising/marketing vendors, may also use pixel tags to collect Anonymous Data. The pixel tags are computer coding usually fixed to Site pages or emails that allows our vendors to anonymously collect certain pieces of information. The hotels, in conjunction with our advertising/marketing and email vendors, may use pixel tags to:
- Allow our advertising/marketing vendors to recognize cookies on your browser when you visit the Site. This assists our advertising/marketing vendors with determining if you reached the Site by clicking on a specific ad and/or to track your responses to hotel advertisements served on third party sites. It may also reveal if a Site reservation was executed.
- Determine your technical ability to receive HTML emails. The pixel tag allows us to know if an email sent to you is opened and marks email addresses as ones that can receive HTML emails.
- Determine how many users open a specific email. This allows us or our email vendor to collect anonymous and aggregated statistics about a specific email blast or campaign.
- Allow us or our third party advertising/marketing vendors to deliver targeted advertising on third party sites.
- Allow us to make the Site more usable and make our customer support better.
- Allow us to deliver to you promotional materials, offers, and other information that we believe would be relevant.
You may set or configure your browser to block or disable cookies. Please review your browser instructions for details on that. Please note that by disabling cookies, this could affect your use of the Site and/or restrict your interaction with the Site. The Site currently does not respond to “do not track” requests. Please note that our advertising/marketing vendors may handle “do not track” requests differently from the hotels.
For general data protection regulation purposes, the “data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
The data controller is:
Cycas Hospitality BV
1013 AP, Amsterdam
How to contact us
For any questions, concerns or requests, please contact us by email: email@example.com
DialogShift chat application on our website
Our website uses the chat application of DialogShift GmbH, Rheinsberger Str. 76/77, 10115 Berlin. This application processes and stores data for the purpose of web analysis, to operate the chat application and to answer queries.
For the operation of the chat function, the chat texts are stored and a cookie with a unique ID is set – this is used to recognise you as a customer.
The possible disclosure of e.g. name, e-mail address or a telephone number is voluntary and with the consent to temporarily use and store this data for the purpose of contacting you until the end of the contact. This personal data is deleted after 90 days.
The legal basis for data processing is Article 6 (1) lit. F DS-GVO based on our legitimate interest in effective customer support, for statistical analysis of user behaviour and for optimisation purposes of our offers.
DialogShift offers at
for further information on the collection and use of data and on your rights and options for protecting your privacy.