Privacy Policy
Our guests are important to us and our main priority is to ensure that they enjoy their stay in our hotel. Their satisfaction and trust is of the utmost importance to us. For this reason, we have drawn up a privacy and security policy for customer data that describes how we use personal data.
‘Personal data’: this means all information that is collected and recorded in a way in which one can be identified as a natural person. This may be directly, for example by name, or indirectly by telephone number. Before we are provide with this information, we recommend to first read our policy. This privacy and security policy for customer data is part of the terms and conditions that apply to our (hotel) services.
In order to complete a reservation we need certain data. We also process data in other cases, such as for information requests and visits to our website. In doing so we also use third parties who receive certain personal data and process it. At various times we are also obliged to ask our guests information about themself and/or family members. Below one can read more about which data we process.
a. Contact data (first name, surname, address and city, telephone number and e-mail address)
We use personal data to be able to speak to someone in the hotel, but also in our further communication. These data are also necessary to record a booking and to include the data in the night register. We normally send booking details by e-mail prior to arrival. In exceptional cases we may also send information to home addresses.
It may be the case that we need to contact someone about a booking. We may ring if there are questions and may send a message.
Our guests will receive an e-mail about the reservation and prior to the stay we might also send useful information about our additional services and, for example, activities in the vicinity, everything to make a stay with us a memorable experience. Guests might also receive newsletters by e-mail if they have registered for this. If one prefers not to receive newsletters and offers, it is easy to unsubscribe.
b. Personal data (date of birth, nationality, gender, children/family composition)
Anyone who books a hotel room with us must be at least 18 years old. City tax may depend on the age of the persons staying in the accommodation and therefore we require dates of birth. If someone has a birthday during the stay, we would like to remember this and do a little bit extra to mark the occasion. It also means we can prepare the room optimally for the age of the guests and the composition of the family; for example, provide a cot or children’s bed.
c. Payment data
To pay for a booking we use a secure payment environment. If guests pay with iDeal or by transfer, data are stored in our administration to link the payment to the booking. We only make further use of a bank account number if someone receives money back from us. If guests pay by credit card, we send credit card details from our secure environment directly to our credit card partner. Our partner carries out our credit card payments and tells us whether a payment has been successful. The data concerned are stored securely so that we can charge any extra payments to a credit card. Of course, one will always receive a statement of these payments.
d. Data related to the stay (arrival and departure dates, preferences and interests)
The arrival and departure date of a stay in order to execute the agreement, as well as any preferences in order to fulfil certain wishes as optimally as possible, for example: dietary requirements, desired room and bathroom preferences.
e. IP addresses
We, or third parties on our behalf, may search for IP addresses on the internet. We remember preferences and can therefore give appropriate advice. This can also be used for fraud protection.
f. Persons under the age of 18
The information collected on persons under the age of 18 remains limited to their name, nationality and date of birth. These data may only be provided to us by an adult. We would appreciate it if you ensure that your children do not send us any personal data without your permission (specifically via the internet).
Personal data may be collected at different times and include:
a. Hotel activities
– Booking a room
– Checking in/out, and paying
– During the stay at the hotel (for example, camera surveillance)
– Eating/drinking in the hotel during a stay (incl. table reservation)
– Requests, complaints and/or disputes
b. Participation in marketing programs or events
– Registration for our loyalty programs
– Participation in surveys among guests (for example, a guest satisfaction survey)
– Subscription to our newsletter in order to receive offers and promotions by e-mail
c. Transfer of information to third parties
– Tour operators, travel agencies, GDS reservation systems, etc.
– Organizers of events in our hotel (rooming list with names of the guests participating in the event)
d. Internet activities
– Connection to Rana Mahal website (IP address, cookies) or Wi-Fi networks
– Online forms (online reservations, questionnaires, Rana Mahal pages on social media, network registrations such as a check-in on Facebook, etc.).
We collect your personal data for the following purposes:
a. To fulfil our obligations towards our customers
b. To manage room reservations and accommodation requests
c. To manage the guest stay at the hotel
– Check your use of our services (massages, boating, guiding, food)
– Management of room access (key system)
– Internal management of lists of guests who have not behaved appropriately during their stay (aggressive behavior, violation of the contract with the hotel, violation of the safety regulations, theft, damage and vandalism, or payment problems).
d. To manage our relationship with guests before, during and after their stay:
– Management of our loyalty program
– Provision of data for the guest database
– Segmentation based on the guest’s reservation history and travel preferences in order to send targeted communication
– Prediction and anticipation of future booking behavior
– Analysis of statistics and commercial scores, and making reports
– To consult the preferences of new or returning guests and management of these preferences
– To send our newsletters, promotions and offers of hotels and services or to contact guests directly by telephone.
e. To improve our services by carrying out surveys, analyses of questionnaires and complaint management and guest feedback.
f. To protect and improve the use of our website, specifically:
– Improvement of navigation
– Implementation of security measures and fraud prevention
g. To comply with local legislation (for example the storage of accounting documents)
h. To guarantee the safety of our other guests, staff, our building and property.
i. We sometimes use guest data to investigate, prevent and combat fraud. In some circumstances we are legally obliged to pass personal data to relevant organizations.
Our aim is to provide the same service during every stay. For this reason and to guarantee that you have access and correction rights we share personal data with internal and external recipients under the following conditions:
a. Within the hotel we may share personal data and give access to them to authorized personnel, including:
– Hotel personnel
– IT department
– Commercial partners and marketing agencies
– Legal services, if applicable
b. With service providers and partners: personal data may be sent to a third party with a view to providing services and improving our guests stay, such as for example external service providers, IT subcontractors, banks and credit card companies, exclusively for the purposes described here.
c. Local authorities: We may be obliged to send data to local authorities if this is required by law or as part of an investigation and in accordance with the local regulations. In accordance with the applicable provisions, we take all appropriate technical and organizational measures to protect personal data against misuse, unlawful loss or unauthorized use, disclosure or access. For this purpose, we have taken technical measures (such as firewalls, monitoring of file access) and organizational measures (such as training of personnel in privacy awareness, a robust username/password system, physical security, etc.). If, despite these measures, a data leak occurs, we have a procedure in place to report this in the correct manner.
We also expect that external parties who process personal data for us have taken the required contractual and organizational measures to do this as safely as possible and we require them to guarantee that they will only process your data for the purposes described here. We record this formally as far as possible and supervise this where possible. In addition, we keep an up-to-date overview of these external parties and which specific data they process on our behalf and for what purpose.
If guests use credit card data to make the reservation or give us other personal data online when making the reservation, technology is used to guarantee safe communication.
Legislation stipulates several principles for the processing of personal data. This mainly concerns the processing of data based on:
– an agreement;
– a justified interest in Rana Mahal;
– a given consent;
– a legal obligation.
We mainly use data in connection with a booking and therefore based on an agreement. A booking is recorded, and we do everything further to make every stay as enjoyable as possible. Additional contact moments, such as reviews, marketing activities and the recording and analysis of your activities take place in connection with a justified interest in Rana Mahal. There are also legal obligations, such as the inclusion of your data in the night register, for example.