We are committed to protecting the privacy of our users and customers.
This policy includes a description of your data protection rights, including a right to object to some of the processing activities we carry out. Please note that your rights as a data subject may vary depending upon where you live.
EU Privacy Law requires us to be specific about our reasons and legal grounds for using your Personal Data. Accordingly, for the purposes of EU Privacy Law only, the information below describes the types of data we process, where we get your data from, the grounds we rely on to carry out the processing, and who we may share your data with. Except for the “Processed Data Categories” sections set out in the information below, nothing is intended to bind us in respect of our non-EU users.
Affiliates and Subsidiaries: Any corporation, firm, partnership or other entity which directly or indirectly controls, is controlled by, or is under common control with Groupe Floirat.
Controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
EU Privacy Law: Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (the “GDPR”), as well as any legislation and/or regulation implementing or created pursuant to the GDPR and the e-Privacy legislation, or which amends, replaces, re-enacts or consolidates any of them, and all other national applicable laws relating to the processing of Personal Data and privacy.
Processor: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.
Recipient: A natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a Third Party or not.
Third Party: A natural or legal person, public authority, agency or body other than the data subject, controller, Processor and persons who, under the direct authority of the controller or processor, are authorized to process Personal Data.
Supervisory Authority: An independent public authority which is established by a Member State pursuant to Article 51 of the GDPR.
Personal Data: Any information relating to an identified or identifiable natural person (“Data Subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Privacy Shield: The EU-U.S. Privacy Shield legal framework, designed by the U.S. Department of Commerce and the European Commission to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring Personal Data from the European Union to the United States in support of transatlantic commerce.
Standard Contractual Clauses: Sets of standard contractual clauses for transfers as adopted by the European Commission for the international transfer of Personal Data.
Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
In the context of the hotel booking process – whether this takes place online on one of our brand websites, through an online booking channel, via a travel agent or directly at one of our hotels – we process your Personal Data for the purpose of (i) enabling you to reserve a room in the hotel of your choice; (ii) verifying the availability of the hotel and to administer the booking; (iii) sending you a booking confirmation; and (iv) sending you non-commercial pre-arrival emails.
The information below describes the types of data we process for this purpose, where we get your data from, the ground we rely on to carry out the processing, and who we may share your data with.
When staying at one of our hotels, we will collect and process your Personal Data for the purposes of (i) registering your arrival and departure at the hotel; (ii) assigning you a key card to your room; (iii) obtaining a credit card guarantee or hotel deposit to ensure payment of your stay; (iv) managing (and archiving) your hotel registration card; (v) creating or updating your profile in our hotel management system; (vi) assessing your eligibility for a room upgrade and managing this if applicable; (vii) managing payment of your stay; (viii) establishing, printing or sending an invoice for your stay; and (ix) paying a commission to your travel agent (if applicable).
In the event you have booked a room in one of our hotels but do not show up – without cancelling – on the date of arrival communicated, we will process your Personal Data for the purposes of (i) cancelling your stay and any other reservation you may have made; and (ii) managing, processing and settling any outstanding payment that may be due.
To ensure payment for all guests staying in a hotel room, each hotel guest is asked for a credit card or deposit before arrival.
When you stay in one of our hotels, we endeavor to make your stay as pleasant as possible. This requires processing your Personal Data for the purposes of providing specific services during your hotel stay. These services include (i) housekeeping and maintenance; (ii) returning lost or forgotten items to you; and/or (iii) managing your and your co-guests’ preferences, such as dietary requirements and pillow preferences, in order to provide you with a better service during your stay with us.
In our hotels you can benefit from additional services and facilities, such as breakfast, room service, minibar, pool, restaurant(s) and bar(s), spa treatments, laundry services, parking, taxi requests, free Wi-Fi, etc. In the event you make use of additional services or facilities at one of our hotels, your Personal Data may be processed to (i) manage the booking and use of such additional hotel services and/or facilities; (ii) administer any advance bookings of additional services and/or facilities to your file; (iii) personalize returning guests’ arrival to the hotel and the choice of room amenities and room features; and (iv) manage the expenses incurred for such additional services and/or facilities.
In cases where you purchase a gift card for another person, we will process additional Personal Data for the purpose of delivering the gift card to the recipient by email or by post. We provide the opportunity to purchase physical or e-gift cards that can be redeemed at one of our hotels to pay hotel charges, restaurant(s) and spa treatments.
When you purchase a gift card at one of our hotels or online, we process your and, if applicable, the gift card recipient’s Personal Data for the purposes of managing and successfully completing your purchase of the gift card. If you are purchasing the gift card for another person, we will process additional Personal Data for the purpose of delivering the gift card to the recipient by email or by post.
If you have explicitly consented to receive our newsletters or marketing communications, including in relation to one of our hotels, we may, from time to time, contact you with information about our services and latest offers and process your Personal Data for this purpose.
If you no longer want to receive our newsletters or marketing communications, please let us know by sending us an email firstname.lastname@example.org. You can also unsubscribe from our marketing emails by clicking on the unsubscribe link in the emails sent to you, you may also unsubscribe by updating your profile.
In the context of our newsletters and marketing communications, we may also process and collect your Personal Data, and notably whether you have opened and interacted with one of our communications, for analytical purposes in order to measure the click-through rate and improve the content of our newsletters and marketing communications.
In order to assist our guests in booking at the Byblos, planning and enjoying their stay, we offer a mobile application for our different hotel services. This mobile app can be downloaded through online app stores, including the Apple App Store or the Google Play store.
Depending on how you use our Byblos mobile application, your Personal Data may be processed for the purposes of:
(i) Enabling you to reserve a room in the hotel.
(ii) Booking reservations at your request at a local restaurant;
(iii) Addressing the requests you have made through the mobile app
To avoid having us receive or use your real-time location, do not opt in to location services. If you did opt in and have changed your mind, you may opt out of location services through your device settings or by deleting the application. Equally, if you would like to no longer receive push notifications via our Byblos mobile application, you can revoke push notification permission for the mobile application in your device’s operating system settings.
If you have voluntarily installed our app on your device, and if you have granted permission for the app to track your location, then we may send a signal to the app on your device about the precise, real-time location of the device. The app may use this information to deliver special offers and promotions to you, at a time and place when the information is most relevant. For example, if you are at the Byblos hotel late in the afternoon, your mobile device may receive a signal that causes the app to notify you about drink or dinner specials. To make our mobile app and services operate better, we may also collect other information’s. To avoid having us receive or use your precise, real-time location, do not opt in to location services. If you did opt in and have changed your mind, you may opt out of location services through your device settings or by deleting the app.
Should you have a particular query or feedback, including the exercise of one of your rights under the GDPR, you may contact us at email@example.com. In such context, we may process your Personal Data for the purposes of handling and providing an answer to your query or request or to follow up on your feedback.
If you wish to organize a meeting or event in one of our hotels or if you would like more information on this possibility, you can reach out to us by directly contacting the hotel or by contacting us by other means. The Personal Data collected will be processed for the purposes of fulfilling your request to organize a meeting or event.
If you have opted in to receive commercial communications in the context of the organization of a meeting or event, we will also process your data to contact you with information about our services and latest offers.
We may use any data you provide to us for analytical purposes to optimize your experience, enhance our marketing, business and operational efficiency, create segments of our customers based on their Personal Data and tailor our offers and promotions to your preferences and consumption habits. In the context of such analytics, we analyze and may combine different data we hold about our guests, including (i) responses to guest satisfaction surveys; (ii) communications guests have with us; (iii) click-through rates for our marketing communications; (iv) our guests’ behavior on our websites; (v) bookings.
We may process your Personal Data obtained through social media platforms (including Facebook, Instagram, LinkedIn, Twitter and others) or online reviews (including on TripAdvisor) concerning our Hospitality brands for the purposes of (i) addressing your questions or complaints; (ii) monitoring our online reputation; and (iii) improving our services and identifying opportunities on which we can focus.
Some of our social media pages allow users to submit their own content. Please remember that any content submitted to one of our social media pages can be viewed by the public, and you should be cautious about providing certain personal information (e.g., financial information or address details) via these platforms. We are not responsible for any actions taken by other individuals if you post personal information on one of our social media platforms (e.g., Facebook or Instagram). Please also refer to the respective privacy and cookie policies of the social media platforms you are using.
Your Rights – Under EU Privacy Law
If you are in the EU, EU Privacy Law grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions. These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request via email at firstname.lastname@example.org.
Should you have unresolved concerns, you have the right to lodge a complaint with a Supervisory Authority where you live or where you believe a breach may have occurred. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Supervisory Authority.
1. Right to withdraw consent
2. Right to access and rectify your data
3. Right to erasure
4. Right to restriction of processing
Under certain circumstances described in EU Privacy Law, you may ask us to restrict the processing of your Personal Data. This is for example the case when you contest the accuracy of your Personal Data. In such event, we will restrict the processing until we can verify the accuracy of your data.
5. Right to object to processing
Under certain circumstances described in EU Privacy Law, you may object to the processing of your Personal Data, including where your Personal Data is processed for direct marketing purposes.
6. Right to data portability
Where you have provided your data directly to us and where the processing is carried out by automated means and based on your consent or the performance of a contract between you and us, you have the right to receive the Personal Data processed about you in a structured, commonly used and machine-readable format, and to transmit this data to another service provider.
Appropriate technical and organizational measures are implemented in order to ensure an appropriate level of security of your Personal Data, including but not limited to encryption techniques, physical and IT system access controls, obligations of confidentiality, etc.
In the event Personal Data is compromised as a result of a Personal Data Breach we will make the necessary notifications, as required under applicable laws.
We do not knowingly collect or solicit Personal Data from anyone under the age of 18 or knowingly allow such persons to book a room in one of our hotels.
In the event we learn that we have collected Personal Data from a child under the age of 18 without verification of parental consent, steps will be taken promptly to remove that information. If you believe that we have or may have information from or about a child under 18 years of age, please contact us at email@example.com.
To determine the appropriate retention period for the information we collect from you, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of the data, the purposes for which we process the Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
How to Contact Us