1000 Reasons – PRIVACY STATEMENT
Last Updated: 8th April 2020
This privacy statement (“Statement”) applies to 1000 Reasons, its subsidiaries and all of the hotels within the 1000 Reasons Portfolio of Brands (collectively, “1000 Reasons,” “we,” or “us”). At 1000 Reasons, we strive to deliver outstanding products, services, and experiences around the world. We value your business and, more importantly, your loyalty. We recognise that privacy is an important issue. We have developed this Statement to explain our practices regarding the personal information we collect from you or about you on this site or via our apps, through written or verbal communications with us, when you visit one of our properties, or from other sources. While this Statement broadly describes the practices, we have adopted across 1000 Reasons globally, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g., certain jurisdictions may require affirmative consent to send marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein in order to enable us to comply with local requirements. If you are a resident of the European Economic Area (EEA), please see Appendix A for additional information regarding 1000 Reasons use of your personal information.
By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this Statement.
Please note that this Statement does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.
PERSONAL INFORMATION WE COLLECT
We collect personal information at every touch point or guest interaction, and in conducting every aspect of our business, we may collect personal information. This personal information may include: your name, mailing address, billing address, email address, phone number, information related to your reservation, stay or visit to a property; participation in a membership or loyalty program; participation in a contest, or marketing program (even if you do not stay at one of our hotels); information related to the purchase and receipt of products or services; personal characteristics, nationality, passport number and date and place of issue; travel history; payment information, such as your payment card number and other card information, as well as authentication information and other billing and account details associated with mobile billing; guest preferences; marketing and communication preferences; information about vehicles you may bring onto our properties; reviews and opinions about our Portfolio of Brands or properties (if they are identified or associated with you); hotel, airline and rental car packages booked; groups with which you are associated for stays at hotels; information provided on membership and account applications; and other types of information that you choose to provide to us or that we may obtain about you.
We may ask for details on joint travellers, including their names, and the age of the driver of the rental car. We may also collect information related to conversations, including recording or monitoring customer service calls for quality assurance and training purposes, and other communications such as in-app messages and SMS.
In addition, we collect other personal information in certain cases, such as:
- Surveys: We may request demographic data or other personal information in customer surveys.
- On-property Collection: We collect additional personal information during registration/check-in at our properties, including such information as may be required by local laws. We may also use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via key cards and other technologies). We may also use closed-circuit television and other technologies that record sound or video for the protection of our staff, guests and visitors to our properties where permitted by law. In addition, we may collect personal information in connection with on-property services, such as concierge services, and our Digital Key functionality in the 1000 Reasons App (where available).
- Event Profiles: If you plan an event with us, we collect meeting and event specifications, the date of the event, number of guests, details of the guest rooms, and, for corporate events, information on your organisation (name, annual budget, and number of sponsored events per year). We also collect information about the guests that are a part of your group or event. If you visit us as part of a group, we may have personal information about you provided to us by the group and may market to you as a result of your stay with a group or attendance at an event in accordance with your preferences as permitted by law. If you visit us as part of an event, we may share personal information about you with the event planners, as permitted by law. If you are an event planner, we may also share information about your event with third-party service providers who may market event services to you as permitted by law.
- Social Media: If you choose to participate in 1000 Reasons-sponsored social media activities or offerings, we may collect certain information from your social media account consistent with your settings within the social media service, such as location, check-ins, activities, interests, photos, status updates and friend list. We may also allow you to enter into contests to provide photos, such as of your stay with us, which you may share with your connections on social media for votes, shared offers or other promotions.
- Forward-to-a-Friend: From time to time, we may offer a feature that allows you to send an electronic postcard or otherwise share a message with a friend, whether via the Internet, a stand-alone kiosk or mobile device. If you choose to use this feature, we will ask you for the recipient’s name and email address, along with the text of any message you choose to include. By using this feature, you represent that you are entitled to use and provide us with the recipient’s name and email address for this purpose.
- Franchise and Ownership Opportunities: If you are interested in obtaining more information about franchise or ownership opportunities, we may collect information about you in order to assess your suitability to become a franchisee or owner. We may combine the information you provide to us with information we obtain from third parties, such as credit reporting agencies and public records databases. We use this information to conduct due diligence on potential franchisees and owners.
In addition to the information we collect from you directly, we may also infer information.
PERSONAL INFORMATION WE COLLECT FROM THIRD PARTIES
We may also collect information about you from third parties, including information from our payment card, and other partners, from your social media services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. We use and share this information (and may append this information to the other information we have on file for you) for the purposes described in this Statement.
USE OF PERSONAL INFORMATION COLLECTED ABOUT YOU
We use your personal information in a number of ways, including to provide and personalise the services you request and expect from 1000 Reasons, to offer you the expected level of hospitality in-room and throughout our properties, conduct direct marketing and sales promotions and as set forth below in more detail. We will collect your consent prior to processing your data where required by applicable law.
We are obligated to collect certain data, including your name, address, payment information, and, in certain countries, travel document information, in order to process your reservation. Failure to provide this information will result in our inability to process your reservation.
- Service Administration: We use your personal information to administer programs in which you participate, including providing you with access to your account information, such as rewards status and offers for which you are eligible; to fulfil services that are part of such program; to enable direct communication between properties within the 1000 Reasons Portfolio of Brands; and between the 1000 Reasons Portfolio of Brands and you; and to facilitate collections.
- Meeting and Event Planning: We may use your personal information to provide you with information about meeting and event planning.
- Marketing and Communications: Where permitted we may use your personal information to provide or offer you newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences you have expressed. We use your information to provide in-stay messaging, account alerts, and reservation confirmations; to send you marketing messages; and to conduct surveys, prize draws, and other contests. We may provide these communications via email, online advertising, social media, telephone, text message (including SMS), push notifications, in-app messaging, and other means (including on-property messaging). With your consent, we also use user-generated content (such as photos) from social media services to deliver display advertising or on our website and apps. We may also collect information from your payment card, which can be appended to personal information and used by 1000 Reasons or its business partners to recognise what type of card you have, such as whether or not it is a 1000 Reasons co-branded card and/or the bank or network of the card, and present and/or send you targeted marketing messages based on your payment method and in accordance with your communication preferences. We may also partner with third parties to learn whether a visitor to our site has a cash-back offer associated with their payment card and to deliver the visitor advertising and information that explains how to take advantage of that offer through a stay at a hotel within the 1000 Reasons Portfolio of Brands.
- Service Improvements: We may use your personal information to improve 1000 Reasons services and to ensure that our site, products, and services are of interest to you. We also use your personal information to provide you with the expected level of hospitality in-room and throughout our properties. This may include providing you with the ability to control your in-room technology through our website or apps on your personal devices.
- eFolio Program: We may enroll you in our eFolio program and use your email address to send you your hotel bill via email. It is your responsibility to ensure that we have the correct (and preferred) email address for you. If you make a reservation for another person using your email address, that person’s eFolio will be sent to your email address.
- Data Correctness, Analytics and Personalisation: We may aggregate your personal information with data from third-party sources for purposes of keeping information up to date and analytics. We also rely on information from third parties in order to provide better, more personalized service. For example, if you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal and social or share and use it as described elsewhere in this Statement.
PERSONAL INFORMATION WE SHARE
In order to offer you the expected level of hospitality and to provide you with the best level of service, we may share your personal information among members of the 1000 Reasons Worldwide Portfolio of Brands, our service providers, and other third parties as set forth in detail below:
- Electronic Billing Program: If you receive an eFolio by email (as discussed above), a summary detailing the goods and services provided to you during your stay will be shared with the payment card provider and, if you participate in a corporate billing program and use a corporate payment card, the payment card provider may share that summary with your employer.
- Group Events or Meetings: If you visit 1000 Reasons as part of a group event or meeting, information collected for meeting and event planning may be shared with the organisers of those meetings and events, and, where appropriate, guests who organise or participate in the meeting or event.
- Business Partners: We may partner with other companies to provide you with products, services, or offers based upon your experiences at our properties and may share your information with our business partners accordingly. For example, we may help to arrange rental cars or other services from our business partners and share personal information with our business partners in order to provide those services. We may also share your personal information, such as your email address, with our corporate travel partners to help them assess compliance with travel policies or participation in special rate plans or to engage in co-branded marketing with our corporate travel partners. We may also work with third parties, such as our airline and payment card partners, to allow us and our partners to deliver advertisements to our shared customers. Our partners may be able to provide more relevant offers to you based upon information that we share about your experiences at our properties, as well as information in your 1000 Reasons profile. Additionally, we may allow third-party partners to recognize you when you visit that partner’s website or app, or to recognise you as one of their customers when you visit 1000 Reasons websites or apps so that they may provide more relevant offers to you. We may share a hashed version of your email address with third parties using available security measures that may match it with their own-hashed versions of email addresses so that they can send online and email advertisements to you on our behalf.
- Co-Sponsors of Promotions: We co-sponsor promotions, prize draws, competitions or contests with other companies, and we provide prizes for sweepstakes and contests sponsored by other companies. If you enter one of these sweepstakes or contests, we may share your information with the co-sponsor or third-party sponsor.
- On-property Services: We may share personal information with third-party providers of on-property services such as concierge services, spa treatments, golf, or dining experiences.
- Service Providers: We rely on third parties to provide services and products on our behalf and may share your personal information with them as appropriate. Generally, our service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal information, except as may be required by law. However, our fraud detection service providers may use, but not share, your personal information for fraud detection purposes. We may use service providers to communicate news and deliver promotional and transactional materials to you on our behalf, including personalized online and mobile advertising in accordance with your preferences and applicable law. Please see our Cookies Statement for more information. 1000 Reasons will only work with parties that offer a method to opt-out of such advertising. We may also share information with service providers to allow you to create itineraries by selecting sites, activities, and restaurants from lists that we have personalised for you based on your preferences and third-party data.
- Business Transactions: As we develop our business, we might sell, buy, restructure or reorganise businesses or assets, or cease being the manager of a hotel that is currently part of our portfolio. In such circumstances, 1000 Reasons may transfer, sell or assign information collected, including, without limitation, Other Information (described below) and personal information, to one or more affiliated or unaffiliated third parties in connection with these business transactions. To the extent that local laws require it, we will provide notice of our intent to transfer personal data to a third party for this purpose and explain how you can object to such transfer.
- Other: In addition, 1000 Reasons may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect the rights, privacy, safety or property of 1000 Reasons, site visitors, guests, employees or the public, (v) permit us to pursue available remedies or limit the damages that we may sustain, (vi) enforce our websites’ terms and conditions, and (vii) respond to an emergency.
When you visit and interact with 1000 Reasons websites and apps, we collect other information that does not directly identify you about your use of the site, such as a catalogue of the site pages you visit, and the number of visits to our sites (“Other Information”). We use Other Information, as well as data received from third parties, to deliver you email, online (on our sites and other sites) and mobile advertisements. We may also use Other Information to allow third-party partners to recognise you as a 1000 Reasons guest when you visit the partner’s website or app, or to recognise you as one of their customers when you visit 1000 Reasons websites or apps so that they may provide more relevant offers to you.
At this time, we do not respond to Do Not Track signals or other, similar mechanisms. Please see our Cookies Statement for more information.
We may use information we have collected and aggregated, or anonymised personal information received from third parties, to understand more about our users (for example, we may use aggregated information to calculate the percentage of our users who have a particular telephone area code). This includes demographic data, such as date of birth, gender and marital status, inferred commercial interests, such as favourite products or hobbies, and other information we may collect from you or from third parties.
Because Other Information does not personally identify you, such information may be disclosed for any purpose where permitted by law. In some instances, we may combine Other Information with personal information. If we do combine any Other Information with personal information, the combined information will be treated by us as personal information in accordance with this Statement.
The term “sensitive information” refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification. In some jurisdictions, mobile phone numbers, location data, and information contained on identity documents also are considered sensitive information.
We do not generally collect sensitive information unless it is volunteered by you or unless we are required to do so pursuant to applicable laws or regulations. We may use health data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).
PERSONAL INFORMATION FROM CHILDREN
We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not to allow your children to submit personal information without your permission.
MOBILE AND LOCATION-BASED SERVICES
We provide mobile apps that can be downloaded to your smartphone or mobile device. These apps have a variety of functionalities that enhance the customer experience. In addition to providing services, our apps may collect personal and Other Information that will be used in accordance with this Statement. For example, to book or change a reservation, you will be required to provide some personal information, such as your credentials or other information as necessary. Our Digital Key functionality within the 1000 Reasons App collects information we already have about you, including your 1000 Reasons guest number and user ID, and additional information, including use of the key. We provide a link to this Statement to customers prior to their downloading of any of our apps.
If you allow our mobile apps to access your location information on your device, our mobile apps may use your mobile device’s Global Positioning System (GPS) technology and other technology (such as wireless transmitters known as beacons) to provide you with information and offers based on the location of your device. Beacons allow us to collect information about your location within participating hotels by communicating with mobile devices that are in range. We may use this location information to enhance your on-property experience by delivering push notifications and other content to your mobile device, providing navigation assistance as you move around our locations, and sending you information and offers about products, services, or activities we believe may be of interest to you. We may share this information with third parties, including business partners and service providers, to provide information, offers, and services that may be of interest to you. You may prevent or limit collection of location information by changing the settings in the 1000 Reasons app, or by changing your device’s settings.
We offer all of these mobile and location-based services only to the extent permitted by applicable local laws.
LINKS TO THIRD-PARTY WEBSITES AND SERVICES
PROTECTING PERSONAL INFORMATION
1000 Reasons will take reasonable measures to: (i) protect personal information from unauthorised access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date as appropriate. 1000 Reasons employs a robust external team of dedicated information security professionals who are responsible for creating, updating and managing 1000 Reasons security program.
We also seek to require our affiliates and service providers with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about you. For online transactions, we use reasonable technological measures to protect the personal information that you transmit to us via our site. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.
We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. We will only ask for payment card details by telephone when you are booking a reservation or promotional package. If you receive this type of request, you should not respond to it. We also ask that you please notify us at firstname.lastname@example.org
INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
As a Australian company, we endeavour to provide you with the same level of service that you have come to expect worldwide. To provide this service, you acknowledge that we may share your personal information among members of the 1000 Reasons Portfolio of Brands, our service providers, and other third parties, which may be located in countries outside of your own. When you stay at a 1000 Reasons property, the data controller for that property transfers the personal information relating to your reservation to 1000 Reasons pursuant to data transfer agreements when required by applicable laws or regulations. The data controller may also maintain a local copy of your personal information when so required by applicable laws or regulations. Although the data protection laws of various countries may differ from those in your own country, we will take appropriate steps to ensure that your personal information is handled as described in this Statement and in accordance with the law.
CHANGING AND ACCESSING YOUR PERSONAL INFORMATION
If you are a 1000 Reasons guest, the information you provided to us at the time of registration may be accessed, reviewed and updated at any time by signing in to your 1000 Reasons profile.
To the extent required by applicable law, you may be able to request that we inform you about the personal information we maintain about you and, where appropriate, withdraw your consent for certain data processing activity and/or request that we update, correct, delete, and/or stop processing your personal information. We will make all required updates and changes within the time specified by applicable law and as required by law. When permitted by law, we may charge an appropriate fee to cover the costs of responding to the request. Such requests may be submitted by email to email@example.com or in writing to 1 Mt Erin Road, Ferny Creek, Victoria 3786 AUSTRALIA. To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.
In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that 1000 Reasons cease using personal information about you by contacting us using the email or mailing address above. We will seek to honour those requests consistently with applicable law.
RETAINING PERSONAL INFORMATION
We retain personal information about you for the period necessary to fulfil the purposes outlined in this Statement, unless a longer retention period is required or permitted by applicable law. We retain personal information collected in order to fulfil guest reservations for seven years after the stay is completed. We retain other personal information for shorter periods of time if possible and if permitted by law.
We will destroy your personal information as early as practicable and in a way that the information may not be restored or reconstructed.
If printed on paper, the personal information will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.
CHOICES – MARKETING COMMUNICATIONS
If you have given us your contact information (mail address, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, and with your consent where required, about our products and services or invite you to events via email, online advertising, social media, WeChat, WhatsApp, telephone, text message (including SMS), push notifications, in-app alerts, postal mail, our customer service call centre, and other means.
If you prefer not to receive email marketing materials from us, you may opt-out at any time by using the unsubscribe function in the email you receive from. Opt-out requests can take up to three business days to be effective.
To opt out of text messages, reply “STOP” to the message you received.
To be added to 1000 Reasons internal do not call list, send a message to firstname.lastname@example.org
You may control whether our mobile apps send you push notifications by changing your notification settings on your mobile device. If we engage in sending you in-app messages, we will allow control for those in our apps’ settings. For more information about cookies and interest-based advertising and to learn about how to manage these technologies, please see our Cookies Statement.
We may modify this Statement from time to time. When we make material changes to this Statement we will post a link to the revised Statement on the homepage of our site, and if you have registered for any of your products or services, will may also inform you though a communications channel that you have provided. You can tell when this Statement was last updated by looking at the link and at the date at the top of the Statement. Any changes to our Statement will become effective upon posting of the revised Statement on the site. Use of the site, any of our products and services, and/or providing consent to the updated Statement following such changes constitutes your acceptance of the revised Statement then in effect.
If you have any questions about this Statement or how 1000 Reasons processes your personal information, or if you wish to either provide a compliment or a complaint, please contact us by email at email@example.com by postal mail to 1000 Reasons 1 Mt Erin Rd, Ferny Creek, Victoria 3786 AUSTRALIA. We will respond within 14 days or sooner if practicable.
1000 REASONS WORLDWIDE PRIVACY STATEMENT REVISIONS
- Updated to provide more detailed information about how we collect, use, share and protect personal information of our guests.
- Added hyperlinks to 1000 Reasons Data Subject Rights Request Portal for guests to make individual rights requests pursuant to laws in some jurisdictions.
- Added Appendix A: “Additional Provisions Applicable to Processing of Personal Information of EEA Residents.” Appendix A includes detailed information provided pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of Personal Information and on the free movement of such data, commonly referred to as the “General Data Protection Regulation” (GDPR).
ADDITIONAL PROVISIONS APPLICABLE TO PROCESSING OF PERSONAL INFORMATION OF EEA RESIDENTS
For individuals residing in the EEA, this Appendix outlines certain additional information that 1000 Reasons is obligated to provide to you, as well as certain rights you have with respect to the processing of your personal information, pursuant to applicable local laws. This Appendix will control to the extent it conflicts with any provision in the main body of this Statement.
Controller: for more information on the 1000 Reasons entities that process your personal information, please contact via firstname.lastname@example.org
Data Protection Officer: 1000 Reasons Data Protection Officer may be contacted by email at email@example.com, or at the following address:
Attn: Data Protection Officer
1 Mt Erin Road, Ferny Creek Victoria 3786 AUSTRALIA
Purposes and Legal Basis for Processing:1000 Reasons processes your personal information for the purposes set forth in Sections 4 (Use of Personal Information Collected About You) and 5 (Personal Information We Share) of the main body of this Statement.
The legal bases for 1000 Reasons processing activities include processing such information as necessary to comply with our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests and others, for our legitimate business interests, and pursuant to your consent.
The particular legal basis for the processing of your personal information is based on the purpose for which such information was provided or collected:
- Surveys: Completion of surveys is voluntary – we process the information obtained from surveys on the basis of your consent and in furtherance of our business interests, including marketing, service improvements, and analytics.
- On-property Collection:
- When you make a reservation and when you stay at one of our hotel properties, we process your name, address, contact information, along with the details of your stay (arrival and departure day and time, vehicle information and information regarding others traveling or staying with you), on the basis of our contractual relationship with you. We also process such data for our business interests, including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
- We collect certain additional personal information during registration/check-in at our properties (such as national ID or passport information), as necessary to comply with our legal obligations.
- We use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via key cards and other technologies) for the protection of our staff, guests and visitors to our properties.
- We process personal information in connection with on-property services (such as concierge services, activities, and our Digital Key functionality), in order to provide the services to you and for our business interests including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Event Profiles: We process the personal information obtained in connection with your event on the basis of our contractual relationship with you and for our business interests, including for marketing, service improvements, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Social Media: Participation in 1000 Reasons-sponsored social media activities and offerings is voluntary – we process information obtained from social media participation on the basis of your consent and in furtherance of our related business interests, including for marketing, service improvements, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Promotions: Participation in contests and other promotional offerings is voluntary – we process the information obtained from such participation based on your consent and as necessary to administer the offering. We also use certain data for our business purposes, including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Direct Marketing: We use your personal information to send you marketing messages on the basis of your consent. You may withdraw your consent for direct marketing communications at any time by contacting us at firstname.lastname@example.org or by following the unsubscribe instructions in the marketing message.
- Franchise and Ownership Opportunities: We process this information on the basis of our contractual relationship with you and for our related business interests, including maintaining and promoting the 1000 Reasons brand and facilitating direct communication between properties within the 1000 Reasons Portfolio of Brands.
Retention: We retain personal information about you for the time necessary to accomplish the purpose for which such information was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law. Our retention policies reflect applicable statute of limitation periods and legal requirements.
Data Subject Rights: Residents of the EEA have the following rights:
Access, Correction and Erasure Requests: You have the right to:
- ask us to confirm whether we are processing your personal information
- receive information on how your data is processed
- obtain a copy of your personal information
- request that we update or correct your personal information
- request that we delete personal information in certain circumstances
Right to Object to Processing: You have the right to request that 1000 Reasons cease processing of your personal information:
- for marketing activities, including profiling
- for statistical purposes
- where such processing is based on our legitimate business interests, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your personal information for the establishment, exercise or defence of a legal claim
Right to Restrict Processing: You have the right to request that 1000 Reasons limit the processing of your personal information:
- while 1000 Reasons is evaluating or in the process of responding to a request by you to update or correct your personal information
- where such processing is unlawful, and you do not want 1000 Reasons to delete your data
- where 1000 Reasons no longer requires such data, but you want us to retain the data for the establishment, exercise or defence of a legal claim
- where you have submitted an objection to processing based on our legitimate business interests, pending our response to such request
Where we limit the processing of your personal information pursuant to your request, we will inform you prior to re-engaging in such processing.
Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your personal information in a commonly used, machine readable format. Please note, however, that data portability rights apply only to personal information that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.
Submitting Requests: Your requests may be submitted by emailing email@example.com in writing to 1 Mt Erin Rd, Ferny Creek, Victoria 3786 AUSTRALIA. You may also update your personal information as provided in Section 12 (Changing and Accessing Your Personal Information) of the main body of this Global Privacy Statement.
We will respond to all such requests within 14 days of our receipt of the request, unless there are extenuating circumstances, in which event we may take up to 30 days to respond. We will inform you if we expect our response to take longer than 14 days. Please note, however, that certain personal information may be exempt from such rights pursuant to applicable data protection laws. In addition, we will not respond to any request unless we are able to appropriately verify the requester’s identity. We may charge you a reasonable fee for subsequent copies of data that you request.
If you have concerns about our data practices or the exercise of your rights, you may either contact 1000 Reasons at firstname.lastname@example.org or the supervisory authority in the Member State of your residence.
Right to Withdraw Consent: You have the right to withdraw your consent to any processing that we conduct solely based on your consent (such as sending direct marketing materials to your personal email account). You may withdraw your consent to marketing activities by following the instructions on any marketing emails, or contacting email@example.com For any other activities for which you have previously consented, you may contact firstname.lastname@example.org to withdraw such consent.
Segmentation (also referred to as profiling) and Automated Decision Making: We use personal information to divide large groups of consumers into sub-groups of consumers (known as segments) based on some type of shared characteristics such as geography, behaviour, or demographics.
With your consent, we make automated decisions, meaning without human interference, using segmentation and/or your specific personal information to offer you certain benefits based on your characteristics (such as discounted room rates or other special offers based on your geography, behaviour, or demographics). For example, if you travel frequently during the week to hotels in Australia, we may send you special offers for 1000 Reasons hotels in AUSTRALIA.
International Data Transfers: We may transfer the personal information we collect about you pursuant to the purposes described in this Statement to countries that have not been found by the European Commission to provide adequate protection. In particular, we may transfer your personal information to Australia.
We use appropriate safeguards for the transfer of personal information among our affiliates in various jurisdictions, and where required, we have implemented European Union controller-to-controller standard contractual clauses or other such safeguards for such purposes. To obtain a copy of theses clauses or additional information on transfers, you may send your request to email@example.com