Last updated June 2018.
What Information is collected?
When you visit this website you may provide two types of information: personal information you knowingly choose to disclose that is collected on an individual basis and website use information collected on an aggregate basis as you and others browse the site.
Personal Information You Choose to Provide
You will provide information about yourself, your firm or company, and your practices when you purchase Metropolitan Hotel services, or register for email newsletters and alerts.
- Email Information
If you choose to correspond via email, we may retain the content of your email messages together with your email address and the responses.
- Website Use Information
Similar to other commercial websites, this site utilises a standard technology called “cookies” (see explanation below, “What Are Cookies?”) and Web server logs to collect information about how this site is used. Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at this site, and the websites visited just before and just after our site. We, our advertisers and ad serving companies may also use small technology or pieces of code to determine which advertisements and promotions users have seen and how users responded to them.
How Do We Use the Information That You Provide to Us?
Broadly speaking, we use personal information for purposes of administering and expanding our business activities, providing customer service and making available other products and services to our customers and prospective customers. Occasionally, we may also use the information we collect to notify you about important changes to this website, new services and special offers we think you will find valuable. You may notify us of your desire not to receive these offers by clicking the unsubscribe link contained in each such email.
What Are Cookies?
How Do We Use Information We Collect from Cookies?
Sharing Information with Third Parties
The information we collect is used to improve the content of this site and the quality of our service, and is not shared with or sold to other organisations for commercial purposes. That being said, your information could be shared under the following circumstances:
We use third parties to facilitate our business, including, but not limited to, sending email and processing payments. In connection with these offerings and business operations, these third parties may have access to your personal information for use in connection with those business activities.
As we develop our business, we may buy or sell assets or business offerings. Customer, email, and visitor information is generally one of the transferred business assets in these types of transactions.
We may also transfer such information in the course of corporate divestitures, mergers, or any dissolution.
If it becomes necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
Google AdWords Remarketing
The Metropolitan Hotel may use remarketing to advertise online.
Third-party vendors, including Google, may show our ads on sites across the internet.
Notice of New Services and Changes
Occasionally, we may also use the information we collect to notify you about important changes to this website, new services, and special offers we think you will find valuable. As our customer, you will be given the opportunity to notify us of your desire not to receive these offers by clicking the unsubscribe link contained in each such email.
How Do We Secure Information Transmissions?
Email is not recognised as a secure medium of communication. For this reason, we request that you do not send private information to us by email. Some of the information you may enter on this site may be transmitted securely via Secure Sockets Layer SSL, 128 bit encryption services. Pages utilising this technology will have URLs that start with HTTPS instead of HTTP.
We may disclose your personal information if required to do so by law or subpoena or if we believe that such action is necessary to (a) conform to the law or comply with legal process served on us or affiliated parties; (b) protect and defend our rights and property, our site, the users of our site, and/or our affiliated parties; (c) act under circumstances to protect the safety of users of our site, us, or third parties.
What About Other Websites Linked to This Site?
Our responsibilities as a “controller” under the General Data Protection Regulations (GDPR)
If you are a resident of the European Economic Area (“EEA”) you have certain rights and protections under the GDPR regarding the processing of your personal information. We are a controller under the GDPR as we collect, use and store your personal information to enable us to provide you with our goods and/ or services and information about them.
We rely on the following lawful means of processing your personal information:
- Where it is necessary to fulfil a contract with you. This includes where we collect your personal information to enable us to send you course materials.
- Where you have given us valid consent to use your personal information, we will rely on that consent, and only use the personal information for the specific purpose for which you have given consent. This includes where we email newsletters, or send mobile notifications;
- We may also process your personal information where it is to further our legitimate interests where they are overridden by your rights or interests. This could include usage statistics, analytics and internal analysis so we can improve our services.
If you are an EEA resident, you have various rights including the:
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to object;
- Right to restriction of processing;
- Right to erasure or to be forgotten;
- Right to data portability; and
- Right not to be subject to automated processing.
If you want to access personal information we hold about you, or ask if that the information be corrected, please contact us. In some circumstances, you also have a right to object to or ask that we restrict certain processing activities or delete your personal information. If you would like to limit or request deletion of your personal information or exercise any other rights you can do so by contacting us.
Withdrawing your consent
You can withdraw your consent to our collection or processing of your personal information. You can do so by contacting us or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe. If you withdraw your consent to the use of your personal information, you may not have access to our services, and we might not be able to provide you with our services. In some circumstances where we have a legal basis to do so we may continue to process your information after you have withdrawn consent, for example if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.
All personal information stored on our platform is treated as confidential. It is stored securely and is accessed by authorized personnel only. Our collection is limited in relation to what is necessary, for the purpose for which the personal information is processed, and kept only for so long as is necessary for the purpose for which the personal information was collected. We implement and maintain appropriate technical, security and organisational measures to protect personal information against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of personal information, and we have adequate cyber security measures in place.
By providing us with your personal information, you consent to us disclosing it to third parties who reside outside the EU. We will ensure that those third parties are GDPR compliant.