Last Updated: 24 August, 2023
Data Protection Policy
Lanson Place Hospitality Management Limited, its subsidiary and associate companies (“Lanson Place”, “we”, “us”, “our”) recognises its responsibilities in relation to the collection, holding, processing or use of personal data.
It is the Lanson Place’s policy (“Policy”) that personal data shall be collected only for lawful and relevant purposes, that all practicable steps should be taken to ensure that personal data held by the Lanson Place is accurate, that all practicable steps should be taken to keep personal data secure whereby no unauthorized or accidental access, erasure or other use thereof would occur, and that all other laws and regulations concerning personal data should be complied with.
Personal Data We Collected
Lanson Place collect personal data about you from various means, including:
- Registration online or placement of an order for any of our products or services;
- Registration for an event, completion of a customer survey, feedback on any of our message boards or via e-mail, request for information, or call to us for support;
- Interactions or engagement with us during your stay;
- Interaction with business partners and third-party service providers who work with Lanson Place in relation to our products or services;
- Use or viewing of our website via your browser’s cookies;
- Personal data obtained through publicly available sources such as public websites, open government databases, or other data in the public domain;
- Personal data obtained through your activity on social media platforms that link to us when you share content, photographs, or provide information to us.
The types of personal data Lanson Place will collect includes the following:
- Identifiable information, including full name, gender, date of birth, nationality, passport or visa details, or other identifying numbers;
- Contact information, including telephone numbers, email addresses, and country/city of residence;
- Business information, such as company name, business title, and associated contact information;
- Reservation-related information, including hotels stayed at, dates of arrival and departure, goods and services purchased, special requests, and service preferences;
- Payment information including cardholder name, card number, billing address, security code, and expiry date;
- Demographic data, such as age, gender, country, and preferred language;
- Personal preference, interests, or comments;
- Responses to market surveys, contests, and promotional offers conducted by us or on our behalf;
- Data related to your use of our websites, services, or products;
- Personal data in connection with your registration or subscription to Lanson Place’s services via our websites;
- Any other personal data that you provide to Lanson Place.
How We Use Personal Data
Lanson Place may collect, use and share your personal data for below purposes:
For the performance of our agreement with you, we use your personal data to:
- Handle your reservation: process your reservation requests, confirm your booking, and provide booking details. We may contact you via email, SMS, or other means.
- Provide you with service: process, confirm, provide, and charge for hotel services, including but not limited to accommodation, banquet events, food and beverages, spa treatments, and any special requests or assistance that you have asked for.
- Complete your purchase: Complete your orders when you purchase a gift certificate, pre-paid card or merchandise from Lanson Place.
- Ensure the functionality of our website and mobile application: present content from our website and mobile applications is presented in the most effective manner for you and for your device.
- Response to Enquiries: Process information contained in or relating to any communication that you send to us, including communication content and metadata. We process correspondence data for the purposes of communicating with you and record-keeping.
For our legitimate commercial interests (to enable us to perform our obligations and provide services to you), we use your data to:
- Product and service improvement: understand how our products and services impact you, provide you with a better, more personalised level of service, and further develop our products and services.
- Site usage analysis: monitor your use of our website and bookings, and analyse such usage to improve our services, understand your preferences, troubleshoot issues, and provide you with customised content that aligns with your interests.
- Safety and security management: ensure the safety and security of our guests, premises, and services, including handling incidents, accidents, or claims made by customers, conducting investigations and audits, carrying out CCTV surveillance, and performing security clearances to maintain a secure environment.
For compliance with legal obligations and legal claims, we collect your data to:
- Meet legal and regulatory requirements and administer general record keeping: comply with our legal obligations imposed by our auditors and government authorities, to safeguard our legal rights including (without limitation) in relation to the defence of any claims, and to cooperate with law enforcement agencies, government authorities, regulators and/or the court in connection with proceedings or investigations anywhere in the world where we are compelled to do so.
- Crime Prevention & Investigation: to carry out due diligence or other monitoring or screening activities in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by us.
We also use your information based on your explicit consent to:
- Direct Marketing: To provide you with updates, offers, and subscriptions, including sending you promotional communications or special offers.
- Special Categories of Data Usage: We may use your sensitive data (e.g., information relating to biometrics, religious beliefs, specific identities, political, healthcare, financial accounts, an individual’s whereabouts).
In addition, we may collect, use, and disclose your personal data (might include Special Categories of Personal Data) based on legal grounds such as vital interests for the prevention or suppression of danger to a person’s life, body, or health; public interest for the performance of tasks carried out in the public interest or for the exercising of official authorities or duties; or the necessity for establishing and defending legal claims, except in limited instances where your consent is required.
We shall notify you or obtain your consent if we process your personal data in other means that is not listed above.
How We Share Personal Data
We may share your Personal Data with the following parties.
- Third Party Service Providers to process your personal data on our behalf or to assist our business activities and operation. We may share the personal data to third parties, which may include providers of IT services, travel agents, auditors, website hosting and management, marketing and customer service agents, payment processors, event management companies, and other services with respect to the operation of our business.
- Payment channels including but not limited to banks and financial institutions for purpose of assessing, verifying, effectuating and facilitating payment of any amount due to us in connection with your purchase of our products and/or services;
- Law enforcement agencies, government authorities, regulators, and the court to comply with our legal obligations or to handle incidents, claims and investigations.
- Any other party with your consent, at your direction, or as authorised by you.
- Otherwise as permitted or required by applicable laws and regulations.
Cross-border Data Transfers
As an international hotel and residences management company, we may need to transfer and store your personal data outside of your country or region where you are located in order to provide you with and to maintain the best possible services. Our service providers and sub-processors may also use servers and other resources in various countries to process your information.
Lanson Place will take steps to ensure that your personal data is adequately protected. Our third-party service providers that are bound to maintain appropriate levels of security and confidentiality and process your personal data outside of your country or region where you are located only in accordance with our requirements, this Policy and any other relevant confidentiality and security measures.
Security of Personal Data
Lanson Place implements reasonable technical and organisational measures to protect the personal data possessed against accidental, unlawful, or unauthorised destruction, loss, alteration, access, disclosure, or use. These measures are subject to ongoing review and monitoring. We also require our third-party service providers to take technical and organisational measures commensurate with the risks arising from processing personal data of our customers, and act at all times in compliance with applicable data protection laws.
Lanson Place store customer information and reservation details in secure servers managed by third-party service providers. These servers are secured behind various measures including but not limited to safeguarded facilities, firewalls, access control, encryption and anti-malware tools designed to protect your personal data against unauthorised or accidental access.
Laws and regulations applicable to personal data (privacy) protection vary by country and region, our properties may put in place different additional measures in line with applicable legal and regulatory requirements.
Retention of Personal data
It is our policy to retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, to meet our operational, tax, and accounting requirements, or as required by law, regulation, tax, or professional standards, and to exercise or defend our legal rights.
Special Protection of Minors
Our policy is to refrain from intentionally gathering personal data from minors. In the event that we do obtain personal data from a child, we shall only use or share such information publicly if we have received explicit consent from the minor’s parent or legal guardian or required by local laws. We are committed to safeguarding the confidentiality and security of minors’ personal data in accordance with all relevant laws and regulations.
If you are considered as a minor in your country of residence, please ensure that you obtain permission from your parent or legal guardian prior to providing us with any personal data.
Lanson Place use “cookies” to gather information from visitors to our websites. Cookies allow us to collect information about users over time as you browse our website. This helps us to provide you with an enhanced experience each time you visit, as well as to improve the overall quality and functionality of our websites. For complete details on the specific cookies, we use and the purposes for which we use them, please refer to our Cookies Policy.
Your Legal Rights in Relation to Personal Data
Lanson Place would like to make sure you are fully aware of all of your data protection rights. You are entitled to the following:
Right of access – You shall have the right to obtain from Lanson Place confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information, including but not limited to:
- the purpose of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
Right to restriction of processing – You shall have the right to object the processing of your personal data, unless compelling legitimate grounds that override your interests or rights, or if the processing is necessary for legal claims.
Right to rectification – You shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning you;
Right to erasure – You shall have the right to ask for your personal data to be deleted in certain circumstances;
Right to data portability – You shall have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
- the processing is based on consent; and
- the processing is carried out by automated means;
Right to opt-out of marketing – You have the right to choose not to receive our marketing communications or to withdraw from receiving them by following the unsubscribe instructions in the marketing communications or by contacting Lanson Place through the ‘Contact Us’ section below.
Right to complaint – You may also have the right under applicable law to lodge a complaint with your local supervisory authority responsible for data protection matters.
To exercise any of the abovementioned rights, please contact us as set forth below. We shall process any requests in accordance with applicable law and within a reasonable period of time. We recommend you include documents that prove your identity and a clear and precise description of your request. We may charge for a request to access your information, if permitted by applicable law.
- email to firstname.lastname@example.org or
- post to Lanson Place Hospitality Management Limited, Suite 3103, 9 Queen’s Road Central, Hong Kong.
The Group reserves its right to amend, modify, cancel, or interpret this Policy at any time and from time to time, or to terminate or suspend the availability of this policy any time with or without any prior notice. In the event of disputes, the Group reserves the right to make final judgement on the dispute and otherwise in respect of this policy.
This privacy statement was last modified in June 2023.
Appendix 1: Software Development Kits (SDK) Provided by Third Parties
|Type of data collected
|Web analytics service offered by Google that tracks and reports website traffic
|User interactions, such as page views, clicks, scrolling behaviour, form submissions, and events.
|Mapbox GL JS
|Integrate interactive maps and location-based services into their applications
|Usage Analytics, Interaction Data: such as zooming, panning, and clicking on map features.