GHA Loyalty DMCC (“GHA”, "us" or “we”) is the operator of the GHA DISCOVERY loyalty programme.
How to contact us:
INFORMATION WE HAVE COLLECTED AND MAY COLLECT AND HOW:
GHA collects information about you that you specifically and voluntarily provide. The personal information collected may include a broad range of information, as set out in more detail below.
Although you are required to register in order to use our GHA DISCOVERY programme and you will need to provide some personal information when making a hotel reservation, many areas of our Sites can be accessed without providing any personal information.
On all Sites that collect any of your personal information, we specifically describe what information is required in order to provide you with the product or service you have requested.
GHA collects personal information when you:
Browsing the Sites:
When browsing our Sites, we may also collect a series of general data and information about your navigation of our Sites on an aggregated basis, such as your Internet Protocol Address (“IP Address”), which is identified and logged automatically in our server log files whenever you navigate our Sites, your Internet Service Provider (“ISP”), your login frequency, the pages you visited within the Sites, the operating system used by the accessing system, the website or mobile apps from which an accessing system reaches our website or mobile app (so-called “referrers”), and the Internet browser types and versions used as well as the device you are using to access the Sites and mobile apps.
This information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, GHA analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by you.
You may also voluntarily provide personal information when you send us an enquiry or support request via email. When you contact us, we keep a record of your communication, and may use third party service providers (email system provider, CRM systems), to help solve any issues you might be facing.
Surveys are periodically conducted to collect information to help us improve our Sites and Services. All information collected through surveys will remain confidential, even if we use a third party to help us conduct the survey, unless otherwise indicated.
User registration information:
When you register on the Sites or otherwise to become a registered user, we use your information to create your user account. You will then receive a confirmation email which confirms your email address. For these purposes, we will collect personal information such as your name, business name, email address and your role within your business. We will also record a password linked to your personal details.
WHY WE COLLECT INFORMATION:
We will use the information collected on my.gha.com as set out above for the following purposes:
Types of personal information
|Registering you as a my.gha.com user||my.gha.com user|
Necessary for our contract with you
Legitimate interest (to process this information to provide you with a good service)
|Responding to your questions or suggestions|
User registration information
User claim information
Any other information you may voluntarily provide
|Legitimate interest (to provide you with a good service)|
|Improving the quality of your visit to our Sites||Cookies information and technical information about your device||Legitimate interest (to provide you with a good service)|
|Amending or updating your user profile.||User registration information||Legitimate interest (to provide you with a good service)|
WITH WHOM WE SHARE INFORMATION:
We may share your personal information with IT service providers used by us in providing services.
WHERE WE STORE/TRANSFER YOUR PERSONAL DATA:
In our capacity as Controller, GHA is responsible for processing your personal information as part of its administration and management of the GHA DISCOVERY loyalty programme. This personal information is intended for use by GHA.
As a result of the global nature of our business, User’s personal information is likely to be transmitted for the above-mentioned purposes to IT service providers and other recipients located in countries outside the European Economic Area ("EEA") which may not offer the same level of protection of your data as countries inside the EEA.
This transmission is required for the operation of the GHA DISCOVERY Programme. We will endeavour to take the appropriate steps to ensure that Users’ personal information is protected and handled in accordance with best practice in all territories and, where appropriate, and ensure that standard contractual clauses are in place where appropriate. Please see more information in relation to international transfers in the section 'Transfers outside the EEA" below.
TRANSFERS OUTSIDE THE EEA:
Where necessary in order to operate our Sites and to otherwise deliver our Services, we will transfer personal information to countries outside the EEA.
Non-EEA countries do not have the same data protection laws as the EEA. In particular, non-EEA countries may not provide the same degree of protection for your personal information, may not give you the same rights in relation to your personal information and may not have a data protection supervisory authority to help you if you have any concerns about the processing of your personal information. However, when transferring your personal information outside the EEA, we will comply with our legal and regulatory obligations in relation to your personal information, including having a lawful basis for transferring personal information and putting appropriate safeguards in place to ensure an adequate level of protection for the personal information.
We will take reasonable steps to ensure the security of your personal information in accordance with applicable data protection laws.
When transferring your personal information outside the EEA, we will ensure that, where required by applicable law, at least one of the following safeguards is implemented:
Please contact us at [email protected] if you would like further information on the specific mechanisms used by us when transferring your personal information outside the EEA.
RETENTION OF YOUR PERSONAL DATA:
We will retain your personal information in accordance with our data retention policy and will not retain your personal information for any longer than is necessary for our purposes, including for the purposes of satisfying any legal, accounting or reporting requirements. If you would like further information, please contact us using the details above.
PROTECTING YOUR INFORMATION:
We want you to feel confident about using our Sites, so we are committed to protecting the information we collect. GHA has implemented a security programme to keep information that is stored in our systems protected from unauthorised access.
We have implemented information security policies, rules and technical measures to protect the personal information that we have under our control from:
All our employees and data processors (i.e. those who process your personal information on our behalf, for the purposes listed above) who have access to and are associated with the processing of personal information are obliged to respect the confidentiality of the personal information of all users of our Sites and our Services.
Our systems are configured with data encryption and industry-standard firewalls.
When you send personal information to GHA over the Internet, your data is protected by Secure Socket Layer (SSL) technology to ensure safe transmission.
Some of these rights only apply in certain circumstances, so we may not be able to fulfil every request. If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
If you have a concern about any aspect of our privacy practices, including the way we have handled your personal information, please contact us using the contact details provided in the “How to Contact Us” section above. You can also report any issues or concerns to a national supervisory authority in the Member State of your residence or the place of the alleged infringement. You can find a list of contact details for all EU supervisory authorities at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
NAME AND ADDRESS OF THE CONTROLLER:
The Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Economic Area and other provisions related to data protection is:
GHA Loyalty DMCC
21st Floor, JBC5 Tower, Jumeirah Lake Towers
PO Box 487771 Dubai
United Arab Emirates
Phone: +971 4 4214287
NAME AND ADDRESS OF THE DATA PROTECTION OFFICER:
The Data Protection Officer of the Controller is:
Prof. Dr. Rolf Lauser
Dr.-Gerhard- Hanke-Weg 31
Email: [email protected]
You may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.
All text, images, audio- and video material used on this website is protected by copyright and may not be copied, modified or used for private or commercial reasons. Our aim is to keep the information displayed on this website and mobile app timely and accurate. We do not accept any responsibility or liability whatsoever with regards to the information on this site.
THIRD PARTY LINKS AND SERVICES:
Your browsing and interactions on any other websites, or your dealings with any other third party service provider, is subject to that website’s or third party service provider’s own rules and policies. When you click on the links we provide to third party platforms, you will be transferred from our website to the relevant platform and the privacy notice (and other terms and conditions) of that platform will apply to you.
We do not monitor, endorse, warrant, or guarantee the products, services, or information described or offered at these other Internet sites or the privacy practices of any third parties.
We encourage you to become familiar with the privacy practices of every website you visit or third party service provider that you use in connection with your interaction with us and to contact them if you have any questions about their respective privacy notices and practices.