Customer privacy protection policy
June 1, 2022
Swissotel Bangkok Ratchada (“We,” “Us,” “Our”) has a measure to protecting your Personal Data. We shall ensure you that your Personal Data is handled in accordance with the Personal Data Protection Act B.E. 2562 (2019) in Thailand (“Thai PDPA”) and other applicable laws.
1. THE ACCOR GROUP’S COMMITMENT TO PROTECTING PRIVACY
We consider you an important customer. Our first priority is to offer you exceptional stays and experiences throughout the world.
Your complete satisfaction and confidence in Accoris absolutely essential to us.
2. SCOPE OF APPLICATION
In this charter, “AccorGroup” means:
Good to know!
You probably don’t know this, but the hotel you are booked to stay in is probably not owned by Accor SA or one of its family of companies. Most Accorbranded hotels are operated under a franchise or management agreement between the hotel’s owner and Accor SA (or one of its subsidiaries across the world).
This is why, when staying in one of these hotels, your personal data will be dealt with by Accor SA and the hotel, both acting as Data Controllers for their own, separate, purposes. In summary:
Accor SA has communicated the principles set out in this charter to all of the Accorbranded hotels and their respective owners. We will do our upmost to ensure that all hotels comply with the applicable data protection laws and this charter in relation to the processing of your personal data.
3. ACCOR’ TEN PRINCIPLES FOR PROTECTING YOUR PERSONAL DATA
In accordance with applicable regulations, in particular the European General Data Protection Regulation, we have instituted the following ten principles throughout the AccorGroup:
For any questions concerning the ten principles of Accordata protection policies, please contact the Data Privacy department whose details appear in the clause “Your rights”.
4. WHAT PERSONAL DATA IS COLLECTED?
At various times, we may collect information about you and/or the persons accompanying you, including the following:
The information collected in relation to persons under 16 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult. We would be grateful if you could ensure that your children do not send us any personal data without your consent (particularly via the Internet). If such data is sent, you can contact the Data Privacy department (see clause “Your rights” below) to arrange for this information to be deleted.
In order to meet your requirements or provide you with a specific service (such as dietary requirements), we may have to collect sensitive information, such as information concerning race, ethnicity, political opinions, religious and philosophical beliefs, union membership, or details of health or sexual orientation. In this case, we will only process this data if you provide your express prior consent.
5.WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
6. WHAT PURPOSES IS YOUR DATA COLLECTED FOR AND HOW LONG DO WE RETAIN IT?
We collect your personal data for the purposes of:
7. CONDITIONS OF THIRD-PARTY ACCESS TO YOUR PERSONAL DATA
The AccorGroup operates in many countries and we endeavour to provide you with the same services throughout the world. Thus, we have to share your personal data with internal and external recipients subject to the following conditions:
In particular, the data related to your stays, preferences, satisfaction and, if the case may be, your loyalty program membership are shared between the hotels operating under the AccorGroup brands. This data is used to improve the quality of service and your experience in each of these hotels. In this context, your data is processed jointly by Accor SA and these hotels. In order to pursue this legitimate interest, whilst safeguarding your rights and liberties, a specific joint controllership agreement describes the obligations and responsibilities of Accor SA and these hotels. You may, at any time, object to the sharing of this data between the hotels and Accor SA by contacting the Data Privacy department whose details appear in the clause “Your rights”. You can also request a summary of the key points of the joint controllership agreement.
8. PROTECTION OF YOUR PERSONAL DATA DURING INTERNATIONAL TRANSFERS
For the purposes set out in clause 6 of this charter, we may transfer your personal data to internal or external recipients who may be in countries or regions offering different levels of personal data protection.
Consequently, in addition to implementation of this charter, Accor employs appropriate measures to ensure secure transfer of your personal data to an Accor entity or to an external recipient located in a country or region offering a different level of privacy from that in the country or region where the personal data was collected.
Your data may be sent, in particular as part of the reservation process, to Accorhotels located outside of the European Union, in particular in the following countries/regions: South Africa, Algeria, Andorra, Angola, Saudi Arabia, Argentina, Australia, Bahrain, Benin, Brazil, Cambodia, Cameroon, Canada, Chile, China (including Taiwan Region, Hong Kong Special Administrative Region and Macau Special Administrative Region), Colombia, South Korea, Ivory Coast, Cuba, Egypt, United Arab Emirates, Ecuador, United States of America, Fiji, Ghana, Guatemala, Equatorial Guinea, India, Indonesia, Israel, Japan, Jordan, Kuwait, Laos, Lebanon, Madagascar, Malaysia, Morocco, Mauritius, Mexico, Monaco, Myanmar, Nigeria, New Zealand, Oman, Uzbekistan, Panama, Paraguay, Peru, Philippines, Qatar, Democratic Republic of Congo, Dominican Republic, Russia, Senegal, Singapore, Switzerland, Chad, Thailand, Togo, Tunisia, Turkmenistan, Turkey, Ukraine, Uruguay, Vietnam, Yemen.
Other than those that are required to carry out your reservation, data transfers to countries having different levels of personal data protection, are regulated by standard contractual clauses defined by the European Commission.
9. DATA SECURITY
Accor SA takes appropriate technical and organizational measures, in accordance with applicable legal provisions (in particular: Art. 32 GDPR), to protect your personal data against illicit or accidental destruction, alteration or loss misuse and unauthorized access, modification or disclosure. To this end, we have taken technical measures (such as firewalls) and organizational measures (such as a user ID/password system, means of physical protection etc.) to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. In relation to the submission of credit card data when making a reservation, SSL (Secure Socket Layer) encryption technology is used to guarantee a secure transaction. Organizational measures ensure the security of the processing.
11. YOUR RIGHTS
You have the right to obtain information about and access your personal data collected by Accor SA, subject to applicable legal provisions. Also you have the right to have your personal data rectified, erased or have the processing of it restricted. Furthermore you have the right to data portability and to issue instructions on how your data is to be treated after your death (hopefully as late as possible!). You can also object to the processing of your personal data, in particular to the sharing of the data related to your stays, preferences and satisfaction between the hotels operating under the AccorGroup brands.
In the event that you wish to exercise any of your above rights, please contact the Data Privacy department for the AccorGroup directly by sending an email to firstname.lastname@example.org or by writing to the address below:
Département Protection des Données Personnelles (Data Privacy Department)
82, rue Henri Farman -ACC 1208
92445 Issy-les-Moulineaux – FRANCE
For the purposes of confidentiality and personal data protection, we will need to check your identity in order to respond to your request. In case of reasonable doubts concerning your identity you may be asked to include a copy of an official piece of identification, such as an ID card or passport, along with your request. A black and white copy of the relevant page of your identity document is sufficient.
All requests will receive a response as swiftly as possible.
You may also exercise your rights in respect of your personal data that is stored and processed by a hotel as a data controller. To do this, you must contact the hotel directly. You will find all necessary information to contact a hotel on all.accor.com. If you need any assistance, please contact AccorData Privacy Department by writing to email@example.com or to the above postal address.
You also have the right to lodge a complaint with a data protection authority. For your information,
You can contact Accordata protection officer by writing to accorhotels.dpo(at)accor.com or to the above postal address.
If you are in Australia or New Zealand and have a complaint about how we collect, hold, use or disclose your personal data, you can also contact firstname.lastname@example.org.
We may modify this charter from time to time. Consequently, we recommend that you consult it regularly, particularly when making a reservation at one of our hotels.
13. QUESTIONS AND CONTACTS
For any questions concerning The Accor Group’s personal data protection policy, please contact the Data Privacy department (See clause “Your rights”).
Swissotel Bangkok Ratchada ☆☆☆☆☆
204 Ratchadapisek Road, Huay Kwang, 10320 Bangkok