- What information do we collect about you?
- How will we use the information about you?
- Your rights.
- Keeping your information.
- Sharing your information.
- Our Legal Basis for using your personal information.
- How we secure your information.
- How to contact us.
What information do we collect about you?
At various times, we will be obliged to ask you, as a YAYS guest, for information about you and/or members of your family, such as:
- Contact details (for example, last name, first name, telephone number, email);
- Personal information (for example, date of birth, nationality);
- Information relating to your children (for example, first name, date of birth, age);
- Your credit card number (for transaction and reservation purposes);
- Your arrival and departure dates;
- Your preferences and interests (for example, preferred floor, type of bedding, type of newspapers/magazines, sports, cultural interests); and/or
- Your questions/comments, during or following a stay in one of our aparthotels.
The information collected in relation to persons under 18 years of age is limited to their name, nationality, and date of birth, which can only be supplied to us by an adult.
How will we use the information about you?
We use your information in a number of different ways, primarily to fulfil a contract and also provide excellent service to our customers — what we do depends on the information. The tables below set this out in detail, showing what we use the information we collect for.
|Personal Information||What we use it for.|
|Contact details||To manage the reservation of rooms and accommodation requests and other aparthotel services.
To manage your stay at the aparthotel, room lists, special requests and services.
To monitor your use of aparthotel services.
To manage invoicing and payment records.
|Personal information||To improve aparthotel services, to input to our marketing programme, to assist promotion of our services, and adapting our products.|
|Information relating to your children||Limited to nationality and D.O.B. only supplied by an adult. Used to manage their stay at the aparthotel.|
|Credit card number||To guarantee bookings and to take payment.|
|Loyalty Membership number||To record us of services and supply rewards.|
|Arrival and departure dates||To manage your aparthotel booking.|
|Preferences and interests||To enhance customer stays at our aparthotel and to customise and improve the services we offer.|
|Device technical details||To manage the provision of services at our properties that you may wish to connect to, such as, wifi and room TVs.|
|Questions / comments||To collect feedback to improve our services and monitor customer experience.|
You have rights relating to your personal information:
- The right to be informed about how your personal information is being used (like this notice!);
- The right to access the personal information we hold about you;
- The right to request the correction of inaccurate personal information we hold about you;
- The right to request that we delete your data, or stop processing it or collecting it, in some circumstances;
- The right to stop direct marketing messages, and to withdraw consent for other consent-based processing at any time;
- The right to request that we transfer or port elements of your data either to you or another service provider; and
- The right to complain to your data protection regulator — in the Netherlands, the relevant supervisory authority is the The Dutch Data Protection Authority. You can contact them via their web-form at https://autoriteitpersoonsgegevens.nl/en or call the helpline on (+31) – (0)70 – 888 85 00.
If you want to exercise your rights, make a complaint, or just have questions, please contact us. There are details in the ‘contact us’ section at the end of this document.
Keeping Your Information
We’ll hold on to your information for as long as you have a booking with us, and for as long as is necessary to provide support-related reporting.
We’ll also hold on to your information if reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. We may also keep hold of some of your information as required, even if it is no longer needed to provide the services to you.
Sharing your Information
We may share your data with third parties as necessary to administer the working relationship with you or where we have another legitimate interest in doing so. We require a written data protection agreement with third parties and ensure they respect the security of your data and treat it in accordance with the law.
Examples of third parties would include the following:
- Affiliated entities and group companies;
- Payment partners; and
- Property Management Systems.
The above list is not exhaustive and may be subject to change.
Our Legal Basis for using your personal information.
We only process your personal information when we have a legal basis to do so. This depends on the purpose of the processing
We use the following lawful basis to process your data;
To allow us to fulfil our contract with you. We need to collect and process your personal information to supply and administer services. Objecting to providing this information may mean we will be unable to provide services to you.
We will sometimes need your personal information to comply with existing legal or regulatory requirements.
To allow us to manage and protect our business interests and to supply, improve and tailor our services.
We may request your consent to process your personal information, but you will always be able to remove this consent. If you remove consent, we will stop any processing of your personal information.
How we secure your information
YAYS takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are aligned with widely accepted international standards, and we apply the controls detailed in the Payment Card Industry Data Security Standard to all environments storing personal data. These standards are applied and are reviewed regularly and updated as necessary to meet our business needs, changes in technology and regulatory requirements.
Policies and procedures
- We have measures in place to protect against accidental loss and unauthorized access, use, destruction, or disclosure of data;
- We have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our clients and to protect our people and assets;
- We place appropriate restrictions on access to personal information;
- We implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely; and
- We conduct Privacy Impact Assessments in accordance with legal requirements and our business policies.
Training for employees and contractors
- We require privacy, information security, and other applicable training on a regular basis for our employees and contractors who have access to personal information and other sensitive data; and
- We take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions.
Vendor risk management
- We require, through the use of contracts and security reviews, our third-party vendors and providers to protect any personal information with which they are entrusted in accordance with our security policies and procedures.
We would like to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes or from giving your information to other affiliates of YAYS Operations B.V. If you no longer wish to be contacted for marketing purposes, please click here.
Google Tag Manager
Changes to how we protect your Privacy
We may change this page from time to time, to reflect how we are processing your data. If we make significant changes, we will make that clear on our website, or by some other means of contact such as email, so that you are able to review the changes before you continue to use our services.
How to contact us
- Have any questions or feedback about this notice;
- Would like us to stop using your information; and/or
- Want to exercise any of your rights as set out above or have a complaint.
You can contact our privacy team by emailing us at: firstname.lastname@example.org
Or if you’d like, you can write to us at:
Data Protection Officer