H Hotels & Resorts and its subsidiaries and affiliated companies (hereinafter referred to as “H Hotels & Resorts” “us” “we” or “our”) is committed to respecting your privacy and to complying with applicable data protection and privacy laws. You can visit www.hhoteldubai.com (the “Site”) without disclosing any personally identifiable information about yourself.
The H Dubai - Code of Behavior
- The H Hotel strives to provide a professional work environment and will take all the necessary steps to ensure that the work environment remains pleasant for all colleagues at all times
- An integral part of this type of work environment is for all colleagues to treat each other with courtesy, consideration and professionalism
- We will not tolerate harassment of any colleague by any other colleagues, supervisor, vendor, guest, client or customer
Harassment for any discriminatory reason, such as race, color, sex, national origin, disability, sexual orientation, age and religion is prohibited and may be subject to the Hotel and/or the individual harasser being liable for any such unlawful conduct
- With this policy, the Hotel prohibits not only unlawful harassment, but also other unprofessional and discourteous actions
1. What kind of information is collected?
Anonymous Information – Anonymous information cannot be tied directly to personally identifiable information. We use this information to improve our site. This information helps us focus our resources on the features that are most popular with our guests. We may collect information regarding your IP address, browser type, domain name and access time. This information is used for our own research purposes and is separate from any personally identifiable information that you may submit via this site. We do not link IP addresses to any personal information. In rare instances, IP addresses may be used to assist in deterring and/or preventing abusive or criminal activity on the website.
2. Personally Identifiable Information
The following forms on www.hhoteldubai.com collect personally identifiable information:
Newsletter subscription form – Information in this form will be used to send H Hotels & Resorts periodic newsletter updating guests.
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we strive to protect your information, H Hotels & Resorts and its affiliates can’t ensure or warrant the security of any information you transmit to us or from our online products or services, and you do so at your own risk. Once we receive your transmission, H Hotels & Resorts uses industry standard efforts to safeguard the confidentiality of your information, such as firewalls and Secure Socket Layers. However, “perfect security” does not exist on the Internet.
3. Who will use this information?
As a general rule, H Hotels & Resorts will not disclose any specific personal information that you submit to us about you (“Personal Information”) in a manner that connects you with the Personal Information, except when we have your explicit permission or under special circumstances, such as when we believe in good faith that the law requires it or under the circumstances described below
4. How can I control my information?
In case you change your mind or some personal Information changes (such as your mailing address or e-mail address), we will try to provide a way to correct, update or remove the personal Information that you have provided us. We offer Guests the opportunity to “opt out” of having Personal Information shared with H Hotels & Resorts and/or its affiliated companies such as un-registering from the H Hotels & Resorts Newsletter. Additionally, if a Guest wishes to update Personal Information or objects to any usage provided herein for any reason, he/she may e-mail the requested change to: firstname.lastname@example.org
5. What Are Cookies?
A cookie is a small piece of data that a website can send to your browser for storage (i.e. so it can later be read back from that browser). The purpose of cookies includes providing more tailored communications from websites. Cookies may collect information (including Personal Information), such as user preferences, general usage information, membership information and unique identifiers. Cookies may in some circumstances also remain on your device after you leave the website. Your browser will return the cookie information only to the domain from where the cookie originated, i.e., the Website, and no other website can request this information. When you return to the website, the cookie is sent back to the web server, along with your new request. Your browser may provide settings where you can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or reject the cookie altogether.
FORM FOR CONSENSUS TO
COLLECT, PROCESS AND STORE PERSONAL DATA
BY H HOTEL DUBAI AND H HOTEL AND RESORT MANAGEMENT
This is a form to make you fully aware of your rights under European Union Regulation no. 2016/679 concerning the collection, process and storage of your personal data by the Co-Controllers (as defined below).
1. Why we collect, process and store your personal data
We collect personal data (the “Personal Data”) needed for the establishment and maintenance of our business relationship. In particular, we collect Personal Data for the following purposes:
A. to comply with the law and to follow guidance and recommended best practice of police, government, judicial and regulatory bodies, as well as to share your Personal Data with any of such entities and authorities. Legitimacy for processing: legal obligation;
B. to manage (i.e., making, changing and/or cancelling) your reservation and the other services you request. Legitimacy for processing: performance of a contract;
C. to include you in our marketing lists and mailing lists or other communication channels, and also to inform you about new services and products and about sales, after-sales, discounts, events, fidelity programs and fidelity rewards. Legitimacy for processing: your consent;
D. to profile you for quality and marketing purposes and to perform and/or test the performance of our products, services and internal processes, including through satisfaction surveys. Legitimacy for processing: your consent;
E. to share your Personal Data with other companies belonging to the same group of H Hotel and Resort Management or H Hotel Dubai for administrative and/or accounting purposes. Legitimacy for processing: performance of a contract or our legitimate interest, as the case may be;
F. to share your Personal Data with other companies belonging to the same group of H Hotel and Resort Management or H Hotel Dubai, including for marketing purposes. Legitimacy for processing: your consent; and
G. to share your Personal Data with business partners and services providers. Legitimacy for processing: your consent.
Unless otherwise required by law, we will store your Personal Data for five years from the date when the relevant Personal Data is collected. After that the Personal Data will be deleted.
2. Who will handle your personal data
Co-controllers of the processing are H Hotel and Resort Management, a limited liability company duly organized and existing under the laws of the Emirate of Abu Dhabi, United Arab Emirates, with registered office in Abu Dhabi (UAE) at CI Tower, PO Box 32932 ( “HHRM”) and H Hotel Dubai, a limited liability company duly organized and existing under the laws of the Emirate of Dubai, United Arab Emirates, with registered office in The H Hotel, Sheikh Zayed Road, Dubai (“H Hotel Dubai” and, collectively with HHRM, the “Co-Controllers”), which have entered into a specific agreement in order to define their relevant role and responsibility (you can read the full version of such agreement on our website: ___________).
In general, the Co-Controllers will be the ones collecting, processing and storing the Personal Data. However:
– the Co-Controllers may share such Personal Data also with companies located outside the European Union;
– processing and/or storage may be assigned to specialized, reliable and highly reputable companies or organizations expert in data processing and storage;
– use may be licensed, also against compensation, to specialized and reputable marketing companies.
Any third parties, located outside the European Union, to which we will share, transfer or license-to-use the Personal Data (a) shall be bound by a specific agreement in compliance with European Union Regulation no. 2016/679 or (b) shall be located in a territory, or shall operate in a sector, where the European Commission has decided that there is an adequate level of protection of personal data, unless such sharing, transfer or license-to-use is required for the conclusion or performance of a contract between you and us or in case of occurrence of any of the other exceptions set forth under Article 49 of the European Union Regulation no. 2016/679.
3. Who is in charge of your personal data treatment
Unless otherwise promptly communicated to you, the official in charge of your Personal Data shall be the Data Protection Officer – DPO of H Hotel Dubai, Mr. ______, [address], telephone no ____ and email address _______ (the “Data Protection Officer” or “DPO”). The DPO will be glad to interact with you for any issues concerning your rights under European Union Regulation no. 2016/679.
4. What are your rights under the European Union Regulation no. 2016/679
Please note that, according to European Union Regulation no. 2016/679, you have, inter alia, the following rights:
– Right of access: Right to obtain from the controller confirmation as to weather or not personal data concerning you are being processed and, where that is the case, access to your personal data and information regarding the purpose of the processing, the categories of the personal data concerned, the recipients or categories of recipients to whom the personal data have been or will be disclosed (in particular recipients in third countries or international organizations), the envisaged period for which the personal data will be stored, your rights under European Union Regulation no. 2016/679, the existence of automated decision-making, and, in case of personal data not collected from you, any available information as to their source;
– Right to rectification: Right to obtain from the controller the rectification of inaccurate personal data concerning you;
– Right to erasure: Right to obtain from the controller the erasure of personal data concerning you;
– Right to restriction of processing: Right to obtain from the controller restriction of processing;
– Right to data portability: Right to receive personal data concerning you in a structured, commonly used and machine-readable format and right to transmit those data to another controller;
– Right to object: Right to object, on grounds relating to your particular situation, to processing of personal data concerning you;
– Right to withdraw the consent at any time;
– Right to lodge a complaint with a supervisory authority.
5. Why we conform to the principles of European Union Regulation no. 2016/679
HHRM is a company that operates worldwide, entering into transactions with clients having interests inside and outside the European Union, and, together with H Hotel Dubai, desires to comply with European Union Regulation no. 2016/679, considering the same as the utmost regulation concerning the data protection, in order to guarantee customers the best protection in this field.
6. Who can you talk to in order to check about the handling of your personal data and to exercise your rights under European Union Regulation no. 2016/679
For any matter relating to your Personal Data, including the handling of the same and the exercise of your rights under European Union Regulation no. 2016/679, please feel free to contact the DPO. In addition, please also note that you may contact our representative in the European Union, _________________________, address _________________________________, tel. __________________ and email address ________________________, which will be glad to interact with you for any issues concerning your rights under European Union Regulation no. 2016/679.][NOTE: The appointment of a representative of the controller is mandatory in case the controller is not established in the European Union. The representative of the controller shall be established in a Member State.]