Who we are
Our website address is: https://1000reasons.com.au.
What personal data we collect and why we collect it
This privacy statement (“Statement”) applies to 1000 Reasons, its subsidiaries and all of the hotels within the 1000 Reasons Portfolio of Brands (collectively, “1000 Reasons,” “we,” or “us”). At 1000 Reasons, we strive to deliver outstanding products, services, and experiences around the world. We value your business and, more importantly, your loyalty. We recognise that privacy is an important issue. We have developed this Statement to explain our practices regarding the personal information we collect from you or about you on this site or via our apps, through written or verbal communications with us, when you visit one of our properties, or from other sources. While this Statement broadly describes the practices, we have adopted across 1000 Reasons globally, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g., certain jurisdictions may require affirmative consent to send marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein in order to enable us to comply with local requirements. If you are a resident of the European Economic Area (EEA), please see Appendix A for additional information regarding 1000 Reasons use of your personal information.
By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you understand and acknowledge that we will collect and use personal information as described in this Statement.
Please note that this Statement does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.
We collect personal information at every touch point or guest interaction, and in conducting every aspect of our business, we may collect personal information. This personal information may include: your name, mailing address, billing address, email address, phone number, information related to your reservation, stay or visit to a property; participation in a membership or loyalty program; participation in a contest, or marketing program (even if you do not stay at one of our hotels); information related to the purchase and receipt of products or services; personal characteristics, nationality, passport number and date and place of issue; travel history; payment information, such as your payment card number and other card information, as well as authentication information and other billing and account details associated with mobile billing; guest preferences; marketing and communication preferences; information about vehicles you may bring onto our properties; reviews and opinions about our Portfolio of Brands or properties (if they are identified or associated with you); hotel, airline and rental car packages booked; groups with which you are associated for stays at hotels; information provided on membership and account applications; and other types of information that you choose to provide to us or that we may obtain about you.
We may ask for details on joint travellers, including their names, and the age of the driver of the rental car. We may also collect information related to conversations, including recording or monitoring customer service calls for quality assurance and training purposes, and other communications such as in-app messages and SMS.
In addition, we collect other personal information in certain cases, such as:
- Surveys: We may request demographic data or other personal information in customer surveys.
- On-property Collection: We collect additional personal information during registration/check-in at our properties, including such information as may be required by local laws. We may also use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via key cards and other technologies). We may also use closed-circuit television and other technologies that record sound or video for the protection of our staff, guests and visitors to our properties where permitted by law. In addition, we may collect personal information in connection with on-property services, such as concierge services, and our Digital Key functionality in the 1000 Reasons App (where available).
- Event Profiles: If you plan an event with us, we collect meeting and event specifications, the date of the event, number of guests, details of the guest rooms, and, for corporate events, information on your organisation (name, annual budget, and number of sponsored events per year). We also collect information about the guests that are a part of your group or event. If you visit us as part of a group, we may have personal information about you provided to us by the group and may market to you as a result of your stay with a group or attendance at an event in accordance with your preferences as permitted by law. If you visit us as part of an event, we may share personal information about you with the event planners, as permitted by law. If you are an event planner, we may also share information about your event with third-party service providers who may market event services to you as permitted by law.
- Social Media: If you choose to participate in 1000 Reasons-sponsored social media activities or offerings, we may collect certain information from your social media account consistent with your settings within the social media service, such as location, check-ins, activities, interests, photos, status updates and friend list. We may also allow you to enter into contests to provide photos, such as of your stay with us, which you may share with your connections on social media for votes, shared offers or other promotions.
- Forward-to-a-Friend: From time to time, we may offer a feature that allows you to send an electronic postcard or otherwise share a message with a friend, whether via the Internet, a stand-alone kiosk or mobile device. If you choose to use this feature, we will ask you for the recipient’s name and email address, along with the text of any message you choose to include. By using this feature, you represent that you are entitled to use and provide us with the recipient’s name and email address for this purpose.
- Franchise and Ownership Opportunities: If you are interested in obtaining more information about franchise or ownership opportunities, we may collect information about you in order to assess your suitability to become a franchisee or owner. We may combine the information you provide to us with information we obtain from third parties, such as credit reporting agencies and public records databases. We use this information to conduct due diligence on potential franchisees and owners.
In addition to the information we collect from you directly, we may also infer information.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites and mobile applications
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
In order to offer you the expected level of hospitality and to provide you with the best level of service, we may share your personal information among members of the 1000 Reasons Worldwide Portfolio of Brands, our service providers, and other third parties as set forth in detail below:
- Electronic Billing Program: If you receive an eFolio by email (as discussed above), a summary detailing the goods and services provided to you during your stay will be shared with the payment card provider and, if you participate in a corporate billing program and use a corporate payment card, the payment card provider may share that summary with your employer.
- Group Events or Meetings: If you visit 1000 Reasons as part of a group event or meeting, information collected for meeting and event planning may be shared with the organisers of those meetings and events, and, where appropriate, guests who organise or participate in the meeting or event.
- Business Partners: We may partner with other companies to provide you with products, services, or offers based upon your experiences at our properties and may share your information with our business partners accordingly. For example, we may help to arrange rental cars or other services from our business partners and share personal information with our business partners in order to provide those services. We may also share your personal information, such as your email address, with our corporate travel partners to help them assess compliance with travel policies or participation in special rate plans or to engage in co-branded marketing with our corporate travel partners. We may also work with third parties, such as our airline and payment card partners, to allow us and our partners to deliver advertisements to our shared customers. Our partners may be able to provide more relevant offers to you based upon information that we share about your experiences at our properties, as well as information in your 1000 Reasons profile. Additionally, we may allow third-party partners to recognize you when you visit that partner’s website or app, or to recognise you as one of their customers when you visit 1000 Reasons websites or apps so that they may provide more relevant offers to you. We may share a hashed version of your email address with third parties using available security measures that may match it with their own-hashed versions of email addresses so that they can send online and email advertisements to you on our behalf.
- Co-Sponsors of Promotions: We co-sponsor promotions, prize draws, competitions or contests with other companies, and we provide prizes for sweepstakes and contests sponsored by other companies. If you enter one of these sweepstakes or contests, we may share your information with the co-sponsor or third-party sponsor.
- On-property Services: We may share personal information with third-party providers of on-property services such as concierge services, spa treatments, golf, or dining experiences.
- Service Providers: We rely on third parties to provide services and products on our behalf and may share your personal information with them as appropriate. Generally, our service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal information, except as may be required by law. However, our fraud detection service providers may use, but not share, your personal information for fraud detection purposes. We may use service providers to communicate news and deliver promotional and transactional materials to you on our behalf, including personalized online and mobile advertising in accordance with your preferences and applicable law. Please see our Cookies Statement for more information. 1000 Reasons will only work with parties that offer a method to opt-out of such advertising. We may also share information with service providers to allow you to create itineraries by selecting sites, activities, and restaurants from lists that we have personalised for you based on your preferences and third-party data.
- Business Transactions: As we develop our business, we might sell, buy, restructure or reorganise businesses or assets, or cease being the manager of a hotel that is currently part of our portfolio. In such circumstances, 1000 Reasons may transfer, sell or assign information collected, including, without limitation, Other Information (described below) and personal information, to one or more affiliated or unaffiliated third parties in connection with these business transactions. To the extent that local laws require it, we will provide notice of our intent to transfer personal data to a third party for this purpose and explain how you can object to such transfer.
- Other: In addition, 1000 Reasons may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect the rights, privacy, safety or property of 1000 Reasons, site visitors, guests, employees or the public, (v) permit us to pursue available remedies or limit the damages that we may sustain, (vi) enforce our websites’ terms and conditions, and (vii) respond to an emergency.
How long we retain your data
We retain personal information about you for the period necessary to fulfil the purposes outlined in this Statement, unless a longer retention period is required or permitted by applicable law. We retain personal information collected in order to fulfil guest reservations for seven years after the stay is completed. We retain other personal information for shorter periods of time if possible and if permitted by law.
We will destroy your personal information as early as practicable and in a way that the information may not be restored or reconstructed.
If printed on paper, the personal information will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Your contact information
We use your personal information in a number of ways, including to provide and personalise the services you request and expect from 1000 Reasons, to offer you the expected level of hospitality in-room and throughout our properties, conduct direct marketing and sales promotions and as set forth below in more detail. We will collect your consent prior to processing your data where required by applicable law.
We are obligated to collect certain data, including your name, address, payment information, and, in certain countries, travel document information, in order to process your reservation. Failure to provide this information will result in our inability to process your reservation.
- Service Administration: We use your personal information to administer programs in which you participate, including providing you with access to your account information, such as rewards status and offers for which you are eligible; to fulfil services that are part of such program; to enable direct communication between properties within the 1000 Reasons Portfolio of Brands; and between the 1000 Reasons Portfolio of Brands and you; and to facilitate collections.
- Meeting and Event Planning: We may use your personal information to provide you with information about meeting and event planning.
- Marketing and Communications: Where permitted we may use your personal information to provide or offer you newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences you have expressed. We use your information to provide in-stay messaging, account alerts, and reservation confirmations; to send you marketing messages; and to conduct surveys, prize draws, and other contests. We may provide these communications via email, online advertising, social media, telephone, text message (including SMS), push notifications, in-app messaging, and other means (including on-property messaging). With your consent, we also use user-generated content (such as photos) from social media services to deliver display advertising or on our website and apps. We may also collect information from your payment card, which can be appended to personal information and used by 1000 Reasons or its business partners to recognise what type of card you have, such as whether or not it is a 1000 Reasons co-branded card and/or the bank or network of the card, and present and/or send you targeted marketing messages based on your payment method and in accordance with your communication preferences. We may also partner with third parties to learn whether a visitor to our site has a cash-back offer associated with their payment card and to deliver the visitor advertising and information that explains how to take advantage of that offer through a stay at a hotel within the 1000 Reasons Portfolio of Brands.
- Service Improvements: We may use your personal information to improve 1000 Reasons services and to ensure that our site, products, and services are of interest to you. We also use your personal information to provide you with the expected level of hospitality in-room and throughout our properties. This may include providing you with the ability to control your in-room technology through our website or apps on your personal devices.
- eFolio Program: We may enroll you in our eFolio program and use your email address to send you your hotel bill via email. It is your responsibility to ensure that we have the correct (and preferred) email address for you. If you make a reservation for another person using your email address, that person’s eFolio will be sent to your email address.
- Data Correctness, Analytics and Personalisation: We may aggregate your personal information with data from third-party sources for purposes of keeping information up to date and analytics. We also rely on information from third parties in order to provide better, more personalized service. For example, if you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal and social or share and use it as described elsewhere in this Statement.
How we protect your data
1000 Reasons will take reasonable measures to: (i) protect personal information from unauthorised access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date as appropriate. 1000 Reasons employs a robust external team of dedicated information security professionals who are responsible for creating, updating and managing 1000 Reasons security program.
We also seek to require our affiliates and service providers with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about you. For online transactions, we use reasonable technological measures to protect the personal information that you transmit to us via our site. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.
We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. We will only ask for payment card details by telephone when you are booking a reservation or promotional package. If you receive this type of request, you should not respond to it. We also ask that you please notify us at firstname.lastname@example.org
What data breach procedures we have in place
If you have any questions about this Statement or how 1000 Reasons processes your personal information, or if you wish to either provide a compliment or a complaint, please contact us by email at email@example.com by postal mail to 1000 Reasons 1 Mt Erin Rd, Ferny Creek, Victoria 3786 AUSTRALIA. We will respond within 14 days or sooner if practicable.
What third parties we receive data from
We may also collect information about you from third parties, including information from our payment card, and other partners, from your social media services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. We use and share this information (and may append this information to the other information we have on file for you) for the purposes described in this Statement.
1000 REASONS WORLDWIDE PRIVACY STATEMENT REVISIONS
- Updated to provide more detailed information about how we collect, use, share and protect personal information of our guests.
- Added hyperlinks to 1000 Reasons Data Subject Rights Request Portal for guests to make individual rights requests pursuant to laws in some jurisdictions.
- Added Appendix A: “Additional Provisions Applicable to Processing of Personal Information of EEA Residents.” Appendix A includes detailed information provided pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of Personal Information and on the free movement of such data, commonly referred to as the “General Data Protection Regulation” (GDPR).
ADDITIONAL PROVISIONS APPLICABLE TO PROCESSING OF PERSONAL INFORMATION OF EEA RESIDENTS
For individuals residing in the EEA, this Appendix outlines certain additional information that 1000 Reasons is obligated to provide to you, as well as certain rights you have with respect to the processing of your personal information, pursuant to applicable local laws. This Appendix will control to the extent it conflicts with any provision in the main body of this Statement.
Controller: for more information on the 1000 Reasons entities that process your personal information, please contact via firstname.lastname@example.org
Data Protection Officer: 1000 Reasons Data Protection Officer may be contacted by email at email@example.com, or at the following address:
Attn: Data Protection Officer
1 Mt Erin Road, Ferny Creek Victoria 3786 AUSTRALIA
Purposes and Legal Basis for Processing:1000 Reasons processes your personal information for the purposes set forth in Sections 4 (Use of Personal Information Collected About You) and 5 (Personal Information We Share) of the main body of this Statement.
The legal bases for 1000 Reasons processing activities include processing such information as necessary to comply with our contractual obligations, compliance with our legal obligations, protecting the safety of our employees, guests and others, for our legitimate business interests, and pursuant to your consent.
The particular legal basis for the processing of your personal information is based on the purpose for which such information was provided or collected:
- Surveys: Completion of surveys is voluntary – we process the information obtained from surveys on the basis of your consent and in furtherance of our business interests, including marketing, service improvements, and analytics.
- On-property Collection:
- When you make a reservation and when you stay at one of our hotel properties, we process your name, address, contact information, along with the details of your stay (arrival and departure day and time, vehicle information and information regarding others traveling or staying with you), on the basis of our contractual relationship with you. We also process such data for our business interests, including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalization, as described in Section 4 of our Global Privacy Statement (above).
- We collect certain additional personal information during registration/check-in at our properties (such as national ID or passport information), as necessary to comply with our legal obligations.
- We use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via key cards and other technologies) for the protection of our staff, guests and visitors to our properties.
- We process personal information in connection with on-property services (such as concierge services, activities, and our Digital Key functionality), in order to provide the services to you and for our business interests including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Event Profiles: We process the personal information obtained in connection with your event on the basis of our contractual relationship with you and for our business interests, including for marketing, service improvements, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Social Media: Participation in 1000 Reasons-sponsored social media activities and offerings is voluntary – we process information obtained from social media participation on the basis of your consent and in furtherance of our related business interests, including for marketing, service improvements, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Promotions: Participation in contests and other promotional offerings is voluntary – we process the information obtained from such participation based on your consent and as necessary to administer the offering. We also use certain data for our business purposes, including for marketing, service improvements, administration of our e-Folio program, and analytics and service personalisation, as described in Section 4 of our Global Privacy Statement (above).
- Direct Marketing: We use your personal information to send you marketing messages on the basis of your consent. You may withdraw your consent for direct marketing communications at any time by contacting us at firstname.lastname@example.org or by following the unsubscribe instructions in the marketing message.
- Franchise and Ownership Opportunities: We process this information on the basis of our contractual relationship with you and for our related business interests, including maintaining and promoting the 1000 Reasons brand and facilitating direct communication between properties within the 1000 Reasons Portfolio of Brands.
Retention: We retain personal information about you for the time necessary to accomplish the purpose for which such information was collected, usually for the duration of any contractual relationship and for any period thereafter as legally required or permitted by applicable law. Our retention policies reflect applicable statute of limitation periods and legal requirements.
Data Subject Rights: Residents of the EEA have the following rights:
Access, Correction and Erasure Requests: You have the right to:
- ask us to confirm whether we are processing your personal information
- receive information on how your data is processed
- obtain a copy of your personal information
- request that we update or correct your personal information
- request that we delete personal information in certain circumstances
Right to Object to Processing: You have the right to request that 1000 Reasons cease processing of your personal information:
- for marketing activities, including profiling
- for statistical purposes
- where such processing is based on our legitimate business interests, unless we are able to demonstrate a compelling legitimate basis for such processing or we need to process your personal information for the establishment, exercise or defence of a legal claim
Right to Restrict Processing: You have the right to request that 1000 Reasons limit the processing of your personal information:
- while 1000 Reasons is evaluating or in the process of responding to a request by you to update or correct your personal information
- where such processing is unlawful, and you do not want 1000 Reasons to delete your data
- where 1000 Reasons no longer requires such data, but you want us to retain the data for the establishment, exercise or defence of a legal claim
- where you have submitted an objection to processing based on our legitimate business interests, pending our response to such request
Where we limit the processing of your personal information pursuant to your request, we will inform you prior to re-engaging in such processing.
Data Portability Requests: You have the right to request that we provide you or a third party that you designate with certain of your personal information in a commonly used, machine readable format. Please note, however, that data portability rights apply only to personal information that we have obtained directly from you and only where our processing is based on consent or the performance of a contract.
Submitting Requests: Your requests may be submitted by emailing email@example.com in writing to 1 Mt Erin Rd, Ferny Creek, Victoria 3786 AUSTRALIA. You may also update your personal information as provided in Section 12 (Changing and Accessing Your Personal Information) of the main body of this Global Privacy Statement.
We will respond to all such requests within 14 days of our receipt of the request, unless there are extenuating circumstances, in which event we may take up to 30 days to respond. We will inform you if we expect our response to take longer than 14 days. Please note, however, that certain personal information may be exempt from such rights pursuant to applicable data protection laws. In addition, we will not respond to any request unless we are able to appropriately verify the requester’s identity. We may charge you a reasonable fee for subsequent copies of data that you request.
If you have concerns about our data practices or the exercise of your rights, you may either contact 1000 Reasons at firstname.lastname@example.org or the supervisory authority in the Member State of your residence.
Right to Withdraw Consent: You have the right to withdraw your consent to any processing that we conduct solely based on your consent (such as sending direct marketing materials to your personal email account). You may withdraw your consent to marketing activities by following the instructions on any marketing emails, or contacting email@example.com For any other activities for which you have previously consented, you may contact firstname.lastname@example.org to withdraw such consent.
Segmentation (also referred to as profiling) and Automated Decision Making: We use personal information to divide large groups of consumers into sub-groups of consumers (known as segments) based on some type of shared characteristics such as geography, behaviour, or demographics.
With your consent, we make automated decisions, meaning without human interference, using segmentation and/or your specific personal information to offer you certain benefits based on your characteristics (such as discounted room rates or other special offers based on your geography, behaviour, or demographics). For example, if you travel frequently during the week to hotels in Australia, we may send you special offers for 1000 Reasons hotels in AUSTRLIA.
International Data Transfers: We may transfer the personal information we collect about you pursuant to the purposes described in this Statement to countries that have not been found by the European Commission to provide adequate protection. In particular, we may transfer your personal information to Australia.
We use appropriate safeguards for the transfer of personal information among our affiliates in various jurisdictions, and where required, we have implemented European Union controller-to-controller standard contractual clauses or other such safeguards for such purposes. To obtain a copy of theses clauses or additional information on transfers, you may send your request to email@example.com
Request personal data
Google Analytics Opt-out
In case you would like to opt out from using and selling your personal information, feel free to contact us through the contact form.