Roomtrust Systems Ltd (“RoomTrust”, “We”, “Our”), will treat all Personal Information you communicate to us with the greatest care and confidentiality. RoomTrust is committed to the confidence you have vested in our company by visiting this website.
Every EU citizen automatically benefits from the new regulation. We will, as far as we can, extend this standard to all users, regardless of location. The GDPR provides increased transparency into the nature, purpose, and use of individuals’ personal data. This means that organizations must obtain a data subject’s consent for certain activities, such as the processing of sensitive data.
RoomTrust currently provides its Group Accommodation management system, managing block bookings. We refer to this system as a “Booking System”. RoomTrust is the Controller of the information stored and processed in the Booking System.
Our Booking System is a technology portal used for the distribution of hotel inventory. Users may use event websites, engage traditional or online travel agencies or their own internal corporate travel departments, known in our industry as Subscribers, for assistance in managing their hotel accommodation. Subscribers use our Booking System to identify hotel options and to book their selection. We then advise the relevant Hotel Suppliers about the booking of their services.
Your Personal Information may be sent to Hotel Suppliers that you select in order to perform or conclude contractual-related measures with outside of the EU. These Hotel Suppliers may not offer the same level of statutory protection for your Personal Information as those covered by the EU GDPR.
RoomTrust obtains Personal Information when an individual user, Subscriber or Hotel Supplier submits such data to the Booking System. We also receive Personal Information when an individual user submits data to us directly when a booking is made by the individual user directly via our website or a Subscriber website directly to the Booking System. The Personal Information we obtain is the typical of that provided when making a hotel booking.
This information may include (but may not be limited to)
Where sensitive personal data (e.g. health or religious data) is shared and processed, the explicit consent or its equivalent will be assumed to be obtained from the traveller. Such consent can be withdrawn by the traveller at any time, without affecting the lawfulness of processing based on such consent before its withdrawal.
We also process Personal Information for our legitimate business interests.
More specifically, we use Personal Information to
If you access the Booking System directly through a website or application, then device type, connectivity and configuration data may also be collected, including device hardware specifications, data regarding the operating system and other device software, IP address, location information, and regional and language settings.
We disclose Personal Information to Hotel Suppliers and Subscribers, as well as to the processors that act on their behalf, to carry out these activities and to help perform the underlying contracts with users. All information is either accessed directly by contracted Hotel Suppliers or is passed to them in an encrypted form. Subscribers have direct access to the Personal Information of their client users in the Booking System with the exception of credit card information.
RoomTrust will not sell nor transfer your Personal Information to third parties. Nor will RoomTrust use your Personal Information for purposes of direct marketing, or to send news and information about its products or services without your prior consent. If consent is given you can rescind it at any time either via your system profile or by sending an email to email@example.com.
We will process and disclose Personal Information as required by law, subpoena, or regulation; when requested by government or law enforcement authorities; for credit card processing, authentication, and fraud prevention; or as otherwise required by law.
No system of technology is completely safe, "tamper-proof" or "hacker-proof" with regard to the provision of personal data (whether in person, by phone or over the internet).
RoomTrust has, however, endeavoured to take appropriate measures to prevent and minimise risks of unauthorized access to, improper use, disclosure and inaccuracy of your personal information. For example, RoomTrust uses encryption technology when collecting or transferring sensitive data such as credit card information.
RoomTrust retains Personal Information no longer than is necessary to comply with legal obligations and to fulfil legitimate business and compliance purposes. It is RoomTrust’s policy to keep Personal Information for a period of no more than 3 years following the end of the year in which the booked travel was completed.
Credit card information collected to guarantee or pay hotel bookings is deleted no more than 2 weeks after booking’s departure date from the hotel, whether or not the guest stayed. Thereafter, only the card type and the last 4 digits of the card number are retained for reference purposes.
RoomTrust analyses, uses, discloses, and processes statistical and other data in de-personalized (anonymized) form that RoomTrust obtains or generates in connection with its business. This data is used to identify trends and other activities in the travel industry.
RoomTrust’s Booking System services are not intended for use by minors. We do not knowingly collect Personal Information from any minor.
You have a right of access regarding the information that concerns you. If this information is inaccurate, incomplete or not (no longer) relevant, you can ask for the rectification or erasure thereof.
As a practical matter, individual users may first wish to contact their Hotel Supplier or Subscriber as the most efficient means of addressing any issues in these areas. Users may direct any other requests, questions or complaints relating to their own Personal Information to RoomTrust at firstname.lastname@example.org or to the address specified below.
RoomTrust retains the right to use reasonable measures to authenticate the identity of any user who makes a request in respect of their Personal Information or otherwise raises any questions.
Privacy-related communications may be directed to
Once we receive your inquiry we will investigate the matter and respond to you promptly. We will endeavour to do this within 30 days. If this is not possible, we will endeavour to contact you and let you know about a revised timeframe.
If any EU country-based user experiences an issue regarding Personal Information that cannot be resolved directly with RoomTrust, the said user has a right to lodge a complaint with their local Data Protection Authority.
Effective Date: This policy was last updated on 25th of May 2018.
We may update this policy from time to time and will post a prominent notice to inform users about significant changes.
As the privacy legislation regularly evolves, the privacy part of this website may be adjusted. Each adaptation will be available for consultation.