Privacy Notice
At Hotel des Mille Collines, we are committed to complying with data protection laws and best practices and ensuring the protection of
your personal data.
Access to this website is restricted to individuals aged 16 or above. However, individuals under the age of 16 may access this website if
they have explicit authorization from a person with parental responsibility. Unauthorized access by persons under the age of 16 is
strictly prohibited and may result in legal consequences.
Your Rights:
As a user, accessing our website grants you the following rights:
– Right to Access;
– Right to personal data;
– Right to Data Portability;
– Right to object;
– Right to restriction of processing of personal data;
Processing Child’s Data
We give utmost importance to safeguarding children’s privacy and comply with all relevant laws and regulations governing the
processing of their personal data. Parents or legal guardians must give their consent for the processing of a child’s data to ensure their
safety and well-being online. Any processing of a child’s data is conducted with the utmost care and in accordance with legal
requirements and we do not knowingly collect personal data from children under the age of 16 without parental consent.
Therefore, anyone accessing our website is deemed to be at least 16 years old or to have authorization from a legal representative.
Information We Collect
Personal Data You Provide
The personal data we collect from you will include information such as your name, country of residence, email address, telephone
number, your company name and date of birth. This information is used to contact you and provide you with initial information and
quotations.
Personal Data Collected for Legal, Compliance and Crime Detection and/or Prevention
We process your personal data so that we can meet legal, compliance and regulatory obligations. We also process your personal data for
crime prevention, including the prevention of fraud for online payments, identity verification, and accounting or audit purposes.
Personal Data Collected From Third Parties
We collect personal data from third parties who have been authorized to collect and provide your personal data. We also collect
personal data from individuals who may refer you as someone who may be interested in our products or services. We ask these
individuals to confirm that you would like to hear from us.
Personal Data Collected For Transactions
We collect different personal data depending on your payment method. For example, for credit card payments we may collect the credit
cardholder name, address, card number, expiry date and CVC code.
Customer Testimonials and Comments
We may post client testimonials and comments on our websites, which may contain personal information.
Information Collected by External Parties
We use external service providers to assist us to process personal data for the specified purposes, and they may hold this personal data
on their own servers for these purposes.
How We Use Your Information
Legal Basis for Using Your Information
We will only collect, process, use, share and store your personal data where we are satisfied that we have an appropriate legal basis to
do this.
This may be because:
• We need to use your personal data to perform a contract or take steps to enter into a contract with you.
• We need to use your personal data for our legitimate interest as a commercial organization. For example, we may capture your
interactions with our website via tools on our website in order to identify errors or issues and ensure your customer experience meets
expectations. In all such cases, we will look after your information at all times in a way that is proportionate and that respects your
privacy rights.
• We need to use your personal data to comply with a relevant legal or regulatory obligation that we have; and
• We have your consent to use your personal data for a particular activity. For example, where you consent to us sharing special
offers with you which we believe may be of interest to you.
Third-party Service Providers
We may share your personal data with third parties, who help us manage our business and deliver our products and services. These
third parties have agreed to confidentiality and data protection obligations as set forth in the applicable laws and regulations.
Any personal data we share with them or which they collect on our behalf is used solely for the purposes of providing the contracted
services to us.
Third parties also comply with data protection policies and legal processing principles.
These third parties:
• Help manage our IT and back-office systems;
• Provide internet and infrastructure services for our facilities;
• Conduct research that assists us in understanding consumer interests.
Add Your Heading Text Here
We may need to share certain reservation details with the payment service provider and the relevant financial institution to verify
payments (such as banks and payment card companies). We may share information with relevant financial institutions if we consider it
strictly necessary to detect fraudulent transactions and security incidents.
Legal Reasons
We may share personal data with government organizations and agencies, border control agencies, regulators, law enforcement and
others as permitted or required by law.
International Transfers of Data
To facilitate our operations, we might transfer information to companies or entities that are located in other countries that help us
deliver or fulfil our service offerings. The transfer will only be for the purposes described in this policy and made in accordance with
laws and regulations governing data protection.
This Privacy Policy shall apply even if we transfer Personal Information to other countries.
We have verified that the entities we transfer your data to be compliant with data protection legal principles and tools.
How We Protect and Store Your Information
Protection of Your Personal Data
We have implemented and maintain appropriate technical and organizational security measures, policies and procedures designed to
protect the personal data that you share with us and safeguard the privacy of such information. We use Firewalls, an appropriate and
powerful Antivirus, and proceed to Daily data backup. Your data is therefore safe with us.
Processing of Your Data
We undertake to process your personal data in a reasonable manner and take appropriate, reasonable security measures such as
prevent unauthorized access, disclosure, modification, or unauthorized destruction of your personal data. All data processing shall be
carried out by employees, consultants or third-party service providers using computers and/or IT enabled tools, following standard
organizational procedures and modes.
Retention of Personal Information
How long we keep information we collect about you depends on the type of information you provide. After such time, we will delete
your information or, if this is not possible, we will securely store your information in an anonymized manner and isolate it from any
further use until deletion is possible.
We shall inform you if deletion is not possible upon the fixed deadline.
Storage of Personal Data
We store personal data in our servers hosted on premise and we don’t store any data outside country.
Compliance
We adhere to and comply with Rwandan law and are fully cognizant of the consequences of any breaches thereof.
In the event of non-compliance with the prescriptions of the law we may face the following sanctions and penalties:
Some of the administrative and criminal offences and sanctions:-
What Happens in case of Data Breach
We will inform you and the Regulator within a reasonable time;
We will provide you with clear options available to you in relation to the nature of the breach to ensure the secure recovery of your data;
We will always mitigate the risks and ensure the secure recovery of your data with as little inconvenience as possible.
We will do everything reasonable and legal to mitigate the risks.
Cookies
Cookies are small pieces of text sent to your browser by a website you visit. They help that website remember information about your
visit, which can both make it easier to visit the site again and make the site more useful to you.
We may use personal data to communicate with you about our products and services. This may be based on your preferences, derived
from Cookies or from your interactions with us.
We will always ask for your permission to allow cookies.
The type of cookies we use:
Session Cookies: Are temporary cookies stored in the browser’s memory and are deleted when the user closes the browser
How we use cookies:
We use cookies to store user application details, enabling us to utilize them across various screens.
Indemnity and Limitation of Liability
By visiting Hotel des Mille Collines website, you approved and consented to the terms and conditions outlined by this Policy. Therefore, you shall hold Hotel des Mille Collines, its partners, promoters, directors, officers, employees, affiliates, agents, contractors and sub- contractors and any other representatives harmless from any claims, demands, liabilities, suits, proceedings, penalties, costs or expenses of any kind (including but not limited to attorney fees and expenses) arising out of or in connection with:
– Sharing any information with Third Parties, Transferring and Storing Data outside of the Republic of Rwanda;
– Breach of any obligation, terms, conditions, representations, warranties and covenants under this policy, arising out of or in
connection with your negligence or willful misconduct;
– Breach of confidentiality obligations under this Policy.
This Clause shall survive the expiration or termination of the relationship you have with the Hotel des Mille Collines.
Notwithstanding anything to the contrary elsewhere contained in this policy, Hotel des Mille Collines, in any event, regardless of the
form of claim, shall not be liable for any indirect, special, punitive, exemplary, speculative or consequential damages, including, but not
limited to, any loss of use, loss of data, business interruption, and loss of income or profits, irrespective of whether it had an advance
notice of the possibility of any such damages.
Contact Information
Phone: +250 729 107 709
