Privacy Policy
1. General
- This Privacy Policy (“Privacy Policy”) is provided by Nexus Resort & Spa Karambunai.com and its associates, related companies, subsidiaries and affiliates (collectively referred to as “Nexus Resort & Spa Karambunai”, “Group”, “we”, “our” or “us”).
- This Privacy Policy describes how and when we collect your personal information, what that information may be used for, who uses it, when it may be disclosed to other parties, how you can access your details and seek correction of your details, the control your own personal information and how you can contact us.
- By visiting Nexus Resort & Spa Karambunai’ website (http://www.nexusresort.com/) (“Website”), you are deemed to have read and agree to be bound by this Privacy Policy.
2. Notice
- This Privacy Policy serves as a notice pursuant to the Malaysian Personal Data Protection Act 2010.
- We may vary or update this Privacy Policy from time to time. We will notify you of these changes to our Privacy Policy on our website. Please check our website regularly for updates to our Privacy Policy.
3. Information Collection and Use
- We may collect and hold personal information/data (“Personal Information”) about you or someone else whom you are making a booking for or traveling with (“Third Party”), that is, information that can identify you or such Third Party, including without limitation full name, gender, postal and email address, telephone number, nationality, passport number, date and place of birth, visa or other government-issued identification data, other contact details, identification details, credit and debit card number or other payment details, booking and travel information, membership or loyalty program data and other information relevant to providing you with the services you and/or the Third Party are, or someone else you know is, seeking, which we receive from you through our Website, call centre, social media sites, walk-in or distribution channels, including online travel agencies. If you submit Personal Information of a Third Party to us, you agree that you have obtained the consent of such Third Party to provide us with their Personal Information and to view or change their information and you permit us to use the Personal Information in accordance with this Privacy Policy. You agree to indemnify us in the event we suffer any loss or damage as a result of your failure to comply with the same.
- We may collect other data which do not generally reveal your specific identity or do not directly relate to an individual. To the extent other data reveal your specific identity or relate to an individual, we will treat other data as Personal Information. Other data include: browser and device data, app usage data, data collected through cookies (see the COOKIES section below), pixel tags and other technologies, demographic data and other data provided by you and aggregated data.
- You are responsible for ensuring that the Personal Information you provide us is accurate, complete and not misleading and that such Personal Information is kept up to date.
- We may collect Personal Information in one or more of the following circumstances or for one or more of the following purposes:
- to process your booking and for other operational and administrative purposes, including without limitation, processing bills and payments, travel notification, manage your account;
- to complete your reservation and stay, for example, to process your payment, ensure that your room is available and provide you with customer related service;
- when you access our Website or use any of our mobile Apps. If you are using a mobile device when browsing our Website or make any bookings through our Website or mobile apps, we may collect your IP address or other device identifier, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other portable device information;
- to provide you or someone else you know customer support and services;
- to undertake various activities that are required by law;
- for administrative, operational, marketing, planning, product or service development, troubleshooting and research requirements;
- to send you information on products and services, and special or promotional offers, newsletters or customer survey forms, market research and questionnaires;
- as part of a program you have joined (e.g. loyalty program) or purchase you have made to offer and manage your participation in the loyalty program, send you offers, or promotions and information about your account status and activities;
- for data analysis, audits, security and fraud monitoring and prevention (including with the use of closed circuit television, card keys and other security systems), developing new goods and services , enhancing, improving or modifying our services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities;
- when you log into our hotel’s WiFi or have your WiFi settings switched on in our hotels. Where you are using a mobile device whilst in our hotels with its WiFi capability switched on or have access to our free WiFi, we may additionally collect your phone operating system details, MAC address and location data whilst you are within our Hotels or immediately within its perimeters. If you do not want us to track your device or use your information in this way, please turn off the WiFi capability on your phone or other electronic device within your settings;
- when you engage with us on social media (by mentioning/tagging us or by contacting us directly);
- to resolve disputes or enforcement of our terms and conditions available at our website; and
- for any purpose made known to you at the time of collection of your Personal Information (collectively referred to as “Purposes“).
- to process your booking and for other operational and administrative purposes, including without limitation, processing bills and payments, travel notification, manage your account;
- We use general, aggregated information to generate statistics and measure site activity to improve the usefulness of customer visits. Such information does not include Personal Information.
- We may disclose your information:
- to our related companies, affiliates, advisors, contractors, vendors or service providers for the purposes of operation and maintenance of our Website or our business, for cross-promotional purposes and to otherwise provide customer support and services to you;
- to owners and operators of our franchised hotels or our business partners and investors;
- to other third parties with whom we have commercial relationships, for marketing, advertising and related purposes, unless you have indicated that you do not wish for us to disclose to such third parties for marketing and advertising purposes;
- social media websites;
- to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of the Nexus Resort & Spa Karambunai’s businesses, assets or stocks (including any bankruptcy or similar proceedings);
- as required or authorised under law or provided in co-operation with any governmental authority; and
- if you fail to provide us with Personal Information stated in paragraph 3(a) above, we may not be able to perform and/or carry out any of the Purposes.
- to our related companies, affiliates, advisors, contractors, vendors or service providers for the purposes of operation and maintenance of our Website or our business, for cross-promotional purposes and to otherwise provide customer support and services to you;
4. Sensitive Information
- The term “sensitive information” refers to information related to your racial or ethnic origin, political opinions, religious or philosophical beliefs, traded union membership, health, or sexual orientation, genetic information, criminal background and any biometric data used for the purpose of unique identification. In some jurisdictions, mobile phone numbers, location data, and information contained on identity documents also are considered sensitive information.
- We do not generally collect sensitive information unless it is volunteered by you or unless we are required to do so pursuant to applicable laws or regulations. We may use health data provided by you to serve you better and meet your particular needs (for example, the provisions of disability access).
5. To Prevent Fraud
- We share your financial information including your credit, debit card or other payment information with third parties to ensure that your payment is safe and that your details are not being used fraudulently. This data sharing enables us to conduct fraud analysis which ensures that genuine and accurate payment details are provided to us for any purchase. We may share your personal data with credit agencies if you are requesting credit.
6. Marketing and Promotional Communications
- We may use the Personal Information provided to send you information on products and services, and special or promotional offers offered by any member of the Group, newsletters or customer survey forms and questionnaires via SMS, post and email unless you have indicated that you do not wish to receive such materials.
- You may opt-out of receiving any communications from us at any time by clicking on the “unsubscribe link” on the relevant email communications or contact us with your request (see the CONTACTING US section below).
7. Security of Your Personal Information
- We will take reasonable steps to protect any Personal Information we receive from you via our Website from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form or retain third parties to hold that information on our behalf. Where required by applicable laws, Personal Information will be destroyed or de-identified when no longer needed.
- By providing us with Personal Information or using our services or our Website, you consent to the transfer, storage and processing of Personal Information to where our servers, central database and system facilities are located and/or operated,
- which may be outside your country of domicile or the location where you access our Website to provide Personal Information, and which may include, among others, Malaysia, the United States and the United Kingdom.
However, as the Website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us and you do so at your own risk.
8. LINKS TO OTHER WEBSITES
- Our Website may contain links to websites operated by third parties (“Third Party Websites”). We are not responsible for the privacy practices or the content of Third Party Websites. Third Party Websites are responsible for informing you about their own privacy practices.
9. ACCESS AND CORRECTION
- You may request access to any Personal Information we hold about you or any Third Party whose Personal Information you had provided at any time by contacting us (see the CONTACTING US section below). Where we hold information that you are entitled to access, we will endeavour to provide you with suitable means of accessing it (e.g. by emailing or mailing it to you).
- If you believe that Personal Information we hold about you is incorrect, incomplete or inaccurate, then you may request amendment of it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the Personal Information stating that you disagree with it.
- In accordance with the Malaysian Personal Data Protection Act 2010, and to the extent not limited by any other applicable law, we may:
- charge a fee for processing your request for access or correction to the Personal Information; and
- refuse to comply with your request for access or correction to the Personal Information and give you a reason for our refusal.
- charge a fee for processing your request for access or correction to the Personal Information; and
10. PERSONAL INFORMATION FROM CHILDREN
- We do not knowingly collect Personal Information from individuals under 18 years of age. As a parent or legal guardian, please do not allow your children to submit Personal Information without your permission.
11. Cookies
- We use cookies in our Website to:-
- maintain your session and required details when you browse our Website or during registration or the booking process (session cookie);
- collect website usage data for statistical/analytics purposes (analytics cookie); and
- direct you to the correct landing page based on your geo-location (geo-targeting cookie).
- maintain your session and required details when you browse our Website or during registration or the booking process (session cookie);
- You may instruct your browser, by changing its setting, to stop accepting cookies or to prompt you before accepting a cookie from the websites that you visit. Note that our Website will not function properly if the cookie setting is disabled.
12. Contacting Us
- If you have any questions about our Privacy Policy, or any concerns or a complaint regarding the treatment of your privacy by us, including but not limited to the Malaysian Personal Data Protection Act 2010, please contact us at: info@nexusresort.com
13. Updates to the Privacy Policy
- The “Last Updated” legend at the top of this page indicated when this Privacy policy was last revised. We may modify this Privacy Policy from time to time. Any changes to our Privacy Policy will become effective when we post the revised Privacy Policy on the site. Use of the Website, any of our products and services, and/or providing consent to the updated Privacy Policy following such changes constitutes your acceptance of the revised Privacy Policy then in effect.
14. Why Do We Process Your Personal Information
- Provide our hotel services to you – When you make a reservation with us, we will process your Personal Information , including without limitation, your full name, gender, postal and email address, telephone number, date and place of birth, nationality, passport number and visa or other government issued identification information (including obtaining scanned copies of passport/visa during check-in time), contact information, payment and credit card information, booking and travel information, and other information that will be relevant in order for us to complete your reservation/booking request, sending you reservation confirmations, registering you for memberships (where applicable), customising our hotel services and facilities to your preferences (including access to our WiFi), earning and redeeming loyalty points/rewards (where applicable), and keeping proper records of your transactions with us.
- Provide our marketing and promotional items to you – We may send you information and updates on our hotels including hotels owned and/or managed by any member of our Group, including the latest newsletters, promotions or deals, competitions, responses to your inquiries, updates on our website, or changes to our terms and conditions and policies.
- Enhance the provision of our services – From time to time, we may perform market researches in the form of surveys in order to find out about your hotel experiences, your thoughts on our products and services and how we can improve and further develop our services to better serve our guests. We may also perform analytics and/profiling, advertising campaigns and even promotional activities in relation to our products and services.
- Work with third parties to provide our services to you – We may also process your Personal Information when we work with third parties including but not limited to, travel agents, group travel organisations, airline operators, credit card companies, third party loyalty programs or any other parties that may be involved in the process of making your travel arrangements.
- Maintain your safety and security – When you stay with us, we may require your personal information for identification and verification purposes especially in the implementation of our security systems in our hotels or facilities.
- Others – For any other purposes mentioned at paragraph 3(c) of Appendix A of the Privacy Policy or any other purposes made known to you at the time of collection of your Personal Information or as required by applicable laws.
- Please note that we will only process your Personal Information on one or more of the following legal principles:
- that you have provided your consent;
- the processing of your data is necessary for the performance of your instructions to us;
- to comply with our legal obligations (i.e. to keep tax records); and
- the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.
- that you have provided your consent;
15. How Long Will We Retain Your Personal Information?
- We will retain your Personal Information for the duration that shall be necessary to achieve the purpose for which such information was collected, which shall usually be during the duration of our contractual relationship and for any period thereafter as permitted by applicable laws (i.e. until you have withdrawn your consent for us to retain your Personal Information).
16. What Rights Do You Have?
- Access, Correction and Erasure: You have the right to ask us to confirm whether we are processing your Personal Information, obtain a copy of your Personal Information from us, receive information on how your data is being processed, request for updates or corrections on your Personal Information, and also the right to request for erasure/deletion of your Personal Information.
- Right to restrict the processing of your data: You have the right to request for us to restrict the processing of your Personal Information:
- while we are in the process of verifying the accuracy of your data and subsequently updating your Personal Information;
- where the processing is unlawful and you oppose the erasure of your data and request to restrict the processing of the data instead;
- where we no longer require your data, but you may require for us to retain the same for the establishment, exercise or defence of legal claims; or
- where you have submitted an objection to processing pending the verification whether our legitimate grounds override your interests, rights and freedoms.
- while we are in the process of verifying the accuracy of your data and subsequently updating your Personal Information;
- Right not be subjected to automated individual decision-making, including profiling: With your consent, we are able to process your data and make automated decisions, including profiling, in order to be able to offer certain benefits based on your characteristics. However, you have a right to request for human intervention and can request for us to not subject your data to automate decision-making/profiling.
- Right to data portability: You have a right to request for us to provide your personal data (which we obtained based on your consent) to a third party in a structured, commonly used and machine-readable format.
- Right to withdraw your consent: You are entitled to withdraw your consent to any processing that we conduct on your Personal Information.
17. Transfer of Your Personal Data
- As we are active internationally, we may transfer your personal data abroad if required for the purposes as highlighted above at paragraph 1 of this Appendix. When we make such transfers, we will ensure that we provide appropriate safeguards in accordance with the GDPR.
18. Safety & Security
- It is always a responsible for the management and staff of Nexus Resort & Spa Karambunai to prioritize guest’s safety and security in favor of guest’s luxurious vacation.
- In addition to this, we would like to notify you of a few initiatives that have been implemented by our resort as part of our daily operations. These include:
- The security department as well as every staff of the hotel are responsible for looking after your safety and security.
- All activities at Nexus Resort & Spa Karambunai are being recorded by video cameras, also known as the closed-circuit television and recording technology (CCTV) and are strictly monitored by the security management.
- A thorough security audit is conducted regularly and systematically.
- Safety Officers at our resort are assigned to oversee and maintain everything relating to the safety system of the resort.
- Security staff are regularly trained at security workshops to safeguard the hotel from all types of emergencies.
- Our cross functional emergency response teams are always alert and ready to protect the guests and properties in case of any emergency
- The security department as well as every staff of the hotel are responsible for looking after your safety and security.
- Nexus Resort Karambunai, a serene and tranquil hideaway in Malaysian Borneo, is the ideal destination for rejuvenating the mind, body and soul and providing guests with a luxurious, exclusive and enriching holiday and meeting experience while your safety and well-being are guarded.