The Waterfront Hotels and Casino and its subsidiaries (hereinafter referred to as “Hotel”, “Us”, “Our”, and “We”) have a strong commitment to provide protection of our customers’ Personal Data from any breaches or unauthorized use of Personal Data in compliance with the Data Privacy Act of 2012 or otherwise known as Republic Act (R.A.) 10178 as governed by the National Privacy Commission (NPC).
The term “Personal Data” refers to any personal information that can be used to identify you as an individual. It can include, among other things, your name, contact number, address, age, gender, passport or other identification document details, driver’s license details, personal financial information, frequent flyer or travel partner information, and other personal information as defined by the Act.
This notice applies to all clients/customers whose Personal Data are collected and processed by Waterfront Hotels and Casinos.
This notice explains:
- How do we collect your Personal Data?
- How do we use information about you?
- How do we transfer information about you?
- How do we store and dispose information about you?
- Your rights as data subject
- Notifications in case of breach of information
- Where do I go for further information?
- HOW DO WE COLLECT YOUR PERSONAL DATA
1.1 When you request for a particular service from us, we may or will ask for your Personal Data (e.g., name, address, and contact information) for us to process your transaction. Below are the activities where we will or may collect your personal data:
- When making a reservation
Upon receipt of your reservation inquiry, our Front Office (FO) personnel will redirect you to our Central Reservations Office (CRO), who will then book your reservation details in our computer system. On the other hand, for walk-in customers, our FO personnel will check for room availability in our records and proceed with the check-in/registration process once you have agreed with the accommodation package offered.
- During check-in/registration
Our FO personnel will retrieve your guest profile or reservation details in our computer system to check for your reservation or existing records. We will collect your personal information through our Registration Card and you will be requested to present one (1) valid ID for identity verification.
Should you be a first time guest of the Hotel, our FO personnel will create your profile using the information you have provided in the Registration Card and the ID that you have presented will be scanned and uploaded in our computer system.
- During your stay at the Hotel
You may avail any of our hotel products and services during your stay at the hotel. In which case, to process your requested service, you may be required to provide your personal information on the following activities:
- Housekeeping Services. Our Room Attendants will collect your Personal Data when you request for the following services:
- Laundry Services (either in-house or outsourced) – Your personal information will be obtained in the Valet Service Form or equivalent document.
- Loan/Requested Item – Your Personal Data will be obtained through our Loan/Requested Items Form as documentation of your request and acknowledgement of receipt of the items loaned/requested.
- Wellness Activities/Programs. Your Personal Data will be collected during your registration in any of our wellness activities/programs such as Pool and/or Gym Membership, Sports Performance and Rehabilitation, and Massage Center.
- Transportation Arrangements. Our FO personnel will collect your Personal Data for the purpose of booking your transportation details (e.g., pick up from airport, transport drop-off location, time and date, flight booking) with our in-house or accredited third party transportation service provider.
- Food and Beverage Services. When you avail of our products and services in any of our hotel outlets/restaurants, we will collect your Personal Data for the purpose of recording your transactions (i.e., cash/credit payment, availment of complimentary breakfast, or charging of bills to room accommodation) with us.
- We also value your opinion. We have Guest Feedback Forms placed in your assigned room, reception area, and restaurants that you can accomplish to provide your honest feedback about our products and services.
Should you opt to answer our Feedback Forms, you will have to seal it for privacy and security purposes. You may also drop the feedback form in the designated drop box located at the reception area. However, you may also place or leave the feedback form in your assigned room, which will be collected by the Room Attendants during check-out, or submit it to our Restaurant Staff, if feedback is solicited or voluntarily provided to the Outlet/Restaurant.
- You have the option to choose which personal information you are comfortable to share with us. However, if you choose not to provide the personal information that we need/mandatory in processing your transaction, we may not be able to process the requested services or complete your transaction.
- HOW DO WE USE INFORMATION ABOUT YOU?
2.1 Hotel services. Your Personal Data will be used by the Hotel to fulfill our services and to serve you as our valued customer. Users of your Personal Data will be limited only to those personnel authorized, as part of their duties and responsibilities.
- Housekeeping – Your Personal Data will be used by our Room Attendants, Housekeeping Coordinator(s), and Housekeeping Manager, to fulfill housekeeping activities such as room cleaning, laundry services, charging of mini-bar consumptions, loans/requested items, and lost and found notification.
- Wellness Programs – Your Personal Data will be used when you avail or enroll in any of our wellness programs which includes Massage Center, Pool Use and/or Membership, City Gym Use and/or Membership, and Sports Performance and Rehabilitation. Your Personal Data will serve as our records to enable us to provide the requested services, document your transaction, and appropriately charge fees to your account.
- Transportation Arrangements – Your Personal Data will be utilized by our authorized transportation service provider to pick-up and transport you on the date, time, and location requested, and to appropriately charge transportation fees to your account.
- Food and Beverage Services – Your Personal Data will be used by our outlet/restaurant Receptionists/Cashier to determine if you have complimentary meals, document your transaction, and appropriately charge fees to your account.
- Feedbacks Summary – Your Personal Data and feedbacks on our products and services will be collated by our Corporate Standardization Department to determine areas for improvement, recognize commended peers, and to address your concerns as our valued customer.
- Luggage Monitoring – Your Personal Data collected during check-in will be utilized to account and monitor luggage and other personal belongings that you have placed under our care prior or during your check-in or check-out in the hotel.
2.2 Accounting Purposes. Your Personal Data including the transactions that you have entered into during your stay at the hotel will be used by our Finance Department to record your itemized spending, verify/audit validity of these transactions, properly charge fees to your account, and record all settled and unsettled fees.
- Marketing Purposes. Using your contact information, the Hotel may send you e-mails or texts regarding our promotions or special offers. It is however our intention to only send you marketing communications that you may want to receive. Therefore, every time you receive an e-mail or text, we will provide you the option to subscribe or unsubscribe to all our future communications.
- Financial Audit. In preparing our financial reports, we will or may provide documents or files that may bear your personal information to our external auditors, who are engaged to check for the consistency, accuracy, and validity of our financial records.
- Other Business Process. Your information will be used by our Revenue Manager for customer inventory/statistics, revenue forecasting, rate assessment or adjustment, and for preparation of internal reports (e.g., Profit and Loss Report, and Market Segment Production).
- HOW DO WE TRANSFER INFORMATION ABOUT YOU?
3.1 Your information may be shared through email or by any other means available by any of our authorized personnel across all properties of Waterfront Hotels and Casinos in the Philippines, if deemed necessary for our business purpose, as listed below:
- Waterfront Cebu City Casino Hotel, Inc.
- Waterfront Mactan Casino Hotel, Inc.
- Waterfront Wellness Group, Inc.
- Waterfront Entertainment Corporation
- Waterfront Insular Hotel – Davao
- Acesite (Phils.) Hotel, Inc. (Manila Pavilion Hotel)
- Acesite Leisure and Entertainment Corporation
- We may disclose your information to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with applicable laws or regulations. This may include disclosures outside the country, if necessary. As part of our commitment to protect your personal data, we will review and use your information to determine whether disclosure is required or permitted.
- The Hotel ensures that Personal Data shared through email or by any other means available are protected with our IT or manual systems and controls in place to mitigate the risk of data breaches. We ensure you that all our employees across all properties are well-informed of the Data Privacy Act and their responsibilities as Personal Information Controllers/Processors, particularly in sharing your personal information.
- HOW DO WE STORE AND DISPOSE INFORMATION ABOUT YOU?
4.1 We may retain your personal data in various forms such as paper file or electronic file. Only authorized personnel and yourself are allowed to access your personal data for privacy and security purposes. All of your personal data collected and documented in various official Waterfront Forms/Templates will be filed by the designated custodians in a locked storage room for the security and protection of your personal information. On the other hand, Personal Information in electronic forms will be retained in our computer systems which we have employed with information security controls.
4.2 We will keep your personal information within 3 years from the date of your last transaction with us or for as long as there are unsettled fees, required by laws or regulations, and/or it is needed for a relevant purpose as described in this Notice.
4.3 After the retention period, the Hotel is no longer responsible to keep and provide you with your Personal Data/documents. As authorized, our designated custodian will purge your personal information through shredding of paper files and/or deletion of electronic files in our computer system, or in any other manner which would prevent further processing of your Personal Data.
- YOUR RIGHTS AS DATA SUBJECT
The Hotel acknowledges your rights as data subjects. Thus, customers are entitled to perform any of the following:
- Request a copy of your information or access your information. The Hotel will provide your request in a commonly portable format (e.g., printed copy of any soft copy files you have requested, photocopy of the document you are requesting) for a span of 1 month from date that the prescribed processing fee is paid.
However, the Hotel is not generally required to undertake endless and disproportionate searches for information in order to respond to a request and the Hotel may refuse to your request if:
- The relevant Personal Data is not in the Hotel’s possession or control
- The request is identical or very similar to the one you have recently requested
- The request is obviously unfounded or frivolous
- Harm would arise or likely arise from disclosure, for example, if disclosure would be likely to prejudice a criminal investigation or prejudice someone’s commercial interests
In case your request is declined, we will provide you a formal notification indicating the grounds of declining your request.
- Request for the correction/rectification or deletion of your information, provided that the information is/are not necessary for compliance with a regulatory obligation and it is not necessary to establish, exercise or defend legal claims.
- Object/Restrict processing of your information, provided that Personal Data requested for restriction is not necessary for compliance with a regulatory obligation and it is not necessary to establish, exercise or defend legal claims. This right may be exercised upon discovery and substantial proof that Personal Data was obtained or processed unlawfully.
- File a complaint with the National Privacy Commission (NPC) if any of the DPA provisions regarding security of your personal data, including your rights as data subjects, are violated.
For further knowledge and reference about your rights as data subjects and how can you exercise them, you may visit NPC’s official website at https://privacy.gov.ph/.
- NOTIFICATION IN CASE OF BREACH
In the event your Personal Data is breached, we are prepared to follow any laws and regulations which would require us to notify you of such breach including the quality of information affected.
- WHERE DO I GO FOR FURTHER INFORMATION?
If you have questions about how we use your information, you may contact our Data Protection Team headed by Joson Lim, Data Protection Officer at (firstname.lastname@example.org) or at (032-232-6888 loc. 8123).