Maison Mer’s Privacy Notice
This privacy notice covers our main activities including our website maisonmerbynikkibeach.com We describe here the data we collect from you when you engage with us.
These are our reasons for collecting it, what we do with it and what your rights are.
Who are we?
We are Pearl Jumeira Hotel L.L.C (also known as “Maison Mer by Nikki Beach”) , a company registered in Dubai, UAE and our registered office is at Pearl Jumeirah, Dubai 8286 in the United Arab Emirates
You can email us using it.support@nikkibeach.com with any questions about this Privacy Notice.
Purpose of processing
Where we are the Data Controller we process your personal data for a variety of purposes as set out in the table below, which also shows our lawful basis under EU data protection legislation (GDPR) for doing so.
Where we are providing website hosting, support services, and managing marketing campaigns to our clients we act as a Data Processor on their behalf.
Purpose | Lawful Basis under EU GDPR |
---|---|
Purpose Managing your enquiries | Lawful Basis under EU GDPR Our legitimate interests in responding to and managing your enquiry. |
Purpose Managing our commercial relationship with you as a contact employed by one of our clients: | Lawful Basis under EU GDPR Our legitimate interests in managing our commercial relationships and any associated contracts between our respective organizations. |
Purpose Managing our commercial relationship with you as a contact employed by one of our suppliers. | Lawful Basis under EU GDPR Our legitimate interests in managing our commercial relationships and any associated contracts between our respective organizations. If you are a sole trader or partner in a partnership then our lawful basis will be that processing is necessary to manage the contract we have with you. |
Purpose Direct marketing | Lawful Basis under EU GDPR Our legitimate interests in ensuring we appropriately manage, deliver or suppress direct marketing activity. |
Purpose Recruitment Enquiries | Lawful Basis under EU GDPR Taking the steps necessary to enter into a contract with you. We will provide further privacy information to you as the recruitment process progresses. |
Purpose Deployment of non-essential cookies | Lawful Basis under EU GDPR Your consent. |
Where we are relying on our legitimate interests you are free to object to that at any time. In the case of direct marketing activities we will ensure that we cease to market our services to you should you object to our legitimate interests.
Where we are relying on your consent you are free to change your mind and withdraw your consent at any time.
Data we collect
The table below gives information on the categories of personal data we process for each of the purposes shown above.
Purpose | Categories of Data Processed |
---|---|
Purpose Managing your enquiries | Categories of Data Processed Name, contact details, message content and history. |
Purpose Managing our commercial relationship with you as a contact employed by our client | Categories of Data Processed Name, contact details, organization & role. |
Purpose Managing our commercial relationship with you as a contact employed by one of our suppliers | Categories of Data Processed Name, contact details, organization & role.If you are a sole trader or partner in a partnership then financial records (payments, invoices etc) will also be part of your personal data. |
Purpose Direct marketing | Categories of Data Processed Name, contact details, marketing preferences. |
Purpose Recruitment Enquiries | Categories of Data Processed Name, contact details, role applied for. |
Purpose Deployment of non-essential cookies | Categories of Data Processed Cookies deployed. |
Special category data
There are additional rules we must follow if we collect certain types of more sensitive data, known as Special Category Data. These include details of your ethnicity, beliefs, health and sexuality and in each case we must let you know what our additional lawful basis is for processing such data.
We do not routinely process any such special category data, however we may occasionally do so (for example when we manage an event you are attending we may ask for any dietary or access requirements which could include data relating to belief or health) and will always ensure we have a lawful basis (normally by asking for your explicit consent) and only retain the information for a very limited period of time.
How long do we keep your data for?
Where we are relying on our legitimate interests to process your data then we will keep your personal data until you object to our legitimate interests and we agree with your objection, or until the following default periods have elapsed after our last contact with you.
We will retain your personal data by default for the following periods:
Managing your enquiries: 7 years
Managing our commercial relationship with you as a contact employed by our client: 7 years
Managing our commercial relationship with you as a contact employed by one of our suppliers: 7 years
Direct marketing: 7 years
Curator/creator/adviser membership management as an individual or sole trader:7 years
Curator/creator/adviser membership management as an employee of your business: 7 years
Recruitment Enquiries: 6 months if application does not proceed
Deployment of non-essential cookies: 7 Days
Do we ever share personal data?
We will share your data if we receive a legitimate request from a law enforcement agency.
When you submit your personal data online your data is shared with our partners who manage our website.
If we are communicating with you via email or social media channels, we will be sharing your personal data with those email and social media providers.
We also utilize external suppliers to provide several business support services. We always ensure that we have appropriate contracts in place to protect your rights when personal data is processed on our behalf by these third parties. There is further information regarding these suppliers in the “Where Do We Process Data?” section.
How do we keep your data secure?
We take sensible steps to keep your data secure and ensure we can uphold your rights and meet our obligations under EU GDPR:
All data sent between your browser and our website are encrypted in transit
Access to personal data is role based: only those members of staff with a legitimate need will have access
Systems are password protected and multi-factor authentication is enabled where available
We ensure that appropriate contracts are in place with our suppliers who process your personal data to protect your rights, to ensure that they take appropriate security measures to safeguard your data, and that any international transfers are done correctly under EU GDPR
Our employees are all subject to an obligation of confidentiality, and receive training on data protection matters
We utilize appropriate technical and organizational measures to optimize the security of your personal data.
Your Rights
You have a number of rights relating to the processing of your data, if you would like to use them or have any questions then please contact us.
We won’t charge you for doing any of the following, however we may make a charge in the case of frequent repeat or unfounded requests:
Awareness: You have the right to be fully informed about why and how we process your information. This privacy notice is intended to meet that requirement, but please do contact us if you have any questions. If we obtain your personal data from a third party (e.g. a social media platform or recruitment platform) then we will tell you where we have obtained your information from
Access: You have the right to a copy of the data we hold about you
Rectification: If you think some of the data we hold is wrong then you have the right to ask us to correct it
Erasure: You have the right to ask us to delete the data we hold about you. Where we are holding the data to fulfill a contract with you or your organization then we will need to retain the data in accordance with the data retention requirements shown above
Restriction: You have the right to ask us to restrict the processing of personal data whilst we check its accuracy, if you think the processing is unlawful, if you believe we no longer need to process the data but you need us to store it due to pending legal claims, or when you object to our processing based upon our legitimate interests and we are assessing the validity of that
Object: Where we are processing your personal data based upon our legitimate interests you have the right to object to that. If your objection is valid (for instance in the case of any direct marketing activity) then we will stop processing your personal data for that purpose,
Data portability: You can request a copy of your data in a digital format which you can then supply to another provider when we are processing your personal data under the lawful basis of performing a contract with you or because we have your consent
Automated decisions and profiling: You have the right, in certain circumstances, not to be subject to decisions based on automated processing (including profiling) if it has a significant or legal impact on you. This doesn’t apply if the processing is necessary to fulfill a contract with you, or if you have given us your consent to do so. We do not currently use any technology to make automated decisions about you.
Cookies
We will always ask for your consent to install analytics or marketing cookies on your device. We use the following non-essential cookies on our site:
Cookie Name | Origin Cookie Type |
---|---|
Cookie Name Googletagmanager.com (Google) | Origin Cookie Type Analytical |
Cookie Name Google-analytics.com (Google) | Origin Cookie Type Analytical |
Cookie Name Facebook.net (Facebook) | Origin Cookie Type Marketing |
Cookie Name Facebook.com (Facebook) | Origin Cookie Type Marketing |
Cookie Name ad_storage | Origin Cookie Type Performance Tracking |
Cookie Name ad_user_data | Origin Cookie Type Performance Tracking |
Cookie Name ad_personalization | Origin Cookie Type Performance Tracking |
Cookie Name analytics_storage | Origin Cookie Type Performance Tracking |
You can give your consent to cookies, and withdraw your consent for cookies, using the pop-up cookie consent banner which displays on our site upon arrival.
For more information on our cookies, visit the Cookie Notice page.
What happens when I follow links to other sites?
If you follow a link from our site to another site then you should read the privacy notice on the other site prior to providing your data to them. We are not responsible for the cookies installed upon your device by other websites.
Where do we process data?
We primarily process data in the EU however we use partners to help us deliver our services, some of these services will mean that your personal data is transferred outside of the EU.
We may share your personal data with professional advisors from time to time, such as our accountants or legal advisors. We will always ensure that appropriate protections to your rights and freedoms are in place.