Articles in this section

General Data Protection Regulation

Avatar
Mark Elayan
  • Updated
Follow

Types of information collected by HotelQuickly and the purpose for its collection?

  • User email (authentication, newsletter).
  • User full name (authentication, newsletter).
  • User last name (authentication, newsletter).
  • User telephone number (authentication).
  • User payment method (debit card, credit card, etc).
  • User ID/ passport/driving license (Fraud, Support).

How is the information collected?

  • User input / opt-in manually via email registration.
  • Pulled from Facebook for Facebook registration.
  • Pulled from Google Plus for Gmail registration.

Where is the information being stored?

The information is being stored in the application's database.

 

Are there different storage strategies in place?

  • User information such as email, username, and city, is stored in our database.
  • User media (text, photos) is stored on a cloud platform.

How is information cross-referenced?

The information is being verified in the application's database.

 

How is each class of data being used?

To cater to the user and/or customer based on their preferences.

 

When is information belonging to each class destroyed?

The information listed above is stored for up to 60 months and then destroyed.

 

Who is responsible for its destruction and how is it destroyed?

The person in charge is our DPO (Data Protection Officer).

 

How long is each class of information kept?

The information listed above is stored for stored 60 months.

 

Is your organization in compliance with all relevant statutory/regulatory requirements for storage of specific classes of information?

The type of data that the application is storing does not need to comply with any specific regulatory requirement.

 

How is the accuracy of collected information guaranteed?

The reliability of the collection of information relies on data input by the user either on HotelQuickly website or Application directly or through Facebook or Google Plus.

 

Are there access mechanisms in place that allow the subject to alter/update inaccurate or obsolete information?

Users have access to their user information and are able to update them when necessary through our Login area.

 

To whom, in what manner, and under what circumstances may information be disclosed?

The information cannot be disclosed unless the third party company we are using is GDPR compliant.

 

Will you report to the local authorities and to the people (data subjects) for data breaches involving personal data?

  • Personal data breaches will be reported within 72 hours of our knowledge to the local authorities.
  • We will report what data has been lost, what the consequences are and what countermeasures are/will be taken.
  • Unless the data leaked was encrypted, we will report the breach to the user (data subject).

 

Where is my data stored?

Your data is stored securely on our cloud servers in Taiwan.

Related articles

Comments

0 comments

Article is closed for comments.