We Are Committed to Protect Your Privacy
The Sunset Reef Resort and Spa Limited, located at Coastal Road, Pointe aux Piments, Mauritius have a strong commitment to provide quality service to our guests, and potential customers and are further committed to protecting your privacy.
To ensure you can make informed decisions and feel confident about supplying personal data relating to you when purchasing our products and using our services, we provide this policy statement outlining our data collection practices and the choices you have concerning how the data is being collected and used.
The term “Data” refers to any personal information that can be used to identify you as an individual. It can include, among other things, your name, contact number, address, age, gender, passport or other identification document details, driver’s licence details, personal financial information, or travel partner information.
We limit the collection, use and retention of the Data to the specific information we need for legitimate purposes to administer our business, to provide you with quality service and offer various products or services from Sunset Reef Resort and Spa that may be of interest to you.
This privacy statement contains numerous general and technical details about the steps we take to respect your privacy concerns. We have organised the privacy statement by major processes and areas.
1. DATA WE COLLECT AND HOW WE USE IT
2. INTERNAL CONTROLS
3. HOW WE STORE AND TRANSMIT DATA
4. E-MAILS ABOUT SPECIAL OFFERS AND PROMOTIONS AND OPT-OUT
5. NOTIFICATIONS IN THE EVENT OF BREACH
6. OTHER SITES
7. CHILDREN’S PRIVACY
9. LEGAL DISCLAIMER
Data we collect and how we use it
When you request a particular service from us or otherwise interact with the Sunset Reef Resort and Spa, we will ask you to voluntarily provide us with Data that we need. For example, if you would like us to make a reservation at our hotel, we will request for Data such as your name, address, telephone number, e-mail address and credit card information for payment purposes (including credit card number, code and expiry date). We will use your e-mail address to send an e-mail confirmation of your booking and a pre-arrival message summarising your confirmation details and preferences.
For hotel reservations, we may also ask for your travel details (including flight number, arrival and departure dates and time, as well as country/point of origin and destination) and room preferences to better prepare ourselves for your arrival and to serve you better before your departure.
When you browse this website, we do not collect Data unless you voluntarily and knowingly provide it to us, for example by accessing our website from a link in an e-mail that we send to you.
MAKING A RESERVATION AND CHECK-IN AT Sunset Reef Resort & Spa
The Data that you provide to us for making a reservation is made available to the applicable hotel for the purpose of completing your reservation request. We may also need to collect information as required by local laws such as passport numbers, type of entry visa, and driver’s license. Upon check-in, your Data will be verified by our staff and you will be requested to indicate whether you wish to opt in and receive hotel promotional literature. At times, we may make certain Data available to strategic business partners and e-mail service providers for the sole purpose of mailing and dissemination of promotional materials for Sunset Reef Resort and Spa and its related facilities only. Data will not be shared with third parties for their own marketing purposes.
MAKING A RESERVATION THROUGH OUR GLOBAL CUSTOMER SERVICE CENTER OR OUR Resort
You can make a reservation by calling our Global Customer Service Center (GCSC) or by contacting our resort. When making a reservation, you will be asked to provide Data such as your name, address, telephone number, address and method of payment, room preferences and special requests. Data obtained by GCSC will be sent in a secured environment to the resort. If you choose to provide us with your e-mail address, a confirmation and a pre-arrival message of your reservation will be sent to you by e-mail.
DURING YOUR STAY AT A HOTEL
We record your itemised spending to properly assemble your folio during your stay, which includes your room rate and other expenses billed to your room. We also record this information to comply with financial reporting requirements and those imposed by our auditors and government authorities.
MAKING A PURCHASE ON OUR WEBSITE
When making a purchase such as a gift certificate or a Sunset Reef Resort and Spa merchandise, you will be asked to complete a form that includes your name, e-mail address, delivery address and credit card details for payment purposes. When the form is complete, your credit card number will be verified using a checking sequence to complete the transaction. Credit card information and Data are transferred over a Secure Socket Layer (SSL) connection. Doing so protects the confidentiality of your Data while it is transmitted over the Internet. Purchasing transactions are assisted by third party processors who are required by contract to protect the privacy of your Data. SSL is an industry standard for encryption over the Internet to protect Data supplied to us. We will use that information to assist in any inquiries about your transaction.
ACCESSING OUR WEBSITE FROM A WEB-ENABLED MOBILE DEVICES
You can access our website from a web-enabled mobile device to find the Sunset Reef Resort and Spa. In addition, you can download an application to your Apple iPhone/iPod/iPad with additional functionality. You can make a reservation from a web-enabled device. When you make a reservation, you may need to provide certain Data such as name, e-mail address and credit card information for guarantee purposes.
We collect Data such as your name, contact details, and where necessary, credit card information for payment purposes when you make a spa reservation. In addition, we may also collect information relating to your health, allergies and treatment preferences before the spa treatment is commenced to ensure that your spa treatment is conducted under safe conditions.
THIRD PARTY PROVIDERS
This policy statement does not apply to our processing of Data on behalf of, or at the direction of, third party providers (for example, airlines, car rental companies) who may collect Data from you and provide it to us. In this situation, we would merely act as a data processor and thus advise you to review applicable third party providers’ privacy policies before submitting Data.
Please note that the Sunset Reef Resort and Spa will never send you an e-mail requesting your password, credit card number or passport, personal identity card or social security number. If you receive any suspicious e-mails that looks like it is from our group, but asks you for your credit card number or passport, personal identity card or social security number, it is a fraudulent e-mail, or “phishing”. We recommend that you do not reply to the e-mail or click onto any links or pop-up messages and report to the local authorities which handle fraudulent e-mails. If you believe “phishers” have gained access to your personal or financial information, we recommend that you also change your password(s), alert your credit card service provider and bank and review credit card and bank account statements to check for unauthorised charges.
It is important to note that all e-mail communication is not secure. There is a risk inherent in the use of e-mail. Please be aware of this when requesting information or sending forms to us by e-mail, for example, from the “Contact Us” section of our website. We recommend that you do not include any sensitive information including credit card details when using e-mail or using any public computers/public WIFI. Our e-mail responses to you may not include any sensitive or confidential information. Please bear in mind that no security system or system of transmitting information over the Internet is guaranteed to be secure.
To be prudent, it is advisable to always close your browsers when you have finished completing a form or a reservation. Although the session will automatically terminate after a short period of inactivity, it is easier for a third party to gain access to your profile whilst you are logged onto our website and making a reservation.
How we store and transmit Data
AT THE HOTEL AND OTHER GROUP OPERATIONS
Your Data may be shared with entities forming part of the Sunset Reef Resort and Spa. We also have policies and procedures to limit access to Data to authorised personnel only.
OUR CUSTOMER INFORMATION SYSTEM AND RESERVATION SYSTEM
We store certain customer information and reservation details in our Customer Information System and Reservation System. Both systems are secure customer databases stored on a dedicated server which resides behind firewalls to protect the Data collected from you against unauthorised or accidental access and located in a data center hosted by a third party service provider. The stored database includes Data such as guest name, address, phone numbers, position, company name and credit card information. We may also store other information such as your room, food and beverage, other service preferences and transaction history.
IN OUR MARKETING DATABASE
Sunset Reef Resort and Spa maintain a database of customer information which is used for marketing, promotion and research, understanding and analysing customer behaviour and customer profiling to improve our services. You will receive marketing and promotional materials if you have already given your express and specific consent in some data collection forms. You may elect to unsubscribe from receiving future e-mail promotions at any time.
SECURE TRANSMISSION AND STORAGE OF DATA
We treat all Data that you provide to us as confidential information. To prevent Data from unauthorised access or leakage, we have adopted and regularly monitor our group’s security and data privacy policies and procedures. We use SSL protocol – an industry standard for encryption over the Internet, to protect the Data. When you type in sensitive information such as credit card details, it will be automatically encrypted and transferred over a SSL connection. This ensures that your sensitive Data is encrypted as it travels over the Internet. You will know that you are in a secure mode when the security icon (such as a lock) appears in the computer screen.
How long will Data be retained for?
Your Data will be stored for the period of time required or permitted by law in the jurisdiction of the operation holding the information.
Data may be stored by the Sunset Reef Resort and Spa and other group operations as long as required for the business purpose for which these Data are processed.
Notifications in the event of breach
In the unlikely event of a Data breach, we are prepared to follow any laws and regulations which would require us to notify you of the disclosure of private information.
This website is not intended for children and minors and we do not knowingly solicit or collect Data from children and minors. As a parent or legal guardian, please do not allow your children to submit Data without your permission.
Use of the Sunset Reef Resort and Spa websites signifies your consent to the collection and use of your Personal Data as per the terms stated in this policy. Consent is deemed to be on your behalf and on behalf of other individuals you are representing and whose information you submit to the Sites
This privacy statement complies with the Data Protection Act 2004 as well as applicable local laws.
As a local business dealing with local and international clients in different parts of the world, we may need to disclose Data when required by relevant law or court order, or as requested by other government or law enforcement authorities. This also applies when we have reason to believe that disclosing the Data is necessary to identify, investigate, protect, contact or bring legal action against someone who may be causing interference with our guests, visitors, associates, rights or properties (including this site), or to others, whether intentionally or otherwise, or when anyone else could be harmed by such activities.