Personal Data Protection Act Notice for Lotus Desaru Beach Resort & Spa Sdn Bhd (Privacy Policy)
This Personal Data Protection Act (“PDPA”) explains how Lotus Desaru Beach Resort & Spa Sdn Bhd collects and handles your personal data in accordance with the Personal Data Protection Act 2010 of Malaysia. Please note that Lotus Desaru Beach Resort & Spa Sdn Bhd may amend this Privacy Notice at any time without prior notice and will notify of any such amendment via our website or by such other means of communication as deemed suitable by Lotus Desaru Beach Resort & Spa Sdn Bhd.
Introduction
Lotus Desaru Beach Resort & Spa Sdn Bhd has a strong commitment to providing excellent service to all of our customers, including respecting their concerns about privacy. We understand that visitors to our website may have questions about how this website collects and uses information. We have prepared this statement to inform you of the privacy principles that govern by Lotus Desaru Beach Resort & Spa Sdn Bhd.
This statement contains numerous general and technical details about the steps we take to respect your privacy concerns. The bottom line is that meeting your needs and expectations form the foundation of everything we do—including protecting your privacy.
1. Information collected by Lotus Desaru Beach Resort & Spa Sdn Bhd (Online and Offline)
We collect information from you when you register on our site, place an order, subscribe to our newsletter, respond to a survey, fill out a form or take part in any activity that includes personal information.
We collect personally identifiable information from you, we will ask you to voluntarily supply us with the information we need. For example, if you would like to make a reservation at our hotels, we will ask you for information such as name, address, telephone number, E – mail address, credit card number, and room preference to process your reservation. We may use your E – mail address to send a confirmation and, if necessary, might use the other information to contact you for help to process the reservation. The same types of information would be requested to complete a gift certificate transaction. As indicated below (see E – Mail section), we may also use your E – mail address to notify you about special offers and promotions.
Our Servers never automatically capture information regarding a user’s data unless the user supplies it.
When booking or registering on our site, as appropriate, you may be asked to enter your: name, E – mail address, mailing address, phone number, financial and banking account details, occupation, citizenship, Identification information from various sources or information in audio and/ or video format (including voice, video recording, closed-circuit television (“CCTV”) or security recording), images (including photographs) and location tracking / GPS information.
Lotus Desaru Beach Resort & Spa Sdn Bhd, whether directly or through our authorized agents and representatives, collects your personal data whether directly from you or indirectly from third parties such our authorized agents, dealers or representatives, your legal representatives, travel agents, credit reference agencies and/or your employer when you whether directly or through your legal representatives, agents and/or employers provide your personal data to Lotus Desaru Beach Resort & Spa Sdn Bhd in any manner in connection with any transaction
How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.
We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential.
Browsing
This website does not collect personally identifiable information from your computer when you browse the site. This means that, unless you voluntarily and knowingly provide us with personally identifiable information, we will not know your name, your E – mail address, or any other personally identifiable information.
Internet Protocol (IP) Address
An IP address is a number that is automatically assigned to your computer when you browse the Internet. When users request a page from our site; our servers log the user's current IP address. We use IP addresses to help diagnose problems. We do not link IP addresses to any personally identifiable information about you.
E – Mail
It is our intention to only send you E – mail communications that will be useful to you and that you want to receive. When you make a reservation and provide your e-mail address, we will occasionally contact you via E – mail and provide information about special offers and promotions that may be of interest to you. These communications will relate to Lotus Desaru Beach Resort & Spa Sdn Bhd offers and/or the promotions of select, reputable third parties with whom Lotus Desaru Beach Resort & Spa Sdn Bhd has a strategic marketing relationship because they offer products or services that we believe would of interest to you. We use a third party E – mail service provider to send E – mails. This service provider is prohibited from using your E – mail address for any purpose other than to send Lotus Desaru Beach Resort & Spa Sdn Bhd related E – mail. Every time you receive E – mail you will be provided the choice to opt – out of future E – mails by following the instructions provided in the E – mail, or you may opt – out by updating your online profile.
Securing the Transmission and Storage of Information:
When we ask you for credit card data when making a reservation or purchasing a gift certificate, it is transferred over a Secured Sockets Layer (SSL) line provided you are using a SSL enabled browser such as Microsoft Internet Explorer, Firefox, Safari, or Google Chrome. We also use SSL on other select pages where you would enter personally identifiable information. This ensures that your information is encrypted as it travels over the Internet. This secure mode is enabled before any such information is transmitted from your computer. You will know you are in secure mode when the padlock or key icon in the lower right – hand or left – hand corner of the computer screen appears in the locked position. In addition, when accessing a secure server, the first characters of the site address will change from http to https. After information reaches Lotus Desaru Beach Resort & Spa Sdn Bhd it is stored on a secure server that resides behind firewalls designed to block unauthorized access from outside the Company.
2. Purpose of Personal Data collected.
Your personal data is collected and further processed by Lotus Desaru Beach Resort & Spa Sdn Bhd as required or permitted by law and to give effect to your requested commercial transaction, including the following:
- To assess and process your request for our products and services.
- To establish your identity and background.
- To facilitate your participation in, and our administration of, any events including contests, promotions or campaigns.
- To administer and communicate with you in relation to our products, services and / or events.
- T o process any transactions related to products and services requested by you.
- To conduct credit references checks and establish your credit worthiness, where necessary, in providing you with the requested products and services.
- For internal investigations, compliance, audit or security purposes including without limitation for crime detection, prevention and prosecution.
- To conduct research for internal marketing analysis and analysis of customer patterns and choices.
- To better manage our business and your relationship with Lotus Desaru Beach Resort & Spa Sdn Bhd.
- To respond to your enquiries and to resolve any issues which may arise in connection with any dealings with Lotus Desaru Beach Resort & Spa Sdn Bhd.
- To contact you and/or to provide you with information regarding products, services, upcoming events, promotions, advertising, marketing and commercial materials which may be of interest to you.
- For any other purpose that is required or permitted by any laws, regulations, and guidelines including the requirements of any governmental or regulatory authorities.
Where you have indicated your consent to receiving marketing or promotional updates from Lotus Desaru Beach Resort & Spa Sdn Bhd, you may opt – out from receiving such marketing or promotional material at any time. You may select the “unsubscribe” option provided in your email address or account section on the site, or may also contact Lotus Desaru Beach Resort & Spa Sdn Bhd at the contact details provided in section (5) below.
3. Use and Disclosure
Your personal data provided to us is processed by entities (within or outside of Malaysia) within the Lotus Desaru Beach Resort & Spa Sdn Bhd (including related companies, subsidiaries, holding companies, associated companies and outsourcing partners).
Lotus Desaru Beach Resort & Spa Sdn Bhd will ensure that:
- Access to your personal data is restricted to staff who are required to process your personal data in accordance with their respective job requirements; and
- Only necessary information is released to the relevant employees.
Your personal data may be disclosed or transferred to relevant third parties (within or outside of Malaysia) as required under law, pursuant to relevant contractual relationship (for example, where we appoint third party service providers) or for the Purposes (or directly related to Purposes).
In the event of a potential, proposed or actual sale/disposal of business or interest, acquisition, merger, re – organization or funding exercise relating to any member of Lotus Desaru Beach Resort & Spa Sdn Bhd ("Transaction"), your personal data may be required to be disclosed or transferred to a third party as a result of the Transaction. You hereby acknowledge that such disclosure and transfer may occur and permit Lotus Desaru Beach Resort & Spa Sdn Bhd to release your personal data to such third party and its advisers/representatives.
Your personal data may be disclosed to the following classes of third parties:
- Third parties appointed by us to provide services to us or on our behalf (such as banks or financial institutions, auditors, lawyers, company secretary, printing companies, information technology (IT) system / software vendors, contractors, conference/training/event organizer, other advisers, travel agencies and insurance companies).
- Our business partners or affiliates who may jointly provide the service requested for (such as third party hotels or resorts, shopping mall tenants or applications resellers).
- Any financial institutions, merchants, credit card associations in connection with your use of any credit or debit card in any transactions made with us
- Law enforcement agencies including courts, tribunals or authorities, whether governmental or quasi – governmental having jurisdiction over Lotus Desaru Beach Resort & Spa Sdn Bhd.
- Relevant governmental agencies, statutory authorities, industry regulators and local councils.
- Any persons, authorities or regulators to whom Lotus Desaru Beach Resort & Spa Sdn Bhd is permitted or required to disclose to under the laws of any country.
Integrity of Personal Information
Security
The security of your Personal Information is important to us. We may store your Personal Information in different ways, including in paper form, electronic form, telephone recordings and utilizing secure document retention services (including those located off – site). We take all reasonable measures to ensure that your Personal Information is stored safely to protect it from misuse, loss, unauthorized access, modification or disclosure, including electronic (firewalls and access controls) and physical security measures.
Links to Other Websites
Our websites or apps may contain links to other websites. We are not responsible for the security or privacy of any information collected by third – party websites or other services. You should exercise caution, and review the privacy statements applicable to the third-party websites and services you use.
4. Right to access and correct personal data.
You have the right to access and correct your personal data held by us (subject always to certain exemptions) subject to payment of the prescribed fee. We will make every endeavor to ensure your personal data is accurate and up to date therefore we ask that if there are changes to your information you should notify us directly at the contact details set out in Item (5) below.
5. Limiting the processing of personal data, further enquiries and complaints
IF:
- You would like to obtain further information on how to limit the processing of your personal data;
- You have any further queries; or
- You would like to make a complaint in respect of your personal data, you may contact:
- Designation: Lotus Desaru Beach Resort & Spa Privacy Officer
- Tel : + 6 (0)7 884 2800
- Email Address : rsvn.ota@lotusdesaru.com
- Post : Lotus Desaru Beach Resort & Spa Sdn Bhd
- ATT: Privacy Officer
- Lot 1854, Jalan Desaru, Bandar Penawar, 81930 Kota Tinggi, Johor Darul Takzim, Malaysia.