THE BELLEVUE HOTELS AND RESORTS (“we”, “us”, “our”) respects your privacy, and is committed to protecting the privacy, confidentiality and security of the personal data you provide to us or that we collect about you when you use our website www.thebellevue.com or our mobile application and other online products and services (“Site”), when you contact guest services, or when you otherwise interact with us. We are aware of our responsibilities to protect your personal data, to keep it secure and comply with the Data Privacy Act of 2012 (“R.A. 10173”), its Implementing Rules and Regulations (IRR), and other applicable privacy and data protection laws.
What is Personal Data?
Personal data refers to all types of:
Personal Information – “any information, whether recorded in material form or not, from which the identity of an individual is apparent or can be reasonably and directly ascertained by the entity holding the information, or when put together with other information would directly and certainly identify an individual;”
Sensitive Personal Information – “personal information about an individual’s race, ethnic origin, marital status, age, color, religious/philosophical/political affiliations, health, education, genetic or sexual life, legal proceedings, government issued identifiers and other information specifically established by an executive order or an act of congress to be kept classified;” and
Privileged Information – “any and all forms of information which, under the Rules of Court and other pertinent laws, constitute privileged communication, such as, but not limited to, information which a person authorized to practice medicine, surgery or obstetrics may have acquired in attending to a patient in a professional capacity.”
II. Types of Personal Data We Collect
Information you provide to us: we collect personal data (including where applicable personal and sensitive personal information) you provide directly to us. This includes:
- your full name and contact information, personal data (e.g. date of birth, nationality), Information relating to your children, residential/permanent address, passport and visa information; guest stay information, including the hotels where you have stayed, date of arrival and departure, goods and services purchased, special requests made, your service preferences, telephone numbers dialed and email, faxes, telephone and other messages received; your credit card, mobile payment and other payment details; your membership information, account details, profile or password details and any frequent flyer or travel partner program affiliation; any information necessary to fulfill special requests (for example, leisure, travel and guest preferences); your reviews, feedback and opinions about our hotels, resorts, programs and services;
- information collected through the use of closed-circuit television systems and other security systems; and
- any other personal data you choose to provide to us.
III. Information We Collect Automatically When You Use the Site:
When you access or use the Site, we automatically collect personal data about you, including:
- Log Information: we may collect system log information about your use of the Site, including the type of browser you use, access times, pages viewed, your IP address and the page you visited before navigating to our Site.
- Device Information: we may collect information about the computer or mobile device you use to access our Site, including the hardware model, operating system and version, unique device identifiers (such as, IP address, IMEI number, the address of the device’s wireless network interface, or mobile phone number used by the device) and mobile network information.
- Location Information: we may collect information about the location of your device each time you access or use our website or otherwise consent to the collection of this information. You can turn off location services for a device at any time, but this may turn off some useful features.
- Information Collected by Cookies and Other Tracking Technologies: we and our service providers use various technologies to collect information, including cookies. Cookies are small data files stored on your hard drive or in device memory that help us improve our Site and your experience, see which areas and features of our Site are popular and count visits.
- Information We Collect From Other Sources: we may also obtain personal data from our hotels and from our third party service providers (such as information relating to the credit of guests) and from public sources and combine that with information we collect through our Site where we believe that it is necessary to help manage our relationship with you.
How We Use Your Personal Data
We may use your personal data for the purposes set out below.
- For the performance of our agreement with you, in order to:
- process, confirm, provide and charge for hotel arrangements and restaurant reservations and our goods and services, and administer mobile (where applicable) and in person check in and check out;
- fulfill contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers and your employer) and vendors (e.g. credit card companies, airline operators and other loyalty programs);
- provide you with access to the content on our Site, and respond to your enquiries and requests for information and services; and
- administer, and disclose the winner of contests and lucky draw competitions conducted by us or on our behalf.
- For our legitimate commercial interests, in order to:
- understand how our products and services impact you, provide you with a better, more personalized level of service, and further develop our products and services, including linking or combining with information we get from others to do so;
- provide privileges, benefits and services to you, process applications for and administer membership programs, verify and validate your ability to access and use certain products, services and information.
- monitor your use of our Site and your bookings, and conduct analysis of the use of our Site in order to operate, evaluate and improve our Site and our services, understand your preferences, display customized content to you on our Site which may be of interest to you and troubleshoot any problems;
- conduct market analysis, market research, customer satisfaction and quality assurance surveys to improve our hotels, resorts and services; and
- provide for the safety and security of guests.
- To comply with legal obligations to which we are subject:
- meet legal and regulatory requirements of the government and/or any appropriate government agency and administer general record keeping.
- Use of information based on your consent:
- facilitate direct marketing, promotional and customer management purposes, including sending you promotional communications (including without limitation e-mails and push notifications) or special offers if you have consented to receive the same;
- for any other purposes for which we have your consent.
In order to make an online hotel reservation, enroll with our programs, promos or if you make an enquiry, you must provide us with the personal data marked with an asterisk or otherwise indicated as mandatory, otherwise we may not be able to process your request or comply with our legal obligations.
IV. Disclosures of Your Personal Data
We may share your personal data:
- between and among THE BELLEVUE HOTELS AND RESORTS and a limited number of our affiliates as are relevant for the above purposes and to facilitate the operation of our business, but we shall only do so on a need to know basis;
- with the operator of the hotel or the hub of hotels which you book, stay or visit for the above purposes;
- with third-party payment processors, payment service providers, IT and marketing support service providers and other consultants, vendors and service providers who need access to such information to carry out work or provide services on our behalf or who help us to provide the Site to you;
- with anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers and your employer) in order to fulfill contractual obligations;
- with any law enforcement, courts, Government or regulatory bodies, or otherwise in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation, court order or legal process;
- if we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property and safety of THE BELLEVUE HOTELS AND RESORTS, our affiliates or others;
- in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company, or any change of management of a hotel;
- with our advisors, which includes our accountants, auditors, lawyers, other professional advisors and business contacts for the purpose of assisting us to better manage, support or develop our business and comply with our legal and regulatory obligations;
- with any other party at your consent or at your direction; and
- otherwise as permitted or required by applicable laws and regulations
V. Safekeeping of Your Personal Data
- Use of secured servers and firewalls, encryption on computing devices;
- Restricted access only for qualified and authorized personnel; and
- Strict implementation of information security policies.
Your personal data will be transferred to, and stored at a location found in the hotel in which you stay or visit. It will also be accessed and processed by our designated personnel. Your personal data will only be transferred to locations outside of the hotel where we are satisfied that adequate or comparable levels of protection are in place to protect personal data held in that jurisdiction, and when we are required to do so, with your consent.
Data subject are primarily responsible for ensuring that all personal data submitted are accurate, complete and up to date. From time to time, the Company requests update data; it is important that subjects cooperate and provide the same.
The Company takes reasonable steps to make sure that the personal data it collects, generates, uses or discloses are accurate, complete, and up to date.
VI. Direct Marketing
From time to time, we would like to use your name, e-mail address, mobile phone number, and other relevant contact information to send you either via e-mails, SMS messages, telephone calls, push notifications, post, or social media (e.g. Facebook) information that we think may be of interest to you, including about our hotels, products and services, news about our programs, satisfaction surveys, events, offers and promotions, but we can only do so with your consent.
You may opt-out from receiving marketing communications at any time, free of charge, by following the unsubscribe instructions contained in the marketing communications or contacting THE BELLEVUE HOTELS AND RESORTS thru (+632) 8 771 8181 or [email protected]. If you opt out of these communications, we may still send you non-promotional communications, such as those about your reservation, unless we are prohibited from doing so by applicable laws.
VII. Retention of Personal Data
VIII. Rights of data subjects under the Data Privacy Act of 2012?
Under Republic Act No. 10173, or the Data Privacy Act of 2012, individuals whose personal information is collected, stored and processed are called “data subjects”. They are accorded rights and may invoke the law against abuses committed by the receiver of data.
Right to be Informed – means that the data subject has the right to know when his or her personal data shall be, are being, or have been processed. Collection and processing of data without the data subject’s knowledge and explicit consent is made unlawful, and entities in possession of personal data is obligated to inform the data subject of any breaches or compromises in their data.
Right to Object – requires that the consent of the data subject be secured in the collecting and processing of his or her data. It grants the data subject the choice of refusing to consent, as well as the choice to withdraw consent, as regards collection and processing. As earlier stated, any activity involving a data subject’s personal data without his or her consent is deemed illegal.
Right to Access – involves being able to compel any entity possessing any personal data to provide the data subject with a description of such data in its possession, as well as the purposes for which they are to be or are being processed. Furthermore, other details regarding the processing of their information may be obtained, such as the period for which the information will be stored, and the recipients to whom the information may be disclosed. This must be complied with in an easy-to-access format, accompanied by a description in plain language.
Right to Correct or Rectification – allows the data subject to dispute any inaccuracy or error in the personal information processed, and to have the personal information controller correct it immediately. In line with this, the personal information controller must ensure that the new and the retracted information will be accessible, and that third parties who received the erroneous data will be informed, upon the request of the data subject.
Right to Erasure or Blocking – allows the data subject to suspend, withdraw or order the blocking, removal, destruction of his or her personal information from the personal information controller’s filing system upon discovery and substantial proof that the personal information are incomplete, outdated, false, unlawfully obtained, used for unauthorized purposes or are no longer necessary for the purposes for which they were collected. This is akin to the recognized right to be forgotten.
Right to Damages – entitles the aggrieved data subject to be indemnified for any damages sustained due to inaccurate, incomplete, outdated, false, unlawfully obtained or unauthorized use of his or her personal information.
Right to Data Portability – enables the data subject to obtain and electronically move, copy, or transfer personal data for further use. This also carries out another policy behind the law–ensuring the free flow of personal information.
Right to File a Complaint – if you feel that your personal information has been misused, maliciously disclosed, or improperly disposed, or that any of your data privacy rights have been violated, you have a right to file a complaint.
Transmissibility of Rights of the Data Subject – means that the lawful heirs and assigns of the data subject may invoke the rights of the data subject for, which he or she is an heir or assignee at any time after the death of the data subject or when the data subject is incapacitated or incapable of exercising the rights as enumerated in the immediately preceding section.
IX. Our Commitment to Data Security
We have in place reasonable technical and organizational measures to prevent unauthorized or accidental access, processing, erasure, loss or use of your personal data and to keep your personal data confidential. These measures are subject to ongoing review and monitoring. To protect your personal data, we also require our third-party service providers to take reasonable precautions to keep your personal data confidential and to prevent unauthorized or accidental access, processing, erasure, loss or use of personal data, and to act at all times in compliance with applicable data protection laws.
X. Warranties and Disclaimer from liability due to Electronic Communication Failure.
We cannot guarantee that our Site will function faultless and without any interruptions. We shall not be liable for damages, of whatever kind, direct or indirect, that may result from the use of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications, interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses or due to acts of God.
XI. Children and Minors
Except where required by local laws, we do not knowingly collect personal data from minors. If you are a minor, you may only use our Site and services with the permission of your parent or guardian.
XII. Third Party Sites
XIIL. Contact Us
If you have any questions or inquiry about how we handle your personal data, or would like us to update the data we maintain about you and your preferences, please contact our data protection officer by e-mail at [email protected] or by mail at North Bridgeway, Filinvest City, Alabang, Muntinlupa City, Philippines 1781.
XV. Governing Law
Last Updated: May 16, 2023
If you do not wish to accept cookies in respect of your use of this Site, you should stop using the Site, or turn off your cookies, but this may affect the functionality of the Site.
I. WHAT IS A COOKIE?
II. COOKIES USED ON THE SITE
Some of these are session cookies which are temporary and allow us to link your actions during a browser session. These cookies help us identify you as a unique user (by storing a randomly generated number).
III. GOVERNING LAW
This Cookies Policy is governed by and shall be construed in accordance with the laws of the Philippines.
Any disputes arising in connection with this Cookies Policy and interpretation thereof shall be governed by and construed in accordance with the laws of the Philippines. Any dispute arising out of or in connection with this Cookies Policy, including any question regarding its existence, validity or termination, shall be referred to and resolved by arbitration in accordance with the Data Privacy Act of 2012 (R.A. 10173) and the Alternate Dispute Resolution Act of 2004 (R.A. 9285). The place of mediation shall be Muntinlupa City.
IV. CONTACT US
Should you have any other inquiries, feedback, concern, clarification, and/or complaints you can always contact us and/or reach the Common Data Protection Officer (DPO) through the following contact details:
Marites J. Canada
BH&R (Bellevue Hotels & Resorts)
North Bridgeway, Filinvest City, Alabang, Muntinlupa
Metro Manila, Philippines 1781
Telephone: (632) 8 771 8181 | Fax: (632) 8 771 8282
In case any data subject considers our processing of his/her personal data to be inconsistent with applicable data protection law, a complaint maybe lodged with the local supervisory authority for data protection or before the National Privacy Commission (NPC). For further details, please refer to NPC’s website: https://privacy.gov.ph