Privacy & Security
Information Collection and Use
Changes to Privacy Statement and Consent
This Site and our business change constantly. As a result, at times it may be necessary for Lexyl to make changes to this Privacy Statement and Consent. Lexyl reserves the right to update or modify this Privacy Statement and Consent at any time and from time to time without prior notice. Please review this Statement periodically, and especially before you provide any Personal Data. This Privacy Statement and Consent was last updated on 05/01/2018. Your continued use of the Site after any changes or revisions to this Privacy Statement and Consent shall indicate your agreement with the terms of such revised Privacy Statement and Consent.
"Aggregated Data" includes customer demographics, interests and behavior based on Personal Data and other information provided to us which is compiled and analyzed on an aggregate and anonymous basis.
"Personal Data" includes all information that enables an individual to be identified, including, by way of example, the individual's name and e-mail address.
"Public Information" includes information posted to any public areas of the Site, such as bulletin boards, chat rooms and comment areas. Please refer to our discussion of "Public and Unsolicited Information" contained in our Terms and Conditions.
"Unsolicited Information" includes any ideas for new products or modifications to existing products and other unsolicited communications. Personal Data included in Unsolicited Information will be handled in the manner set forth in this Privacy Statement and Consent.
"User Data" includes all information passively collected from users of the Site that does not identify a particular individual, including, by way of example, statistical information on Site usage. The terms "you", "your" and "yours" when used in this Privacy Statement and Consent means any user of this Site.
What Information Do We Collect?
Information That You Give Us: We collect Personal Data such as your name, date of birth, e-mail or mailing address from you when you voluntarily choose to register for or use this Site. We use the Personal Data that we collect in an effort to provide you with a superior customer experience on the Site and to improve and market Lexyl Services. Lexyl may store such Personal Data itself or it may be stored in databases owned and maintained by Lexyl’s affiliates, agents or service providers. Lexyl retains its rights to these databases and the information contained in them.
Transfer of Your Data Abroad.
By voluntarily providing us with your Personal Data, you are consenting to our use of it in accordance with this Privacy Statement and Consent. Due to the nature of the Internet if you are visiting this Site from a country other than the United States, your communications will inevitably result in the transfer of information across international boundaries. By visiting this web site you consent to these transfers. If you provide Personal Data to this Site, you acknowledge and agree that such Personal Data may be transferred from your current location to the offices and servers of Lexyl and the affiliates, agents and service providers referred to herein located in the United States and in other countries.
In order to use this website, a user must first complete the registration form. During registration a user is required to give their contact information (name and email address) and to create a username & password. This information is used to contact the user about the services on our site for which they have expressed interest. Lexyl does not require the user to provide demographic information, such as income level and gender, nor unique identifiers such as social security number.
A cookie is a piece of data stored on the user's hard drive containing information about the user. Usage of a cookie is in no way linked to any personally identifiable information while on our Web site. For instance, by setting a cookie on our Web site, the user would not have to log in a password, thereby saving time each time they visit our site. Should the user want to temporarily disable this function they can do so by clicking the log-out link. If a user rejects the cookie, they may still use our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site.
Learn more and manage your cookies preferences
We use IP addresses to analyze trends, administer the site, track user's movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.
This Web site contains links to other sites. Please be aware that Lexyl Travel Technologies is not responsible for the privacy practices of such other sites. We encourage our users, when they leave our site, to read the privacy statements of each and every Web site that collects personally identifiable information. This privacy statement applies solely to information collected by this Web site.
All of our users' information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, a billing clerk or customer service representative) are granted access to personally identifiable information. The servers that we store personally identifiable information on are kept in a secure environment.
We send all new members a welcoming email to verify password and username. Established members will receive information on new groups or hotel bids relating to their business. Out of respect for the privacy of our users we present the option to not receive these types of communications.
EU General Data Protection Regulation "GDPR"
Lexyl shall ensure appropriate operational and technical measures are in place to safeguard the Personal Data against Data Security Breaches;
Lexyl shall notify group coordinators without undue delay if it becomes aware of any actual Data Security Breaches and shall provide reasonable information and cooperation to Group Coordinator so that Group Coordinator can fulfil any data breach reporting obligations it may have under (and in accordance with the timescales required by) applicable Data Protection Legislation;
Lexyl shall, upon request, provide the group coordinator with a list of subcontractors who Process Personal Data;
Lexyl shall only appoint third party vendors or service providers as sub- processors of the Personal Data where Lexyl:
(A) concludes written contracts with such sub-processors which provide for data protection terms that are no less protective than the terms set out in these Requirements;
(B) notifies group coordinator of any intended additions of or replacements to existing sub-processors prior to such appointment;
If the group coordinator has reasonable data protection grounds to believe that a sub- processor appointed by Lexyl will render Lexyl unable to fulfil its data protection obligations under these Requirements, the group coordinator may, within 7 days of receipt of notice of their appointment, object to Lexyl's appointment of such sub-processor, in which case Lexyl will not allow that sub-processor to further access the Personal Data until the group coordinator has agreed to the appointment or replacement of the subcontractor or until group coordinator withdraws its objection;
Lexyl shall establish policies and procedures to provide all reasonable and prompt assistance to Group Coordinators in responding to any and all requests, complaints, or other communications received from any individual who is or may be the subject of any Personal Data Processed by Lexyl.
Cross border data transfers
Lexyl shall not transfer (and shall not permit any third party to transfer) Personal Data outside the territory of origination unless it takes any required compliance measures to enable such transfer legally; and
With regard to EEA Data, Lexyl shall not transfer (and shall not permit any third party to transfer) such data in any territory outside of the European Economic Area (EEA) unless it takes such measures to ensure that such transfer of EEA Data is consistent with the requirements of Chapter V of the GDPR. For the avoidance of doubt, such measures may include Lexyl (or third party, as applicable):
(A) ensuring that it Processes the EEA data in a country that has been deemed adequate by the European Commission pursuant to Article 45 of the GDPR;
(B) Processing the EEA Data pursuant to Standard Contractual Clauses (or "model clauses") approved by a decision of the European Commission;
(C) Processing the EEA Data in compliance with Binding Corporate Rules that have been duly authorized by EEA data protection authorities that are competent for the EEA Data; and
(D) with respect to transferring the EEA data to the United States, Processing such data pursuant to the EU-U.S. and/or Swiss-U.S. Privacy Shield Frameworks, as applicable;
(E) Lexyl shall ensure that any person (including Lexyl's staff, agents and subcontractors) who is authorized to Process the Personal Data is subject to a strict duty of confidentiality (whether a contractual or statutory duty) and shall not permit any person to Process the Personal Data who is not under such a duty of confidentiality; and
(F) with regard to EEA Data, Lexyl shall assist group coordinators to conduct data protection impact assessments to the extent such assessments are required by the GDPR, and if necessary, consult with relevant supervisory authorities pursuant to Articles 35-36 of the GDPR.
Please send all personal data removal requests to GDPR [AT] hotelplanner.com with your group request ID number in the subject line of the email.