The purpose of this policy is to outline the Company’s commitment to ensuring all customer’s personal information is collected, stored, and disclosed in accordance with the spirit and intent of the Personal Information Protection and Electronic Documents Act (PIPEDA).
Personal information is defined as all data regarding an individual that aids in determining the identity of the person as a customer as well as verification of their ability to pay all charges incurred. This policy covers the following areas when handling a customer’s personal information;
- (a) Purpose/Limitation of collection — Only that information required by the company and by the Tourism Development Act & Regulations shall be collected from the customer. Information shall be collected for the following purposes;
- – To facilitate check-in, and provide personal services
- – To establish customer’s identification
- – To protect the customer and company from fraud and error
- – To provide the company with information for marketing purposes
- (b) Limiting Disclosure — Personal information shall only be disclosed to external organizations that require such information by law. Associated and related companies may be granted access to customer information for marketing and/or promotional purposes. All other requests for information shall require consent from the customer. Consent may be either express or implied. For example, express consent may be given by a customer, in writing, to authorize the company to provide their employer with accommodation information. Implied consent occurs when a customer signs a registration form, an invoice, or credit card slip; in these situations the customer is authorizing the company to collect for charges incurred.
- (c) Accuracy — All customers must provide the company with accurate information. Any inaccuracies discovered shall be corrected, or should be brought to the company’s attention by the customer for correction.
- (d) Safeguards/Individual Access — All current information shall be stored in a secure manner, accessible only by those staff with a specific need. When a customer’s information is no longer required for immediate use, it shall be securely stored under the control of the hotel manager. All information stored electronically may only be accessed through passwords by authorized users. Information shall be retained for a sufficient period of time to support Canada Revenue Agency’s financial record keeping requirements (typically 7 years).
- (e) Resolution Process — Any inquiries, concerns or complaints regarding the handling of customer information may be directed to the company’s head office for evaluation. Further information may also be obtained from The Office of the Privacy Commissioner of Canada at 1-800-282-1376.