Personal data refers to all types of personal information, sensitive personal information and privileged information. Personal information refers to “any information, whether or not recorded in any form, from which the identity of an individual is apparent or can reasonably and/or directly be ascertained by the entity holding the information, or, when put together with other information, would directly and certainly identify an individual”.
Why do we collect your personal data?
To enable us to comply with our corporate policies in relation to data subjects as well as with the requirements under the Data Privacy Act, it is important that we collect, use, store and retain your personal data only as is reasonable and necessary for a declared and specific purpose stated in the pertinent consent forms.
In general, we are using your data for any of the following purposes:
- To provide you with information about our services;
- To deal with your booking, enquiries, complaints about our service, or other requests;
- To administer your booking and other services;
- To tailor our services to your requirements and preferences;
- To process and respond to any complaints, inquiries and requests made by you;
- For direct-marketing of products and services, advising you of news and industry updates, events, promotions and competitions, reports and other information and carrying out market research campaigns;
- To provide you with information about other products, special offers and services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. This may include products and services made available by selected partners and any member of our group of companies.
- To conduct internal operations and analysis, including systems testing and statistical research.
- To comply with laws, orders or regulations.
To comply with laws, orders or regulations.
Other uses by nature of our transactions
In addition, we may use your personal information depending on your transactions with us in any of the following means:
- When you want to become a part of our team:
- To assess your credentials and suitability for the job you are applying for;
- To communicate with you about your employment application;
- When hired, to process your data necessary for your employment such as, but not limited to, payroll, benefits application, allowances and refunds processing, tax processing, retirement benefits, and other purposes that demand processing of your personal data (e.g., business travels, anniversaries, social activities, emergencies, and so on);
- When hired, for your performance evaluation and career development including seminars, trainings, workshops, and compliance monitoring;
- When hired, to process your data necessary to execute business transactions such as preparation and/or approval of business documents and any other functions that are directly related and/or incidental to your job and that will demand processing of your personal data; and,
- Upon separation, to process your data for the exit interview and preparation of final pay.
- When you inquire or reserve a room/venue/restaurant and other hotel arrangements:
- To provide the services you request, such as to facilitate reservations, send confirmations or pre-arrival messages, to assist you with meetings, events or celebrations, and provide you with other information about the area and the hotel at which you are scheduled to stay;
- To personalize your experience by presenting products, services and other offers tailored to your demand;
- To fulfil contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organizers or your employer) and vendors (e.g. credit card companies, airline operators and third party loyalty programs);
- To administer your request for additional products and services, including those performed by third party such as transportation and catering services;
- To perform all financial processes related to our transaction including set-up of reservation, security deposit, credit application and other incidental charges you incurred during your stay;
- To provide safety and security to hotel guests, staffs and other visitors;
- To conduct appropriate due diligence checks and blacklisting as necessary.
- To perform other processes related to or in connection with our business, including those processing or disclosure that may be required under law or regulations.
- When you are a vendor, a potential vendor, or a contractor:
- To contact you when we require your services;
- To conduct appropriate due diligence checks;
- To evaluate your proposal including your manpower, technical and operational capacity;
- To assess the practicability of your proposal and process your accreditation;
- To communicate the result of your proposal and to execute a letter of award together with the contract;
- To perform any other action as may be necessary to implement the terms and conditions of our contract; and,
- When you transact with us online through our brand website:
- To personalize your viewing experience, we are using/sending cookies to collect contextual information about your visit to the website, including your preferences and settings, to enhance the functionality of the site and user experience.
What type of personal data do we collect?
We collect information to provide you with details and information regarding our product, services, and promotions; as well as to cater to your particular needs and interests through tailor-fitted services and solutions. We process information also to respond to your enquiries or manage future interactive user function. The common type of data collected by EPMC from you, generally includes the following:
- Personal information such as full name, nickname, home addresses/billing address/shipping address, e-mail address, telephone, other personal contact numbers;
- Sensitive personal information such as age, nationality, marital status, gender, and government issued identification document which includes, but not limited to identity (ID) cards, licenses, social security number;
- Employment record such as educational background, employment history, certifications, trainings attended, resume;
- Financial details such as credit history, bank account, credit card, and debit card information you have provided as a result of our transaction;
- Information necessary to fulfill special requests (e.g. health conditions that require special accommodation or services and other guest preferences);
- Guest stay information, including but not limited to, room type, room number, billing arrangement, number of guests, arrival and departure date; and,
Please note that you are responsible for ensuring that all data, whether personal information, sensitive personal information or privileged information, you submit to EPMC is accurate, complete and up-to-date.
How do we collect, acquire or generate your data?
We collect data when you:
- Submit a job application;
- Submit a proposal and related business documents;
- Fill-out our forms and submit necessary documents;
- Submit information through any form on our digital platforms or contact us through our brand website;
- Respond to surveys, promotions, and other marketing and sales initiatives;
- Provide personal information in relation to inquiries, requests, and complaints;
- Enter building premises, we collect your footages and images through our camera surveillance (i.e., CCTV); and,
- Disclose your personal information through phone calls, emails, SMSs or verbal communication with our authorized representatives;
Do our websites use web analytics?
Cookies are small files that our website puts on your browser to store information about your preferences. Cookies can improve your browsing experience by allowing our website to remember your preferences or letting you avoid signing in each time you visit our website. If you don’t want our website to store cookies on your PC, you can block cookies. But blocking cookies might prevent some pages from displaying correctly, or you might get a message from our website letting you know that you need to allow cookies to view our website.
For you to fully enjoy your visit and browsing experience, only unidentifiable web traffic data are collected and analyzed, including:
- Your internet protocol (IP) address;
- The search terms you used;
- The pages and internal links accessed on our site;
- Demographics limited to the date and time you visited the site, including frequency of visits;
- Your operating system; and
- Web browser type.
Use the options in your web browser if you do not wish to receive cookies or you wish to set your browser to notify you when you receive cookies. Click on the “Help” section of your browser to learn how to change your cookie preferences. If you disable all cookies, you may not be able to take advantage of all the features of this website.
What about the links to third-party websites?
Who do we share your personal data with?
As a general rule, we are not allowed to share your data to third party entities, except in limited circumstances as listed below.
By giving your consent, you authorize EPMC to disclose your personal data to accredited/affiliated third parties or independent/non-affiliated third parties, whether local or foreign in any of the following circumstances:
- The use or disclosure is reasonably necessary, required or authorized by or under law (such as for criminal investigation, as requested by court of law).
This means we might provide your personal data to the following:
- Our affiliates, subsidiaries, partner companies, organizations, or agencies including their sub-contractors or prospective business partners that act as our service providers and contractors;
- Law enforcement and government agencies;
EPMC is very sensitive to privacy issues and it is especially careful in its communications with children. EPMC would never directly collect personal data from children without the parent’s consent.
Personal data pertaining to children and collected from their parents is used solely by EPMC or other entities that provide technical fulfillment or other services to EPMC (for example, services intended to improve our services/web sites, and fulfilling requests or administering promotions). These personal data are not sold.
How do we protect your personal data?
- We keep and protect your personal data using a secured server behind a firewall, deploying encryption on computing devices and physical security controls.
- We restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.
- Any personal data that you provide on http://www.theminisuites.com/ is initially processed and stored by the website. Using a secured connection, only authorized EPMC personnel can then access and download your personal data from the system.
- We reveal only the last four digits of your credit card numbers when guaranteeing a reservation. Of course, we transmit the entire credit card number to the appropriate credit card company during processing of reservation.
Where and how long do we keep your personal data?
In general, all data are preserved in accordance with the following retention standards:
- If the data subject has an existing contract and transaction with EPMC, the information will be retained all throughout the contract period and 10 years after its completion.
- If the data subject has no existing contract but has existing transaction with EPMC, the information will be retained during the transaction and 5 years after its fulfillment.
- If the data subject has no existing contract and transaction with EPMC, the information will be retained for a period of 2 years.
Personal data are stored in our facilities located in the Philippines and are retained in accordance with the above parameters, industry standards, laws and regulations, unless you request that your personal data be deleted from our systems, databases and hardcopies immediately. Once deleted, your personal data will no longer be searchable or included in anonymous searches and will be completely removed from all the storage location
The Data Privacy Officer may, however, choose not to grant access or correct information based on the request following laws and regulations. He/she will give the individual a written notice that sets out the reason for the refusal.
How you can access, correct and update the personal data we have about you?
Our contact details are as follows:
Data Protection Officer
8/F PNB Center, 6754 Ayala Ave., Makati City, 1226
You may also lodge a complaint before the National Privacy Commission (NPC). For further details, please refer to NPC’s website: https://privacy.gov.ph/mechanics-for-complaints/.
Any action to a request for correction, erasure and/or objection to process your personal data as it appears in our records is subject to applicable laws and/or the DPA, its IRR and other issuances of NPC.