Privacy Policy
General
As a hospitality and leisure operator, it is Infinite Luxury Limited’s mission to deliver excellent service and satisfaction to all of our guests, as well as respect their privacy. To ensure that your personal information is protected and handled appropriately we have prepared this Privacy Policy to inform you of our method to manage your personal information which we obtain through the information pack request form and the online booking process. This Privacy Policy is part of Infinite Luxury Ltd, the parent company for NAKAMANDA whose terms and conditions govern our services. Please take a moment to thoroughly read the sections below.
When you use certain online services of NAKAMANDA site, including but not limited to the online reservation, online booking form and information pack request form, we may ask you to provide certain information which relates to you by filling out and submitting the online forms.
Type of information collected
Personal information is the information related to the guest details that we request from all guests when making a reservation, for example first and last name, title, mailing address, passport number, date of birth, nationality, travel plan, booking dates, e-mail address, telephone and fax number, diverse preferences regarding accommodation and travel habits and other personal identifying information (‘Personal Information’). This Personal Information will be collected, processed and stored within the Infinite Luxury guest database in accordance to this Privacy Policy.
Purpose of Collection
We collect personal information to communicate our news, events and promotions, including our products and services which we think may be of interest to our guests. We may also use such information for market research and quality control, as well as for statistical and analysis purposes, in order to deliver particular services or products which are in response to our guest’s needs. Personal information will not be used for communication outside recognised business relationship guidelines.
Customer’s Consent
By providing personal information in the registration card or through the online booking process, you are considered to have provided us express consent to obtain, own, use and share your personal information within NAKAMANDA in accordance with this Privacy Policy.
This consent is given voluntarily and may be revoked at any time by sending an e-mail to info@nakamanda.com
Cookies
You should be aware that information and data is automatically collected through the use of ‘cookies’. Cookies, which are small text files a web site can use to recognise repeat users, facilitate the user’s continuing access to and use of the site. They allow a site to track usage behaviour and compile data which will allow content improvements and targeted advertising. Cookies are not programmes that come onto your system and damage files.
Cookies generally work by assigning a unique number that has no meaning outside the assigning site. If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows you to deny or accept the cookie feature. Please note, however, that cookies may be necessary to provide you with certain features, for example customised delivery of information available on this web site.
Providing Personal Information on NAKAMANDA Site
Depending upon the service you wish to use, some of the information we ask you to provide is identified as mandatory (‘Mandatory Information’) and some is optional (‘Optional Information’). If you do not provide the Mandatory Information with respect to a particular service, we will not be able to process any request you may make.
Our web server will recognise your domain name, but not your e-mail address. We use ‘cookie’ technology on the public area of this web site to increase your user experience on the NAKAMANDA Site.
How May Your Personal Information Be Used?
We propose to use, store or process (‘Processing’) the Personal Information provided by you to the NAKAMANDA Site for the purpose of increasing the convenience for your present and future stays as well as to use the Personal Information to keep you informed about new products and services or offers which we believe may be of interest to you (‘Purposes’).
If you do not wish to have your Personal Information processed for any of these Purposes then you will have the opportunity to indicate this below when you indicate your consent and submit any request to the NAKAMANDA Site.
Blog
You are responsible for the contents of comments you may post on the blog on NAKAMANDA Site.
Depending on the contents of such comments, the Site administrator may withdraw some some comments if they are found to be contrary to applicable laws or if they are found to be inappropriate or insulting.
Social Media
Site visitors forwarding the contents of NAKAMANDA Site using social media sites or applications should be aware of the privacy policies of such social medias.
To Whom and Where May Personal Information Be Disclosed?
Your Personal Information may, for the Purposes described above, be transferred or disclosed (‘Disclose’) to any company within Infinite Luxury Limited and affiliated / associated companies (‘the Infinite Luxury Group’) wherever located in the world in whichever different jurisdiction they may operate, depending on which company within the Infinite Luxury Group can best provide the information requested or products and services sought.
Infinite Luxury Group will not Disclose your Personal Information to outside third parties which are not part of the Infinite Luxury Group. Where a third party processes your Personal Information on behalf of the Infinite Luxury Group then such processing will be governed by a contract in the form required by law.
During Your Stay
During your stay, we record your itemised spending to accurately assemble your folio, which sets out your room rate and other expenses billed to your room. We also record this information to comply with financial reporting requirements, including those imposed by our auditors and government regulators. Information particular to your stay may also be stored (i.e. health issues, payment difficulties). This stay specific information is stored at the resort where you stayed and is combined with information from previous visits that you have made to our hotels. We may also collect certain information as required by local laws (e.g. passport number). In addition, we may retain the content of any document (including comment cards, electronic documents such as e-mails and other similar forms of communication) that you send us before, during or following your stay. This information may be shared within the Infinite Luxury Group Limited but will not be shared with any third party.
Finally, we are required under relevant law to log and retain all records of internet activity at our resorts, including connection and pages visited to be tracked to the user itself, for a period of 90 days.
Protection of Your Personal Information
i. The Personal Information and other data that you provide:
Your information is encrypted when travelling over the Internet.
Access by you to this data is available through your User ID and a Password. We strongly recommend that you do not divulge your Password to anyone.
Your information is stored on a secure server that resides behind a firewall after your information reaches Infinite Luxury.
The firewall is designed to block access to this data from outside the Infinite Luxury Group.
Inside Infinite Luxury Group only selected Infinite Luxury staff and contractors have access to the server via their Password.
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your PII in accordance with our website.
What personal information do we collect from the people that visit our website?
When booking, ordering or registering on our site, as appropriate, you may be asked to enter your email address or other details to help you with your experience.
When do we collect information?
We collect information from you when you subscribe to a newsletter or enter information on our site.
Clients
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
• To send periodic emails regarding your order or other products and services.
How do we protect your information?
We do not use vulnerability scanning and/or scanning to PCI standards.
We only provide articles and information. We never ask for credit card numbers.
All credit card transactions are processed via highly secured affricate websites, such as, the hotel booking engine.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we may use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which may enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
We use cookies to:
• Compile aggregate data about site traffic and site interactions to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, it won’t affect the user’s experience.
Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
Third-party links
We do not include or offer third-party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We have not enabled Google AdSense on our site, but we may do so in the future.
California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting PII from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. See more at: http://consumercal.org/california-online-privacy-protection-actcaloppa/#sthash.0FdRbT51.dpuf
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.
Our Privacy Policy link includes the word ‘Privacy’ and can easily be found on the page specified above.
You will be notified of any Privacy Policy changes:
• On our Privacy Policy Page
Can change your personal information:
• By emailing us
• By calling us
How does our site handle Do Not Track signals?
We honour Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioural tracking?
It’s also important to note that we do not allow third-party behavioural tracking
Children Online Privacy Protection Act (COPPA)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
To be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify you via email
• Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute noncompliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address to:
• Send information, respond to inquiries, and/or other requests or questions
To be in accordance with CANSPAM, we agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honour opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at info@nakamanda.com
• Follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Contacting Us
If there are any questions regarding this privacy policy, you may contact us using the information below.
NAKAMANDA Resort & Spa
Krabi, Thailand
126 Moo.3 Klong Muang Beach,
Tambol Nongtalay, Amphur Muang,
Krabi 81000, Thailand
info@nakamanda.com