1. DEFINITIONS

In this Privacy Notice, the following definitions are used:

Data – personal information, including sensitive personal information and special category personal data (as defined under Data Protection Laws) about you, which we collect, receive or otherwise process in connection with your use of our stores, website and/or mobile application.

Cookies – a small file placed on your device by our website or mobile application when you either visit or use certain features of our website or mobile application. A cookie generally allows a website or mobile application to remember your actions or preference for a certain period of time.

Data Protection Laws – any applicable law for the time being in force relating to the processing of Data.

Partners – select third parties (including Tata Group Entities) with whom we have contracts for the businesses described in this Privacy Notice.

Service Providers –includes entities which provide services to Hotel Sea Esta  and to whom we may disclose your Data for a specific purpose pursuant to a written contract.

User or you- the natural person who accesses our services , websites or mobile application.

  1. WHAT DATA DO WE COLLECT ABOUT YOU

Hotel Sea Esta collects Data for various purposes set out in this Privacy Notice.

This Data includes, without limitation, the following categories:

(a)  Contact information: first and last name, email address, postal address, country, phone number and other similar contact data.

(b)  Financial information: payment instrument information, transactions, transaction history, preferences, method, mode and manner of payment, spending pattern or trends, and other similar data.

(c) Technical information: website, device and mobile app usage, Internet Protocol (IP) address and similar information collected via automated means, such as cookies, pixels and similar technologies. This may include the information mandated by the law enforcement agencies. Product and service information: Your account membership number, registration information, and program-specific information, when you request products and/or services directly from us or participate in marketing programs.

(d) Your reviews, feedback and opinions about our products, program and services.

(e) Loyalty program information: your loyalty membership information, account details, profile or password details and any frequent flyer or travel partner program affiliation.

(f) Transaction information: date of the transaction, transaction amount, transaction history and related details;

(g) Other information (which may include special category personal data): Age, sex, date of birth, marital status, nationality, details of government identification documents provided, occupation, ethnicity, religion, travel history or any other personal information provided in responses to surveys or questionnaires.

  1. HOW WE COLLECT DATA

We collect Data in the following ways:

  • Information You Give Us: We receive and store any information you enter on our website or mobile application or give us in any other way (e.g., at our outlets, stores, hotels, kiosks). Please see the section below, titled “Data Shared by You” for more information.
  • Automatic Information We Collect: We use “cookies”, pixels and similar technologies to receive and store certain types of information whenever you interact with us. Please see the section below, titled “Data That is Collected Automatically” for more information.
  • E-mail Communications: We often receive a confirmation (if your device supports such capabilities) when you open e-mail from us or click on a link in the e-mail. You can choose not to receive marketing emails from us by clicking on the unsubscribe link in any marketing email.
  • Automatic Information We Collect from Other Websites: We receive and store certain types of information when you interact with third-party websites that use our technology or with whom we have a specific agreement.

You can make choices about our collection and use of your Data. For example, you may want to access, edit or remove your Data on our website or mobile application. When you are asked to provide Data, you may decline. For more information, please see the section below, titled “Your Rights and Choices”.

  1. DATA SHARED BY YOU

Hotel Sea Esta may collect your Data in several ways from your use of our stores, website or mobile application. For instance:

(a) when you register with us to receive our products and/or services;

(b) when you conduct a transaction with us or attempt a transaction at our stores, on our website or mobile application;

(c) when you complete surveys conducted by or for us;

(d) when you elect to receive any communications (including promotional offers) from us;

(e) from the information gathered by your visit to our stores, website or mobile application;

  1. DATA THAT IS COLLECTED AUTOMATICALLY

(a) We automatically collect some information when you visit our website or use our mobile application. This information helps us to make improvements to our content and navigation. The information collected automatically includes your IP address.

(b) Our web servers or affiliates who provide analytics and performance enhancement services collect IP addresses, operating system details, browsing details, device details and language settings. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. Hotel Sea Esta uses this information to measure the site usage, improve content and to ensure safety and security, as well enhance performance of our website or mobile application.

(c) We may collect your Data automatically via Cookies, pixels and similar technologies in line with settings on your browser. For more information about Cookies, please see the section below, titled “Cookies, Pixels and Similar Technologies”.

  1. OUR USE OF DATA

Data collected by us may be used by us for the following reasons:

(a) carry out our obligations arising from any contract entered into between you and us;

(b) provide products and/or services and communicate with you about products and/or services offered by us;

(e) provide you with offers (including for financial products and/or services), personalized services and recommendations and improve your experience on our website and mobile application;

(f) operate, evaluate and improve our business, website and mobile application;

(g) generate aggregated data to prepare insights to enable us to understand customer behavior, patterns and trends with a view to learning more about your preferences or other characteristics;

(h) provide privileges and benefits to you, marketing and promotional campaigns based on your profile;

(j) communicate with you (including to respond to your requests, questions, feedback, claims or disputes) and to customize and improve our services;

(k) enforce the terms of use of our website and mobile application;

(l) protect against and prevent fraud, illegal activity, harm, financial loss and other legal or information security risks; and

(m) serve other purposes for which we provide specific notice at the time of collection, and as otherwise authorized or required by applicable law.

Where required under relevant Data Protection Laws, we may need to ensure that there is a legal basis to justify our processing of your Data. There are a number of different ways that we are lawfully able to process your Data. We have set these out below.

  • Where processing your Data is necessary for us to carry out our obligations arising from any contracts entered into between you and us: If you enter into a contract with us in relation to any of our product or service offerings, we may process certain Data about you in order to perform our obligations under this contract, including to enable us to communicate with you about such products and/or services and to process your payment transactions.
  • Where processing your personal information is within our legitimate interests: We can process certain Data where it is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of yours which require protection of your Data. The ways in which we may process your Data for the purposes of our legitimate interests include:
    1. enforcing the terms of use of our website and mobile application;
    2. generating aggregated data to prepare insights to enable us to understand customer behaviour, patterns and trends with a view to learning more about your preferences or other characteristics;
    3. improving our website and mobile application and ensuring that they run smoothly;
    4. providing you with offers, personalized services and recommendations and improving your experience on our website and mobile application;
    5. protecting against, and preventing, fraud, illegal activity, harm, financial loss and other legal or information security risks;
    6. providing offers, privileges and benefits to you, marketing and promotional campaigns based on your profile;
    7. communicating with you (including responding to your requests, questions, feedback, claims or disputes) and customising and improving our services;
    8. operating, evaluating and improving our business;
  • Where processing your personal information is necessary for our compliance with a legal obligation: In certain circumstances, we may disclose your Data for the purposes of compliance with a legal obligation (for example, to comply with a law, regulation or compulsory legal request). We do not think that any of the above activities prejudice you in any way. However, you do have the right to object to us processing your personal information in certain circumstances. If you would like to know more about these circumstances and how to object to our processing activities, please see the section below, titled “Your Rights and Choices”.

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your Data.

Further, where required under relevant Data Protection Laws, we will only process special category personal data’ (as defined under Data Protection Laws) if there is a valid legal basis, which might involve obtaining your explicit consent.

Where we use or share your Data on behalf of another entity (i.e., the controller) as part of our services offered to that entity, we do so under the instructions of that entity and that entity is responsible for ensuring that there is a legal basis for us to use or share your Data on its behalf (if such legal basis is required under relevant Data Protection Laws).

  1. MINORS

Our website and mobile application do not offer products or services for use by minors. If you are under 18, you may use our website or mobile application only with the involvement of a parent or guardian.

  1. KEEPING DATA SECURE

We will use technical and organizational measures to safeguard your Data and we store your Data on secure servers. Technical and organizational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorized access to your Data, please let us know immediately by contacting us by e-mail.

  1. RETENTION OF DATA

Hotel Sea Esta retains Data for as long as necessary for the use of our products and/or services or to provide access to and use of our website or mobile application, or for other essential purposes such as complying with our legal obligations, resolving disputes, enforcing our agreements and as long as processing and retaining your Data is necessary for our legitimate interests. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly.

Even if we delete your Data, including on account of exercise of your right under Clause 12 below, it may persist on backup or archival media for audit, legal, tax or regulatory purposes.

  1. YOUR RIGHTS AND CHOICES:

Depending on which country’s laws are applicable to you, you may have various rights in relation to the Data that we hold about you. To get in touch with us about any of your rights under Data Protection Laws, please use the contact details set in the section below, titled “How to Contact Us”. We will seek to deal with your request without undue delay, and in any event, within any time limits provided for in Data Protection Laws (subject to any extensions to which we are lawfully entitled). Please note that we may keep a record of your communications to help us resolve any issues which you raise. Where we are legally permitted to do so, we may refuse your request.

You may be entitled to the following rights in relation to your Data:

  1. a) Right to Confirmation and Access – you may ask us to confirm what Data we hold about you at any time, and request us to modify, update or delete such Data. You may also request a copy of the Data we hold about you.
  2. b) Right to Rectification – you have the right to request that we rectify any inaccurate or incomplete Data that we hold about you, including by means of providing a supplementary statement.
  3. c) Right to be Erasure – you have the right to request that we “erase” your Data in certain circumstances.
  4. d) Right to Restrict Our Use of your Data – you have the right to request that we restrict our processing of your Data in certain circumstances, for example if you dispute the accuracy of the Data that we hold about you or you object to our processing of your Data (including where we process your Data for our legitimate interests, where permitted under applicable law).
  5. e) Right to Object – this right enables you to object to us processing your Data where we do so for certain reasons.
  6. f) Right to Data Portability – you have the right to request that we transfer your Data to another third party. This right of data portability only applies to certain types of Data.
  7. g) Right to Withdraw Consent – where we have obtained your consent to process your Data for certain activities, you may withdraw this consent at any time and we will cease to carry out that particular activity that you previously consented to unless we consider that there is an alternative legal basis to justify our continued processing of your Data for this purpose.
  8. h) Right to File Complaints – you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.

To get in touch with us about these rights, or for more information about managing your Data and promotional communications, please use the contact details set out in the section below, titled “How to Contact Us”.

It is important that the Data we hold about you is accurate and current. Please keep us informed if your personal information changes during the period for which we hold it.

  1. PROCESSING YOUR DATA

We take steps to ensure that your Data is processed according to the provisions of this Privacy Notice and the requirements of applicable law.

To ensure that your Data receives an adequate level of protection, we have put in place appropriate written contracts with Tata Group Entities, Partners and Service Providers that we share your Data with.

  1. SEVERABILITY

If any court or competent authority finds that any provision of this Privacy Notice (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Notice will not be affected.

  1. COOKIES, PIXELS AND SIMILAR TECHNOLOGIES

Our website and mobile application may place and access certain Cookies on your device. Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device. We also use pixels and similar technologies to analyze traffic on our website and mobile application to improve your experience of using them.

When you first visit our website and mobile application, you will be presented with a pop-up screen informing you of our use of Cookies and asking you to provide your consent for such use. The pop-up screen may not reappear for all your subsequent visits to our website and mobile application, but you may adjust your web browser software if you do not wish to receive Cookies or web beacons, but this may prevent you from taking advantage of some of the features of our website and mobile application. Please refer to your browser instructions or help pages to learn more about these functions

  1. CHANGES TO THIS PRIVACY NOTICE

Our business changes constantly and our Privacy Notice will change also. We may e-mail periodic reminders of our notices and conditions, unless you have instructed us not to, but you should check our website and mobile application frequently to see recent changes. The updated version will be effective as soon as it is accessible. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.

  1. HOW TO CONTACT US

To request to review, update, or delete your personal information or to otherwise reach us, please submit a request by e-mailing us at info@hotelseaesta.com. You may contact us for information on Service Providers, Partners and Tata Group Entities with whom we may share your Data in compliance with this Privacy Notice and applicable law. We will respond to your request within 30 days.

GRIEVANCE OFFICER

Email: info@hotelseaesta.com