This website https://www.prideinn.co.ke (“Website”) is made available to you by PrideInn Hotels, Resorts & Camps, hereinafter referred to as “PrideInn”, “we” or “us”. We comply with data protection legislation such as the EU General Data Protection Regulation which regulates the processing of personal data relating to you and grants you various rights in respect of your personal data.
1.What is Personal Data?
I. When is what kind of data stored and processed for what reason?
- Use of the Website
Whenever you navigate our Website, data is collected and processed about you. We collect the following data:
- Information related to the browser or device you use to access our website
- IP address
- Country you are browsing from
- Browsing habits, including sites visited
- Other demographics and statistical information
The data is collected through the session cookies (with regard to cookies see also below) we use on our Website. It is anonymised, before we use it to build anonymous utilisation profiles, for marketing purposes and to optimise our Website and the services we provide. This data shall not be used in order to identify the visitor of this Website personally.
- Interacting with us
Every time you interact with us (e.g. booking a room through our Website, by phone or through a third party provider, posting a comment on our blog, signing up for our newsletter) we may collect and process the Personal Data you provide to us.
a. Booking a room
When you book a room, we collect Personal Data, which includes:
- Your selected hotel
- Your selected dates
- Number of rooms in the reservation
- Number of people in the reservation (adults and children)
- Age of children
- The rate/special offer selected
- Any add-on packages selected
- Your full name
- Your address, including city and country
- Your e-mail address, and
- Your credit card details
- Frequent Flyer Information
- Arrival Information
- Room, Bed type and/or other preferences
- Option to join the PrideInn loyalty program
We use this Personal Data to handle your reservation and to establish and fulfill our contract with you. This includes verifying your identity, taking guarantee and/or payment information, and sending stay-related and/or marketing communication.
We take the protection of your Personal Data very seriously and therefore have kept the mandatory required fields to a minimum.
b. Newsletter and Special Offers
If you provide your contact information to us (e.g. when booking a service with us or when signing up for our newsletter via our Website), we may use this Personal Data to send you our newsletters and details of other special offers which may be of interest to you, based on previous interactions with us (e.g. bookings).
If you sign up for our newsletter via our Website, you are required to provide your email address only. When you sign up for the newsletter via our website, you will receive an email to reconfirm your interest in staying in touch (double opt-in). Any additional information is voluntary and will be used solely for a personalisation of the newsletter.
By providing your email address and subsequent confirmation via the double opt-in, you consent to receiving our newsletter. You can revoke your consent and opt out of receiving the newsletter at any time by clicking on the unsubscribe link included in every newsletter. Moreover, you also have the possibility of unsubscribing in your personal profile under “data protection”. For any further objections, kindly address the contact stated at the end of this policy.
We also include web beacons in HTML-formatted e-mail newsletters in order to count how many newsletters (or particular articles, links, etc.) are being accessed, and on our website to count users who have visited these pages.
c. “Contact Us” Functionality
You can get in contact with us via our Website by using the “Contact Us” functionality, or by telephone. To contact us you are required to provide the following information:
- Your full name
- Your zip code
- Your telephone number and your e-mail address,
- Your enquiry, and
- Recaptcha, to confirm you are an actual person, and not a robot
Any additional information (e.g. home address) is provided voluntarily.
We use your information to reply to your enquiry.
d. Communications Provider
You can also get in contact with us via different communication channels (such as Twitter, Viber, WeChat, Telegram etc., hereafter referred to as “Communications Provider”) if you have any enquiries which you would like us to address. You will find an overview of the respective Communications Provider through which you can get in contact with us (i) in our pre-arrival communications with you, (ii) on the landing page of our central communications hub (iii) on leaflets including this information, which we may provide to you on hotel level.
Kindly note that those Communications Provider independently control your Personal Data which is being communicated on these channels, i.e. how they process your Personal Data solely lies within their responsibility. We do not have influence on the collected data and data processing operations conducted by such Communications Provider. Information on the purpose and scope of data collection and its processing by the Communications Provider can be found in the respective data protection policies of these Communications Provider, where you will also find further information on your rights and options for privacy protection.
Additionally, to facilitate our reply and to communicate with you in real-time on the respective communication channel, your enquiries sent to us through this communication channel will be centralized in one central communication hub. We are responsible for the processing of your Personal Data on this central communication hub. This hub and your enquiries can be accessed by our relevant staff in charge. We use your information only to reply to your enquiry.
e. PrideInn Blog
In our PrideInn Blog we publish articles on travelling. The blog allows you to post public comments. If you submit a comment, it will be published with the corresponding blog post and your username. Posting comments on our blog is entirely voluntary.
When you comment on a blog post, we collect and store the following Personal Data:
- Website URL
- Your Comment
We use this Personal Data to post the comment on the blog page.
3. Processing of Personal Data to personalise your stay at PrideInn
We may collect and process Personal Data about you if it is relevant for your stay in a PrideInn hotel or if it is in your interest. We may collect and process certain additional data to personalise your stay upon your express request and consent (please below under 3.a.)
a. Your consent to our ‘Personalise your Stay’ option
You have the option to enable PrideInn to find out more about you to improve your unique and personal experience by opting for the “personalise your stay” option. Only if you have expressly consented to this option we are permitted to conduct further research on you, in particular on publicly available social media entries and the internet. We do not undertake any research, in particular on social media or the internet if we have not obtained your express consent for this option.
If you consent to the “personalise your stay” option we may undertake additional research and record and use respective information to make your stay more personal. For example, we may collect information on your sports preferences such as in relation to golf or football to provide you, in our sole discretion, with relevant information in this regard (e.g. a golf course next to the hotel or a football match in proximity to the hotel), or your social media profiles to find out your favourite flowers or wine to allow us to provide you, in our sole discretion, with comforts or other conveniences tailored to you.
We will not collect any information which is embarrassing to you or inappropriate under, or not compliant with, local standards, conventions and habits or which are incorrect.
You may withdraw your consent at any time for the future by contacting us under the details of the contact section XII below.
b. Personal data collection without your express consent
If you have not provided your express consent to the “personalise your stay” option, we do not undertake additional research and do not record and use respective information. In such cases the Personal Data we collect is limited to information we have gained from you personally or by hotel personnel during your stay at the hotel and to information which is relevant for the stay at a PrideInn hotel (e.g. preferences to rooms, beds, food, and wine if obtained at the hotel). We do not undertake any additional research on you in this case, in particular no research on social media or the internet.
III. Sharing Personal Data
Your Personal Data may be shared:
Within the PrideInn group and with our PrideInn hotels to establish and fulfill our contract with you or to the extent you consented to such sharing of data, for example. This includes verifying your identity, taking payments getting in contact and communicating with you.
With our commercial partners in the event that you book an event or an activity organised by such commercial partners.
With our third party service providers who process your data on our behalf. PrideInn ’s third party service providers hosting providers (including Amazon Web Services), and providers of data analysis, IT services, and other similar services requested by PrideInn to provide the Website and other business-related services to you. Any data processing on our behalf complies with the applicable laws.
We will not transfer your personal data to third party recipients, unless you consent to such transfer of data or such transfer is permitted under applicable law.
IV. Transfer of Personal Data to a 3rd Country
Where information is transferred outside Kenya, we will ensure that appropriate safeguards are implemented. If your Personal Data is transferred to a country that is not subject to an adequacy decision by the EU Commission or the Personal Data Protection Commission of Singapore, data is adequately protected by EU Commission approved standard contractual clauses, or a third party’s Binding Corporate Rules.
V. Social Media Buttons
On our Website we use the following social media plug-ins integrated through cookies: Facebook, Google My Business, Twitter, LinkedIn and Instagram. The plug-ins can be identified by the social media buttons marked with the logo of the provider of the respective social media networks
We have implemented these plug-ins using the so-called 2-click solution. This means that when you navigate on our Website, Personal Data will initially not be collected by the providers of these social media plug-ins. Only if you click on one of the plug-ins will your Personal Data be transmitted: By activating the plug-in, data is automatically transmitted to the respective plug-in provider and stored by them (in the case of US providers your Personal Data will be stored in the USA). We neither have influence on the collected data and data processing operations conducted by the providers, nor are we aware of the full extent of data collection, the purposes or the retention periods.
The plug-in provider stores the data collected about you as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) for the purpose of presenting need-based advertising and to inform other users of the social network about your activities on our Website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6(1)(f) GDPR.
The data is passed on regardless of whether you have an account with the plug-in provider and are logged in. If you are logged in with the plug-in provider, your data collected by us will be directly assigned to your account with the plug-in provider. We recommend that you log out regularly after using a social network, but especially before activating the button, as you can then avoid being assigned to your profile with the plug-in provider.
Information on the purpose and scope of data collection and its processing by the plug-in provider can be found in the respective privacy policies of these providers, where you will also find further information on your rights and options for the protection of your personal data.
VI. Integration of YouTube Videos
What are cookies?
A cookie is a data file, which often includes a unique identifier, that is sent to your browser from a web server and is then stored on the hard drive of the device you are using to browse the website. Each website you visit can send its own cookie to your browser if your browser’s preferences allow it, but to protect your privacy your browser only permits a website to access cookies it has already sent to you, not cookies sent to you by other websites.
You can find more information about the categories of cookies we generally use and the purposes for which we use them through this link. For the individual cookies of each category, we have further set forth the cookie name, duration of the operation of the respective cookie, description of what this cookie does and, if applicable, what personal information is concerned as well as the name of the third party(ies) having access to the cookie.
How to control and delete cookies
With the banner, we offer you a convenient option of rejecting or approving individual cookies or groups of cookies generally used on the Website. You can also block and delete cookies at any time by changing settings on your browser. To manage cookies, most browsers allow you to accept or reject all cookies or accept only certain types of cookies. Information about the procedure to follow in order to enable or disable cookies can be found on your Internet browser provider’s website via your help screen. You can also find out how to do this, and find more information on cookies at www.allaboutcookies.org. for information on how to manage cookies within commonly used browsers. Please be aware that if cookies are disabled, not all features of the Website may operate as intended. If you would like more information about interest-based advertising, including how to opt-out of these cookies, please visit http://youronlinechoices.eu/.
VIII. Google Analytics
Google recommends that its users provide end-users with some specific information. Below is a summary of Google’s statement to fulfil this recommendation:
IX. What Kind of Security Measures for The Compliance With Data Protection?
We strive to maintain the appropriate standards of security and we have put in place robust technical and organisational measures for the protection of your Personal Data in accordance with the current state of the art technologies, especially to protect the data against loss, falsification or access by unauthorized third persons. For the transfer of particularly sensible Personal Data via the internet, such as for example credit card details, we exclusively use encrypted transmission routes and we comply with the Payment Card Industry Data Security Standards (PCI DSS) which is a set of policies and procedures intended to optimise the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.
However the transmission of information via the internet is not completely secure. So, whilst we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website. Any transmission is at your own risk. Once we have received your personal data we will use strict procedures and security features to prevent unauthorized access. As far as third parties (i.e. external companies) are rendering data processing services for us, we have committed them to the compliance with our data privacy regulations. The external service providers are supervised by our Global Data Protection Manager in terms of compliance with these regulations.
X. Your Rights
In respect of the collection and use of your personal data, you may:
– Withdraw your consent at any time for example by unsubscribing from the newsletter under “data protection”,
– Ask us whether we processes Personal Data about you, for which purposes, the categories of Personal Data concerned, to which categories of recipients the information has been disclosed, where possible, the envisaged period for which the personal data will be stored (or, if not possible, the criteria used to determine that period),
– Enquire with us about the appropriate safeguards relating to the transfer to a third party,
– Have inaccurate data rectified,
– Object to the further processing and request erasure of your Personal Data,
– Request that the processing of your personal data is restricted by PrideInn,
– Request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
If you have any further questions on your personal data which has been stored with us or would like to exercise your rights please refer to our Global Data Protection Manager via the contact details stated below.
XI. Retention and deletion of Personal Data
We will retain your personal data only for a limited period of time needed to fulfill the purposes of processing mentioned above. After that time your personal data will be erased. If we process your personal data based on your consent we will retain your personal data for a limited period of time needed to fulfill the purposes of processing it.
Where we enter into a contract with you , we will keep your information for the duration of the contractual relationship you have with us, and, to the extent permitted, after the end of that relationship for as long as necessary to perform the purposes set out in this notice. The criteria to determine the storage period are statutory and contractual requirements, the nature of our relationship with you, the nature of the data concerned and the technical requirements. Laws may require us to hold certain information for specific periods.
Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data so that we can respect your request in future.
In other cases, we may retain data for an appropriate period after any relationship with you ends to protect itself from legal claims, or to administer its business.
XIII. Who is the Contact Person For Questions and/or Problems Relating to The Data Protection?
Please contact our Global Data Protection Manager at webmaster@prideInn .co.ke
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.