G Gallery Co., Ltd.(Art Mai? Gallery Hotel Chiang Mai,respects your preferences concerning the collection and use of your Personal Information. The following privacy policies are tailored for the different ways your Personal Information is collected through Compass Hotel Group websites.
This Policy (“Policy”) lets you know how we collect and use your Personal Information, how you can control its use, and describes our practices regarding information collected from the different sources that link or refer to this Policy (not limited to but also other modes such as our websites, computer or mobile software applications, and HTML-formatted e-mail messages). Your personal information allows us to provide the products and services you have asked for, as well as enabling us to improve those products and services by understanding your interests and preferences. By understanding what you like (and what you don’t) we are able to personalize your experience, show relevant adverts and improve your stay.
By using any of our products or services and/or by agreeing to this Statement, e.g. in the context of registering for any of our products or services, you agree to the collection and use of Personal Information as described in this Statement.
WHO WE ARE?
G Gallery Co., Ltd.(Art Mai? Gallery Hotel Chiang Mai,(“we”, “our”, “us”) is the data controller when you provide information to any of our brands, including 4 distinctive brands: Compass, Citrus, Citin, and Ananda Spa (alongside our Compass Collection which includes individually ‘White label’ branded hotels and resorts),offers a large variety of lifestyle preferences and accommodation needs, delivering gracious services for a truly memorable experience.
LEGAL BASIS FOR USING YOUR INFORMATION WITH YOUR CONSENT.
There are some activities where we process personal information with your consent, which you are able to withdraw at any time, although if you do, we may not be able to provide the product or service you have requested. For example, where we want to send you marketing messages by email, we would ask your permission first and you could opt-out at any time. We will indicate in the Policy where we rely on consent.
- Loyalty Card Members: If you are a loyalty card member, we use your information to administer the loyalty program and to personalize your experience across our services. We also use your information to communicate news, promotional, and transactional materials across different Compass Hospitality services and to personalize advertising and content delivered to you through online, email, mobile, and display advertising, as well as on our website in accordance with any communications preferences you have expressed with your explicit consent.
- Service Administration: Your information will be used in order for us to supply pre and post stay plus transactional information. Additionally we use your personal information to administer programs in which you participate, including providing you with access to your account information, such as rewards status and offers for which you are eligible; to fulfil services that are part of such program; to enable direct communication between properties within the Compass Hospitality Portfolio of Brands; and between the Compass Hospitality Portfolio of Brands and you; and to facilitate collections.
- Meeting and Event Planning: We may use your personal information to provide you with information about meeting and event planning.
- Marketing and Communications: Where permitted, we may use your personal information to provide or offer you newsletters, promotions and featured specials, as well as other marketing messages in accordance with any communications preferences you have expressed via your explicit consent in line with GDPR compliance. We use your information to provide in-stay messaging, account alerts, and reservation confirmations; to send you marketing messages; and to conduct surveys, sweepstakes, prize draws, and other contests. We may provide these communications via email, postal mail, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app messaging, and other means (including on-property messaging, such as your in-room television). With your consent, we also use user-generated content (such as photos) from social media services to deliver display advertising or on our website and apps.
- Service Improvements: We may use your personal information to improve our services and to ensure that our site, products, and services are of interest to you.
- Data Cleansing, Analytics and Personalization: We may aggregate your personal information with data from third-party sources for purposes of keeping information up to date and analytics. We also rely on information from third parties in order to provide better, more personalized service. For example, if you connect your social media services or other accounts to our services, we may use this information to make your experiences with us more personal and social, or share and use it as described elsewhere in this Statement.
WHAT INFORMATION THAT WE COLLECT?
We may collect Personal Information which may include, but not limited to:
- Your name and physical address, IP address, email addresses, and telephone numbers
- Behavioral or demographic attributes, when tied to personal identifiers
- Past transactional behavior on the Channels
- Information obtained from third parties on your interests
- Unique IDs such as a cookie placed on your computer, mobile or device IDs
- Information about your devices such as information contained in HTTP Headers (defined below) or other internet transfer protocol signals, browser or device type and version, operating system, user-agent strings and information about or from the presence or use of “apps” on your mobile devices, screen resolution, and your preferred language
- Behavioral data about your usage of the Channels, such as webpages clicked, websites and content areas visited, date and time of activities.
- The web search you used to locate and navigate to the Channels
HOW WE USE AND SHARE INFORMATION
We collect information you provide to us directly and indirectly when interacting with our products and services, including when you stay with us. This may include when you:
- Book a room online, over email or on the phone;
- Create, use or manage an online account;
- Visit our website;
- Fill out our online forms or registration cards;
- Visit our hotels or use our hotel services, like room service or gym and spa facilities;
- Access hotel internet;
- Use our restaurants;
- Use social media login functionality;
- Interact with us in online forums, by email, text, or on social media;
- Post reviews of your stay or interaction with us;
- Complete our market research/customer surveys; and
- Enter competitions or promotions.
In addition, we collect other personal information in certain cases, such as:
- Loyalty Card Scheme: When you enroll in our Loyalty Card Program, you will receive an ID number and we will ask you to create a user ID and password. We also collect information to administer the Loyalty Card Program and profiles, including transaction and correspondence details
- Surveys: We may request demographic data or other personal information in customer surveys.
- On-property Collection: We collect additional personal information during registration/check-in at our properties, including such information as may be required by local laws. Additional data collection may take place via luggage tags, car parking ticketing as well as other means. We may also use closed circuit television and other security measures at our properties that may capture or record images of guests and visitors in public areas, as well as information related to your location while on our properties (via keycards and other technologies). We may also use closed-circuit television and other technologies that record sound or video for the protection of our staff, guests and visitors to our properties where permitted by law. In addition, we may collect personal information in connection with on-property services, such as concierge services, health clubs, spas, activities, child care services, equipment rental.
- Event Profiles: If you plan an event with us, we collect meeting and event specifications, the date of the event, number of guests, details of the guest rooms, and, for corporate events, information on your organization (name, annual budget, and number of sponsored events per year). We also collect information about the guests that are a part of your group or event including personal dietary information. If you visit us as part of a group, we may have personal information about you provided to us by the group and may market to you as a result of your stay with a group or attendance at an event in accordance with your preferences as permitted by law, providing that explicit consent to do so is granted. If you visit us as part of an event, we may share personal information about you with the event planners, as permitted by law. If you are an event planner we may also share information about your event with third-party service providers who may market event services to you as permitted by law.
- Employment Applications: If you choose to apply for employment with us, your personal details as provided in your CV and Cover Letter will be held on file till the position is filled.
- Assumed Information: In addition to the information we collect from you directly, we may also infer information about you based on the information you provide to us or from Other Information we collect.
- Third Party Data Collection: We may also collect information about you from third parties, including information from Online Travel Agent Partners, from your social media services consistent with your settings on such services; and from other third-party sources that are lawfully entitled to share your data with us. We use and share this information (and may append this information to the other information we have on file for you) for the purposes described in this Statement.
CHILDREN & SENSITIVE INFORMATION
The term “sensitive information” refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life, or sexual orientation, genetic information, criminal background, and any biometric data used for the purpose of unique identification. We do not generally collect sensitive information unless it is volunteered by you. We may use health data provided by you to serve you better and meet your particular needs (for example, the provision of disability access).
We do not knowingly collect personal information from individuals under 18 years of age. As a parent or legal guardian, please do not to allow your children to submit personal information without your permission.
THIRD PARTY WEBSITES & SERVICES
SHARING OF PERSONAL DATA
In order to offer you the expected level of hospitality and to provide you with the best level of service, we may share your personal information among members of the Compass Hospitality Portfolio of Brands, our service providers, and other third parties as set forth in detail below:
- Compass Hospitality Portfolio of Brands: Where explicit consent has been granted for individual property marketing, Chain Marketing and full portfolio Marketing, personal data may be shared in order for effective and relevant communications. Said data may be individually or jointly used to provide you with services, personalization, and for the purposes of receiving information of the options described above.
- Group Events or Meetings: If you visit us as part of a group event or meeting, information collected for meeting and event planning may be shared with the organizers of those meetings and events, and, where appropriate, guests who organize or participate in the meeting or event.
- Co-Sponsors of Promotions: We co-sponsor promotions, sweepstakes, prize draws, competitions or contests with other companies, and we provide prizes for sweepstakes and contests sponsored by other companies. If you enter one of these sweepstakes or contests, we may share your information with the co-sponsor or third-party sponsor.
- On-property Services: We may share personal information with third-party providers of on-property services such as concierge services, spa treatments, or dining experiences.
- Service Providers: We rely on third parties to provide services and products on our behalf and may share your personal information with them as appropriate. Generally, our service providers are contractually obligated to protect your personal information and may not otherwise use or share your personal information, except as may be required by law. We may use service providers to communicate news and deliver promotional and transactional materials to you on our behalf, including personalized online and mobile advertising in accordance with your preferences and applicable law. Please see our Cookies & Technology section for more information. We will only work with parties that offer a method to opt-out of such advertising, and whom are able to contact you once explicit consent as per GDPR compliance has been granted.
- Telemarketing: If you stay at one of our hotels and complete a Sales Lead Generation form, you are thereby giving your explicit consent for the Sales team to contact you via telephone (or via email, which ever was the preferred means of contact)
- Other: In addition, we may disclose personal information in order to: (i) comply with applicable laws, (ii) respond to governmental inquiries or requests from public authorities, (iii) comply with valid legal process, (iv) protect the rights, privacy, safety or property of us, site visitors, guests, employees or the public, (v) permit us to pursue available remedies or limit the damages that we may sustain, (vi) enforce our websites’ terms and conditions, and (vii) respond to an emergency.
MARKETING. We may use your Personal Information and Other Information to notify you about new product releases and service developments, and to advertise our products and services in accordance with this Policy. Your website visit, marketing experience, and communications may be tailored to your interests based on your Personal Information. We may share your Personal Information to specific third party partners to facilitate interest-based advertising. Other Information uses specified above are not mandatory and may be controlled by you. Please refer to the “Registration and Privacy Choices” section below for opt-out options.
IMPROVE PRODUCTS, SERVICES AND EXPERIENCES. We may use your Personal Information to evaluate and improve our products, services, marketing, and customer relationships.
OBTAIN THIRD PARTY SERVICES. We also share Personal Information with third parties who provide services to us, such as credit card processing services, analytics, website management, information technology and related infrastructure provision, customer service, e-mail delivery, and other similar services. When we shares Personal Information with third party service providers, we require that they use your Personal Information only for the purpose of providing services to us and subject to terms consistent with this Policy.
HOW WE COLLECT INFORMATION
COOKIES. Our server will query your browser to see if there are “cookies” previously set by our electronic Channels. A cookie is a small piece of information sent by a Web server to store on a Web browser so it can later be read back from that browser. Cookies may collect information, including a unique identifier, user preferences, profile information, membership information, and general usage and volume statistical information. Cookies may also be used to collect individualized website use data, provide electronic Channel personalization, or conduct and measure the effectiveness of advertising in accordance with this Policy. Some cookies may remain on users’ computers after they leave the website. While the majority are set to expire within 1-24 months of your last visit to the website that set the cookie, others may not expire because of their nature, like cookies that remember opt-out preferences.
Your browser may provide you with information and control over cookies. You can set your browser to alert you when a cookie is being used, and accept or reject the cookie. You can also set your browser to refuse all cookies or accept only cookies returned to the originating servers. Users can generally disable the cookie feature on their browser without affecting their ability to use the site, except in some cases where cookies are used as an essential security feature necessary for transaction completion. Cookies, however, are important to the proper functioning of a site, and disabling them may degrade your experience and interfere with website features and customizations.
REGISTRATION AND PRIVACY CHOICES
REGISTRATION. We allows you to establish an online registration profile for marketing communications. You may use the profile to customize and control your preferences for receiving electronic information, including opting into (or out of) communities, newsletters and general interest areas. You can return to the registration profile at any time to change your elections or modify your profile.
EMAIL MARKETING. We enables you to opt out of cookies that are not required to enable core site functionality. We uses its cookies preferences tool to process Internet advertising and tracking preferences, but does not respond any other Do Not Track signals.
Please remember that if you delete your cookies, or use a different browser or computer, you will need to set your cookies preferences again. You may access or change your cookie preferences at any time. If you have any problems using this cookie preference mechanism, please fill out an inquiry form.
ACCESS, CORRECTIONS AND PROFILE UPDATES
You may request to review, correct, update, suppress, or otherwise modify any of your Personal Information that you have previously provided to us through the Channels, or object to the use or processing of such Personal Information by us. You have the ability to update your profile and related Personal Information at any time. To change this information, please drop an email to email@example.com and we will provide you link to update your profile. Please also visit Frequently Asked Questions (FAQs) and request help with your account. If you have privacy concerns regarding access to or the correction of your Personal Information, please contact us write to us at firstname.lastname@example.org.
PROTECTING PERSONAL DATA
We will take reasonable measures to: (i) protect personal information from unauthorised access, disclosure, alteration or destruction, and (ii) keep personal information accurate and up-to-date as appropriate. We also seek to require our affiliates and service providers with whom we share personal information to exercise reasonable efforts to maintain the confidentiality of personal information about you. For online transactions, we use reasonable technological measures to protect the personal information that you transmit to us via our site. Unfortunately, however, no security system or system of transmitting data over the Internet can be guaranteed to be entirely secure.
For your own privacy protection, please do not send payment card numbers or any other confidential personal information to us via email.
We will not contact you by mobile/text messaging or email to ask for your confidential personal information or payment card details. We will only ask for payment card details by telephone when you are booking a reservation or promotional package.
We are part of a multi-national brand and will take appropriate steps to ensure that your personal information is handled as described in this Statement and in accordance with the law with regards to international data transfers i.e. informing the client.
In line with GDPR legislation, should a data breach occur i.e. data is lost/hacked/is inaccessible then we accepts its responsibility to ensure that material and non-material harm to the client is avoided and will report the breach to ICO within 72 hours.
ACCESSING PERSONAL DATA
To the extent required by applicable law, you may be able to request that we inform you about the personal information we maintain about you and, where appropriate, request that we update, correct and/or delete personal information about you that we maintain in our active database. We will make all required updates and changes within 1 month of receiving the request. If you are a Loyalty Card member, the information you provided to us at the time of registration may be accessed, reviewed and updated at any time by signing in via our customer portal.
Such requests must be submitted in writing to email@example.com or Compass Hospitality Customer Privacy Department, Suite 10/91 Trendy Office Tower, 5th floor, Sukhumvit Soi 13, 10110, Bangkok, Thailand. To protect your confidentiality, we can only respond to such requests to the email address that you have registered or otherwise provided to us. Please remember that if you make such a request, we may not be able to provide you with the same quality and variety of services to which you are accustomed.
In addition, in some circumstances based on applicable law, you may request that we cease sharing personal information about you with our business partners or that we cease using personal information about you by contacting us using the email or mailing address above. We will seek to honor those requests consistently with applicable law.
RETENTION AND DELETION
We will retain your Personal Information for as long as your account is active; as needed to provide you products or services; as needed for the purposes outlined in this Policy or at the time of collection; as necessary to comply with our legal obligations (e.g., to honor opt-outs), resolve disputes, and enforce our agreements; or to the extent permitted by law.
- We retain personal information about you for the period necessary to fulfill the purposes your transaction, unless a longer retention period is authorized by you giving us your explicit consent in order for Compass Hospitality to contact you again. Any financial data will be securely held for a period of 7 years, in line with HMRC compliance. Other personal data will be held for a period of 3 years and then destroyed / deleted in line with GDPR compliance and process. We will destroy your personal information as early as practicable and in a way that the information may not be restored or reconstructed.
- If printed on paper, the personal information will be destroyed in a secure manner, such as by cross-shredding or incinerating the paper documents or otherwise and, if saved in electronic form, the personal information will be destroyed by technical means to ensure the information may not be restored or reconstructed at a later time.
At the end of the retention period, we will delete your Personal Information in a manner designed to ensure that it cannot be reconstructed or read.
The security of your Personal Information is very important to Compass. We use physical, electronic, and administrative safeguards that are designed to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.
In addition, we uses standard security protocols and mechanisms to exchange the transmission of sensitive data such as credit card details. When you enter sensitive Personal Information such as your credit card number on our site, we encrypt it using secure socket layer (SSL) technology.
In the event that your Personal Information is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, we will notify you by email. We will give you notice promptly, consistent with the reasonable needs of law enforcement to determine the scope of the breach and to investigate and restore the integrity of the data system.
SITE COPYRIGHT POLICY
The content of each page of this website is the property of G Gallery Co., Ltd.(Art Mai? Gallery Hotel Chiang Mai, under Compass Hospitality Management Group) and/or Compass Hospitality.
No part of our website may be reproduced, displayed or republished in any form without prior consent, except that permission is granted to a user to print or photocopy individual articles or entire pages from our website, provided that this is for personal use only.
- WHY HAVE A COOKIES POLICY?
To provide information and ensure transparency, we established this policy so that you can know how we process your information when browsing our websites as well as to let you know your rights in regard to cookies and tracers used by us.
- WHAT IS A COOKIE?
A Cookie and other similar tracers are packets of data used by servers to send status information to a user’s browser and return status information to the original server through this same browser. It helps the website to remember information about your visit, like your preferred language and other settings. Cookies are used to store status information when a browser accesses various pages of a website or when the browser returns to this website at a later point.
- Adapt our Websites to the display preferences of your device (language, currency, display resolution, operating system used, configuration and settings of the display
- Store specific information that you enter on us in order to facilitate and customize your subsequent visits (including displaying the visitor’s first and last names if the visitor has a user account)
- Allow you to access your personal pages more quickly by storing the login details or information that you previously entered
Cookies for visitor tracking are aimed at improving the comfort of users by helping us to understand your interactions with our Websites (most visited pages, applications used, etc.); these cookies may collect statistics in order to improve the relevance and usability of our services.
Advertising cookies are intended to offer you, in advertising spaces, relevant, targeted content that may be of interest to you (best offers, other destinations, etc.) based on your interests, browsing behavior, preferences, and other factors.
Affiliate cookies identify the third-party website(s) that redirected a visitor to us.
The installation of certain cookies is subject to your consent. Also, when you first visit us you are asked whether you agree to the installation of this type of cookie, which is only activated after your acceptance.
You can change your mind at any time using the various methods described in section “Deleting and/or blocking cookies”.
- DELETING AND/OR BLOCKING COOKIES
You have several options for deleting cookies and other tracers as described below.
Although most browsers are set by default to accept cookies, you can, if you desire, choose to accept all cookies, always block cookies, or choose which cookies to accept based on their senders.
You can also set your browser to accept or block cookies on a case-by-case basis before they are installed. Your browser also allows you to regularly delete cookies from your device. Remember to configure all the browsers in your different devices (tablets, smartphones, computers, etc.).
Regarding management of cookies and your preferences, configuration varies for each browser. This is described in the Help menu of your browser, as well as how to edit your preferences with regard to cookies. For example:
Saving a cookie to your device depends on your wishes, which you can exercise and change at any time and free of charge using the settings offered by your browser software.
Google Analytics Opt-out Browser Add-on
If your browser is set to accept cookies on your device, the cookies embedded in the pages and content that you view may be temporarily stored in a dedicated space on your device. They can only be read by their issuer.
However, you can set your browser to block cookies. Keep in mind that if you set your browser to block cookies, some features, pages and spaces us will not be accessible, and we cannot be held responsible in this case.
From time to time we may make changes to this Policy. This might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal information. We will always display clearly when the Policy was last updated and where appropriate, notify you of any relevant changes.
In accordance with GDPR legislation, If you have given us your explicit consent to use your contact information (mail address, fax number, email address or phone number), we may want to inform you in accordance with any preferences you have expressed, about our products and services or invite you to events via email, online advertising, social media, telephone, text message (including SMS and MMS), push notifications, in-app alerts, postal mail, our customer service call center, and other means (including on-property messaging, such as your in-room television).
If you are a Loyalty Card Member, you may change the communications you receive from us by logging on to your online account and managing your subscriptions via the online portal. Or by writing to us (and including your email address) at Compass Hospitality Customer Privacy Department, Suite 10/91 Trendy Office Tower, 5th floor, Sukhumvit Soi 13, 10110, Bangkok, Thailand, or by emailing us at firstname.lastname@example.org.
If you prefer not to receive email marketing materials from us, you may opt-out at any time by using the unsubscribe function in the email you receive from us. Opt-out requests can take up to ten business days to be effective.
To opt out of text messages, tell the hotel front desk that you do not want to receive text messages from the hotel or reply “STOP” to the message you received.
To be added to Compass Hospitality’s internal do not call list, send a message to email@example.com.
If you would like to get in touch with us, please send us an email at the following email addresses:
THAILAND – firstname.lastname@example.org
UNITED KINGDOM – email@example.com
MALAYSIA – firstname.lastname@example.org