Personal Data Privacy & Security Policy

Preamble

Discovery Fleet Corporation (DFC) is committed to providing quality service to our guests, potential customers, business partners, employees and future employees. We respect the privacy of all our internal and external customers and business partners and treat all personal information disclosed to us as confidential.

This Personal Data Privacy Policy (the “Policy”) applies to personal information regarding guests and other individuals with whom we do business (the “Data”), and to the management of said data and information in any form, whether electronic or written.

This Policy gives effect to our commitment to protect your personal information and has been adopted by all of the ships/vessels and establishments owned and/or operated by DFC.

We limit the collection, use and retention of Data to the specific information we need for legitimate purposes to administer our business, to provide you with quality service and offer various products or services from DFC.

In order to protect your Data, we will require that you prove your identity to us in relation to your request to access your Data, which may consist of a copy of a government-issued identification, your signature and correspondence address so we can check them against our records and satisfy ourselves as to your identity. The above information is required to create an audit trail of how the request has been handled. Where a request is made, any correspondence or application may be kept and added to your Data.

Collection of Personal Information

The term “personal data” in this Policy refers to personal information which we, in the process of providing you with a particular service, may ask you to voluntarily supply to us.  The types of personal data we process include: name, title, gender, contact details (including but not limited to email address, mailing address, mobile phone number, telephone number and fax number etc.); date and place of birth, nationality, passport number, identification number and visa information; credit card information including name of cardholder, credit card number and expiry date; loyalty program membership information, online user account details, profile or password details and any frequent flyer or travel partner program affiliation; any information necessary to fulfill special requests on trips; information you provide regarding your marketing preferences or in the course of participating in surveys, contests or promotional offers; information collected through the use of closed circuit television systems, card key and other security systems; contact and other relevant details concerning the employees of corporate accounts and vendors and other individuals with whom we do business (e.g., travel agents or meeting and event planners); and in limited cases, information relating to the credit of customers.

We collect personal data to deliver superior service.  Specific purposes include, but are not limited to, the following:

  1. Guest reservations and/or requests for information or services
  2. Payment processing
  • Product and Services sales
  1. Membership program subscription
  2. Sales calls and appointments
  3. Communication facilitation
  • Vendor management
  • Marketing and Promotions planning and execution
  1. Market research and analysis
  2. Customer Satisfaction and Quality Assurance surveys
  3. Safety and Security
  • Legal and Regulatory requirements
  • Job Application processing

When you request a particular service from us or otherwise interact with DFC, we will ask you to voluntarily provide us with relevant Data that we need to provide the service you require. For example, if you would like us to make a reservation for a trip, we will request for Data such as your name, address, telephone number, e-mail address and credit card information for payment purposes (including credit card number, code and expiry date). We will use your e-mail address to send an e-mail confirmation of your booking and a pre-arrival message summarizing your confirmation details and preferences. Such pre-arrival message will include other information about the trip, the area and the weather.

The same types of information would be requested when you complete any purchase of Discovery gift certificates or merchandise, or make online enquiries.

For trip reservations, we may also ask for your travel details (including flight number, arrival and departure dates and time, as well as country/point of origin and destination) and room preferences to better prepare ourselves for your arrival and to serve you better before your departure.

Website 

When you browse a Discovery website, we do not collect Data unless you voluntarily and knowingly provide it to us, for example by accessing our website from a link in an e-mail that we send to you or where you have created a profile under My Discovery Elite and you log-in to your account.

Making a reservation and check-in at a Discovery Ship

The Data that you provide to us for making a reservation is made available to the applicable ship/vessel/establishment for the purpose of completing your reservation request. We may also need to collect information as required by local laws such as passport numbers, type of entry visa, and driver’s license. Upon check-in, your Data will be verified by our staff and you will be requested to indicate whether you wish to opt in and receive promotional literature. At times, we may make certain Data available to strategic business partners such as mail houses and e-mail service providers for the sole purpose of mailing and dissemination of promotional materials for Discovery Fleet and its related facilities. In such cases, DFC remains as the Personal Information Controller. Data will not be shared with third parties for their own marketing purposes, unless consent is likewise granted by the guest for this purpose.

During your stay at a Discovery Ship

We record your itemized spending to properly assemble your folio during your stay, which includes your room rate and other expenses billed to your room. We also record this information to comply with financial reporting requirements and those imposed by our auditors and government authorities. In order to assure your future comfort and attention to your individual needs, other stay-specific information may also be stored in the property management system at a particular Discovery Ship, such as your food and beverage preferences and other special requests. Certain information regarding your service preferences may be made available to other Discovery Ships, Hotels and other properties through our central database.

Making a purchase on our website 

When making a purchase such as a gift certificate or a Discovery merchandise, you will be asked to complete a form that includes your name, e-mail address, delivery address and credit card details for payment purposes. When the form is complete, your credit card number will be verified using a checking sequence to complete the transaction. Credit card information and Data are transferred over a Secure Socket Layer (SSL) connection. Doing so protects the confidentiality of your Data while it is transmitted over the Internet. Purchasing transactions are assisted by third party processors who are required by contract to protect the privacy of your Data. SSL is an industry standard for encryption over the Internet to protect Data supplied to us. We will use that information to assist in any inquiries about your transaction.

Accessing Our Website from Web-enabled Mobile Devices

You can access our website from a web-enabled mobile device to find a Hotel and/or restaurants operated by Discovery. You can make a reservation from any web-enabled device. When you make a reservation, you may need to provide certain Data such as your name, e-mail address and credit card information for guarantee purposes. You may also enroll in My Discovery Elite from a web-enabled device.

Creating and updating your My Discovery Elite account information 

For hotel-related services, upon completing an online room reservation, you can set up, review or update your My Discovery Elite information online. When enrolling in My Discovery Elite, you will be required to provide certain Data such as name, e-mail address, mailing address, room preferences and service requests.

Food and Beverage Outlet Reservations 

We collect Data such as your name and phone number when you make a reservation at our food and beverage outlets. If you are a repeat guest at our food and beverage outlets or have filled out our food and beverage questionnaire, we may store your Data in our Customer Information System to serve you better upon your return.

Fraudulent e-mails 

Please note that Discovery companies will never send you an e-mail requesting your password, credit card number or passport, personal identity card or social security number. If you receive any suspicious e-mail that looks like it is from our group, but asks you for your credit card number or passport, personal identity card or social security number, it is a fraudulent e-mail, or an act of “phishing”. We recommend that you do not reply to the e-mail or click on any link or pop-up message accompanying such e-mail, and report the matter to local authorities that handle fraudulent e-mails. If you believe “phishers” have gained access to your personal or financial information, we recommend that you also change your password(s), alert your credit card service provider and bank, and review credit card and bank account statements to check for unauthorized charges.

Unsecure communication 

It is important to note that all e-mail communication is not secure. There is a risk inherent in the use of e-mail. Please be aware of this when requesting information or sending forms to us by e-mail, for example, from the “Contact Us” section of our website. We recommend that you do not include any sensitive information including credit card details when using e-mail or using any public computers/public WIFI. Our e-mail responses to you may not include any sensitive or confidential information. Please bear in mind that no security system or system of transmitting information over the Internet is guaranteed to be secure.

To be prudent, it is advisable to always close your browsers when you have finished completing a form or a reservation. Although the session will automatically terminate after a short period of inactivity, it is easier for a third party to gain access to your profile whilst you are logged onto our website and making a reservation.

Disclosures of Your Personal Information

From time to time, we may disclose and transfer your personal Data to any Discovery Ships, hotels and resorts, both local and international, travel-related companies (e.g., airline companies, car rental companies and excursion tour companies), and vendor partners who provide administrative, telecommunications, payment, fulfilment or other services to any of the Discovery Ships, hotels and resorts to facilitate your requests or provide you with goods and services you require and for the purposes described under the section “How we use Personal Information”. The recipients of any such Data are contractually prohibited from using personal data and information for any purpose other than for the purpose DFC specifies.

We reserve the right to disclose any Data when compelled to do so by a court of law or requested to do so by a governmental entity or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property. We also reserve the right to retain information collected and to process such information to comply with accounting and tax rules and regulations.

We may share aggregated demographic information with business partners, affiliates or other entities. This aggregate information is not linked or traceable to any personally identifiable information about you.

Except as described herein, we do not permit the sale or transfer of personally identifiable information to third parties.

Disclosure of information to third parties

In addition to the required information sharing described above, we use the services of third party agents, such as e-mail service providers and mail houses for the purpose of mailing materials to our patrons. These parties are contractually prohibited from using Data for any purpose other than for the purpose specified in their respective contracts. We do provide non-personally identifiable information to certain service providers for their use on an aggregated basis for the purpose of performing their contractual obligations to us. We do not permit the sale of Data or use of Data by third parties for their own purposes. Discovery will implement, where necessary, appropriate measures, including contractual clauses, to secure the transfer of your Data to third party service providers both local and international. Therefore, in addition to the implementation of the present Policy, DFC will implement, where necessary, appropriate measures, including contractual clauses, to secure the transfer of your Data to recipients located in a country with a level of protection different from the one existing in the country in which your Data is collected.

Data Storage

We store certain customer information and reservation details in our customer information system and reservation system. Both systems are secure customer databases stored on a dedicated server located in a data center hosted by a third party service provider. The stored database includes Data such as guest name, address, phone numbers, position, company name and credit card information. We may also store other information such as your room, food and beverage, other service preferences and transaction history. This information may be shared within the Discovery group’s ships/vessels and hotels to better anticipate your needs prior to and during your stay in any of said ships/vessels, establishments or properties.

We implement IT and network security policies to protect your Data from unauthorized access limited by the capability of IT and network equipment we utilize. Our server resides behind firewalls to protect the Data collected from you against unauthorized or accidental access. Because laws applicable to personal information vary by country, our ships, hotels or other business operations may put in place additional measures that vary depending on the applicable legal requirements.

Marketing database

Some of our group operations maintain a database of customer information which is used for marketing, promotion and research, understanding and analysing customer behavior, and customer profiling to improve our services. You will receive marketing and promotional materials if you have already given your express and specific consent in some data collection forms. You may elect to unsubscribe from receiving future promotions at any time.

Secure transmission and storage of data

We treat all Data that you provide to us as confidential information. To prevent Data from unauthorized access or leakage, we have adopted and regularly monitor our group’s security and data privacy policies and procedures. We use SSL protocol – an industry standard for encryption over the Internet, to protect the Data. When you type in sensitive information such as credit card details, it will be automatically encrypted and transferred over a SSL connection. This ensures that your sensitive Data is encrypted as it travels over the Internet. You will know that you are in a secure mode when the security icon (commonly appearing as a lock before the link in the web address bar) appears on your screen.

Direct Marketing

We may use your personal information (including your name, address, telephone numbers, email and other contact details) to send you marketing communications such as direct-mail, email, telephone calls and SMS containing news, offers, promotions, events, to be offered by us or by our business partners in relation to the following classes of products and services:

  • Travel
  • Transportation,
  • Retail,
  • Food and Beverage,
  • Credit Cards,
  • Financial and Investment Services,
  • Real Estate,
  • Entertainment,
  • Publications,
  • Fashion and Jewelry ,
  • Leisure and Sports,
  • Health and Wellness,
  • Non-Profit and Charitable Activities,
  • Telecommunications,
  • Social Networking,
  • Media and Public Relations.

Rest assured, however, that we may not use your personal information for direct marketing without your consent. We will always ask for your consent before we use your personal information for direct marketing. You may decline receiving marketing communications at any time, free of charge, by:

  • following the non-agreement instructions contained in the communications;
  • contacting My Discovery Elite Member Services in accordance with the section “How to Access or Correct Personal Information”; or
  • updating your email subscriptions to our e-mailers

Your Privacy Online

Visitors to our website should be aware that information and data may be automatically collected through the standard operation of our internet servers and through the use of “cookies”. For our online privacy statement on the use of cookies, please refer to Policy on “Cookies” below.

Our Commitment to Data Security

To maintain the accuracy of your personal data, as well as preventing unauthorized access to and ensuring the correct use of your personal data, we have carried out appropriate physical, electronic and managerial measures to safeguard and secure the personal data we collect. These measures are subject to ongoing review and monitoring. Whilst we make every effort to protect your personal data, no security measures can guarantee that your personal data and information will not be subject to interference, misuse or hacking and we shall not be responsible for any loss, misuse or alteration arising as a result of such incidents.

How to Access or Correct Your Personal Information

 

You are entitled to access and make changes to any personal data relating to your profile held in My Discovery Elite database. You should update the personal data held by us whenever there is change.  If you have any questions about this Policy, or if you would like to submit a request for access to or change of the personal data and information that we maintain about you, please contact dpo@discovery.com.ph.

 

We reserve the right to charge a reasonable fee for the processing of any such access request. As indicated above, all requests for access to your personal information must be submitted in writing. When communicating your request, please be sure to indicate your full name, address and telephone number so we can ascertain your identity, and specify clearly the type of enquiry and the original source of data collection.

Cookies

Visitors to our website should be aware that information and data may be automatically collected through the standard operation of our internet servers and through the use of “cookies”.

 

“Cookies” are small text files a web site can use to recognize repeat users, facilitate the user’s ongoing access to and use of the site and allow a site to track usage behavior and compile aggregate data that will allow content improvements and targeted advertising.

 

Cookies are not programs that come onto a system and damage files.  Generally, cookies work by assigning a unique number to each customer/ visitor that has no meaning outside the assigning site.  Cookies cannot be used by themselves to identify you.

 

Cookies, by themselves, do not tell us your email address or other personally-identifiable information unless you choose to provide this information to us by, for example, registering for one of our services. However, once you choose to furnish the site with your personally-identifiable information, this information may be linked to the data stored in the cookie.

We use cookies to understand site usage and to improve the content and offerings on our sites. For example, we may use cookies to personalize your experience at our web pages (e.g., to recognize you by name when you return to our site), save your username and/or password in password-protected areas, and to offer you products, programs, or services.

We use Google AdWords re-marketing technology to market our sites across the Internet.   We place a cookie on your browser, and then a third party (Google) reads these cookies and may serve an advertisement on a third party site, after you have visited our website.

If you do not want information collected through the use of cookies, there is a simple procedure in most browsers that allows a customer to deny or accept the cookie feature; however, you should note that cookies may be necessary to provide customers with certain features (e.g., customized delivery of information) available on the web site.

Pixel Tags

Our group and our third-party service providers may use pixel tags (also known as “clear gifs”, “beacon gifs” etc.), tracking links and/or similar technology to:

  • Track customer response to The Discovery Hotels advertisements and website content;
  • Determine your ability to receive HTML-based e-mail messages. Our e-mail service provider includes a pixel tag, referred to as a “coded sensor”, in all of the HTML-based messages sent on our behalf. The sensor activates when the e-mail message is opened and flags the e-mail address of the user as one that is capable of receiving HTML-based e-mail messages. This capability helps our service provider to send the e-mail in a format you can read. The sensor does not collect or use any other information. If you cannot receive HTML, you will not receive a functioning sensor;
  • Know how many users open an e-mail and allow our service provider to compile aggregated statistics about an e-mail campaign for us; and
  • Allow us to better target interactive advertising, enhance customer support and site usability, and provide offers and promotions that we believe would be of interest to you. Your Data will not be collected apart from what you voluntarily provide us in your dealings with our group operations.

How long will Data be retained for?

Your Data will be stored for the period of time required or permitted by law in the jurisdiction of the operation holding the information. However, information that is stored on My Discovery may be edited and deleted by users of such service at any time.

Data may be stored by Discovery Fleet and other group operations as long as required for the business purpose for which these Data are processed.

Notifications in the event of breach

In the unlikely event of a data breach, we are prepared to follow all laws and regulations which may require us to notify you of the unintended disclosure of your personal information.

Careers

Our careers websites allow individuals that wish to be considered for potential employment to attach their curriculum vitae for consideration. We will not use the information you provide for any purpose other than to determine your qualifications for potential employment at DFC.

Other Sites

DFC is only responsible for the privacy statement and content of our website. Our website may contain links to other sites of third parties. We are not responsible for the data collection and use practices, privacy policy or the use of cookies on other websites that you have accessed our website from and to the non-Discovery websites that you may access from this website. We advise you to review the privacy policies of such third parties before submitting Data.

Children’s Privacy

Our website is not intended for children and minors and we do not knowingly solicit or collect Data from children and minors. As a parent or legal guardian, please do not allow your children to submit Data without your permission.

Legal Disclaimer

This privacy statement complies with the Data Privacy Act of the Philippines as well as applicable local laws.

We may need to disclose Data when required by relevant law or court order, or as requested by other government or law enforcement authorities. This also applies when we have reason to believe that disclosing the Data is necessary to identify, investigate, protect, contact or bring legal action against someone who may be causing interference with our guests, visitors, associates, rights or properties (including this site), or to others, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

Changes to the Policy

We may modify this Policy from time to time. Any changes to this Policy will be posted to our website so that you are always informed of the way we collect and use your personal data. Updated versions of our Policy will include the date of the revision at the end of this Policy so that you are able to check when the Policy was last amended.

Any changes to our Policy will become effective upon posting of the revised Policy on the website. Use of the website following such changes constitutes your acceptance of the revised Policy then in effect.

Miscellaneous

This policy is governed by and shall be construed in accordance with the laws of the Philippines.  This Policy is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this Policy, the English version shall prevail.

Contact Us

Your privacy is important to us, for any questions, clarifications and general comments, please contact us through the following:

Name:          _______________

Department: _______________

Number:       _______________

Email:           _______________

Personal Data Privacy & Security Policy version as of February 2021.

 

 

Scroll to Top