Personal data protection flipbook summary

Page 1

Personal Data Protection Awareness Training

For Internal Use


2

Personal Data Protection

PERSONAL DATA refers to any data that can identify an individual

PERSONAL DATA PROTECTION refers to regulating and safeguarding the collection, use, disclosure and retention of individuals' personal data

Shangri-La is RESPONSIBLE for personal data in its possession/control


3

Importance of Personal Data Protection Responsibility

Compliance

Reputation

Keep our guests and employees data secure & confidential

Comply with diverse and evolving legal and regulatory landscape across the globe

Build upon the trust and confidence our guests and employees have in Shangri-La

Productivity

Data breach may cause operation downtime and other time-consuming issues


4

Shangri-La Personal Data Protection - Highlights


5

Front Desk Make sure you use the latest Guest Registration Card which sets out the Personal Information Collection Statement. Draw guests’ attention to Direct Marketing section in the latest Guest Registration Card.

Pay attention when collecting personal data to ensure that it is accurate and complete.


6

Health Club & SPA Do NOT force guests to provide their health and fitness data if they are not willing to. Keep all guests’ personal data secure and confidential.

Keep all payment data secure at all times.

ALWAYS refer to the updated version of Shangri-La policies, forms and templates related to personal data protection.


7

Vendor Management Vendors/strategic partners MUST abide by Shangri-La’s data protection, security and retention policies when handling personal data on behalf of Shangri-La.

Vendors/strategic partners should NOT use any shared personal data for direct marketing unless authorized to do so.


8

Events Do NOT force event attendees to provide their personal data or business cards to Shangri-La. . Providing business cards does NOT amount to consent to receiving marketing information from Shangri-La.

Discard all personal data collected immediately after the event in a secure manner.


9

Sales & Marketing Obtain written consent before sending direct marketing materials.

Do NOT send marketing materials about goods and services which are not covered in direct marketing consent forms.

Do NOT send marketing materials to guests who withdrew their consent, or subscribed to a Do-Not-Call Register.


10

Human Resources Shangri-La keeps all employees’ personal data confidential and ONLY use for purposes set out in the Employee Personal Information Collection Statement. If you need to access and update your own personal data, contact your HR Department.


11

Data Protection Officer An individual has the RIGHT to access, correct/rectify, request deletion/erasure, or restrict or withdraw consent to processing their personal data, a right to object against profiling and a right to data portability under applicable law.

If you receive any personal data request, contact the DPO at dataprotectionofficer@shangri-la.com.


12

Updated Forms/Templates

 Shangri-La's Website/ App Privacy Policy  Guest Registration Card  GC and The Table Enrolment Forms  Health Club & Spa Forms  Post-Stay Survey Form  Wi-Fi Terms and Conditions  Candidate Data Protection Notice  Employee Data Protection Notice  Data Protection Addendum for Strategic Partners  Data Protection Addendum for Third Party Vendors


13

Risk Management

Receive an enquiry/ request/ complaint from an individual or suspect misuse of personal data

1 2

Notify the DPO immediately

The DPO takes appropriate actions, which may include internal investigation

3 4

The DPO notifies affected individual(s), the relevant regulators, and any relevant third parties where appropriate


14

Summary Shangri-La takes personal data protection very seriously. 1. We VALUE and RESPECT the privacy of the personal data we collect from our guests, employees, business partners and service providers.

2. We COMPLY with data protection laws and AIM to offer a UNIFORM and HIGH STANDARD of personal data protection across our global operations. 3. We EXPECT our hotels, employees and contractors to abide by these principles.


This flipbook is meant for internal use. Version as of 8th May 2018.

For enquiries, contact dataprotectionofficer@shangri-la.com


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.