Mushroom Management Corporation Sdn Bhd (“mushROOM”) respects the privacy of all its customers and business partners, and treats personal information provided by you as confidential. We pledge to fully comply with the requirements of the Personal Data Protection Act 2010 of Malaysia and, where possible, internationally recognised standards of personal data privacy protection. We use your personal data and information in order to fulfill our commitment to providing you with distinctive Asian standards of hospitality service.
This Policy gives effect to our commitment to protect your personal information and has been adopted by all of the hotel and resort properties owned, managed and/or operated by mushROOM or its affiliated or associated companies. References to " mushROOM ", "we", "our" and "us" hereinafter, depending on the context, collectively refer to those separate and distinct properties or entities.
Our collection of Personal Information
The term "personal data" in this Policy refers to personal information which is capable of identifying you as an individual. You can visit our website without providing any personal data or information. The collection and processing of personal data may be obligatory for purposes of providing you with our services. The collection may also be obligatory for purposes of compliance with the Registration of Guest Act 1965 as well as compliance with other local laws and regulations. We will notify you whether the personal data requested is obligatory or voluntary. Personal data may be collected as part of: (i) fulfilling reservations or requests for information or services, (ii) accommodating your personal preferences, (iii) purchasing our products or services, (iv) registering for our programmes and memberships, and (v) facilitating communications. We may also request your personal data to verify your identity, to protect your interests and implement security measures in compliance with the law.
Types of Personal Information we collect
The types of personal data that we process include:
your personal details such as name, national identification number, age, sex, nationality, occupation, contact information, passport and visa information and other required information pursuant to local laws and regulations;
guest stay information, including the hotels where you have stayed, date of arrival and departure, goods and services purchased, special requests made, observations about your service preferences, telephone numbers dialed, faxes and telephone messages received from third parties on behalf of guests/customers;
sensitive personal data which comprises your mental and physical health including your medical condition and medical history and/or your religious belief;
your credit card details, membership information, account details, profile or password details and any frequent flyer or travel partner programme affiliation;
any information necessary to fulfill special requests (for example, leisure, travel and guest preferences);
your reviews and opinions about our services;
information such as videos and photographs collected through the use of closed circuit television systems and other security systems; and
information relating to the credit of customers.
How we use Personal Information
We may use and disclose relevant portions of your personal data and information in order to:
process and/or confirm hotel arrangements and restaurant reservations;
process and/or confirm bookings, reservations and making arrangements for sports or recreational activities;
provide and charge for the hotel accommodations and other goods and services you purchase;
provide privileges, benefits and services to you;
provide you with a better, more personalized level of service;
process applications and administer membership programmes;
fulfill contractual obligations to you, anyone involved in the process of making your travel arrangements (e.g. travel agents, group travel organisers and your employer) and vendors (e.g. credit card companies, airline operators and other loyalty programmes);
conduct market analysis, market research, customer satisfaction and quality assurance surveys;
respond to requests for information and services;
provide for the safety and security of guests;
administer general record keeping;
facilitate direct marketing, promotional and customer management purposes, including sending you sales promotional communications or special offers if you have consented to receive the same. Please see section “Direct Marketing” below;
facilitate matching for whatever purpose with other personal data;
disclose the winner of contests and lucky draw competitions conducted by us or on our behalf;
meet legal and regulatory requirements.
Disclosures of your Personal Information
From time to time, we may disclose and transfer your personal data and information (whether within or outside of Malaysia) to mushROOM, travel-related companies (for example, airline companies, car rental companies and excursion tour companies), and business partners and third party data processors who provide administrative, telecommunications, payment, fulfillment or other services to any of the mushROOM to facilitate your requests or provide you with goods and services you require and for the purposes described under the section “How we use Personal Information”. The recipients of any such data are contractually prohibited from using personal data and information for any purpose other than for the purpose(s) mushROOM specifies.
We reserve the right to disclose any personal data and information we have concerning you if we are compelled to do so by a court of law or requested to do so by a governmental entity or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property. We also reserve the right to retain information collected and to process such information to comply with accounting and tax rules and regulations.
We may share aggregated demographic information with business partners, affiliates or other entities. This aggregate information is not linked or traceable to any personally identifiable information about you.
Except as described herein, we do not permit the sale or transfer of personally identifiable information to third parties.
We intend to use your personal information (including your name, address, telephone numbers, email and other contact details) to send you marketing communications such as direct-mail, email, telephone calls and SMS containing news, offers, promotions, events to be offered by us or by our business partners in relation but not limited to the following classes of products and services: travel, transportation, retail, food and beverage, credit cards, financial and investment services, real estate, entertainment, publications, fashion and jewellery, leisure and sports, health and wellness, non-profit and charitable activities, telecommunications, social networking, media and public relations.
We will not use your personal information for direct marketing without your consent. We will always ask for your consent before we use your personal information for direct marketing. You may opt-out from receiving marketing communications at any time, free of charge, by following the “opt-out” instructions contained in the communications or contacting mushROOM in accordance with the section “How to Access or Correct Personal Information”.
Centralised Processing of Personal Information
Like most international businesses, we have centralised certain aspects of our data processing activities, which in many instances will result in the transfer of your personal information from one country to another. For example, if you make a reservation and/or stay at a mushROOM outside of Malaysia, the personal data and information gathered in that process may be transferred to and processed in Malaysia or other jurisdictions. The jurisdictions where those data and information will be processed may or may not have laws that seek to preserve the privacy of personal data. Nevertheless, whenever your personal data is transferred within the mushROOM, your personal data will be processed in accordance with the terms and conditions of this Policy.
We retain the personal data collected for so long as may be necessary to fulfill the purpose (including any directly related purpose) for which the information was to be used.
Our commitment to Data Security
To maintain the accuracy of your personal data, as well as preventing unauthorised access to and ensuring the correct use of your personal data, we have carried out appropriate physical, electronic and managerial measures to safeguard and secure the personal data we collect. These measures are subject to ongoing review and monitoring. Whilst we make every effort to protect your personal data, no security measures can guarantee that your personal data and information will not be subject to interference, misuse or hacking and we shall not be responsible for any loss, misuse or alteration arising as a result of such incidents.
Children and Minors
Except where required by local laws, we do not knowingly collect personal information from children or minors. If you are a child or minor, you may only use our website and services with the permission of your parent or guardian.
Visitors to our website do so on an anonymous basis. We have not configured our website to collect any information from your computer without your input. This means that unless you voluntarily and knowingly provide us with information, we will not know your identity, your email address, or any other information identifiable to you, save for the collection of information via “Cookies” which will be dealt with under the “Cookies” section below.
To enhance your experience on our website, some of our web pages may use "cookies." Cookies are text files that we place in your computer's browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally-identifiable information unless you choose to provide this information to us by, for example, registering for one of our services. However, once you choose to furnish the site with your personally-identifiable information, this information may be linked to the data stored in the cookie.
You may always choose what personal data and information (if any) you wish to provide to us. However, if you choose not to provide certain details, some of your experiences with us may be affected (for example, we cannot take a reservation without a name).
We will abide by any request from you not to send you direct marketing materials. When such a request is received, your contact details will be “suppressed” rather than deleted. This will ensure that your request is recorded and retained unless you provide a later consent that overrides it.
How to Access or Correct Your Personal Information
You are entitled to access and make changes to any personal data relating to your profile held in our database. You should update the personal data held by us whenever there is a change. If you have any questions about this Policy, or if you would like to submit a request for access to or change of the personal data and information that we maintain about you, please contact our Director of Customer Care, Mr. Crystal Liaw by sending a written request to No. 19, First Floor, Block D, KK Times Square, Off Coastal Highway, 88100, Kota Kinabalu, Sabah, Malaysia. Telephone Number: 6088 – 278 766 / or email us at firstname.lastname@example.org.
We reserve the right to charge a fee for the processing of any such access request. The fee chargeable is RM2.00 for each request without a copy of the personal data and RM10.00 for each request with a copy of the personal data. The fee chargeable for access to sensitive personal data is RM5.00 for each request without a copy of the sensitive personal data and RM30.00 for each request with a copy of the sensitive personal data. As indicated above, all requests for access to your personal information must be submitted in writing. When communicating your request, please be sure to include your full name, address and telephone number so we can ascertain your identity, and specify clearly the type of enquiry and the original source of data collection.
Changes to the Policy
We may modify this Policy from time to time. Any changes to this Policy will be posted to our website so that you are always informed of the way we collect and use your personal data. Updated versions of our Policy will include the date of the revision at the end of this Policy so that you are able to check when the Policy was last amended.
Any changes to our Policy will become effective upon posting of the revised Policy on the website. Use of the website following such changes constitutes your acceptance of the revised Policy then in effect.
This Policy is governed by and shall be construed in accordance with the laws of Malaysia.
This Policy is written in the English and Malay languages and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this Policy, the English version shall prevail.
Dated: April 2018