PDPA POLICY FOR ZENITH GROUP OF COMPANIES

Collection of Personal Data
  • “Personal Data” means information about you, from which you are identifiable, including but not limited to your name, identification card number, passport number, vehicle number, address, telephone number, email address, date of birth, credit cards or payment details, race, nationality, any information about you which you have provided to Zenith related to your reservation, stay or visit (such as your date of arrival and departure, room preferences and purpose of stay), information relating to your purchase and receipt of products or services, reviews, suggestions and opinions about Zenith property, customer surveys and/or any information about you that has been or may be collected, stored, used and processed by Zenith from time to time.
  • In addition to the Personal Data you provide to Zenith directly, Zenith may also collect your Personal Data from a variety of sources, including without limitation when you visit or stay at Zenith’s hotel, when you make a reservation to stay at Zenith’s hotel over the telephone, via the Website or otherwise, when you interact and communicate with Zenith at events or otherwise or when using the Website. Zenith collects your personal information directly from you or indirectly from your legal representatives, agents (e.g. travel agents) and/or employer when you, your legal representatives, agents and/or employers send us completed enquiry, application and/or registration forms via various means, including online and physical hardcopies at public venues or in any of our premises. Your personal information may also be collected from cookies through the use of our website.
  • Zenith may also use closed circuit television (CCTV) and other security measures at its properties that may capture or record your image and information related to your location while you are in Zenith via key cards and other technologies. Zenith may also use other technologies that record sound or video to protect its guests, staff and property.
  • The provision of your Personal Data is mandatory when you make a reservation to stay at Zenith’s hotel and when you check-in to Zenith’s hotel. If you do not provide Zenith your Personal Data, Zenith will not be able to process your registration or reservation, and will therefore result in you being unable to make a booking or stay at the Zenith’s hotel.
  • The provision of your Personal Data is voluntary when you submit your reviews, suggestions or opinions or complete a customer survey related to Zenith.

Purposes of Processing
  • Zenith may use and process your Personal Data for the purposes relating to the business and activities of Zenith which shall include, without limitation: -
    1. to process your registration or reservation to stay at Zenith’s hotel;
    2. to communicate with you regarding your reservation or stay at Zenith’s hotel;
    3. to provide you the goods and services you have requested;
    4. for purposes of billing and payments relating to your stay at Zenith’s hotel and for any goods and services you have purchased or requested;
    5. to respond to questions, comments and feedback from you;
    6. to provide you with a better and more personalized level of service;
    7. to provide for your safety and security as well as the safety and security of staff, guests and other visitors;
    8. to process your requested products or services;
    9. to facilitate your participation in any contests or events;
    10. to administer and communicate with you in relation to our services and/or events;
    11. to process any payments related to your requested service;
    12. for insurance to operate our premises in a manner which is physically safe, secure and befitting of health and safety requirements;
    13. for internal investigations, audit or security purposes;
    14. to conduct and support internal marketing analysis and analysis of customer patterns, choices and engagement with Zenith’s related companies, subsidiaries, holding companies and affiliate companies;
    15. to be collected and stored into a central repository that is accessible by Zenith’s related companies, subsidiaries, holding companies and affiliate companies;
    16. to provide you a more seamless customer experience;
    17. to support research and innovation of our products and services;
    18. to store and carry out data analytics processes;
    19. to improve our products and services;
    20. for matching of loyalty points provided by a third party/business partner to advertise and market products and services to you;
    21. for collaboration with a business partner to advertise and market products and services to you;
    22. to comply with Zenith’s legal and regulatory obligations in the conduct of its business;
    23. to contact you regarding products, services, upcoming events, promotions, advertising, marketing and commercial materials which we may feel interest you;
    24. to send you season greetings, special occasion messages or other similar communications;
    25. to allow third parties to contact you for advertising, promotional or marketing campaigns conducted by any third-party entities;
    26. to ensure that the content from our website is presented in the most effective manner for your and for your computer and/or device;
    27. for Zenith’s internal administrative purposes including auditing, accounting, data analysis and to improve our services;
    28. for Zenith to comply with regulatory requirements and obligations under the law.

      and you agree and consent to Zenith using and processing your Personal Data in the manner as identified in this Notice.

Marketing and Promotional Purposes
  • Zenith may also use and process your Personal Data for other purposes such as to send you updates and news on the latest Zenith’s services, promotions and events which may be of interest to you, by way of post, short message service (SMS), email and/or social networking sites.
  • If you do not consent to Zenith processing your Personal Data for the purposes listed in Section 7 please notify Zenith using the contact details stated in Section 11 below.

Disclosure to Third Parties
  • Your Personal Data may be transferred, accessed or disclosed to third parties for the purposes of processing your reservation or for your stay at Zenith. Further, Zenith may engage other companies, service providers or individuals to perform functions on Zenith’s behalf, and consequently may provide access or disclose to your Personal Data to such service providers or third parties. Such third parties include (without limitation): -
    1. information technology service providers;
    2. professional advisors and external auditors;
    3. other entities under The Zenith Hotels & Resorts Sdn Bhd and/or under Zenith;
    4. law enforcement, regulatory and governmental authorities in order to comply with statutory and government requirements.
  • Your Personal Data may also be shared in connection with a corporate transaction, such as a sale of a subsidiary or a division, merger, consolidation, or asset sale, or in the unlikely event of winding-up.
  • Your personal information provided to us is processed by and disclosed to entities (in or outside of Malaysia) within Zenith (including related companies, subsidiaries, holding companies, associated companies and outsourcing partners) for the purposes stated in Section 6 (Purposes of Processing) above. Zenith will ensure that access to your personal information is restricted to staff who are contractually required to process your personal information in accordance with their respective job requirements.
  • Your personal information may be disclosed to relevant third parties (in or outside of Malaysia) as required under law, pursuant to relevant contractual or business relationships, or for the purposes stated in Section 6 (Purposes of Processing) above (or directly related to those purposes). The aforesaid relevant third parties may include the following:
    1. Professional advisors and corporate service providers, including auditors, lawyers, company secretary and consultants;
    2. Advertising and marketing partners;
    3. Payment processors;
    4. Cloud and hosting services;
    5. Customer support and communication;
    6. Market research and survey;
    7. Logistics and shipping partners;
    8. Social media platforms;
    9. Business partners and affiliate networks, including third-party hotels or resorts or shopping mall tenants;
    10. Analytics and tracking providers;
    11. Other service providers and entities, including printing companies, conference/training/event organisers, travel agencies, insurance companies, insurers, utility companies, contractors, property management companies or credit agencies (debt recoveries);
    12. Law enforcement agencies including the local police; and
    13. Relevant governmental authorities, statutory authorities, local council and industry regulators including Bank Negara Malaysia, Bursa Malaysia, Ministry of Health, LHDN/IRB, Personal Data Protection Commissioner, MHTC (Malaysian Healthcare Tourism Council) and/or Department of Statistics Malaysia.

Access & Correction Requests and Inquiries
  • Subject to any exceptions under applicable laws, you may request for access to and/or request correction of your Personal Data, request to limit or withdraw your consent to the processing of your Personal Data in relation to Section 7 above and/or make any inquiries or complaint regarding your Personal Data by contacting: -

    The Management
    No 2, Persiaran Seri Perdana
    Presint 10
    62250 Putrajaya
    Wilayah Persekutuan Putrajaya
    Email: [email protected]
    Tel: +603-8893 6595

  • In respect of your right to access and/or correct your Personal Data, Zenith has the right to refuse your requests to access and/or make any correction to your Personal Data for the reasons permitted under the law, such as where the expense of providing access to you is disproportionate to the risks to you or another person’s privacy.
  • We have implemented reasonable physical, technical and procedural measures to secure your personal information from accidental loss and from unauthorized or accidental access, use, alteration, and disclosure.

Links to Third-Party Websites
  • The Website may contain links to third parties’ websites. Please note that we are not responsible for the collection, use, maintenance, sharing, or disclosure of data and information by such third parties. If you provide information directly to such sites, the privacy policy and terms of service on those sites are applicable and Zenith is not responsible for the information processing practices or privacy policies of such sites.

Personal Information from Minors
  • Zenith does not knowingly collect Personal Data from individuals under 18 years of age. As a parent or legal guardian, please do not allow the minor under your care to submit Personal Data to Zenith. In the event that such Personal Data is given to us, you hereby consent to the processing of the minor’s Personal Data and personally accept and agree to be bound by this Notice and take responsibility for his or her actions.

Governing Law
  • This Policy shall be governed in all respects by the laws of Malaysia. For the avoidance of doubt, the applicable data protection laws will apply to the processing of your Personal Data.

Revisions
  • This Policy will be reviewed from time to time by us. We may also update this Policy to take into account of new laws and technology, changes to our business operations and environment. We shall notify you by posting an updated version of this Policy on our websites.
Sign up for our exclusive offers
Subscribe Now