Privacy Policy

  INTRODUCTION.

   What does this privacy notice cover?

 Our long-term vision is to be the company of choice for guests, owners and talent. And because people are at the heart of our business, we fully recognize the       importance that privacy and data protection represent to all our guests. Therefore, we are committed to respecting and protecting your privacy rights and your choices   and to treating your Personal Data with the utmost care in all circumstances.

 We have designed our Privacy Notice to provide transparency into our privacy practices and principles in a format that is easily understandable and readable. If you     have  any doubt our question about this document, please feel free to reach out to DataProtection@radissonhotels.com at any time.

 This Privacy Notice explains how we process the Personal Data we collect about you: 

• • – when you make a reservation at one of our hotels,

• • – when you stay at one of our hotels,

• • – when you join our Radisson Rewards Loyalty Program, or

• • – when you use our website or otherwise interact with us (e.g.; through social media)

   When you resort to any of our services and/or by agreeing to this Privacy Notice, e.g., when you book a hotel room with us or stay at one of our hotels, you understand      and acknowledge that we will collect and use Personal Information as described in this Privacy Notice.

  Please note that a separate privacy policy applies to all human resources-related matters.

  Who we are and how to contact us?

  Chillaru Hotel Group (“Chillaru”, “we”, “us” and “our”) is an international hotel group operating and developing over 1,100 hotels in 95 countries throughout Europe, the       Middle East, Africa, Asia and Oceania under nine distinctive brands.

  Depending on who you are or how you interact with us, your Personal Data are processed by different entities of Radisson and/or for different purposes.

  Chillaru Hospitality Belgium SRL (See Annex 1 for Contact Details) is the Chillaru entity acting as data controller for all Reservation Data and Guest Data; among other     things, it operates a central reservation system and manages Radisson’s marketing activities. It also maintains a global database of guests who (have) stay(ed) in hotels  under a Radisson brand. 

Chillaru Loyalty Management SRL (See Annex 1 for Contact Details) is the Chillaru entity that operates the Radisson Rewards Loyalty program and related activities; it is the data controller for all Personal Data pertaining to that program, i.e., Member Data.

In addition, when you stay at one of our hotels, that hotel will process your Personal Data as independent data controller for its own purposes. In that respect, it is important to note that the Radisson portfolio of hotels includes leased, managed and franchised hotels, all operating under a Radisson brand. Leased and managed hotels are operated by a Radisson entity. Franchised hotels are operated by entities that are separate from Radisson; franchised hotels may have their own separate privacy notice.

PERSONAL DATA

What personal Data do we collect?

Personal Data, or Personal Information, means any information or pieces of information that could identify you directly (e.g., your name) or indirectly (e.g., through your email address or telephone number). Personal Data may include a name, an (email) address, a telephone number, credit card information, reservation details, preferences, age, gender, or occupation, among other things. The Personal Data that we collect, and how we collect it, depends on how you interact with us. Generally, we process Reservation Data, Guest Data and Member Data: 

• • – Reservation Data means all information pertaining to a reservation made for one of our hotels, regardless of the booking channel you used (e.g., via our Website, App, an online travel agency or directly with the hotel). Examples of Reservation Data include your contact details, reservation details (reservation number, hotel name, dates of your stay, rate, meal plan), personal preferences or billing/financial information; 

• • – Guest Data means all information pertaining to you as a guest who stayed or is staying in one of our hotels. Guest Data may include your contact details, biographical information (such as your gender and birth date), reservation history, personal preferences, claims and complaints you have made or marketing communication preferences;

• • – Member Data means all information pertaining to you as a registered member of our Radisson Rewards loyalty program. Member Data may include your contact details, biographical information (such as your gender and birth date), membership information (such as your tier and status, amount of reward points, points redemption, enrolment date and channel), reservation history, personal preference or member profile (such as usual reason for travelling, stay length, meal plan, booking channel)

For a complete overview of the Personal Data we process about you, as well as our interaction-specific data processing activities, and our processing purposes, please refer to our “List of Personal Data Processing Activities”, in Annex 2.

How do we collect your personal data?

We might collect or receive Personal Data from you via our Website, App, social media channels, customer care or when you stay at one of our hotels. Sometimes you give this Personal Data to us directly (e.g., when you check-in or check-out at a hotel, when you create an account, when you contact us), and sometimes we collect it (e.g., using cookies to understand how you use our Website and App).

In some circumstances we may also receive Personal Data about you from third-party sources such as travel booking platforms, travel agents and/or credit card providers.

These third-party sources may also include publicly available sources of information. In particular, we may receive or collect Personal Data from social networks when you engage with our content, or from online platforms when you provide a review about your stay and/or our services (e.g., on Tripadvisor.com, Booking.com, Google, etc.). 

How we use your personal data?

We process your Personal Data based on the following legal grounds, as permitted by applicable law:

• • – to fulfill our obligations under a contract with you, or to take steps prior to entering into a contract with you (e.g., when you make a reservation with us or create a Radisson Rewards account);

• • – to comply with a legal obligation (e.g., when you check-in, we may need to collect your personal identification details; when you check-out, we need to keep your transaction information to comply with our tax and financial reporting);

• • – when it is in our legitimate business interest to use your Personal Data (e.g., to operate, evaluate and improve our organization; to prevent and protect us and others against fraud, unauthorized transactions, claims and other liabilities; to ensure compliance with company policies and industry standards);

• • – based on your consent (e.g., when you opt in to subscribe to our marketing newsletters). 

Our use of your Personal Data depends on who you are and how you interact with us. Click here for a list of the ways that we use your Personal Data, and which of the reasons we rely on to do so. (Annex 2)

We will only process special categories of Personal Data (e.g., race or ethnicity; health-related data) when you request us to do so (i.e., when we have your explicit consent) or in exceptional circumstances and where we have a legal basis to do so (e.g., to protect your vital interests).

Please contact DataProtection@radissonhotels.com if you have any questions about how we collect and use your Personal Data.

Transferring your personal data?

You understand and agree that we may transfer Personal Data to other jurisdictions as necessary for the purposes described in this Privacy Notice. In particular, we will transfer your Personal Data to the hotels you have booked which may be located in jurisdictions that may not provide the same level of data protection as the jurisdiction in which your Personal Data was originally collected. We may also transfer your data to the U.S. because our main servers are located there. 

When we transfer your Personal Data to other countries or jurisdictions, we will protect that data as described in this Privacy Notice and in accordance with applicable law. Where required under applicable law, we will put in place binding contractual obligations with the data recipient to safeguard your data protection rights. Furthermore, we will notify any data transfer and/or data transfer mechanisms to the competent Supervisory Authority where required under applicable law.

With respect to transfers originating from the European Economic Area (“EEA”) to the United States and other non-EEA jurisdictions, we implement standard contractual clauses approved by the European Commission, and other appropriate solutions to address cross-border transfers as required or permitted by Articles 46 and 49 of the General Data Protection Regulation. Please contact DataProtection@radissonhotels.com, if you have any questions with respect to the safeguards we have put in place to protect your Personal Data when we transfer this (including how to obtain a copy of or consult these safeguards).

Sharing your personal data

When we share your Personal Data as described below, we will take the necessary steps to ensure that any third-party recipients have implemented reasonable security mechanisms to protect your Personal Data.

a. We do not disclose your Personal Data to third parties for their own direct marketing purposes

We do not disclose your Personal Data to third parties for their own direct marketing purposes. However, if you direct us to share your Personal Data with third-party sites or platforms, such as social networking sites, these third-party sites or platforms could potentially use your data for marketing reasons.

b. We may share your Personal Data within the Radisson group

Your Personal Data may be accessed within Radisson. This means that we may share your Personal Data across the Radisson group of companies, which includes affiliates and subsidiaries. Access will always be controlled on a need-to-know basis, and only provided where it is necessary to provide you with requested services or to allow us to perform any necessary or legitimate functions (including for operational, management, administrative, supervisory or evaluative purposes).

c. We may share your Personal Data with hotels operating under a Radisson brand, and vice-versa

We may share your Personal Data with hotels operating under a Radisson brand. For instance, when you make a reservation for a hotel room, that reservation will be centrally managed by Radisson Hospitality Belgium SRL and then shared with the hotel you booked so that they can accommodate you and manage the contractual relationship with you (invoicing, payment, booking management etc.); if you are a Radisson Rewards member, or a returning guest, we will share your account details with the hotel where you are staying for them to grant you the benefits linked to your member status, or facilitate your check-in. Likewise, hotels operating under a Radisson brand may share your Personal Data back with us, for instance when you make a booking directly with the hotel or have special requests or make a complaint with the hotel.

As mentioned above, the Radisson portfolio of hotels includes leased, managed and franchised hotels. 

• • – Leased and managed hotels are operated by Radisson or one of its affiliated companies. The data sharing with leased and managed hotels generally remains within Radisson Hotel Group who operates the hotels.  

• • – On the contrary, franchised hotels are operated by third parties that are separate from Radisson. Therefore, your Personal Data is shared with such third parties within the framework of their franchise agreements with Radisson.

d. We may share your Personal Data with owners of Radisson managed hotels

Managed hotels are operated by Radisson but belong to third-party owners. Within the framework of their contractual relationship, some of your Personal Data may be shared with the owners under a joint controllership agreement or may be transferred to them in their capacity of independent controllers. 

We share data with owners of Radisson managed hotels essentially for the purpose of maintaining the hotel accounting system, including, without limitation, books of accounts, guest records and front office records. 

You can request more information regarding the nature of the relationship between Radisson and the owners of Radisson managed hotels, as well as the name of such owners, by contacting DataProtection@radissonhotels.com.

e. We may share your Personal Data to our trusted third-party suppliers who may process it on our behalf

We rely on trusted third parties to perform a range of business operations on our behalf. We always use our best efforts to ensure that all third parties we work with will keep your Personal Data secure. We only provide them with the information they need to perform the service, and we require that they do not use your Personal Data for any other purpose.  For example, we may entrust services that require the processing of your Personal Data to:

• • – Suppliers that provide customer care assistance for reservations, complaint handling and/or loyalty operations;

• • – Third parties that assist and help us in providing digital services (such as online check-in and check-out), identity management, or ratings, reviews and surveys;

• • – Advertising, marketing, digital and social media agencies to help us deliver advertising, marketing, and campaigns, to analyze their effectiveness;

• • – Third parties that assist and help us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications;

• • – Payment service providers and credit reference agencies for the purpose of assessing your credit score and verifying your details where this is a condition of entering into a contract with you;

• • – Lawyers, auditors, financial advisors, and other third-party service providers in connection with their services to Radisson. 

f. We may also disclose your Personal Data to other third parties

If Radisson or a part of its assets are acquired by a third party, Personal Data we hold relating to those assets will be one of the transferred assets. In such cases, your Personal Data will be processed by the buyer acting as the new controller and its privacy policy will govern the processing of your Personal Data.

We may also share your Personal Data with partners of our Radisson Rewards loyalty program when you choose to redeem your points with one of them.

Finally, we may disclose your Personal Data to any regulatory, statutory, governmental or other relevant authorities, agencies or bodies and industry regulators, and any other person to whom Radisson is compelled, required or permitted to do so by law, rules or regulations, legal process or litigation, or to any person pursuant to any order of a court of competent jurisdiction or comparable legal process.

How to protect your personal data

We protect your Personal Data and implement reasonable security measures including physical (e.g., secured filing cabinets), technical and organizational security measures appropriate to protect your Personal Data against unauthorized or unlawful processing and against any accidental loss, destruction, or damage.

In particular, we operate data networks and systems protected by industry standard security measures and we make use of secure protocols over untrusted networks to protect the transmission of your Personal Data. Access to this information will be provided only to authorized individuals for legitimate business purposes.

In addition, access to your Personal Data is restricted to staff and service providers on a need-to-know basis. 

While we endeavor to always protect our systems, sites, operations and information against unauthorized access, use, modification and disclosure, due to the inherent nature of the Internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others.

Please contact DataProtection@radissonhotels.com if you have any questions about how we protect your Personal Data.

How long do we keep your Personal Data?

We hold on to your Personal Data for as long as necessary to achieve the processing purposes described in our “List of Personal Data Processing Activities”.

This means, for instance, that we no longer store your Personal Data when our (contractual) relationship with you comes to an end, unless further storage is permitted or required under applicable law. 

To determine the retention period of your Personal Data, we consider several criteria, including:

• • – The purpose for which we hold your Personal Data;

• • – Our legal and regulatory obligations in relation to that Personal Data, for example any financial reporting obligations;

• • – Whether our relationship with you is ongoing, for example, you have an active Member account, you continue to receive marketing communications, or you regularly browse our Website or Apps);

• • – Any specific requests from you in relation to the deletion of your Personal Data; and

• • – Our legitimate interests in relation to managing our own rights, for example the defense of any claims.

When we no longer need to use your Personal Data, it is removed from our systems and records, or anonymized so that you can no longer be identified from it.

YOUR PRIVACY RIGHTS

What are your rights regarding your personal data?

The EU General Data Protection Regulation (GDPR) grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. 

Generally, you have the following rights:

• • – Information. You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data, and your rights. This is why we are providing you with the information in this Privacy Notice;
  •  Rectification. You have the right to require that any incomplete or inaccurate Personal Data that we process about you is amended;

• • – Deletion. You have the right to request that we delete Personal Data that we process about you, subject to certain exceptions, for instance, where we need to keep your Personal Data to comply with a legal obligation;

• • – Withdrawing Consent. Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose and at your own initiative by logging in to your Member account on our website (if you have one), for commercial communication directly by clicking unsubscribe to the email or by contacting us at DataProtection@radissonhotels.com. The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment when you withdraw your consent. Please note that we may have other legal grounds for processing your data for other purposes, such as those set out in this Privacy Policy;

• • – Access. Subject to certain exceptions, you have the right to access and request a copy of the Personal Data we are processing about you, which we will provide to you in electronic form and/or in writing, or verbally where allowed by applicable laws. Where permissible under applicable laws, we may charge you a reasonable fee for this access request; 

• • – Restriction. You have the right to request that we restrict our processing of your Personal Data under specific conditions; 

• • – Portability. You have the right to request that we transmit the Personal Data we hold in respect of you to you or to another data controller under specific conditions;

• • – Objection. Under certain circumstances described in Privacy Law, especially when we process personal data based on our legitimate interest, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes. 

You can exercise the above rights, where applicable, by contacting DataProtection@radissonhotels.com. We will respond to any of your requests to exercise these above data subject rights within the period prescribed by applicable laws. At our discretion, we may require you to prove your identity before providing the requested information. This is to ensure that your Personal Data is disclosed only to you. We may not be able to appropriately handle your request if you decide not to provide us with the Personal Data that we need to handle your request. If you are a resident of the European Economic Area and are not satisfied with the way we handled your request, or for violations of applicable data protection laws, you may lodge a complaint or file a claim with a competent Supervisory Authority (for example, with the Supervisory Authority in your country or market of residence). 

your marketing choice?

You can control whether to receive direct marketing from us (e.g., which we may send through electronic means, such as promotional emails). In certain markets, you will need to provide us with your consent before receiving marketing communications. For instance, we may ask you to tick a box indicating that you consent to receiving “news via email and commercial offers”. In all markets, you can choose not to receive such communications at any time. If you no longer wish to receive any marketing communications or remain on a mailing list to which you previously subscribed, please follow the unsubscribe link in the relevant communication.

OBLIGATIONS

Your obligations:

We expect that you only communicate Personal Data about yourself to us. If you also communicate Personal Data about other people to us, then you must ensure that you comply with any legal obligations that may apply to your provision of the information to us, and to allow us, where necessary, to use, process and transfer that information. In particular, and subject to local applicable laws, if you use a credit card not issued to you, you confirm that the credit card holder has consented to the use of their credit card in relation to your purchase and has agreed that Radisson may collect, use and disclose their Personal Data for the purpose of processing your booking. 

We also expect that the Personal Data that you communicate to us are correct and that, if your Personal Data require updating, you will promptly inform us.

CHILDREN

children:

We do not knowingly collect or solicit Personal Data from anyone under the age of 18 (or minor of age depending on the country) or knowingly allow such persons to book a room in one of our hotels. In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. 

If you believe that we have or may have information from or about a child under 18 years of age, please contact us at DataProtection@radissonhotels.com.

CHANGES

Changes to the privacy notice?

We may update this Privacy Notice from time to time. We will notify you of any significant changes by posting those changes here or by notifying you through other appropriate communication channels we generally use with you. Any changes to this Privacy Notice will be considered effective immediately after the changes are posted on this Website unless otherwise indicated.

The Privacy Notice was last revised on June 07, 2023

ANNEX DOCUMENTS

Radisson Hospitality Belgium SRL is the Radisson entity acting as data controller for all Reservation Data and Guest Data; it is responsible for the Radisson central reservation system and manages Radisson’s marketing activities. It also maintains a global database of guests who (have) stay(ed) in hotels under a Radisson brand. Radisson Hospitality Belgium SRL is a company incorporated under Belgian laws, registered at the Belgian Crossroads Bank for Enterprises with company number 0442.832.318, having its registered seat and its offices at Avenue du Bourget 44, B-1130 Brussels, telephone number: +32 2 702 9200, email: DataProtection@radissonhotels.com.

Radisson Loyalty Management SRL is the Radisson entity acting as data controller for all Member Data; it is responsible for the management of the Radisson Rewards Loyalty program and related activities. Radisson Loyalty Management SRL is a company incorporated under Belgian laws, registered at the Belgian Crossroads Bank for Enterprises with company number 0766.994.341, having its registered seat and its offices at Avenue du Bourget 44, B-1130 Brussels, telephone number: +32 2 702 9200, email: DataProtection@radissonhotels.com.

Radisson Leased and Managed Properties. When you stay at one of our leased or managed hotels, your Personal Data may also be processed independently by the Radisson legal entity operating said hotel (the “Hotel Operator”). Hotel Operators vary from country-to-country and/or hotel, but are always affiliated with Radisson Hospitality Belgium SRL and Radisson Hotel Group. The exact name and contact details of the Radisson legal entities acting as Hotel Operators can be obtained upon request to DataProtection@radissonhotels.com. Please note that franchised hotels are operated by entities that are separate from Radisson; franchised hotels may have their own separate privacy notice.service.

CancellationPolicy

30 Days Prior to Check-In: No Cancellation Charges

15-30 Days Prior to Check-In: 50% of the full amount would be charged as retention.

15 Days Prior to Check-In / No Show: 100% of the full amount would be charged as retention.