Privacy Policy

CHM Hotels recognises each individual's data privacy rights and is committed to complying with the new Personal Data Protection Act 2010. Personal information that you have provided to our hotels in the past is processed by CHM Hotels.  You may view our Privacy Policy at any time to understand our collection and use of your personal information and exercise your rights in respect of the same. If you have any inquiries, please contact us at comm@cititelpenang.com.

A cityscape of The Cititel Penang Hotel

PDP clause

PERSONAL DATA

1 For purposes of this document, the expression “personal data” shall bear the meaning as defined by the Personal Data Protection Act 2010 (“PDPA”), and includes “sensitive personal data” (as also defined by the PDPA
2

2.1 the data provider covenants that the provider of such personal data has acknowledged, confirmed and consented to the company, and 2.2 the data provider hereby acknowledges, confirms and consents to the company collecting, recording, holding, storing, using, dealing with and otherwise processing such personal data, for any of the following purposes:-

  • (i) for the company’s record-keeping in the ordinary course of its business;
  • (ii) to administer and give effect to the commercial transaction and the management and/or enforcement thereof, and to contact and communicate with the data provider and/or the organization and/or such other persons or companies as represented by the data provider; 
  • (iii) to enable the company to inform the data provider and/or the organization and/or such other persons or companies represented by the data provider regarding the company’s products, services, upcoming events, promotions, advertising, marketing and commercial materials (including emails, SMS or other means) and/or to be used in, to provide and/or to improve the services of the company, analyzing consumption patterns and choices, market surveys, processing invoices and payments (including card payments) and providing other services to enhance and support the relationship of the data provider and/or the organization and/or such other persons or companies represented by the data provider;
  • (iv) to enable the company’s compliance with its obligations under any law, rule, regulation, by-law, order, guideline, directive, policy and such other requirements in force and as amended from time to time relating to the commercial transaction and/or relating to the conduct of the business or activities of the company. 

The data provider, the organization and/or such other persons or companies represented by the data provider respectively referred to above further acknowledge that information given or the request made by the data provider and/or the organization and/or such other persons or companies represented by the data provider leading to the provision of any personal data is sufficient, accurate, complete and not misleading, and that such personal data is provided voluntarily and is necessary for the purposes set out above. 

3 Where personal data is requested, the data provider, the organization or such other persons or companies represented by the data provider has the option not to provide additional information requested other than the information which the company has indicated as necessary to facilitate the commercial transaction. If data provider does not complete the required fields for itself or on behalf of the organization or such other persons or companies represented by the data provider as the case may be, the company will not be able to offer the services and/or fulfill the request of data provider and/or the organization and/or such other persons or companies represented by the data provider. 
4 In connection with the purposes above, the company is hereby permitted to disclose such personal data to the relevant authorities, the company’s successor in interest, sponsors, advertisers,  solicitors, insurers, adjusters, other advisers, suppliers, contractors and/or service providers, and the company’s parent company, related and associated companies, affiliates and partners, some of whom may be outside Malaysia, who may undertake administrative, management and operational functions for or on behalf of the company in respect of or arising from the commercial transaction or to support sales, marketing, promotion and/or advertising efforts. 
5 In the event of a sale of business, disposal, acquisition, merger or reorganization involving the company or the assets of the company to another party, personal data may be required to be disclosed and/or transferred to the other party as part of the process of sale, disposal, acquisition, merger or reorganization. The data provider acknowledges and covenants that the provider of such personal data has acknowledged, confirmed and consented to the company that such disclosure and transfer may occur and hereby permit the company to release the personal data to the other party and its advisers and representatives and that the other party has the provider’s consent to process such personal data
6

The provider of such personal data may request in writing for access to and to request for correction of personal data in accordance with the PDPA. In the event of such request, or if the provider of such personal data has an inquiry or complaint in respect of the company’s handling of such personal data, the provider can contact:- 
 
Cititel Hotel Management Sdn Bhd.                                                                                                                                                                                                                  Unit A-8-1 & 2, Northpoint Offices, Mid Valley City. No 1, Medan Syed Putra Utara, 59200 Kuala Lumpur, Malaysia. 

Email: admin@chm-hotels.com Tel No: 603 2081 1188