Book Now

Best Rate

Book Now

Privacy Notice

Privacy Notice

April 1, 2021

Mandarin Hotel Bangkok (“We,” “Us,” “Our”) has a measure to protecting your Personal Data. We shall ensure you that your Personal Data is handled in accordance with the Personal Data Protection Act B.E. 2562 (2019) in Thailand (“Thai PDPA”) and other applicable laws.

  1. Definitions

Terms and Definitions used in this Privacy Notice are set out in the details as below:

Personal Data: means as specified in clause 2 “Types of Personal Data Collected”.

Data Controller: means a natural or legal person who has powers and duties to make decision regarding the collection, storage, usage and disclosure of Personal Data.

Data Processor: means a natural or legal person who proceeds the collection, storage, usage or disclosure of Personal Data according to the order or on behalf of Data Controller; however, such natural or legal person who proceeds such activities is not Data Controller.

Data Subject: means any individual person who can be identified, directly or indirectly, via Personal Data.

Person: means a natural person.

Business Partners: means a natural or legal person who directly or indirectly controls us, is controlled by us, owns us, is owned by us, manages us, is managed by us; including any legal entities whom we discloses, transfers, or receives Personal Data, for example, consulting and law firms, telemarketing companies, co-brand partners, correspondent banks, recruitment agencies, business alliances, external service providers (suppliers, vendors, outsources) and/or government affairs or regulators in order to comply with applicable laws.

DPO: Data Protection Officer.

  1. Types of Personal Data Collected

Personal data refers to information about an individual from which that person can be identified whether by either a direct or an indirect means. However, Personal Data does not include information of deceased person and anonymous data.

Personal data includes:

  1. Identity Data: data about individuals which can be used to identify specific individual, whether by a direct or an indirect means such as name, surname, date/ month/ year of birth, gender, ID number, driving license number, passport number and marital status.
  2. Contact Data: such as email address and phone number.
  3. Sensitive Data: such as ethnicity, beliefs, religion, health information (including food and general allergies) and biometric data, including criminal history data. In the event that we have unintentionally received it and has no intention to collect such data, and the data is not intended to be used to facilitate your stays at our hotels, We will not process your sensitive data.
  4. Financial and Transactional Data: such as bank account number, credit card number and debit card number, monthly income and payment information.
  5. Technical and Usage Data: such as IP Address, login information, website browsing information, cookie ID, device types, platforms, and other technologies used to access the our websites.
  6. Profile Data: such as username and password, purchase history, interests, likes and information from survey responses.
  7. Marketing and Communication Data: such as your preferences in receiving marketing materials from us, and from third party. These also include contact information you have with us, such as tape record when contact is made via contact center or from other social media channels.

Personal Data excludes:

  1. Personal Data which is publicly available at the point of collection.
  2. Business contact information such as business phone number and business address.
  3. Anonymous data.
  4. Deceased Person.

We also collect, storage, use, and disclose aggregated data, such as statistical, and demographic information. The aggregated data may be derived from your Personal Data; however, the data is not considered as Personal Data since it cannot be used to identify a specific individual. For example, we may use some of your information after the process of anonymization in order to create statistical information of people who make a reservation through our website. We are aware that the data used must not be able to revert to identifiable information. If the data is then able to be used to identify a specific individual, we will consider it as Personal Data and processed in accordance with this Privacy Notice.

  1. Third-party Links

Our website may lead you to a third-party website when you access the website. Such action may allow other websites to collect, store, use, or disclose your Personal Data. We are not responsible for any processing activities of Personal Data occurred on other websites. Hence, we encourage you to read the privacy notice of every websites you visit, for the interests of your data privacy.

  1. Legal Basis

We will process your Personal Data under following legal basis:

However, if you do not provide Personal Data to us, it may affect your inconveniences and may not be in compliance with our contract. Furthermore, it may affect certain legal compliance which can result in penalties.

  1. Purpose of Personal Data Processing

As our customers, we collect, storage, use, or disclose your Personal Data, for the following purposes;

However, the collection, storage, usage, or disclosure of Personal Data will be processed on legal basis. We may process your Personal Data on different legal basis, depending on the purpose of data processing.

  1. Personal Data Disclosure

We may disclose your Personal Data to government agencies and our Business Partners for the purposes stated in clause 5 “Purpose of Personal Data Processing” and government affairs or regulators in order to comply with the law.

  1. Cross Boarder Transfer of Personal Data

We will not transfer personal data outside Thailand unless the personal data is protected with the same or higher standard of protection under this Notice. In the event that we have necessity to send or disclose customers’ personal data internationally, we will create personal data protection agreement or contract with the contracting partner in that country.

  1. Data Security

We classify your Personal Data as confidential information and apply various security measures to be responsible for maintaining the confidentiality and safety of customer Personal Data in accordance to the agreements.

  1. Data Retention

We will retain your personal data for as long as necessary to achieve the purposes for which we have collected it for. If you have ended your business relationship with us, we will retain your personal data in accordance with our Privacy Policy, for a period of 10 years, or as required by law, in order to ensure the provision of products or services to you, and for legal purposes. However, at the end of the said period, we will destroy your personal data.

  1. Data Subject Rights

You have rights under the Personal Data Protection law that you should be aware of. You can make a request by using the contact channel provided in the section “11. Contact Us.” We will process your request as soon as possible, which may take up to 30 days or more, depending on the volume and complexity of the request.

  1. Contact Us

If you wish to exercise data subject rights or if you have any question or complaint, you can contact us via:

Book Now