PRIVACY POLICY

Royal Kona Resort Privacy Statement

Our Core Beliefs Regarding User Privacy And Data Protection

- User privacy and data protection are a necessity and our duty
- We have the duty of protecting personal data
- Data is a liability, it should only be collected and processed when absolutely necessary
- We loathe spam as much as you do!
- We will never sell, rent or distribute your personal data
- We will not make your personal information public without your consent. Your personal information (name) will be made public only if you wish to make a comment or review on the website.

Relevant Legislation

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

EU General Data Protection Regulation 2018 (GDPR)
California Consumer Privacy Act 2018 (CCPA)

What Personal Information We Collect And Why

Royal Kona Resort and its affiliates value your right to privacy. We have compiled this privacy policy to provide details about how your personal information is collected and used by us. Personal information is any information that identifies you or would enable someone to contact you, which may include your name, email address, phone number and other non-public information that is associated with such information. It does not include aggregate information, anonymous information, or any other non-personally identifiable information.

Here we describe what information is collected and the reasons for collecting it. The categories of information we collect are as follows:

- If you make a reservation through our website, through our reservations center, or check in as a guest at our hotel, we ask for your title, name, address, email address, phone number, credit card number and expiration date, and the name(s) of other registered guests in your party. This allows us to secure your reservation and notify you of the status of the reservation.
- If you are participating in our Royal Rewards Loyalty program, we ask for your name and email address so we can provide you with program benefits.
- If you are a guest and log on for Wi-Fi access, we may ask for your name and email address.
- If you subscribe to receive information from us via email sign-up on our websites, we ask for your email address.
- If you provide us with your email during the reservation process, we may use this information to send emails with details regarding your reservation information and other offers. Consent is not a condition of purchase.
- If you provide us with your phone number during the reservation process, we may use this information to send text messages with details regarding your reservation information and other offers. Consent is not a condition of purchase.
- If you fill out a request for proposal or reservation form on our website we ask for your name, email address and phone number to correspond with you about the information you are requesting.

You may access, review, correct or delete the personal information you give us by sending us an email at webmaster@hawaiianhotels.com

How We Use The Information You Provide

We use your Personal Information to provide personalized services either with your consent or because we have a legitimate interest in doing so. Personal Information you provide at our request is used to:

- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you)
- Contact you to confirm a reservation or to contact you in the event there are questions about any information you submit to us.
- To facilitate and fulfill reservations and process payment.
- To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs)
- To follow up after correspondence with us (live chat, email, text, or phone inquiries)
- Send administrative information, confirmations and/or pre-arrival messages, marketing communications and promotional offers, as well as periodic customer satisfaction, or quality assurance surveys, and other related product or customer service information. 

Note: If at any time you would like to unsubscribe from receiving communications from us, you may opt-out and revoke that permission at any time by emailing us at webmaster@hawaiianhotels.com.

Information We Automatically Collect And How We Use That Information

Site Visit Trackers

Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to track their journey through the website.

Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer's IP address, which could be used to personally identify you, but Google does not grant us access to this. We consider Google to be a third-party data processor (see section below).

GA makes use of cookies, details of which can be found on Google's developer guides. Our website uses the analytics.js implementation of GA. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.

In addition to Google Analytics, this website may collect information (held in the public domain) attributed to the IP address of the computer or device that is being used to access it.

Forms And Email Newsletter Submissions On The Website

Contact Forms And Email Links

We only receive an email when a user mails us using an email link. There are no third-party data processors or intermediaries involved.

Should you choose to contact us using the contact form on our Contact us page, none of the data that you supply will be passed to / be processed by any of the third-party data processors defined in section below. Instead, the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted before being sent across the internet. The email content is then decrypted by our local computers and devices.

Email Newsletter

If you choose to subscribe to our email newsletter or submit a form on our website, the email address that you submit to us will be forwarded to a third-party marketing platform service company (see section below). Your email address will remain within their database for as long as we continue to use the third-party marketing company's services for the sole purpose of email marketing or until you specifically request removal from the list.

You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.

If you are under 16 years of age you MUST obtain parental consent before joining email newsletter. 

Listed below are the pieces of information that we may collect as part of servicing requests on our website:

- Name
- Gender
- Email ID
- Phone
- Mobile
- Address
- City
- State
- Postal Code
- Country
- IP Address

We do not sell your personal information to third parties. We may share limited amount of data with listed Third-Party data processors only towards servicing your requests or improving our offering.

Revenue Recovery Emails

As part of Revenue Recovery model, we work with re-marketing service companies to send notification messages if you have abandoned your cart without making a purchase. This is for the sole purpose of reminding customers to complete the purchase if they wish to. The re-marketing service companies do a real-time capture of your email ID and cookies to send an email invite to complete the transaction if the customer abandons the cart. However, the email ID of the customer is deleted from their database as soon as the purchase is complete or after the re-marketing time period has elapsed.

"Do Not Sell My Data" - Why We Don't Have It

We do not sell personal information of our customers or of minors below the age of 16 years to third-party data collectors and hence the "Do not sell my data" opt-out button is optional on our website. Reiterating, we may collect your data for the sole purpose of completing a service request or for marketing communications. If you wish to access or erase your personal information, you can do so by submitting your details to us via email.

Important Notice For Minors Sharing Personal Information

If you are under 16 years of age you MUST obtain parental consent before:

- Submitting a form
- Posting a comment on our blog
- Subscribing to our offer
- Subscribing to our email newsletter
- Making a Transaction

How Do We Protect Your Information?

We implement a variety of security measures to help maintain the safety of your personal information when you reserve a booking or enter, submit, or access your personal information. We use generally accepted standards governing administrative, technical and physical measures to protect your personal information. For example, credit card information provided through our online reservations forms is encrypted and measures have been taken to secure our server from any unauthorized access. Despite these measures, the confidentiality of any communication or material transmitted to or from us cannot be guaranteed to be 100% secure.

After a transaction, your personal information may be kept on file in order to archive reservation data, help improve the customer experience, and for other business purposes. We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

- The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you have an account with us or keep using our services)
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
- Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations)  

Accessing/Deleting Personal Information

Should you wish to view or delete your personal information, please email us here with the email address used, your name and deletion request. Alternatively, you can fill out the form at the bottom of this page to view and/or delete your data stored with us.

Third-Party Disclosure

We do not sell, trade, or otherwise transfer to outside parties your Personal Information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. 

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third Party Data Processors

We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section above. If you request for your Personal information to be deleted with us, the request will also be forwarded to the parties below:

- Google (Privacy Policy)
- Benchmark (Privacy Policy)
- Sabre (Privacy Policy)
- Microsoft (Privacy Policy)
- Facebook (Privacy Policy)
- Triptease (Privacy Policy)
- Instagram (Privacy Policy)
- Revinate (Privacy Policy)
- Akia (Privacy Policy)

Cookie Policy

This policy covers the use of cookies and other technologies. The types of cookies we use fall into 3 categories:

Essential Cookies And Similar Technologies

These are vital for the running of our services on our websites and apps. Without the use of these cookies parts of our websites would not function. For example, session cookies allows a navigation experience that is consistent and optimal to user's network speed and choice of device.

Analytics Cookies And Similar Technologies

These collect information about your use of our websites and apps and enable us to improve the way it works. For example, analytics cookies show us which are the most frequently visited pages. They also help identify any difficulties you have accessing our services, so we can fix any problems. Additionally, these cookies allow us to see overall patterns of usage at an aggregated level.

Tracking, Advertising Cookies And Similar Technologies

We use these types of technologies to provide advertisements that are more relevant to your interests. This can be done by delivering online adverts based on your previous web browsing activity. Cookies are placed on your browser which will store details of websites you have visited. Advertising based on what you have been looking at is then displayed to you when you visit websites that use the same advertising networks.
We may also use cookies and similar technologies to provide you with adverts based on your location, offers you click on, and other similar interactions with our websites and apps.

Third-Party Links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Data Breaches

We will report any unlawful data breach of this website's database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

Changes To Our Privacy Policy

This privacy policy may change from time to time to conform with legislation and/or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.

By entering a valid email address that you have access to, we will inform you about any personal information we collect that is associated with that email address and how to manage it.