Privacy Policy
Merom Golan Tourism Hotel
Privacy Policy
Updated last on February 14, 2021
The Merom Golan Tourism Hotel is located at the Merom Golan kibbutz located at PO.BOX 1243600in the North Ramat Hagolan, Israel (“Hotel” and/or “We” and/or “Us”). We respect the privacy of the users (“Users” and/or “You”) of our website which is located at https://www.meromgolantourism.co.il/(“Site”). This Privacy Policy describes, amongst other things, the methods of collection, use, transfer and/or distribution of User generated data through using our Site (“Privacy Policy”). Additionally, this Privacy Policy describes the purpose of use with respect to any such User generated data including storing, processing and/or transferring such data to third parties. Our Site is operated by the Hotel by means of an outsourced service provider – Simplex Ltd – identified at the following web address: https://www.simplex-ltd.co.il. The Hotel has engaged Simplex by means of a written third-party contractual agreement for the purpose of managing the Site on behalf of the Hotel. Any use of the terms “Hotel” and/or “Us” and/or “We” used in this Privacy Policy also include the terms “and/or any party acting on our behalf”.
1. Informed Consent
1.1. Please read this Privacy Policy very carefully before you use our Site and/or the accept the services described hereto (“Services”). By using the Site and/or accepting our Services, you are granting your informed consent to the terms that appear in this Privacy Policy and your consent to the purpose of use of information that is collected from you thereto, all according to the Israel Protection of Privacy Law – 1981 (the “Privacy Protection Law”). If you do not agree or consent to any of the terms set forth in this Privacy Policy, you are hereby requested not to use our Site or accept our Services.
1.2. When using the Site and/or accepting the Services, you are voluntarily providing us with information about you, and you agree that we may use such information in the manner set forth below.
1.3. You acknowledge that the information that you provide, or will provide to the Hotel, whether in writing, orally or digitally, is subject to your consent and you are not legally bound to provide any such information.
2. Methods of Collecting Information
We collect information (as defined) in the following manner:
2.1. By using our Site;
2.2. Through our social media platforms provided by third parties such as Facebook, Instagram and Twitter (“Social Media Services”).
2.3. Through other means such as: (a) calling our call center, and/or (b) corresponding with is by email, and/or (c) filling out forms for our Members Club, and/or (d) physically arriving at our premises and providing us with information (“Additional Methods of Communication”);
2.4. In this Privacy Policy, our “Services” include Social Media Services and Additional Methods of Communication.
3. Collecting Information
The Hotel collects the following information from you:
“Personal Information” means any data and/or information that identifies you as an individual and/or that refers to a specific person as such term is defined in the Privacy Protection Law.
3.1. Contact Details, may include: Full Name, Email, Residential Address, Phone Number, Cell Phone Number, Fax number (all as provided);
3.2. Means of Payment, may include: any form of payment, credit card number, CVV, expiration date, billing address, account number. It is important to know – to the extent that you provide your credit card number on the Site, for the purpose of carrying out an order, the details of your credit card will not be saved in a database that is owned or managed though the Site, rather it will be encrypted and delivered directly to the Hotel. The Hotel will transfer your credit card information in an encrypted manner to the credit card company or clearing company and will not save such information thereafter.
3.3. Personal Data, may include: ID Numbers, Passport Numbers, Age, Sex and Citizenship;
3.4. Information About Additional Guests (including family members), may include: Names, Age, ID Numbers, Passport Numbers, Phone Numbers, Cell Numbers and Emails.
3.5. Information About your Stay at the Hotel, may include: your arrival dates and departure dates, the services acquired through our Site, personal preferences, schedule of phone calls made from your room, and other technical details about your stay at the Hotel including any messages you receive though our Hotel services and in-room phone line.
3.6. Information about your Order, including the password you choose for entering your online account on our Site.
3.7. The Hotel’s Member Club and Direct Marketing. If you select to join our Members Club, you will be asked to provide identifiable information which will be saved for direct marketing purposes (email communications) and other benefits according to the Members Club policies in effect. During your registration for our Members Club, you will approve the use of your identifiable information for these purposes (Opt In). You may remove yourselves (Opt Out) from our direct marketing mailing lists at any time in the manner set forth in this Privacy Policy. The direct marketing mailing system, is managed on behalf of the Hotel by a third party called Active Trial (who has engaged in a written agreement with the Site operator).
3.8. Electronic Information. Including browser data statistic, IP addresses and other information collected through use of Cookies and Pixel Tags. Such information is saved on our servers logs together with our Site usage data, and analyzed with an online analytics system provided by Google (Google Analytics). For further information, please refer to our Cookie Policy. We use the electronic information, gathered by your use of the Site with Cookies and Pixel Tags, for the purpose of understanding User trends, for improving the Electronic Order offering and for gathering statistical information.
3.9. Information about Third Parties. Including information provided to the Hotel (Including Personal Information) about third parties (for example, in the event you place an Order on behalf of someone else). Please Note – you declare that you have received the consent of any such third party to provide their information and you are authorized to do so according the terms set forth in this Privacy Policy, the third party permits the Hotel to use the information provided according to the terms set forth hereto.
3.10. Information Collected Whilst Using Online Services. Including when using the online ordering system, purchasing goods, contacting the Hotel and its representatives in any manner, and when participating in surveys, competitions and by providing feedback.
3.11. Physical Presence at the Hotel. When visiting the Hotel, when staying at the Hotel as a guest and when using the services provided by the Hotel. Additionally, personal information is collected when you participate in marketing events and promotional events as guests at the Hotel and/or events that the Hotel hosts and/or when you provide information whilst participating in any event sponsored by the Hotel. We also collect information using closed circuit cameras (CCTV) positioned for security purposes in certain public areas on premises in the Hotel, and from use of electronic keys, and from other security devices onsite.
3.12. Other Sources. Including receiving personal information from third parties including from travel agents, other clubs and membership associations, credit card companies, and the authorities (if applicable to conform to applicable law), survey companies, and other service providers who interact with the Hotel.
4. Purpose of Use of the Information
4.1. Data Processing. We will process your information with respect to any Orders or transaction you carry out with the Hotel including through our Site. We will use the information you provide to complete your Order, to provide our services, to personalize our services to your preferences, and to received feedback about your stay at the Hotel, including saving records of all such interactions and transactions according to applicable law.
4.2. Customer Relations (Including our Members Club). The Hotel will process your information to offer you services based on your preferences as we understand them prior to, during and after your stay at the Hotel.
4.3. Responding to your Communication with Us. The Hotel will process your information in order to respond to any communication you initiate with Us. The information you provided during such communication will be used for such communication and stored in our records.
4.4. Legitimate Business Interests. The Hotel will process information for legitimate business interests including, developing new services, improvement of the Site, improvement of the Services, identifying trends and recurring events, optimization, marketing, promotional activities, assessing third party services, management of offer and demand for rooms in the Hotel, understating prospective vacancies and occupation of the Hotel rooms, and meeting ongoing Hotels obligations. The information used for these activities, if used, will undergo pseudonymisation.
4.5. Updates. The Hotel will process information in order to send updates about the Site, and notify about any changes in our Terms of Use and/or to our Privacy Policy or other information (for example, information out Orders than have been placed – by email for Order confirmation and/or Cancellations etc.).
4.6. Marketing and Promotion of the Hotel Services. The Hotel will process information in order to prepare marketing and promotional activities including with respect to products and services that in our opinion would interest our Users about the Hotel, including with respect to our spa, gym, bars, restaurants etc.
4.7. Safety and Data Protection. The Hotel will process the information in order to safeguard the safety and health of our guests and any other individuals onsite (including our staff) and in order to comply with the Protection of Privacy Regulations (Data Security) – 2017 and any other legal requirements.
4.8. Compliance with the Law. Without derogating from the above, the Hotel will process information in order to comply with any law including regulation, guidance and legal proceedings.
4.9. Statistical Use of Information. The Hotel will process information in order to carry out statistical calculations which will not include the use of Personal Information.
5. Legal Basis for Data Collection
The following describes the legal basis for collecting and processing information:
5.1. The legal basis for collecting, storing and processing information is “informed consent” which is obtained from you through this Privacy Policy, our Terms of Use and through the use of our Site for its stated purposes. In some cases, for example when registering for our Members Club and/or when processing an online Order, you may be asked to press an “I accept” button under the Opt-In system which proactively provides your specific consent to those actions.
5.2. In order to comply with any law, regulation, order, guidance, binding case law, president etc.
5.3. Legitimate interests of the Hotel, including legitimate business interests.
5.4. Disclosure, sharing and/or transferring information in the manner described in this Privacy Policy and/or by law.
6. Disclosure, Sharing and/or Transferring Information.
The Hotel will disclose, share and/or transfer information to the following entities, in the following instances:
6.1. To clearing companies and credit card companies that are PCI approved that will receive information directly from you via our Site and Hotel IT systems such as: Pelecard. Additionally, the Hotel may share information with third parties in order to verify and confirm the accuracy of the information that you provide during a clearing event.
6.2. To third parties, in order to provide a better experience (based on your preferences, specific personalization and our ongoing customer experiences) with respect to the Services we provide our Guests during their visit.
6.3. To travel agents that have provided information about you during an Order. We will share information with electronic travel agents and booking companies with whom we are connected through Online Travel Systems (OTS) such as https://www.expedia.com and https://www.booking.com. If you have carried out an Order through https://www.trivago.co.il/ and/or https://www.tripadvisor.com/ then the information that we deliver to them will include your Order Number (if, and only if) you actually completed an Order through them.
6.4. To third party service providers with whom the Hotel has executed a written agreement with respect to the Site and the Services. For example, Simplex, Active Trail, IT providers, Legal Counsel, Accountants, Clearing Companies etc.
6.5. To third parties in the event of a reorganization, merger, sale of all or substantially all of the shares or assets of the Hotel, a joint venture, assignment of rights or duties (including in the event of dissolution, bankruptcy or similar winding up procedure).
6.6. To third parties, if necessary, for the following reasons: (a) to comply with applicable law; (b) to comply with court orders and/or court jurisprudence as part of legal proceedings; (c) to respond to requests and approaches from public or governmental entities; (d) to enforce our terms of use; (e) to protect the business of the Hotel; (f) to protect any rights including rights to privacy, safety of our guests, to protect the Hotels property and the Users of our Site; (g) and to allow the Hotel to received injunctive relief to which it is entitled according to law and/or any contract with intent of mitigating damages.
7. International & Cross-Border Transfer of Information
7.1. The Hotel processes information on its servers within the borders of Israel and protects the information stored on its servers, which are located at the Hotel and through servers that are owned and operated by third parties with which the Hotel (or its Service Providers) have entered into a service agreement.
7.2. None-the-less, the processing and storage of information which is carried out by third parties and/or cloud service providers for and on behalf of the Hotel may be located outside the borders of Israel, such as Google Cloud servers which are located in Belgium. The Site Operator has entered into a Data Processing Agreement with third party providers such as Google Cloud which is one of the leading cloud service providers in the world. Additionally, the Hotel and/or its Service Providers have entered into an agreement with Wideops which is a partner of Google (Google Cloud Premier Partner) and which is certified by Google and by the Hotel to carry out maintenance and supervision of the Hotels databases in the Cloud subject to the agreement with them. Furthermore, the Hotel uses hotel management software which is cloud based. To the extent that the servers of all such software are located outside the borders of Israel, the Hotel has verified that the information processed is being stored according to applicable law according to a Data Processing Agreement with a cloud service provider from at least one of the premier cloud service providers in the world.
7.3. To the extent that the information is stored outside the borders of Israel or in the European Union, our cloud service providers will have undertaken to comply with any applicable laws such as the (GDPR) General Data Protection Regulation.
8. What Rights do our Users have To Access, Modify and/or Limit Processing Information
8.1. The Right To Receive Information About Data Processing Practices: At any time, you may receive access to your Order File and we will make every effort to provide clear and concise information about the processing of your personal information. We will store your password in order to enable you to enter into your Order File. If you request to receive a copy of your password, we will assist.
8.2. The Right To Modify Personal Information: At any time, you may modify your personal information stored in your Order File by contacting the Hotels reservation desk.
8.3. The Right To Erase Personal Information (Subject To Applicable Law And The Following):
8.3.1. The personal information is not required for the purpose it was collected and stored.
8.3.2. You wish to cancel your informed consent upon which the processing of personal information was based, and there is no other legal justification for processing such personal information.
8.3.3. You are able to bring forth substantiated claims that the processing of personal information was not based on any legal basis.
8.3.4. You have requested to be erased from a database or otherwise instructed that your personal information will not be transferred to any person or third party by means of clear written instructions delivered to the Hotel, that clearly states the request to be erased from such database.
8.3.5. The personal information is erased by the Hotel according to any applicable law.
8.4. The Right To Limit Processing of Personal Information
8.4.1. In the event of a dispute with respect to the accuracy of the personal information.
8.4.2. If you are able to bring forth substantiated claims that the processing of personal information was not based on any legal basis but you insist that such personal information is not erased rather only limited in use.
8.4.3. When and if the Hotel no longer needs to process such information but the Hotel needs to consummate, substantiate or protect your rights;
8.4.4. When a legitimate business interest of the Hotel supersedes any rights afforded to a data subject.
8.5. The Right to Transfer Personal Information to Third Parties.
8.5.1. If the basis for processing personal information is your informed consent and/or our terms of use and/or this Privacy Policy, then you are entitled to receive access to the personal information that you provided and/or that was collected from you by the Hotel in a recognized format.
8.6. The Right To Revoke Informed Consent:
8.6.1. When the basis for processing personal information is informed consent, the User may request to revoke such informed consent by any means as detailed in this Privacy Policy.
8.6.2. The revocation of such informed consent will apply towards future processing, and will not apply to information processed prior to the revocation. For the avoidance of doubt, the revocation of informed consent will not render the legitimacy of information processed prior to such revocation. The Terms of Use describe the methods for deleting your information from our systems and revoking your consent.
8.6.3. The User retains the right, to the extent that the user does not wish to be contacted, to ask that its name be removed from our direct mailing lists (by marking the box in any applicable email sent (if sent) to the User or by replying to said mail to the following email address: [email protected]);
8.7. The Right to Determine the Fate of Personal Information After Death
8.7.1. The data subject is entitled to determine the fate of any personal information after death by providing general or specific instructions. The Hotel will respect such instructions. In the absence of such instructions the Hotel recognizes the right that the lawful heirs of a data subject will be entitled to consummate some of the data subjects rights including the right to access personal information, if necessary, with respect to inheritance procedures of the deceased. The right to object to closing an Order File of a deceased data subject and the right to oppose any data processing of personal information with respect to a deceased data subject.
8.8. The Right to File a Complaint with an Applicable Data Protection Authority.
8.8.1. If you feel that even with all our attempts to protect the privacy and secrecy of your personal information, your rights as a data subject have been infringed, then you have the right to file a complaint with the applicable data protection authority.
9. Data Protection & Data Security
9.1. The Hotel applies reasonable organizational and technical measures in order to protect the personal information of our Users on a need-to-know basis, and with respect to unauthorized access, and in order to protect from discovery, disclosure, erasure, loss of information and/or wrongful use.
9.2. The Hotel conducts regular and timely monitoring of the data protection measures that are in use.
9.3. The Hotel manages all the access controls to its IT systems and operates a firewall provided by Google. Additionally, the Hotel regularly carries out privacy training for its employees and with respect to data protection.
9.4. When, and if it becomes necessary to disclose or transfer personal information to third parties or authorized individuals, then the Hotel will ensure that any such third party will undertake upon themselves proper and adequate levels of confidentiality and privacy. The Hotel will require contractual undertakings from any such third parties so that personal information will be processed only for the purpose for which the informed consent was granted and according to appropriate levels of confidentiality.
9.5. If, for any reason, You feel that the communication with the Hotel is not secure (for example, if you feel that the Hotel was hacked) please contact us immediately at our contact details set forth below.
10. Retention of Information
Subject to applicable law, the Hotel will store Personal Information only for such period as required to implement the following principles:
10.1. The purpose for which the information was provided or collected.
10.2. The legitimate business interest of the Hotel including storing information.
10.3. Any requirement to store information that may be relevant to regulatory investigation or legal proceedings/
10.4. Compliance with any law, regulation, judicial order, legal proceeding including court orders and or discover required by government bodies or others.
10 To fulfill any other legitimate interest of the Hotel or third parties acting on the Hotels behalf including with respect to legal proceedings in which the Hotel or anyone on their behalf become a party.
.5.
11. Sensitive Information. Other than if specifically requested otherwise, the Hotel requests not to provide or disclose whilst using the Site or the Services (or any other way) any sensitive information (for example: social security entitlements or numbers, information pertaining to race, ethnicity, political views, religion, ideology or other beliefs, health information, biometric information, genetic information, criminal records, legal or administrative proceedings that are being imposed or conducted against any User etc.).
12. Use of the Site or Services by Minors.
12.1. The Hotel knowingly collects information about individuals under the age of 18 as part of the guest registration process, however any such collection is always subject to parental or guardian supervision of such minor. Individuals under the age of 18 are not permitted to register to our Site.
13. Updates and Modifications. The Hotel is entitled to update or modify this Privacy Policy from time to time at its discretion and according to applicable law. In the event of a material update or modification to this Privacy Policy, we will actively update any Users that have (a) granted consent for us to communicate with them directly through direct marketing; and/or (b) if such update of modification applies to them. Additionally we will clearly update the Site regarding any such material changes.
14. Contact Details. If you have any questions about this Privacy Policy or about the Hotel’s practices with respect to Privacy, please contact our data privacy representative at [email protected].