Privacy Policy
Updated on 27/04/2020
This Privacy Policy (“Privacy Policy”) applies to Dusit Thani Public Company Limited, its subsidiaries and all of the hotels and its related activities and other businesses (i.e. school, college, residential, restaurant, spa and fitness) specified in this Privacy Policy within Dusit Portfolio of Brands (collectively, “Dusit”, “we”, “our”, “ours” or “us”) and takes the issue of safeguarding the privacy of guests seriously.
Our Privacy Policy describes the following:
- The data or information we collect from guests, customers, villa owners, residence owners, investors, business partners, lessors, lessees, tenants, vendors, suppliers – including prospective or potential ones, students, and you – as well as visitors to our websites, domain names, DusitApp and other applications and/or third party websites or digital channels (referred to as “you”, “your” and “yours”)
- The way we use this data or information to better serve the needs of yours.
This Privacy Policy does not apply to our processing of personal information on behalf of and subject to the instructions of third parties such as airlines, car rental companies, agents and other service providers, companies that organize or offer packaged travel arrangements, marketing partners, or corporate customers.
Whilst this Privacy Policy broadly describes the practices we have adopted across other entities within Dusit globally, local laws vary and some jurisdictions may place restrictions on our processing activities (e.g. certain jurisdictions may require affirmative consent before sending marketing messages). Therefore, our actual practices in such jurisdictions may be more limited than those described herein, in order to enable us to comply with local requirements, including but not limited to Personal Data Protection Act of Thailand B.E. 2562 (2019)(“PDPA”).
1. The current subsidiaries are Dusit Worldwide Co., Ltd., Dusit Thai Properties Co., Ltd., Dusit Thai Properties Public Co., Ltd., Dusit Management Co., Ltd., Dusit Overseas Co., Ltd., Dusit Excellence Co., Ltd., Dusit Maldives Management Pvt., Ltd., Dusit Thani Philippines Inc., Dusit USA Management Inc., D&J Co. Ltd, Dusit Japan Godo Gaisha, Dusit Saudi LLC, Devarana Spa Co., Ltd., Dusit Hospitality Services Co., Ltd., Grace Me Co., Ltd., LVM Holdings Pte. Ltd. and Favstay Pte. Ltd. which are the data controllers for all guest data and operate marketing activities for Dusit Hotels and Resorts.
2. Dusit Portfolio of Brands includes ‘Dusit Thani’, ‘Dusit Devarana’, ‘dusitD2’, ‘Dusit Princess’, ‘ASAI’, ‘DUSIT CENTRAL PARK’, ‘DUSIT RESIDENCES’, ‘Dusit RESIDENCE SERVICED APARTMENTS’, ‘DUSIT PARKSIDE’, ‘Devarana Spa’, ‘Namm Spa’, ‘Benjarong’, ‘Dusit Foods’, ‘Dusit Thani College’, ‘dusit hospitality management college’, ‘D dusit hospitality education’, ‘Dusit International’, ‘DUSIT THANI HOTEL SCHOOL’, ‘The Food School Bangkok’, ‘SOI’, ‘BAAN DUSIT THANI’ and ‘Khong Thai’. Dusit Portfolio of Brands also includes managed hotel and franchised hotels. A list of entities that operate managed hotels in other countries can be found [here]. Franchised hotels are operated by entities that are separate from Dusit. To determine the entity that operates a franchised hotel, please contact that hotel.
TABLE OF CONTENTS
WHAT IS PERSONAL INFORMATION
WHAT IS PERSONAL INFORMATION WE COLLECT AND WHY IS PERSONAL INFORMATION COLLECT
Sensitive Data
Minors
CCTV and photographs
HOW AND WHERE WE COLLECT YOUR PERSONAL INFORMATION?
- On Our Digital Channel
- A. Initially upon contact with our Digital Channel
- B. Whilst Browsing Our Digital Channel
- C. Making a Purchase on dusit.com or Out other Websites
2. When Making a Reservation
- A. On dusit.com, Our other Websites, DusitApp and Our other Applications
- B. Through Reservation Offices
3. When Using Our Services or Purchasing Our Products at Our Establishments
4. Regarding Residence Ownership
- A. When Enquiring about Residence Ownership
- B. As a Residence Owner
- C. During Your Stay at Your Residence
5. Regarding Students at Dusit Thani College and other Educational Institutes
HOW DO WE RETAIN PERSONAL INFORMATION
- At the Establishment
- In Central Reservation System
- In the Owner’s Residence Property Management Systems
- In Check-in Point of Using Our Facilities
- In Marketing Databases
- Regarding Students at Educational Institutes
WHAT INFORMATION IS NOT SECURE
If I have created a Customer Profile or Student Profile, how is my Personal Information treated?
HOW AND WHEN WE SHARE YOUR PERSONAL INFORMATION
Other Uses and Disclosures
Non-Dusit group entities
TRANSFER PERSONAL INFORMATION OUTSIDE OF THAILAND
DATA SECURITY MEASURE
HOW DO YOU ACCESS/REVISE YOUR PERSONAL INFORMATION
HOW LONG IS YOUR PERSONAL INFORAMTION RETAINED
HOW DO YOU KNOW IF THERE ARE CHANGES TO THIS PRIVACY POLICY
HOW IS PERSONAL INFORMATION AFFECTED BY BUSINESS TRANSFERS
WHAT LAWS APPLY TO THIS PRIVACY POLICY
YOUR CHOICE
YOUR RIGHT
TO WHOM DO WE DIRECT QUESTIONS OR CONCERNS REGARDING THIS PRIVACY POLICY
The term of “Personal Information” refers to information about you as an individual who can be identified from that data or can be identified when combine with other information which we have or likely to have access.
WHAT IS PERSONAL INFORMATION WE COLLECT AND WHY IS PERSONAL INFORMATION COLLECT
Core Activities
School/college
For more details on the privacy notice of school/ college
Categories of Personal Information
- Personal details of prospective students, current students, parents and alumni: Full name of child, date of birth, gender, place of birth, postal address, private telephone number, email address, parents name and contact details, date of birth, emergency contact, days of absence, bank account details of parents, needs reports, recording of medical data and incidents, special educational needs records and dietary requirements
- Educational information: prep school and university attendance, tuition and extracurricular accounts, attendance and non-attendance records, exam details and results, curricular activities: performance and educational needs reports, incident reports involving pupils or students
- Membership of any clubs and societies within the School
- Event attendance and work experience placements
- Photographs or images of students in the School
- Sensitive Personal Information (such as health, ethnicity and religion)
- Other relevant categories for the performance of our services (such as assessment, relevant medical information, special educational needs information, exclusions/behavioural information and psycholigical reports and assessments)
- Attendance information (such as sessions attended, number of absences and absence reasons)
- Logging and audit in the use of IT systems and education technology apps, applications and cloud based systems
- Information in the form of CCTV
Purpose of collection your Personal Information
- Set up and administer student accounts
- Selection for admission, award of entrance scholarships, and communication on marketing & admission-related matters
- Verify student’s identity, students qualifications and academic records in relevant schools or other places, and other information provided in the application forms/documents
- Identify possible multiple applications and records of previous and existing studies at the School/College and other schools of students (if applicable)
- Create a profile for each student, revealing their performance and progress
- Provide educational products and services, including tailored questions and support
- Provide an overview for teachers to allow them to monitor student progress and record their actions.
- Connect students’ data and parents’ data
- Provide reports to teachers on student progress
- Conduct research into the usage of our products and services, educational performance and outcomes
- Evaluate and improve our products and services
- Detect and prevent fraud
- Comply with applicable laws that require us to process certain Personal Information
- Comply with inspection, analysis and preparation of documents upon request of governmental organizations and regulatory bodies
- For all educational purposes at, activities conducted by, and facilities, services and benefits provided by the School/ College (in particular those governed by the relevant regulations, policies and procedures of the School/ College)
- Maintain contact, updating the latest developments of the school, and provision of information
- School’s promotional material such as prospectuses and the website
- Conduct statistical analysis, research, survey, review and audit
- For approved school trips
- For proceed with the internship of each student at hotel or other entity
- Issue joint certificate and/or diploma with other institution to students
- Protect the health of the students
- Ensure the safety and security of students
Sensitive Data
Unless specificallyrequested, we ask that you not send us, and you not disclose, on or through the Service or otherwise to us, any Sensitive Personal Information.
We minimize our holding and use of sensitive categories of Personal Information but, given the services we provide, there are times when we use it to understand our guests/customers/students and their needs better, for example when providing accommodation for disabled persons or those
_____________________________
3Sensitive Personal Information includes racial, ethnic origin, political opinions, cult, religious or philosophical beliefs, sexual behavior, criminal records, health data, disability, trade union information, genetic data and biometric data.
with problems around substance abuse, resolving neighborhood disputes involving alleged criminal activity or when helping someone to access care services. We will usually be processing this information to allow us to comply with our legal obligations, act in the substantial public interest in relation to the services we provide, to provide you with social care, or to deal with any legal action. There may be times where we need to ask you for your consent to use this type of Personal Information, in which case we will always notify you and make this clear.
Minors
Unless specified otherwise, we do not usually process data on minors. This website is not intended for children under 18 years of age. We do not seek to obtain, nor do we want to obtain personal information (i.e. personally identifiable information) directly from minors. We cannot, however, always determine that the people accessing and using our site are adults. As such, should a minor (as defined by applicable law) provide to us personally identifying information without parental consent, we request that the parent, guardian or other appropriate person contact us to help us remove the information. Please contact us at [*]
CCTV and photographs
Most of our properties have CCTV and you may be recorded when you visit them. CCTV is used to provide security and to protect both our visitors and communities. CCTV will be only be viewed when necessary (e.g. to detect or prevent crime) and footage is stored for set period of time after which it is recorded over. Dusit complies with PDPA and we put up notices so you know when CCTV is used.
We may take photographs at our event, at our properties and in our communities to use for general marketing and publicity. However, photographs of individuals will only be used for those purpose with your consent, which is held within our Corporate Communication team.
HOW AND WHERE WE COLLECT YOUR PERSONAL INFORMATION
1. On Our Digital Channel
A. Initially upon contact with our Digital Channel
When you visit our digital channel, which includes dusit.com, our websites, domain names, social media accounts, DusitApp or other applications (collectively, “Digital Channel”), you are initially given a “cookie”, and your computer is assigned an ID number. A cookie is a commonly used piece of software that tracks an individual user’s preferences and is capable of enhancing your visit to the Digital Channel.
Cookies allow us to provide a customised experience without the visitor having to remind us of his or her preferences each time he or she visits. If you log in as a registered user, our cookies may collect personal information for marketing purposes and to create content on our Digital Channel that are more relevant and easier to use. Our Digital Channel cookies help enhance your experience with us and provide you with Dusit targeted advertising that may be of your interest.
We do not share your activity on our Digital Channel with other third parties, nor do we collect information from other websites you may visit, except (i) when we conduct our normal business, (ii) as required by applicable laws and (iii) with your consent and/or request from time to time.
We also use cookies to collect and maintain aggregate website data (such as the number of visitors to a particular site), which helps us see which areas are popular with our users and which are not. Amongst other things, this helps us improve and update our site, based on the total number of visitors and pages viewed and other data.
If you do not want to accept cookies, you can block them by adjusting the settings on your internet browser. Visitors should understand, however, that rejecting cookies will affect your ability to benefit from the conveniences you could enjoy if you chose to accept, and you will not be able to use certain customisation features associated with creating a user profile. Please note that because this is a setting on your browser, this adjustment may also block cookies from any other websites you visit.
Once you have visited our Digital Channel and accepted our cookie, an ID number is automatically assigned to your computer or mobile device whenever you visit. Despite the fact that you remain anonymous until you enter your personal information on our Digital Channel, your ID number allows us to log your session, so that we may better assist you should you need individualised service or support. Once you enter your Personal Information on our Digital Channel, we will associate your ID number with your contact information, so we can recognise you on any future visit. We will also use it to keep track of information that appears to be of particular interest to you.
For more information on [Cookie Policy].
B. Whilst Browsing Our Digital Channel
Whilst in the process of browsing our Digital Channel, you also provide us with information that does not reveal your personal identity, for example, what type of destination you seek. We use this aggregated, anonymous data mainly for editorial purposes, and not connect it to any Personal Information, such as your name or address.
As you explore our Digital Channel for information that interests you, you will provide your Personal Information when you create a profile or sign in to access an existing profile.
You may also wish to put in a specific “Information Request” about one of our establishments or participate in one of our online surveys or promotions. To respond to this request or participate in our various programmes, we may ask for your specific Personal Information, such as your name, zip/postal code, e-mail address, and phone number.
In the event you choose to provide us with such information, we will only use it for the specified purpose, including under this Privacy Policy. We will only email you if you want us to. Also, you can choose a number of alternate methods by which to receive a reply to a request. Transmittal of your personal information shall constitute your acknowledgment and agreement to the terms and conditions contained in this Privacy Policy. If you are uncomfortable providing this information over the internet, you can always call our Central Reservation Office for more details.
If you wish, you may also submit your email address to be placed on a subscription list or to receive other information about our products and services. You will be placed on our subscription list only when you indicate your desire to be included. In deciding whether or not to join such lists, please note that they are only used for internal purposes. We do not sell or rent our subscription lists to anyone. In the event you choose to join one of our lists, you may ask to be removed from that list at any time. You will always have the ability to opt-out from any form of communication from us any time through designated channels such as send an e-mail to DP@dusit.com or proceed through our website.
If you wish to receive information regarding any particular establishment of Dusit Hotels & Resorts, you can utilise the link on our Digital Channel to the affiliate and/or third-party websites or digital channels of that particular establishment or send a request through our Digital Channel. Upon using the link, you will be advised that you shall enter an affiliate and/or third-party website or digital channel and that any information you provide to the affiliate and/or third-party website or digital channel will be protected by the affiliate and/or third party in accordance with the affiliate and/or third party’s privacy policy.
C. Making a Purchase on dusit.com or Our other Websites
When making a purchase, you will be asked to complete a form that includes your contact information and payment information. The form is secure. Upon completing the form, your credit card number will be verified using a checking sequence, and once this is confirmed, we will authorise the payment for the amount shown on your order form. Once your transaction is confirmed, you will see a “Thank You” screen, and if you requested an e-mail confirmation, one will be sent within a few moments. Again, due to the personal nature of the information you provide when making a purchase through dusit.com or our other websites, the form is secure, such that your credit card number is protected with encryption technology. Purchasing transactions are assisted by third-party processors who are obligated by contract with us to protect the privacy of your Personal Information.
We retain a log file of transactions at dusit.com or our other websites, excluding your credit card information connected to your ID number. We will then use that information to assist in any enquiries about your transaction.
We also occasionally combine information from a number of web visitors in a way that does not identify any user, in order to identify user patterns.
2. When Making a Reservation
A. On dusit.com, Our other Websites, DusitApp and Our other Applications
You can search for rates and availability at our establishments without providing any Personal Information.
Visitors to dusit.com or our other websites or users of DusitApp or our other applications who elect to make reservations online will be required to complete a reservation profile the first time they book. When you create a reservation profile, you will be asked to provide specific Personal Information, including your name, address and contact information, as well as certain guarantee and deposit information to secure your reservation, such as your credit card number. The transmittal of your personal information shall constitute your acknowledgment and agreement to the terms and conditions contained in this Privacy Policy.
Your credit card number will be verified using a checking sequence, but we will not authorise any payment at this point. Once you indicate confirmation of your reservation, all of the reservation information that you submitted will be sent tous. From this point, the information is sent to the selected establishment in exactly the same way as if you called us directly or if your travel agent made the reservation.
Due to the personal nature of the information you provide when making a reservation through dusit.com, our other websites, DusitApp or our other applications, our employs encryption technology to keep your data secure. We also retain a copy of the reservation profile on dusit.com, our other websites, DusitApp or our other applications, excluding the credit card number connected to your ID number.We will then use that information to create a log into the database of dusit.com, our other websites, DusitApp or our other applications.
We may also combine information from a number of web visitors in a way that does not identify any user, in order to identify user patterns.
B. Through Reservation Offices
Reservations can also be made by contacting a particular establishment’s reservation office directly or by calling our Central Reservation Office. When you make a reservation, we may ask you for specific details about yourself such as your name, address, telephone number and method of payment. We may also obtain from you any room preferences or special requests. Personal information obtained will be sent in a secured communication to the relevant establishment. Confirmation of your reservation will be provided to you, generally by e-mail, directly from the establishment.
3. Whilst Using Our Services or Purchasing Our Products at Our Establishments
As you use our services or purchase our products, we will record your itemised spending to properly build your portfolio, which sets out room rate, purchase price and other expenses billed to you. We also record this information to comply with financial reporting requirements, including those imposed by auditors and government regulators. We may also collect certain information as required by local laws (e.g. passport number).
Information particular to your use of our services or purchase of our products (i.e. health issues, payment difficulties, special requests, service issues) may also be stored. This information specifically about your stay is stored in the property management system at the particular establishment where you used our services and/or purchased our products and is combined with information from your previous visits. Certain information regarding your service and/or product preferences is also stored centrally by us and may be made available to our other establishments through our guests’ database. You may advise the establishment if you do not want to share your personal preferences.
In addition, we may retain the content of any document (including letters, comment cards, electronic documents such as emails and other similar forms of communication) that you send us before, during, or following your usage and/or purchase. This information may be shared with employees of the establishment and within Dusit Hotels & Resorts. Finally, in preparation for your use of our services and/or purchase of our products, we may collect your photograph from publicly available sources so that we can recognise you in order to provide you with superior customer service.
4. Regarding Residence Ownership
A. When Enquiring about Residence Ownership
If you have indicated on asaihotels.com, dusit.com or dusitresidences.com, personal mailings or otherwise that you are interested in receiving information about services and promotions offered by Dusit Hotels & Resorts, you shall receive information about Dusit Portfolio of Brands ’s residences. If you contact Dusit Hotels & Resorts to request further information about becoming an owner of one of our Residences, we will record your contact information. At your request, the personal information you have provided is forwarded to the third-party developer of your preferred Residence (or its authorized agent), who will contact you to provide you with the information you requested.
Any information provided directly to a third-party developer will be collected, stored and used in compliance with that developer’s own privacy policy, which is available on the developer’s website, and is accessible by clicking the appropriate link in the Residence pages on asaihotels.com, dusit.com or dusitresidences.com.
B. As a Residence Owner
Once you become a Residence owner, Dusit Hotels & Resorts as manager of the Residences will use your personal information to create an owner profile that is stored in Dusit Hotels & Resorts’ property management systems. This is used to keep track of your account and provide you with superior service throughout your ongoing relationship with us. The information recorded in your Residence Owner Profile includes your name, contact information, credit card number, details about your ownership and use of your Residence, preferences, and any special requests.
C. During Your Stay at Your Residence
When you stay at your Residence, Dusit Hotels & Resorts, as manager of the Residences, will record information about your use of the amenities and services offered by Dusit Hotels & Resorts (if applicable). Dusit Hotels & Resorts and/or the respective Dusit Hotels & Resorts’ property will use this information for the purpose of billing. Dusit Hotels & Resorts may also record any information you provide about your preferences, as well as information about any issues (i.e. health issues, payment difficulties, etc.) you may have encountered during your stay, so we could provide superior customer service to you as a Residence owner. We also record information about your stay to comply with financial reporting requirements, including those imposed by our auditors and government regulators. We may also collect certain information as required by local laws (e.g. passport number).
In addition, we may retain the content of any document (including comment cards, electronic documents such as emails and other forms of similar communication) that you send us. This information may be shared with employees of the Residences or with Dusit Hotels & Resorts. Finally, in preparation for your stay, we may collect your photograph from publicly available sources so that we can recognise you and provide you with superior customer service.
5. Regarding Students at Dusit Thani College and other Educational Institutes
We may collect your Personal Information in a number of ways, including:
- In person and over the phone: from Students and their family, staff, volunteers, visitors, job applicants and others
- From electronic and paper documentation: including job applications, online marketing forms, lead form, emails, invoices, application forms, letters to Dusit Thani College and other educational institutes, consent forms (e.g. enrolment, excursion, Student Support Services consent forms, and others)
- Online tools: Dusit Thani College Website, DTC official social media (FB, IG, YouTube), HubSpot CRM & Marketing Automation, DTC LINE Official, Google Analytics, Hotjar, Google Tag Manager and others
- Updates: Dusit Thani College may offer you the ability to receive updates either via email, LINE OA or by posting on portions of the site only accessible to registered users. In order to subscribe to these services, you may be required to provide us with Personally Identifiable Information such as your name and email address.
- Posting and Uploading: We collect personal data from you when you provide, post or upload it to our Services, such as when you fill up a form, respond to a survey, or submit an application. You don’t have to post or upload personal data; though if you don’t, it may render some of our services and products unavailable.
- Service Use: We log your visits and use of our Services. We log usage data when you visit or otherwise use our Services, including our sites, CRM and platform technology, such as when you view or click & fill up the form on our online ads and landing pages, perform a search, or make an application.
- Online Payment: Banking data is required to proceed the payment
HOW DO WE RETAIN PERSONAL INFORMATION?
Your Personal Information may be stored, used and transferred for processing in all jurisdictions where it is necessary. If required by local laws, your personal information may be accessed by the courts, law enforcement and national security authorities with or without your knowledge.
1. At the Establishment
Each Dusit establishment stores the Personal Information in a secure location, be it a database or filing cabinet. Furthermore, we take steps to ensure that only designated individuals have access to the Personal Information. Dusit, as manager of all establishments within the group of Dusit, may use your Personal Information to create a Guest Profile, which will be stored in our property management systems. The stored Guest Profile information may include the guest’s name, address, phone numbers, email and credit card number. The Guest Profile may also include certain information regarding a guest’s service preferences.
2. In Central Reservation System
To serve you better, we also store your Guest Profile in our Central Reservation System (CRS), a platform located in a data centre in Thailand. When you make a reservation or purchase directly to any establishment, this information becomes available to that establishment.
We store other transaction information in CRS, including the number of stays and details of products purchased you have had, including the number of nights of each stay and details of products purchased. This information is available to each of our establishments when you make a reservation or purchase at one of the establishments.
3. In the Owner’s Residence Property Management Systems
Personal Information related to you as a Residence owner will be stored at the respective Dusit Hotels & Resorts’ property management system, as well as in CRS and other secure databases.
The stored information includes your name, contact information, credit card number, information related to your Residence ownership and amenities, information related to your stays at your Residence, other services offered at that Residence, historical billing records, and any information you may provide about your particular preferences.
4. In Check-in Point of Using Our Facilities
Each Dusit facility stores the Personal Information in a secure location such as a filing cabinet. Certain facilities such as spa and restaurant also maintain their own database or central system to store the Personal Information in order to improve guests and customers experience. Each facility takes steps to ensure that the Personal Information may be accessed by the authorized personnel only. The stored Personal Information may include the guest’s name, address, phone numbers, email, credit card number and guest’s service preferences.
5. In Marketing Databases
Dusit maintains databases of guests’ information, which are used for marketing, promotional and research purposes. Guests will only receive such information if they have provided permission on their registration cards, the Digital Channel, or in some other forms. Any information sent provides a clear notice of how to discontinue receiving promotional materials.
6. Regarding Students at Educational Institutes
Additionally, in order to keep a full record and database of Students, we also store their profile in our HubSpot CRM & Marketing Hub, Vision Net and Intranet and/or Extranet system, a platform located in a data centre in Thailand. When you are a potential Student at any establishment and/or campus, this information will become available to that establishment and/or campus.
WHAT INFORMATION IS NOT SECURE?
We endeavour to protect the privacy of your account and other Personal Information that we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorised entry or use, hardware or software failure, and other factors, may compromise the security of user information. Therefore, we endeavour to put adequate contractual protections in places where we cannot guarantee the security of any Personal Information in databases hosted by third parties.
When you login to complete or modify a Booking Profile, Guest Service Profile or Student Profile, your online interaction with us is protected from eavesdropping using the highest-level encryption technology based on the browser you use. To ensure your privacy and the protection of the information you choose to share with us, we allow only encrypted communications from all of our web forms.
It is important to note that any email communication is not secure. This is a risk inherent in the use of emails. Please be aware of this when requesting information or sending forms to us by email (for example, from the “Contact Us” section of our website). We recommend that you do not include any confidential information (i.e.credit card information)when using email. For your protection, our email responses to you will not include any confidential information as well.
Finally, to be prudent, please be sure to always close your browsers when you are done using a form or the reservation site. Although the session will terminate after a short period of inactivity, it is best to close your browsers immediately upon completion.
If I have created a Customer Profile or Student Profile, how is my Personal Information treated?
If you are invited and you elect to create a Guest Profile or Student Profile in our Digital Channel, you will be asked to furnish specific Personal Information. You will also be asked to provide a password each time you login. Once you have created a Guest Profile or Student Profile, we may add online session data to your Guest Profile or Student Profile on subsequent visits to our Digital Channel. When you provide information, including revised information to your Guest Profile or Student Profile, we may use the information you provided to update other databases maintained by us.
HOW AND WHEN WE SHARE YOUR PERSONAL INFORMATION
School/ college
- Government Authorities: We may share the Personal Information of students to relevant government authorities to fulfill any legal obligations and/or requirement we may have. In case of international students, we may share your information with appropriate government authorities including to act as your sponsor for visa or other facilitation purposes.
- Third-Party Partner Education Agency and Hotel or Other Organization: We may share the Personal Information of students to third-party hotel or other organization in order to proceed with student recruitment, internship, trainee program, school trips and outing.
- Partner School and Institutions: We may share the Personal Information of students to our partner school and/or institutions who have collaborated with us for a joint degree in order to evaluate and issue the joint certificate and/or diploma to the students who attend the course.
Social Media Platforms: Where you choose to interact with us through social media, your interaction with these programs typically allows the social media company to collect some information about you through digital cookies they place on your device and other tracking mechanisms. In some cases, the social media company may recognize you through its digital cookies even when you do not interact with their application. Please visit the social media companies’ respective privacy policies to better understand their data collection practices and controls they make available to you.
- Hospital and Medical Organization or Personnel: We may share the Personal Information of students to family nurses, doctors or social service organisations where sharing is in the vital interests, or where not sharing could have a negative impact on the individual.
- Service Providers: We may share the Personal Information to service provider that are necessary for School to deliver the admissions, administration, teaching and learning, pastoral development, students benefits/ social care and child protection services
- Franchisor: We may share the Personal Information of students to our franchisor education institutions who have granted us the license to operate the institutions in order to evaluate and issue the certificate and/or diploma to the students who attend the course.
- Financial Institutions: We may share Personal Information to any financial institutions, charge or credit card issuing companies, credit information or reference bureau, or collection agencies necessary to establish and support the payment of any services being requested. Personal data may also be disclosed to any person or persons that have a right under local law to gain access to such information provided they are able to prove their authority to access such information.
Other Uses and Disclosures
We will use and disclose Personal Information as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements; (d) to enforce our terms and conditions; (e) to protect our operations, such as in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Dusit business, assets or stock (including any bankruptcy or similar proceedings); (f) to protect the right, privacy, safety or property of Dusit, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
We may use and disclose other data for any purpose, except where we are not allowed to under applicable law.
Non-Dusit group entities
This Privacy Policy does not address, and we are not responsible for the privacy, data, or other practice of any entities outside of the Dusit group, including franchisees, owners, property management companies, authorised licensees, strategic business partners, or any third party operating any site or service to which the service link, payment service, loyalty program, or website that is the landing page of the high-speed internet providers at our properties. The inclusion of a link on the online service does not imply endorsement of the linked site or service by us. We generally have no control over, and are not responsible for, any third party’s collection, use and disclosure of any Personal Information. We are not responsible for the data collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including with respect to any Personal Information you disclose to other organization through or the DusitApp or our social media pages.
TRANSFER PERSONAL INFORMATION OUTSIDE OF THAILAND
Dusit is a global organization and provides a global service. Sharing data cross-border is essential to the Service so that you receive the same level of service wherever you are in the world. As a result, we will, subject to law, transfer or share Personal Information collected in connection with the Service, to entities in countries where data protection standards may differ from those in the country where you reside. By making a reservation, visiting or staying at Dusit property or using Dusit brands service, you understand that we transfer your Personal Information Globally. The data controller may also maintain a local copy of your personal information when so required by applicable laws or regulations. Although the data protection law of various countries may differ from those in your country, we will take appropriate steps to ensure that your Personal Information is handled as described in this Privacy Policy and in accordance with the law.
All transfers of Personal Information between countries will be subject to the terms of this Privacy Policy and in compliance with PDPA.
DATA SECURITY MEASURE
Dusit adopts the high-standard security system in both technology and procedures to prevent any possible data theft. Dusit implements various measures to protect its computer system (such as firewall, Intrusion Detection, Data Encryption, Virus Scanning, Secure Socket Layer, Cookies, Auto Log off), though substantial investments, effort and human resources as to ensure that Dusit achieves high-standard measures and your personal data remains safe.
Although Dusit makes its best efforts to protect personal data with our technical mechanism along with the management by our personnel to control access and keep personal data against unauthorized access, Dusit cannot always guarantee the security and confidentiality of personal data from every incident that may arise, such as virus threat and unauthorized access. A data subject should regularly keep up with technology news, install personal firewall software to prevent his computer from threat or data theft.
HOW DO YOU ACCESS/REVISE YOUR PERSONAL INFORMATION
You may request to access/revise your Personal Information held by us by taking the following steps:
If you are a Dusit Gold Member:
Step 1: Access your member profile account at www.dusitgold.com/login,DusitApp or other applications
Step 2: Enter your membership number or email address as your ID and password registered with the Dusit Gold Programme
Step 3: The system will take you to access your Personal Information held by us. This will take a few moments.
Step 4: Once accessed, you may revise and update your Personal Information and choose to opt in or opt out of your newsletter subscription
Step 5: You can contact our Dusit Gold Service Centre via email at CS@dusit.com
If you are non-Dusit Gold Member, Students & Prospective Students:
Step 1: Contact our Corporate Office:
- Via e-mail at CS@dusit.com
- Via letter with attention: Data Protection Officer, at the following address:
Dusit International,
319 Chamchuri Square Building, 29thFloor,
Phayathai Road, Pathumwan,
Bangkok 10330, Thailand - Mark as =
- “Personal Information Request from a Guest” if you are a Guest at the hotel, restaurant, or spa, together with your first name and last name and telephone number
- “Personal Information Request from a Student” if you are a Student, together with your first name, last name, student ID number and telephone number
Step 2: Wait for our staff to contact you. This may take a few days.
Step 3: To identify you as the owner of the Personal Information requested
Our staff will require you to produce some form of photo identification (copy of a government-issued identification with signature, passport, driver’s license or Student ID Card), home or business address, phone number, information of your stay with Dusit Hotels & Resorts, and details of products purchased. You will also be asked to sign a request form.
If you are a Residence owner:
Please follow the above steps for hotel Guests. However, we cannot guarantee that your Personal Information held by us is the same or different from that stored or held by third-party developers of the Dusit Branded Residence(or the authorised agent).
The above information is required to create an audit trail of how the request has been handled. Where a request is made, any correspondence or application may be kept and added to your personal information.
Dusit Hotels & Resorts reserves the right to decline access to your Personal Information under certain circumstances. If your Personal Information is not disclosed to you, you will be provided with the reasons for non-disclosure.
HOW LONG IS YOUR PERSONAL INFORAMTION RETAINED
We will retain your Personal Information as long as it is necessary for the purpose of data processing. After that, we will erase and destroy your Personal Information except as may be required, by applicable laws, or for protection of our interest. In general, your Personal Information will be kept for a maximum period of 10 years or otherwise longer if it is specifically provided by law.
HOW DO YOU KNOW IF THERE ARE CHANGES TO THIS PRIVACY POLICY
Our Privacy Policy may change from time to time without prior notice. We will post the revised policy on our Digital Channel or other channel e do normally contact you so you are always aware of how we treat Personal Information.
HOW IS PERSONAL INFORMATION AFFECTED BY BUSINESS TRANSFERS
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part. The new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us.
In the event that any of your Personal Information is to be transferred in such a manner, you will not be contacted in advance and informed of the changes. (When contacted you will not, however, be given the choice to have your data deleted or withheld from the new owner or controller.)
WHAT LAWS APPLY TO THIS PRIVACY POLICY
Dusit does business worldwide as Dusit and is a Thai public company limited, incorporated under the laws of Thailand. As such, laws and regulations in respect of data privacy protection apply to our company. We uphold the requirements of these laws and regulations in handling all the Personal Information in whichever establishment they were received. We will take necessary precautions to ensure that collected Personal Information is accurate, complete and kept up to date. Each Dusit establishment, including its related activities such as fitness, spa and restaurant, Residences, Dusit Thani College and other educational institutes, also complies with the local privacy laws of the jurisdiction where the establishment is located.
YOUR CHOICE
We will not contact you for marketing purposes by email, phone or text messages unless you have given your prior consent. We will not pass your details to any third parties unless specified otherwise in this Privacy Policy. When we are processing your Personal Information based on your consent, you have the right to withdraw that consent at any time. This may affect the service that we can make available to you but this will be explained in the consent form.
YOUR RIGHT
If you would like to request to access, ratify, delete, restrict the use of, or object to processing of you Personal Information that you have previously provided to us, or if you would like to receive an electronic copy of your Personal Information or purpose of transmitting it to another company (to the extent these right are provided to you by law), please visit our form [here]. If you have any questions about the form or our process, feel free to contact us as described in this Privacy Policy.
For your protection, we only fulfill requests for the Personal Information associated with the email address and/or loyalty account number that you identify in your request, and we may need to verify before fulfilling certain requests. When permitted by law, we may charge an appropriate fee to cover the costs of responding to your request.
Dusit acknowledges and respects our quests’ privacy and we will try to comply with your request and we will comply with your request as soon as reasonable and consistent with applicable law.
TO WHOM DO WE DIRECT QUESTIONS OR CONCERNS REGARDING THIS PRIVACY POLICY
Questions or concerns regarding this Privacy Policy should be directed to the Data Protection Officer by writing to the following address:
Attention to: Data Protection Officer
Dusit International,
319 Chamchuri Square Building, 29thFloor,
Phayathai Road, Pathumwan,
Bangkok 10330, Thailand
Mark as
- “Question on Privacy Policy from a Guest” if you are a Dusit Gold Member or Guest at the hotel, restaurant or spa:together with your first name and last name and telephone number
- “Question on Privacy Policy from a Student” if you are a Student, together with your first name, last name, student ID number and telephone number
Email: CS@dusit.com