The Mini Suites Hotel – Privacy Policy


Eton Property Management Corporation (EPMC) respects your privacy and recognizes the need for appropriate measures to protect and manage your personal data entrusted to us. Our Privacy Policy follows, and is consistent with, the Data Privacy Act of 2012 (DPA), its Implementing Rules and Regulations (IRR), other issuances of National Privacy Commission (NPC), as well as other relevant laws of the Philippines.

Personal data refers to all types of personal information, sensitive personal information and privileged information. Personal information refers to “any information, whether or not recorded in any form, from which the identity of an individual is apparent or can reasonably and/or directly be ascertained by the entity holding the information, or, when put together with other information, would directly and certainly identify an individual”.

This Privacy Policy pronounces how EPMC processes (how it collects, uses, shares, and keeps) and protects your personal data. It also provides the steps that you can take should you wish for any change in how we use your personal data, or if you want us to stop using your personal data.


To enable us to comply with our corporate policies in relation to data subjects as well as with the requirements under the Data Privacy Act, it is important that we collect, use, store and retain your personal data only as is reasonable and necessary for a declared and specific purpose stated in the pertinent consent forms.

In general, we are using your data for any of the following purposes:

  • To provide you with information about our services;

  • To deal with your booking, enquiries, complaints about our service, or other requests;

  • To administer your booking and other services;

  • To tailor our services to your requirements and preferences;

  • To process and respond to any complaints, inquiries and requests made by you;

  • For direct-marketing of products and services, advising you of news and industry updates, events, promotions and competitions, reports and other information and carrying out market research campaigns;

  • To provide you with information about other products, special offers and services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. This may include products and services made available by selected partners and any member of our group of companies.

  • To conduct internal operations and analysis, including systems testing and statistical research.

  • To personalize the site for the user and view how and when specific users visit the site, helping us to improve the site. The use of cookies is an industry standard. Cookies are stored on your computer and are used only to view information on your hard drive that was put there by a cookie from this site. If you do not wish to receive cookies you may set your web browser to prevent them; and,

  • To comply with laws, orders or regulations.

To comply with laws, orders or regulations.

Other uses by nature of our transactions

In addition, we may use your personal information depending on your transactions with us in any of the following means:

  • When you want to become a part of our team:

  • To assess your credentials and suitability for the job you are applying for;

  • To communicate with you about your employment application;

  • When hired, to process your data necessary for your employment such as, but not limited to, payroll, benefits application, allowances and refunds processing, tax processing, retirement benefits, and other purposes that demand processing of your personal data (e.g., business travels, anniversaries, social activities, emergencies, and so on);

  • When hired, for your performance evaluation and career development including seminars, trainings, workshops, and compliance monitoring;

  • When hired, to process your data necessary to execute business transactions such as preparation and/or approval of business documents and any other functions that are directly related and/or incidental to your job and that will demand processing of your personal data; and,

  • Upon separation, to process your data for the exit interview and preparation of final pay.

  • When you inquire or reserve a room/venue/restaurant and other hotel arrangements:

  • To provide the services you request, such as to facilitate reservations, send confirmations or pre-arrival messages, to assist you with meetings, events or celebrations, and provide you with other information about the area and the hotel at which you are scheduled to stay;

  • To personalize your experience by presenting products, services and other offers tailored to your demand;

  • To fulfil contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers or your employer) and vendors (e.g. credit card companies, airline operators and third party loyalty programs);

  • To administer your request for additional products and services, including those performed by third party such as transportation and catering services;

  • To perform all financial processes related to our transaction including set-up of reservation, security deposit, credit application and other incidental charges you incurred during your stay;

  • To provide safety and security to hotel guests, staffs and other visitors;

  • To conduct appropriate due diligence checks and blacklisting as necessary.

  • To perform other processes related to or in connection with our business, including those processing or disclosure that may be required under law or regulations.

  • When you are a vendor, a potential vendor, or a contractor:

  • To contact you when we require your services;

  • To conduct appropriate due diligence checks;

  • To evaluate your proposal including your manpower, technical and operational capacity;

  • To assess the practicability of your proposal and process your accreditation;

  • To communicate the result of your proposal and to execute a letter of award together with the contract;

  • To perform any other action as may be necessary to implement the terms and conditions of our contract; and,

  • When you transact with us online through our brand website:

  • To personalize your viewing experience, we are using/sending cookies to collect contextual information about your visit to the website, including your preferences and settings, to enhance the functionality of the site and user experience.


We collect information to provide you with details and information regarding our product, services, and promotions; as well as to cater to your particular needs and interests through tailor-fitted services and solutions. We process information also to respond to your enquiries or manage future interactive user function. The common type of data collected by EPMC from you, generally includes the following:

  • Personal information such as full name, nickname, home addresses/billing address/shipping address, e-mail address, telephone, other personal contact numbers;

  • Sensitive personal information such as age, nationality, marital status, gender, and government issued identification document which includes, but not limited to identity (ID) cards, licenses, social security number;

  • Employment record such as educational background, employment history, certifications, trainings attended, resume;

  • Financial details such as credit history, bank account, credit card, and debit card information you have provided as a result of our transaction;

  • Information necessary to fulfill special requests (e.g. health conditions that require special accommodation or services and other guest preferences);

  • Guest stay information, including but not limited to, room type, room number, billing arrangement, number of guests, arrival and departure date; and,

Please note that you are responsible for ensuring that all data, whether personal information, sensitive personal information or privileged information, you submit to EPMC is accurate, complete and up-to-date.


We collect data when you:

  • Submit a job application;

  • Submit a proposal and related business documents;

  • Fill-out our forms and submit necessary documents;

  • Submit information through any form on our digital platforms or contact us through our brand website;

  • Respond to surveys, promotions, and other marketing and sales initiatives;

  • Provide personal information in relation to inquiries, requests, and complaints;

  • Enter building premises, we collect your footages and images through our camera surveillance (i.e., CCTV); and,

  • Disclose your personal information through phone calls, emails, SMSs or verbal communication with our authorized representatives;


All our websites engage third-party service providers to analyze the web traffic data for us. This service does use cookies or web beacons.

Cookies are small files that our website puts on your browser to store information about your preferences. Cookies can improve your browsing experience by allowing our website to remember your preferences or letting you avoid signing in each time you visit our website. If you don’t want our website to store cookies on your PC, you can block cookies. But blocking cookies might prevent some pages from displaying correctly, or you might get a message from our website letting you know that you need to allow cookies to view our website.

For you to fully enjoy your visit and browsing experience, only unidentifiable web traffic data are collected and analyzed, including:

  • Your internet protocol (IP) address;

  • The search terms you used;

  • The pages and internal links accessed on our site;

  • Demographics limited to the date and time you visited the site, including frequency of visits;

  • Geolocation;

  • Your operating system; and

  • Web browser type.

Use the options in your web browser if you do not wish to receive cookies or you wish to set your browser to notify you when you receive cookies. Click on the “Help” section of your browser to learn how to change your cookie preferences. If you disable all cookies, you may not be able to take advantage of all the features of this website.


From time to time, we will provide links to third-party web sites, or advertisements which contain links to third-party sites. These links are provided as a service to you and we do not provide any personal data to these websites or advertisers, and therefore, we will not accept responsibility for their privacy practices. These sites are operated by independent entities that have their own privacy policies which you should review as well. EPMC’s Privacy Policy does not apply to such other sites or to the use that those entities make of your information. EPMC has no control over the content displayed on such sites, nor over the measures, if any, that are taken by such sites to protect the privacy of your information.


As a general rule, we are not allowed to share your data to third party entities, except in limited circumstances as listed below.

By giving your consent, you authorize EPMC to disclose your personal data to accredited/affiliated third parties or independent/non-affiliated third parties, whether local or foreign in any of the following circumstances:

  • As necessary for the proper execution of processes related to the purposes declared in this Privacy Policy.

  • The use or disclosure is reasonably necessary, required or authorized by or under law (such as for criminal investigation, as requested by court of law).

This means we might provide your personal data to the following:

  • Our affiliates, subsidiaries, partner companies, organizations, or agencies including their sub-contractors or prospective business partners that act as our service providers and contractors;


  • Law enforcement and government agencies;


  • All third parties, as noted in Annex A, with which we share this personal data are required to use your personal data in a manner that is consistent with this Privacy Policy.

However, these companies may only use such personal data for the purposes disclosed in this Privacy Policy and may not use it for any other purpose.


EPMC is very sensitive to privacy issues and it is especially careful in its communications with children. EPMC would never directly collect personal data from children without the parent’s consent.

Personal data pertaining to children and collected from their parents is used solely by EPMC or other entities that provide technical fulfillment or other services to EPMC (for example, services intended to improve our services/web sites, and fulfilling requests or administering promotions). These personal data are not sold.


We take reasonable steps to ensure that the personal data we collect, use or disclose are accurate, complete, and up-to-date. We strictly enforce this Privacy Policy within EPMC and we have implemented technological, organizational and physical security measures to protect your personal data from loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction. We put in effect safeguards such as the following:

  • We keep and protect your personal data using a secured server behind a firewall, deploying encryption on computing devices and physical security controls.

  • We restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.

  • Any personal data that you provide on is initially processed and stored by the website. Using a secured connection, only authorized EPMC personnel can then access and download your personal data from the system.

  • We reveal only the last four digits of your credit card numbers when guaranteeing a reservation. Of course, we transmit the entire credit card number to the appropriate credit card company during processing of reservation.


In general, all data are preserved in accordance with the following retention standards:

  • If the data subject has an existing contract and transaction with EPMC, the information will be retained all throughout the contract period and 10 years after its completion.

  • If the data subject has no existing contract but has existing transaction with EPMC, the information will be retained during the transaction and 5 years after its fulfillment.

  • If the data subject has no existing contract and transaction with EPMC, the information will be retained for a period of 2 years.

Personal data are stored in our facilities located in the Philippines and are retained in accordance with the above parameters, industry standards, laws and regulations, unless you request that your personal data be deleted from our systems, databases and hardcopies immediately. Once deleted, your personal data will no longer be searchable or included in anonymous searches and will be completely removed from all the storage location

The Data Privacy Officer may, however, choose not to grant access or correct information based on the request following laws and regulations. He/she will give the individual a written notice that sets out the reason for the refusal.


EPMC may revise this Privacy Policy as the need arises or when dictated by issuances of the National Privacy Commission or any amendment to the Data Privacy Act. Any change to this Privacy Policy shall be duly posted in this website and will take effect immediately. Data subjects are encouraged to periodically check for such updates. Changes shall not be retroactively applied and will not alter how we handle personal data previously collected without obtaining your consent, unless required by law.


To exercise your rights which include right to access, modify, erase and object to processing your personal data within a reasonable time after such request or should you have any inquiries, feedbacks on this Privacy Policy, and/or complaints to EPMC, you may reach us through our “Contact Us” menu in this website: through a written letter or through an email to our Data Protection Officer (DPO).

Our contact details are as follows:
Data Protection Officer
8/F PNB Center, 6754 Ayala Ave., Makati City, 1226

You may also lodge a complaint before the National Privacy Commission (NPC). For further details, please refer to NPC’s website:

Any action to a request for correction, erasure and/or objection to process your personal data as it appears in our records is subject to applicable laws and/or the DPA, its IRR and other issuances of NPC.