The Highest Standards of Data Governance
TLC DigiTech Pvt. Ltd. (Formerly TLC Relationship Management Pvt. Ltd.) which includes group companies and their affiliates Goodtimes Marketing Pvt. Ltd, SLS Software Pvt. Ltd, TLC EMarketing Pvt. Ltd, TLC International Limited, Nairobi Kenya and TLC International W.L.L. Bahrain (hereinafter referred to as TLC), recognizes that privacy is important to its customers. We are transparent about how we collect, store, use and disclose data and make it easier for you to understand and exercise choices available to you in this regard.
This Privacy Statement describes the privacy practices of the TLC for the data that we collect
- Through the software applications made available by us for use on or through computers and mobile devices (the “Apps”)
- Through e-mail messages, online directories, public databases and digital campaigns including on third party sites through google, affiliate marketing, blogs, influencers, forums, internet search etc. that we use and through your communications with us (collectively, our Digital campaigns)
- Through our various offline interaction including voice, print, direct at client sites - hotels, RWAs, corporate presentations, events, retail malls, airports, public directories and others
- Whenever you enroll, use and access services linked to the membership programs we manage
- Through voice calls outbound and customer services, emails, messages and all other form of communication received from you including details of references for memberships and your family details
- Data received through our Business Partners and Third Parties
- Any other data received from Internet Connect Devices
If you fail to provide certain information when requested or withdraw the consent of use of your personal information or provide us incomplete or inaccurate information, we may not be able to perform the contract we have entered into with you (such as providing membership benefits), and we may also be prevented from complying with our own legal obligations.
IDENTIFICATION: WHO WE ARE & WHAT WE DO
NAME OF THE COMPANY: TLC DigiTech Pvt. Ltd. (Formerly TLC Relationship Management Pvt. Ltd.)
REGISTERED OFFICE: 501, Salcon Aurum, Jasola District Centre, New Delhi-110 025, India
EMAIL: [email protected]
DATA PRIVACY OFFICER (DPO) MAIL: [email protected]
This Policy is part of the Terms and Conditions of the membership program you enroll for (as detailed in the program brochure) or any marketing and sales promotion to acquire new members run by TLC or its group companies.
By providing us with your information as described above, you are expressly agreeing to our terms and conditions, including the terms of this Policy. If you do not consent to the collection, use, disclosure and transfer of your personal information as described in this Policy, you may choose not to provide us the information as described above.
2. NATURE OF DATA: PERSONAL INFORMATION / DATA
As used in this Policy, the term “personal information/data” means information that identifies you personally, either alone or in combination with other information provided by you and now available with us. This information that we collect directly from you typically includes your name, mailing address, telephone numbers, e-mail address and other information needed to manage your membership effectively. We use your personal information to administer the Program, respond to your queries and communicate with you about Program related offers, transactions and ancillary services. The personal information/data you provide directly to us could include the following with several fields being optional which are clearly communicated as ‘optional’.
- your full name and contact information as above
- date of birth
- date of anniversary
- company / work details and GSTIN number
- spouse name, date of birth and contact details (email and mobile)
- user ID codes or Activation codes provided by us or changed by the Member to access program management Apps and Sites
- geolocation data
- Membership use and transaction information, including your dining details, use of facilities like spa, pool and health club, the hotels where you have stayed, date of arrival and departure and related spend details
- goods and services purchased, special requests made, your service preferences
- your credit card, mobile payment and other payment details provided while making payments towards your membership or a reservation to guarantee the same
- any information necessary to fulfill special requests under the membership program (for example, dining, leisure, travel and stay preferences)
- your membership details received through any of our Program Partners
- your reviews, feedback and opinions about our programs and services
- social media account ID, profile photo and other social media data publicly available, or data made available by linking your social media details and the loyalty membership accounts
- data about family members and companions, such as names and ages of children
- data provided by you of friends and family to be referred to the membership program, typically name, mobile number and email
- any other personal data you choose to provide to us
SENSITIVE PERSONAL DATA THAT WE DO NOT COLLECT
TLC as a matter of policy never seeks, collects, processes or retains any of the Special Categories of Personal Data as mentioned in the GDPR, which are data/information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
TLC also as a matter of policy also never seeks, collects, processes or retains any of the Sensitive Personal data or Information as defined under the applicable Indian Laws. Sensitive personal data or information of a person under Indian Information Technology law means such personal information which consists of information relating to;— (i) password; (ii) financial information such as Bank account or credit card or debit card or other payment instrument details ; (iii) physical, physiological and mental health condition; (iv) sexual orientation; (v) medical records and history; (vi) Biometric information; (vii) any detail relating to the above clauses as provided to body corporate for providing service; and (viii) any of the information received under above clauses by body corporate for processing, stored or processed under lawful contract or otherwise: provided that, any information that is freely available or accessible in public domain or furnished under the Right to Information Act, 2005 or any other law for the time being in force shall not be regarded as sensitive personal data or information for the purposes of these rules.
For the purpose of clarification, credit or debit card data received by us to enable a transaction, example purchase of a membership program or to guarantee a reservation is used only for that transaction and is never stored by us. Further, if an activation code for a Program is sent by us and converted into a changed Password by the Member, then that will be stored with us for the purpose of facilitating the access of the Membership to that Member. Activation codes and passwords are encrypted and credit / debit card data follow PCI DSS certification.
3. HOW WE COLLECT PERSONAL DATA
TLC collects Personal Data in a variety of ways
- Online Services - We collect Personal Data when you make a reservation, purchase goods and services from our Websites or Apps, communicate with us, or otherwise connect with us or engage with our social media pages and Digital campaigns, or sign up for a newsletter or participate in a survey, contest or promotional offer. We also collect data from publicly listed profiles on social media and through Internet search.
- Offline Interactions - We collect Personal Data when you visit our client properties or use on-property services and outlets, such as restaurants, concierge services, health clubs, child care services, and spas. We also collect Personal Data from public directories, when you attend presentations, promotional events that we host or in which we participate, or when you provide your Personal Data to facilitate an event.
- Program Centers - We collect Personal Data when we communicate with you over the phone or Email, chat for program related and promotional calls, or you communicate with us to make a reservation, communicate with us by email, fax or via online chat services or contact customer service. These communications may be recorded for purposes of quality assurance and training.
- Enrolment on Membership Programs - We collect personal details as described above in Clause 2 when you enroll in a membership program with us.
- Strategic Business Partners - We collect Personal Data from companies with whom we partner to provide you with goods, services or offers based upon your experiences at our client properties or that we believe will be of interest to you (“Strategic Business Partners''). Examples of Strategic Business Partners include credit card companies, on-property outlets, travel and tour partners, timeshare partners, rental car providers, other membership programs, airlines and travel and dining booking and discovery platforms. Strategic Business Partners are independent from the TLC Group.
- Other Sources - We may collect other Personal Data and/or Non-Personal Data from other sources, such as public databases, joint marketing partners, member referrals, internet search and other third parties. The information that we collect as a part of the Referral Program is used only for the purpose of marketing the Program. We store the received referral details only if the referral shows interest and allows us to send further communication upon being contacted. If the referral opts out of receiving communication from us, we erase his / her data at the first instance.
- Physical & Mobile Location Based Services - We collect Personal Data if you download one of our Apps or choose to participate in certain programs. For example, we may collect the precise physical location of your device by using satellite, cell phone tower, Wi-Fi signals, or other technologies. We will collect this data if you opt in through the App or other program (either during your initial login or later) to receive the special offers and to enable location-driven capabilities on your mobile device. If you have opted-in, the App or other program will continue to collect location data when you are in or near a participating property until you log off or close application (i.e., the App or other program will collect this data if it is running in the background) or if you use your phone’s or other device’s setting to disable location capabilities for the TLC group App or other program.
4. WHAT WE DO WITH THE DATA WE COLLECT AND FOR HOW LONG WE KEEP IT
TLC collects your data, including Personal Data, to fulfill its obligations to operate the customer loyalty program.TLC uses the personal data collected to acquire new Members and personalize and customize their loyalty membership programs for enhancing the overall experience of the existing members. The contact details are primarily used for passing on all kinds of information related to their membership account and it includes notifications, benefits, new offers, discounts, special packages and deals, renewals, post renewal offers, lapsed membership communication etc. that a member is eligible to. We may contact you for administrative purposes, such as confirming a transaction you may have made, informing you of your Account status, informing you of important Program changes, or inviting you to reconsider your privacy preferences. We further use the personal information of the member and their family members (wherever applicable) to offer special services on their birthday, anniversary, etc. We further use the information provided by the members pertaining to preferences/likings and interests to tailor-make and customize our offerings accordingly. Depending on the member’s request, the personal data collected will be processed by TLC in accordance with the following purposes
- To inform you about membership programs you may be interested in
- To manage our contractual relationship with you under the loyalty membership program when you are a member with us, because we have a legitimate interest to do so and/or to comply with a contractual or legal obligation
- To manage and facilitate the bookings and reservations made in advance, confirmations or pre-arrival messages
- To personalize the services according to your preferences
- To manage subscription to the newsletter and subsequent sending of this
- To communicate with you about goods and services according to your personal preferences
- To manage the member’s contact requests with TLC through the channels provided to this end
- To manage surveys and/or evaluations regarding the quality of the services provided by TLC and/or the perception of its image as a company
We keep your personal information till the fulfillment of the purpose for which it was collected, or until our relationship with the hotel partner or Program Partner offering the loyalty membership program terminates. This means that we will keep your information for as long as you continue to be a member with any of our programs for fulfillment of the legal and contractual obligations entered into by the members by accepting the loyalty membership.
In case you cease to be a member or a User, we will retain your details for a further period of 36 months post expiration of the membership or your last transaction with us to fulfill our obligations to manage the loyalty membership program, and under applicable laws. This information would also help us communicate to you any new benefits that you may receive with a renewal of membership as well as allow you to easily rejoin when you wish to, within that period. Please note that you can always choose to opt-out from receiving such communications and also raise a request for removal of your information/data post expiry of your membership by a click-through on each email you receive from us.
In case our relationship with the hotel partner or Program Partner offering the loyalty membership program terminates, TLC or such relevant hotel partner or Program Partner will seek your written consent to use your data available through the membership program, including Personal Data and in the absence of such written consent, will destroy all copies of such data. In this event, our liability towards you will terminate with immediate effect, and TLC will not be responsible for any losses or claims in relation to your data, including Personal Data after such transfer or destruction of data.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, disclose it to unrelated third parties or there is a change in our policies, we will notify you and we will explain the legal basis which allows us to do so.
5. COLLECTION OF OTHER DATA
- Our web server collects the following access log information: click-stream data and HTTP protocol elements and also access logs containing this information. The data may be used by us and our agents for the following purposes
- Web site and system administration
- Research and development
- To administer our website and for our Email campaigns, we track and analyze anonymous usage and volume statistical information from our visitors and members. All data collected are owned and used solely by us or on behalf of our marketing partner. Such information is shared externally only on an anonymous, aggregated basis.
- We use clear gifs, also known as "Web beacons": tiny graphics, with a unique identifier that help us to improve the visitor experience, to manage our site content, and to track visitor behavior.
- In the event of registration and/or access through a third party account, TLC may collect and access certain information of the member’s profile from the corresponding social network solely for internal administrative purposes and/or for the purposes indicated above.
- User Information: We collect the following user information: unique identifiers which may be used for
- completion and support of the current activity
- anonymous user analysis
- anonymous user profiling and decision making
- contacting visitors for the marketing of services or products (the user may opt out of this usage)
- Such data is classified as “Non-Personal Data”, a type of data that generally does not reveal your specific identity or does not directly relate to an individual. To the extent non-personal data reveal your specific identity or relate to an individual, we will treat non-personal data as personal data. Other non-personal data mainly includes
- Browser and device data
- App usage data
- Data collected through cookies, pixel tags and other technologies
- Demographic data and aggregated data
- Your IP address
- Google and adobe analytics
- You can choose whether to accept cookies by changing the settings on your browser or by managing your tracking preferences by clicking on “Tracking Preferences” located at the bottom of our home page. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Online Services. For example, we will not be able to recognize your computer, and you will need to log in every time you visit. You also will not receive advertising or other offers from us that are relevant to your interests and needs. At this time, we do not respond to browser “Do-Not-Track” signals.
This non-personal data can help us, for example, in controlling access to certain content on our site and in alerting users to new site content and services. This information is shared externally only
(i) in anonymous, aggregated form for generalized user analysis, or
(ii) to review whether users qualify for additional benefits, or
(iii) to enable us to send emails to you on our behalf.
6. LINKS TO THIRD-PARTY SITES
We may provide links to third-party websites. Please be aware that we do not control and are not responsible for the information collection practices of such third-party websites’ policy that may differ from those of this Site. We encourage you to review and understand the privacy policies of these other websites before accessing and providing any information to them.
7. RIGHTS OF DATA SUBJECTS: INFORMATION ACCESS, CHANGE, AND/OR DELETION
You have a right to access, rectify, restrict, suppress, update, and/or erase any or all of the personal information that you submit to us by contacting us at [email protected] you would like to receive an electronic copy of your personal data for your purposes of review or transmitting it to another company (to the extent this right to data portability is provided to you by law) you can contact us at [email protected] Individuals are informed, in writing, of the reason a request for access or correction of their personal information was denied, the source of TLC’s legal right to deny such access, and the individual’s right, if any, to challenge such denial. You can unsubscribe from receiving our emails by a click through on each email. You may also unsubscribe from mailing lists or any registrations on the Site. To do so, please follow the instructions on the page of the email.
However, we may disclose your information, including personal information, if we believe it is necessary to protect the property and/or rights of TLC, you, or a third party, to protect the safety of the public or any person, in the event of a legal dispute, or to prevent or stop activity we believe may pose a risk of being illegal, unethical or in violation of the Terms of Service. In case of such an event, the right to have the personal information rectified or erased may also stand suspended. However, you would still be able to view your personal information.
8. SECURITY MEASURES
TLC has implemented generally accepted standards of technology and operational security to protect personally identifiable information from loss, misuse, alteration, or destruction. Only authorized TLC personnel have access to personally identifiable information, and these employees are required to treat this information as confidential.
We maintain appropriate physical, technological, and organizational safeguards to protect your personal information against loss, misuse, unauthorized access or disclosure, alteration and destruction. Only authorized personnel of TLC have access to member accounts and details. Although we use reasonable measures to help protect your personal information, it is important that you understand that no website or database is completely secure or "hacker proof". If you believe the security of your Account has been breached, please contact us immediately at [email protected] and [email protected] Complaints and other disputes are escalated until they are resolved and a resolution is communicated to the individual in writing within a reasonable frame of time.
Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
9. CROSS BORDER TRANSFER AND SHARING OF INFORMATION
Personally identifiable information collected may be transferred, from time to time, to TLC® offices or personnel or to third parties located throughout the world, and the website may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data.
TLC may store your personal data on the servers of Amazon Web services located in the USA, Net4India located in India and GoDaddy in Singapore.
Cross border transfers are necessitated for providing seamless services to members. For example, a member may travel outside the country of his ordinary residence and would want to avail benefits of the membership abroad. To facilitate this, cross border transfer of information becomes necessary.
In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries will be entitled to access your Personal Data.
The personal data that TLC collects may be disclosed to
- TLC group companies, solely for administrative purposes and/or for purposes indicated above.
- TLC’s program partners, hotel partners, banks, retail companies and other collaborating partners of the TLC group for the fulfillment of aforementioned purposes.
- Suppliers of the TLC necessary for the adequate fulfillment of the legal obligations and/or the purposes previously indicated.
10. CONTACT US
If you have any questions about the Policy or our privacy practices, please write to us at [email protected]
11. COMMERCIAL & PROMOTIONAL COMMUNICATIONS: DO NOT CALL
- If you choose not to receive any promotional communications from us, we will not send you promotional messages and will not share your personal information with our partners or other companies for marketing purposes.
- In order to discontinue receiving promotional communications from us, please write to us at [email protected]
- Any customer details collected on our website, through social media including digital campaigns, emails, landing pages and other offline mediums will allow TLC Associates to call, SMS, Email, chat and WhatsApp the guests who have filled in their information. By dropping in details, the guest explicitly allows and gives consent to TLC® and group companies to call him / her and such commercial & promotional communication would not be considered in violation of Do Not Call registration under TRAI’s Telecom Consumer Protection Regulations for such commercial & promotional communications.
12. USER’S RESPONSIBILITY/ DECLARATIONS
- Guarantees that they are of legal age and are persons who can form a legally binding contract under the Indian Contract Act, 1872 and that the information furnished to TLC is true, accurate, complete and up-to-date. If you are a minor i.e. under the age of 18 years, you may use TLC only with the involvement of a parent or guardian. For these purposes, the User is responsible for the truthfulness of all the data communicated and will keep the information updated, so that said data reflects their actual situation.
- Guarantees that he/she has informed third parties on whose behalf he/she has provided data, where applicable, of the aspects contained in this document. Also guarantees that he/she has obtained the third party’s authorization to provide their data to TLC for the purposes indicated.
- Will be responsible for false or inaccurate information provided through the Website and for damages, whether direct or indirect, that this may cause to TLC or third parties.
- Accepts and agrees that there may be certain data that we may not allow you to review for legal, security or other reasons.
- When signing up for issuance of the Add on card including the Spouse Card, the Member and the add-on Card Member accept and agree that they can seek and receive any information pertaining to the membership including any previous transactions and bookings made under the program by any of them.
Last updated: 28th February 2022