Official Website

Ri-Yaz Hotels & Resorts’s Privacy Policy in

Ri-Yaz Hotels -  -

Rights and duties

Official website of Ri-Yaz Hotels & Resorts in

Ri-Yaz  


Privacy Policy 


RI-YAZ GROUP (“RI-YAZ”, “we”, “us”, “our”) is committed to ensure that your personal  data which we collect about you when you visit our website (www.ri-yaz.com) (“Site”)  is protected  and  secured  in  accordance  with  applicable  privacy  and  data  protection  laws. 


The  personal  data which  you  provide  us  now  or  from  time  to  time  will  be collected, processed and used by us, in accordance with  this Privacy Policy (as amended, varied,  revised from time to time). In the event of any amendment, variation or revision, a copy  of  the new Privacy Policy will be sent  to you by email or other methods which RI-YAZ  deem suitable.  



  1. Types of personal data collected 


1.1. Information you provide to us: 


We  collect  personal  data  (including where applicable  sensitive  personal  data)  you provide directly to us. This includes: 


1.1.1. your  full  name  and  contact  information,  passport  and  visa  information; 


1.1.2. guest stay information, including the hotels where you have stayed,  date of arrival and departure, goods and services purchased from us,  special requests made, your service preferences, telephone numbers  dialled and email, faxes, telephone and other messages received; 


1.1.3. your credit card, mobile payment and other payment details; 


1.1.4. your membership information, account details, profile or password  details  and  any  frequent  flyer  or  travel  partner  programme  affiliation; 


1.1.5. any  information  necessary  to  fulfill  special  requests  (for  example,  leisure, travel and guest preferences); 


1.1.6. your  reviews,  feedback  and  opinions  about  our  hotels,  resorts,  programmes and services;


1.1.7. information  collected  through  the  use  of  closed  circuit  television  systems and other security systems; and 


1.1.8. any other personal data you choose to provide to us. 


1.2. Information we collect automatically when you use the Site: 


When you access or use our Site, we automatically collect personal data about  you, including: 


1.2.1. system log information about your use of the Site, including the type  of browser you use, access times, pages viewed, your IP address and  the page you visited before navigating to our Site; 


1.2.2. device information about the computer or mobile device you use to  access our Site, including the hardware model, operating system and  version, unique device identifiers (such as, IP address, IMEI number,  the  address  of  the  device's  wireless  network  interface,  or  mobile  phone number used by the device) and mobile network information; 


1.2.3. information about  the location of your device each  time you access  or  use  our  Site  or  otherwise  consent  to  the  collection  of  this  information. 


1.3. Information collected by cookies and other tracking technologies: 


We and  our  service  providers  use  various  technologies  to  collect information,  including cookies and web beacons. Cookies are small data files stored on your  hard  drive  or  in  device  memory  that  help  us  improve  our  Site  and  your  experience,  see  which  areas  and  features  of  our  Site  are  popular  and  count  visits. Web beacons are electronic images that may be used in our services or  emails  and  help  deliver  cookies,  count  visits  and  understand  usage  and  campaign effectiveness. 


1.4. Information We Collect From Other Sources: 


We  may  also  obtain  personal  data  from  our  hotels  and  from  our  third  party  service providers (such as information relating to the credit of guests) and from  public sources and combine  that with information we collect  through our Site  where we believe that it is necessary to help manage our relationship with you. 


1.5. Where  you  provide  personal  data  of  third  parties  (for  example,  names  and  contact details of your  family members in connection with bookings or  family 


memberships),  you  confirm  that  you  have  their  consent  to  provide  their  personal data to us. We recommend you show them this Privacy Policy.  



  1. Purpose of personal data collected 


2.1.   The personal data collected may be processed for the following purposes: 2.1.1. to process and complete reservation and other purchases; 


2.1.2. to administer  and  operate  voluntary  membership  and/or  loyalty  programs; 


2.1.3. provide you with access to the content on our Site; 


2.1.4. respond  to  your  enquiries  and  requests  for  information  and  services; 


2.1.5. for  our  internal  business  purposes,  such  as  data  analysis,  audits,  developing  new  products  and/or  services,  enhancing  the  Site,  improving  our  services,  identifying  usage  trends  and  visiting  patterns, determining effectiveness  of  our promotions and meeting  contractual obligations;  


2.1.6. for direct or indirect marketing purposes; 


2.1.7. other legitimate purposes as determined by RI-YAZ; 


2.1.8. for  administrative  purposes,  including  to  send  you  billing or  payment  receipts and  to  notify  you  of  any  changes  to  our  terms,  conditions, policies or other administrative information; 


2.1.9. to  comply  with  legal  and  regulatory  requirements  or  demands  in  accordance  with  applicable  law,  a  court  order,  subpoena,  or other  legal process; 


2.1.10. other  additional  purposes  as  described  to  you  when  you  provide  such information to us. 



  1. Disclosure of Personal Data 


3.1. We may share your personal data:   


3.1.1. between and among RI-YAZ and a limited number of our affiliates as  are relevant for the above purposes and to facilitate the operation of  our business, but we shall only do so on a need to know basis; 


3.1.2. with the operator of the hotel or the hub of hotels which you book,  stay or visit for the above purposes; 


3.1.3. with third-party payment processors, payment service providers, IT  and  marketing  support  service  providers  and  other  consultants,  vendors and service providers who need access to such information  to carry out work or provide services on our behalf or who help us  to provide the Site to you; 


3.1.4. with  anyone  involved  in  the  process  of  making  your  travel  arrangements  (e.g.  travel  agents,  group  travel  organisers  and  your  employer) in order to fulfill contractual obligations; 


3.1.5. with any law enforcement, courts, government or regulatory bodies  (in whatever jurisdiction), or otherwise in response to a request for  information  if  we  believe  disclosure  is  in  accordance  with,  or  required  by,  any  applicable  law,  regulation,  court  order  or  legal  process; 


3.1.6. if we believe your actions are inconsistent with our user agreements  or  policies,  or  to  protect  the  rights,  property  and  safety  of RI-YAZ,  our affiliates or others; 


3.1.7. in  connection  with,  or  during  negotiations  of,  any  merger,  sale  of  company  assets,  financing  or  acquisition  of  all  or  a  portion  of  our  business  by  another  company,  or  any  change  of  management  of  a  hotel; 


3.1.8. with  our  advisors,  which  includes  our  accountants,  auditors,  lawyers,  other  professional  advisors  and  business  contacts  for  the  purpose  of  assisting  us  to  better  manage,  support  or  develop  our  business and comply with our legal and regulatory obligations; 


3.1.9. with any other party at your consent or at your direction; and


3.1.10. otherwise  as  permitted  or  required  by  applicable  laws  and  regulations. 


3.2. We  may  also  disclose  aggregate  or  de-identified data  that  is  not  personally  identifiable with third parties, including our commercial and strategic partners. 


3.3. We  shall  not  disclose  your  personal  data  without  your  permission  except  in  accordance to the terms and conditions herein or legally entitled to do so or if we  may so determine that it would be necessary to protect and/or defend our rights,  property or personal safety and those of our customers or any other party. 



  1. Consent to collection and processing of personal data 


4.1. By visiting the Site, you:  


4.1.1. declare that you have read, understood and accepted the statements  set out in this Privacy Policy;  


4.1.2. declare  that  the  information  provided  are  accurate,  complete  and  true and when such information becomes incorrect or outdated, you  shall correct or update such information; 


4.1.3. are  giving  your  consent to  your  personal  data  being  collected  and  processed in the manner described in this Policy; 


4.1.4. consent  to  the  transfer  of  your  personal  data  between  RI-YAZ and  third  parties as  set  out herein  and  in  the  manner  and  extent as  permissible in law; and  


4.1.5. consent to the transfer of your data to locations outside of Malaysia  or  disclosure  to  the  third  parties,  who  may  be  located  within  or  outside Malaysia.  



  1. Security of your personal data 


We  implement  reasonable  administrative,  organisational  and  technical  safeguards  and  security  measures  to  protect  personal  data  within  our  control  from  unauthorized  access,  acquisition,  disclosure,  destruction  or  alteration,  accidental  loss,  misuse  or  damage.  We  regularly  review  and  monitor  such  safeguards and security measures.



  1. Retention of personal data 


6.1. To the extent required by law, we take reasonable steps to destroy, or de-identify  or  redact, personal data in a secure manner when we no longer need it  for  the  purposes  for  which  it  was  collected  (as  set  out  in  this  Privacy  Policy)  and  retention is no longer necessary for legal or business purposes. In any event, we  do  not  retain  your  personal  data  for  longer  than  six  (6)  years,  subject  to  local  laws and regulations. 



  1. Access to your personal data 


7.1. You are entitled  to  the  following rights from our data protection officer, whose  contact details are as set out in paragraph 8 below:  


7.1.1. right of access to your personal data by requesting for a copy of your  personal data; and 


7.1.2. right of rectification to correct and/or update your personal data. 


7.2. You  may  also  withdraw  your  consent  to  receiving  direct  marketing  communications,  or more generally  to  our  processing  of  your  personal  data, at  any  time, and  you may in  certain  circumstances ask  us  to  delete  your  personal  data. However, we may not be able  to continue providing services  to you if you  entirely withdraw your consent or ask us to delete your personal data entirely. 



  1. Contact details of our data protection officer 


Address : L-1-8,  Block  L,  Plaza  Damas,  Jalan  Sri  Hartamas  1,       50480 Kuala Lumpur. 


Email : info@qashrewards.com 


Telephone No : 03-62119180 


Fax No : 03-62119186 



  1. Language 


This Policy has been drawn up in both  the English and Malay languages.  In  the  event  there  is  any  conflict,  dispute  or  divergence  between  the  two  texts,  the 


English version shall prevail. For the avoidance of doubt, the Malay version is for  translation purposes only and does not affect the interpretation of this Policy. 


[The remainder of this page is intentionally left blank]