Privacy Policy

PRIVACY POLICY CROWNE PLAZA ANTWERPEN

INTRODUCTION

At Crowne Plaza Antwerpen, we care about personal privacy. It is of the utmost importance for us that all processing of personal data take place in consideration of the privacy of the individual. This is why we always do our best to ensure that all processing of personal data takes place in accordance with the General Data Protection Regulation (the “GDPR”) and other applicable legislation. This privacy policy (the “Policy”) applies to personal data about guests, customers and suppliers as well as other individuals who may be registered in IT systems (such as booking systems), website, apps, loyalty programs or the equivalent or personal data that is transferred from travel agencies, other booking sites or similar.

WHO IS THE CONTROLLER?

Crowne Plaza Antwerpen
Holcro NV
G. Legrellelaan 10
2020 Antwerp
Belgium
TAV BE 0421.732.937 – RPR Antwerp
info@cpantwerp.com

Crowne Plaza Antwerp is operated by Holcro NV. Crowne Plaza is an IHG brand. IHG also processes your personal data in the context of your stay with us. For more information please consult the privacy policy and cookie policy of IHG at their website.

This policy only relates to the activities of Holcro NV.

HOW WE COLLECT PERSONAL DATA

Depending on the situation, we collect information from you or from other sources.

From you

If you contact with us regarding a reservation or making a hotel reservation, have special requirements regarding your visit, or use a social media that we provide, we will collect and process the information that you provide us with. These could include sensitive personal data, such as information about allergies.

From other sources

If someone makes a reservation for you, we process such personal data about you.

Additionally, we sometimes receive personal data from third parties (including other companies within our group) with whom we do business or that are suppliers to us.

Under certain circumstances we process personal data about you that originates from publicly available sources, such as social media. This is for example the case when you make a review about our hotel on a website.

In those cases we process personal data about you that we receive from other sources than yourself, we will provide you with information in accordance with the GDPR (if possible).

DIFFERENT TYPES OF PROCESSING ACTIVITIES

Information regarding guests

Type of personal data

Contact information (for example your name, e-mail address, telephone number and address), demographic information (such as age, gender, age and language), guest stay information (which could include special categories of personal data, such as information about allergies), passport details (which can include your name and address, your place of birth and birthdate and your national identification number, the number of your passport or identity card and your nationality), loyalty program numbers, payment information (such as credit card number), business information, information relating to the reservation, information (e.g. feedback about our hotels and services) that you submit to us (e.g. through customer satisfaction surveys) or that you post online.

Lawful basis for the processing

Consent (in cases we have asked for that and you have accepted it), that processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you to entering into a contract (for example in relation to a reservation), or for a legal obligation (for example a legal obligation for accommodation providers to register hotel guests). We may also process data based on our legitimate interests. We have for example a legitimate interest in contacting our guests to ask them about their stay in our hotel. When processing is based on legitimate interest, we shall make a balance between our legitimate interests and your rights and interests.

Purpose

To provide you with the services and products that you have asked for (for example in relation to a reservation), in order to evaluate and improve our services, or in order to fulfil our legal obligations (for example to register hotel guests).

Information regarding contact persons

Type of personal data

Contact details such as name, e-mail address and telephone number.

Lawful basis for the processing

We process your personal data based on our contractual relationship or our legitimate interests. When processing based on legitimate interest, we shall make a balance between our legitimate interest and your rights and interests.

Purpose

We process personal data for the purpose of managing the supplier relationship, for contacts in various questions, billing and marketing (if applicable) or to communicate in other ways with you and your company.

Social media

Type of personal data

The personal data that you submit to us on any social media platform (e.g. name, e-mail address and telephone number).

Lawful basis for the processing

Consent (in cases we have asked for that and you have accepted it) or that processing is necessary for the performance of a contract to which you are party or in order to take steps at the request of you to entering into a contract (for example in relation to a reservation) or legitimate interests. When processing based on legitimate interest, we shall make balance between our legitimate interests and your rights and interests.

Purpose

To provide you with the services and products that you want, to manage and market our services and products and to communicate with you.

E-mail

Type of personal data

Name, e-mail address, telephone number and any other personal data that you submit to us via e-mail.
Lawful basis for the processing
Consent (in cases we have asked for that and you have accepted it) or that processing is necessary for the performance of a contract to which you are party or in order to take steps at the request of you to entering into a contract (for example in relation to a reservation) or legitimate interests.

Purpose

To provide you with the services and products that you want, to manage and market our services and products and to communicate with you.

Personal data regarding children

As far as we know, we are not in contact or collect personal data from children under 18 without relevant permission from a parent or guardian. If you believe we have inadvertently collected such information, please contact us so we can promptly obtain parental consent or remove the information.

Direct marketing

Type of personal data

Name and e-mail address

Legal basis for processing

We have a legitimate interest in sending marketing information to our customers. We may use your personal data to communicate and provide you with information (e.g. event invitations, promotions and special offers,… and other information in relation to marketing activities).

If you have consented to receive marketing, you may at any time opt out at a later date. In addition, if you receive marketing you have the right to at any time stop us from contacting you for marketing purposes and you are at any time entitled to object to the processing of personal data for such marketing purposes (see further below regarding your opportunities and rights in relation to this). Furthermore, you can decline to receive marketing by using the links in the relevant communication.

Purpose

We use your personal data to keep you informed about our services, events and promotions.

Camera surveillance

We use camera surveillance at certain hotels. Camera surveillance is deemed to be particularly sensitive from a privacy perspective and it is of great importance that all camera surveillance takes place in accordance with the relevant legislation in effect from time to time.

Type of personal data

Camera footage

Legal basis for processing

The camera images are processed on the basis of our legitimate interest to secure and protect our hotel and our guests. Entering an area where a pictogram indicates that camera surveillance is taking place is considered to be prior consent under Belgian camera legislation.

The camera images are processed in accordance with the camera legislation. Crowne Plaza Antwerp has indicated the camera surveillance by means of a pictogram, it has notified the cameras to the competent authority and it has included information in a specific record.

Contact us if you would like more information about our camera surveillance (see contact details below).

Purpose

Securing and protecting the hotel and its guests

Profiling

Type of personal data

In order to provide you with premium service each time you visit our hotel, we may keep a profile about you, which can include information about your previous stays (such as how often you visit our hotel, when you visited our hotel the last time as well as financial information about your past stays).

Legal basis

Legitimate interest

Purpose

Providing a tailor-made customer service.

Jobs

Type of personal data

The information you provide us with, such as your name, telephone number, e-mail address, CV, and your cover letter. In a number of cases, Crowne Plaza Antwerp also receives data from third parties, such as social networks through which you apply, e.g. LinkedIn, selection and recruitment agencies, which carry out tests in the context of the application, your previous employer, but only if you have given your consent to do so.

Legal basis for processing

Depending on the individual case, the processing of your personal data for recruitment and selection purposes is based on your consent (e.g. to contact your former employer or to share your data; your request to take steps prior to entering into an agreement, for example if you send us your (spontaneous) application; or on the basis of our legitimate interest, including identifying, screening and evaluating applicants for potential employment and maintaining a recruitment reserve.

After the recruitment and selection procedure, Crowne Plaza Antwerp will retain your data in its recruitment database for future vacancies. In the communication in which we inform you of the decision on your application, we offer you the opportunity to oppose to this.

Purpose

Crowne Plaza Antwerp collects and uses your personal data exclusively for recruitment and selection purposes as set out above.

DialogShift chat application on our website

Our website uses the chat application of DialogShift GmbH, Rheinsberger Str. 76/77, 10115 Berlin. 

Type of personal data

This application processes and stores data for the purpose of web analysis, to operate the chat application and to answer queries.

For the operation of the chat function, the chat texts are stored and a cookie with a unique ID is set – this is used to recognise you as a customer. 

A cookie is a small text file that is stored locally in the cache on your device. Using this cookie, our application recognises the device and can retrieve past chat logs. This cookie is stored for 90 days since last use. You can disable the storage of cookies in your browser settings. However, without the use of cookies, the chat function cannot be performed.

The possible disclosure of e.g. name, e-mail address or a telephone number is voluntary and with the consent to temporarily use and store this data for the purpose of contacting you until the end of the contact. This personal data is deleted after 90 days. 

DialogShift offers at https://www.dialogshift.com/en/data-privacy for further information on the collection and use of data and on your rights and options for protecting your privacy.

Lawful basis for the processing

The legal basis for data processing is Article 6 (1) (f) GDPR based on our legitimate interest in effective customer support, for statistical analysis of user behaviour and for optimisation purposes of our offers.

Purpose


To provide you with the services and products that you want, to manage and market our services and products and to communicate with you.

DIFFERENT KIND OF SYSTEMS

Depending on the circumstances, we may process personal data in, or in relation to, inter alia, the following types of systems:

Property management system, property operation system, staff registration system, productivity system, telephone system, accounting system, clock system, yield management system, revenue center system, communication system, salary system, credit card system, key card system, TV and IT infrastructure (Internet etc.) and video surveillance system.

WHO ARE THE RECIPIENTS OR THE CATEGORIES OF RECIPIENTS WHICH WILL RECEIVE THE PERSONAL DATA?

In order to serve you, we may share your personal and anonymous data with:

  • the IHG Group,
  • other companies (including companies within the Pandox Group), such as vendors, contractors and co-operation companies. Their use of information is limited to these purposes and subject to agreements that require them to keep the information confidential. Our vendors provide assurance that they take reasonable steps to safeguard the data they hold on our behalf, although data security cannot be guaranteed,
  • third parties that are data processors that perform services to us (e.g. companies that operate our hotels, assist us in marketing activities or IT operations),
  • other group companies (e.g. to facilitate reservations),
  • lawyers and advisors of the Pandox group,
  • relevant authorities (e.g. in the context of our obligation to register guests),
  • with trusted partners in order to provide you with relevant advertising offers or services,
  • analytics companies may access anonymous data (such as your IP address or device ID) to help us understand how our services are used. They use this data solely on our behalf. They do not share it except in aggregate form; no data is shared as to any individual user, and
  • potential acquirers of the company; in case (a part of) our business is sold to a third party, your data may be shared with the acquirer.

WILL TRANSFER BE MADE TO ANY THIRD COUNTRY?

As a main rule, we will not transfer any personal data to a third country (i.e. a country outside the EU/EEA). It is possible that service providers of Crowne Plaza Antwerp process your data outside the EEA. In this respect, Crowe Plaza Antwerp is committed to ensuring an adequate and sufficient level of protection for your data (e.g. by concluding the standard contractual clauses of the European Commission – article 46 GDPR) or by any other appropriate safeguards. If you have any questions about the transfer of your personal data outside the EEA or if you want to obtain a copy of the relevant documents, you can send a dated and signed request to Crowne Plaza Antwerp.

HOW LONG IS THE PERSONAL DATA SAVED?

We will not save personal data longer than necessary taking into consideration the purpose of the relevant processing. Our responsible managers shall ensure that any routines applicable to deletion of personal data are complied with (please note that certain laws require that certain types of information must be saved for specified periods of time). Camera images are kept for a period of in principle one month.

WHAT RIGHTS DO YOU HAVE AS A DATA SUBJECT?

You have the right of access to your data, to have your personal data corrected, in certain cases to object to the processing and to require the personal data to be erased, that it should be restricted (a marking that the processing of the personal data should be restricted to a particular purpose), and that it should be turned over to you on an IT medium (data portability).

Please note, however, that certain personal data is necessary in order to be able to fulfil certain duties, such as payment information, and may therefore not be restricted or erased for this purpose.

You also have the right to withdraw your consent where the processing is based on consent. Where this is the case, this will be stated as the legal basis in the relevant sections.

In order to exercise your rights under the GDPR, you must send in your request to, or contact, Crowne Plaza Antwerp (please see contact details below). Please see below for a more detailed description of your rights as a data subject but note that exercising your rights may be subject to exceptions or conditions. Please also note that your data may be processed by IHG as well. Please consult the privacy policy of IHG to find out how you can file a request with IHG.

Right of access
You are entitled to obtain access to your personal data we process about you. If you wish to exercise this right, send us a request as explained below.

The right to correction
As a data subject, you have the right to require that we correct any incorrect personal data about you as a data subject. This also means that you, as a data subject, are entitled to supplement incomplete personal data, among other things by providing a supplemental statement. Such supplementation relates to personal data which is missing and which is relevant taking into consideration the purpose of the processing of the data.

The right to erasure
You are entitled to contact us and request for your personal data to be erased. The personal data must be erased in the following cases:
We are entitled to deny erasure in certain cases, among others in order to fulfil a legal obligation.

The right to restrict processing
In certain cases, you have the right to require that we restrict the processing of your personal data. A restriction entails that the data is marked so that in the future it may only be processed for certain limited purposes. The right to restriction applies where you believe that the data is incorrect and request a correction. In these cases, you can request a restriction of the processing during the period of time in which we are investigating the accuracy of the data.

The right to data portability
In certain cases, you have the right to receive personal data regarding you as a data subject and which you have provided to us and the right to transfer this data to another controller. This right applies to automated processing where the processing of personal data is supported by a consent from you as the data subject, or in order to perform an agreement with you and this applies only to such data as you yourself have provided.

The right to make objections
You are entitled, at any time whatsoever, to object to our processing of your personal data where it involves personal data which is being processed based on a legitimate interest. In such case, we may no longer process the personal data unless we can demonstrate a compelling legitimate reason for the processing which overrides the interests, rights and freedoms of the data subject, or where the processing takes place in order to establish, exercise or defend against a legal claim. Where the personal data is processed for direct marketing, you as a data subject are entitled at any time whatsoever to object to the processing of personal data involving you for such marketing, including profiling to the extent this is connected to such direct marketing.

Have we asked for your consent? Then you can always withdraw your consent!

Under certain circumstances, we have to ask for your consent in order to provide you with services and process your personal data. Following your consent, we will only process your personal data for the purposes related to such service, product or similar.

In the following cases, inter alia, we may request your consent:
(i) Marketing activities;
(ii) In relation to processing of children’s data (where we will obtain consent from a parent);
(iii) If we process special categories of personal data (such as allergies);
(iv) If we transfer personal data to a third country:
(v) Processing of personal preferences for the purpose of personalization

Where the processing is based on consent, you are entitled at any time whatsoever to withdraw the consent (without this affecting the lawfulness of the processing carried out on the basis of the consent before the consent was withdrawn). If you would like to withdraw your consent, please refer to the same service, website or similar where you consented or contact us at the address or telephone number below.

You are always entitled to file a complaint with the Belgian supervisory authority, the data protection authority.

You can contact the Data Protection Authority at contact@apd-gba.be or by going to its webpage: https://www.dataprotectionauthority.be.

However, in case of any questions or objects, we request you contact us first to enable us to resolve the issue.

SECURITY MEASURES

We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk with relevant processing activity (including reasonable steps to secure your personally identifiable information against unauthorized access or disclosure). We encrypt transmission of data on pages where you provide payment information. However, no security or encryption method can be guaranteed to protect information from hackers or human error. Please always use the internet with caution.

MISCELLANEAOUS

You are not obligated to provide us with any information and personal data about you. However, in some cases, we will not be able to provide you with some of our services or products if we are not allowed to process your personal data.

CONTACT DETAILS

If you have any questions or concerns about our privacy policies or our processing of your personal data, please contact us:

Crowne Plaza Antwerpen
Holcro NV
Legrellelaan 10
2020 Antwerp
Belgium
+32 3 259 75 00
info@cpantwerp.com