Information collection and use
Changes to the privacy statement and consent form
This site along with our business are constantly changing. As a result, at times it may be necessary for LEXYL to make changes to the privacy statement and consent form. LEXYL reserves the right to update or modify the privacy statement and consent form at any time, sometimes without prior notice. Please review this statement periodically, especially before providing any personal data. This privacy statement and consent form were last updated on 28/04/2022. Continuing to use the site after any changes or revisions to the privacy statement and consent form have been made, will indicate your agreement with the terms of the revised privacy statement and consent form.
'Aggregated Data' includes customer demographics, interests and behaviour based on personal data and other information provided to us, which is compiled and analysed on an aggregate and anonymous basis.
'Personal Data' includes any information that enables an individual to be identified, such as the individual's name and email address.
'Public Information' includes information posted to any areas on the site with public access, such as bulletin boards, chat rooms and comment forums. Please refer to our discussion of 'Public and Unsolicited Information' contained in our Terms and Conditions.
'Unsolicited Information' includes any ideas for new products or modifications to existing products and other unsolicited communications. Personal Data included in Unsolicited Information will be handled in the manner set forth in the privacy statement and consent form.
'User Data' includes any information passively collected from users of the site that does not identify a particular individual, such as statistical information on site usage. The terms 'you', 'your' and 'yours' when used in the privacy statement and consent form means any user of this site.
What information do we collect?
Your information: We collect your personal data such as your name, date of birth, email or postal address when you voluntarily choose to register for or use this site. We use the personal data collected to provide you with a superior customer experience on the site and to improve and market LEXYL Services. LEXYL may store such personal data itself or it may be stored in databases owned and maintained by LEXYL’s affiliates, agents or service providers. LEXYL retains its rights to these databases and the information they contain.
When you visit us on our online services, we may collect certain information automatically from your device. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws. Specifically, the information we collect automatically may include, but is not limited to, information like your IP address, device type, unique device identification numbers, browser-type (such as Firefox, Safari, or Internet Explorer), your Internet Service Provider (ISP), your operating system and carrier. For website users, details of any referring website or exit pages as well as broad geographic location (e.g., country or city-level location) may also be collected. We may also collect other technical information such as how your device has interacted with our online services, including the pages accessed and links clicked. Collecting this information enables us to better understand the visitors who come to our online services, where they come from, and what content on our online services is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our online services for our visitors, for example, to customize your user experience, tailor your searches and show you advertisements that may be of interest. We may also use this automatic information to prevent and detect fraud. This and your personal information may also be linked to Cookies to enable the proper operation of our online services, store your travel searches on our online services, and collect information on how you used our online services. For more information, please see the “Cookies” section below.
If you’re an employee of a corporate account, a vendor or other type of business partner such as a property owner, property manager, travel agent, other information collected can include employer, employee identification number, or other relevant details.
We may also use your personal information for other purposes described in the “How we use your information” section below.
When you use one of your smart phone app, tablet app, or applications for other platforms (collectively 'App' or 'Apps' as applicable), we may also collect, for example:
Information about the functionality of the Apps you access and use. This allows us to identify those areas of the Apps that are of interest to our customers so that we can refine and continuously improve the Apps. Your device’s unique device identifier (“UID”). Each App sends us the device's UID, a sequence of numbers or characters that are unique to your device. We use this on the first opening of the App so that we can confirm to our advertising networks the number of downloads resulting from clicks on their respective ad banners and other marketing tools. When an email address is provided, we associate this with your current UID/cookie ID for the purposes of providing a seamless experience across your devices. Information about your current location. When you use an App’s ‘find hotels near your current location’ or similar features that suggest relevant content based on location, or otherwise provide location-based services, we use information about your current location – provided by your device using GPS or similar technologies – to show relevant content or other localized information. We do not collect location data unless you expressly use a location-based feature, and you can switch off location data collection at any time through your phone settings menu. Error reporting information. This enables us to investigate the error and to improve the stability of the App for future releases. As part of these error reports, the App sends us information about the mobile device type and version, the UID, the time the error occurred, the feature being used and the state of the application when the error occurred. We may use this information to investigate and remediate the error and to assist you in completing an impacted booking. You have the ability to control what information an App sends to us. You can exercise this control either by changing the settings of the App under its setting menu or changing the settings of your mobile device. Alternatively, you can remove the App from your device entirely and access our services through our website.
When using a social media feature, if you have chosen to include personal information in your social media account, we may access information such as your name, profile picture, gender, birthday, email address, town or district and any other information you have chosen to make available. Subject to your privacy settings, we access information that you provide to a social media provider regarding your respective locations ('Location Data') to provide you with relevant content. We do not store or use any data related to the friends you are connected with on a social media site.
How we use your information
We use your personal information for the following purposes (“Purposes”), to: Provide the Services, which includes providing you with the services, products, and functionality offered through our Services and fulfilling your requests, including, but not limited to: facilitating and processing bookings with LEXYL and our travel partners, reviewing travel partners, paying for travel partners’ products and services through our Services, Authenticate your account credentials and identify you, as necessary to log you in to the Services and ensure the security of your account Show your reservations and bookings made through the websites, applications, and services of our group companies on your account page. Communicate with you about your account or use of our Services, products, and/or functionality (e.g., soliciting reviews and feedback, sending alerts and notifications you have subscribed to, providing updates regarding itineraries, sending you booking confirmations, sending you information servicing and administrative emails or other notices required by law); respond to, or follow up on, your comments and questions; and otherwise provide customer service. Send you marketing communications, including communicating with you about services or products offered by LEXYL, our group companies, or our business partners and other marketing communications that we believe you would be interested in, as permitted by law. Operate and improve our Services and develop new products and services, including using analytics to better understand how you use our Services for purposes of product, website, application and service development and to enhance the user experience. Process and deliver contest entries and rewards Process your payment information. Provide services and information to travel partners, such as providing user feedback and usage details. Tailor your experience with our Services, such as by making inferences or combining different pieces of information we have collected about you to offer better search results or otherwise tailor our Services to you according to your preferences or restrictions. Provide you more relevant advertising on and off our Services, including to show you personalized offers and advertising on and off our Services. Protect against, investigate, and deter fraudulent, unauthorized, or illegal activity. Comply with our policies, procedures and legal obligations, including complying with law enforcement or government authority requests, addressing litigation-related issues, and exercising rights or obligations conferred by law. As otherwise consented to by you and as required or permitted by applicable law. If you give your consent to any further use of personal information, you can withdraw that consent at any time by contacting us using the details set out below.
Please note that our accountants, internal and external auditors, legal counsel and other professional advisors may have access to your personal information in order to provide us with applicable professional services in connection with our legal compliance requirements, including, without limitation, applicable securities laws or exchange listing rules, or otherwise in connection with our business.
You have choices about your personal information, and in some circumstances, you may have the right to opt out or object to our uses of your personal information for these Purposes.
Sharing of Personal Information
We share personal information with third-parties in connection with the delivery of services to you and the operation of our business (for example, to provide credit card processing, customer service, business analytics, and fraud prevention and compliance services, and to serve you with advertising tailored to your interests). These third-party service providers are required to protect personal information we share with them and may not use any directly identifying personal information other than to provide services we contracted them for. They are not allowed to use the personal information we share for purposes of their own direct marketing (unless you have separately consented with the third-party under the terms provided by the third-party).
Transfer of your data abroad
By voluntarily providing us with your personal data, you are consenting to our use of it in accordance with the privacy statement and consent form. Due to the nature of the Internet, if you are visiting this site from a country other than the United States, your communications will inevitably result in the transfer of information across international boundaries. By visiting this website you consent to these transfers. If you provide personal data to this Site, you are acknowledging and agreeing that such personal data may be transferred from your current location to the offices and servers of LEXYL and the affiliates, agents and service providers referred to herein located in the United States and in other countries.
In order to use this website, a user must first complete the registration form. During registration, a user is required to give their contact information (name and email address) and to create a username and password. This information is used to contact the user about the services on our site for which they have expressed interest. LEXYL neither requires the user to provide demographic information, such as payscale and gender, nor requires unique identifiers such as a National Insurance number.
A cookie is a piece of data stored on the user's hard drive containing information about the user. Usage of a cookie is in no way linked to any personally identifiable information whilst browsing our website. For instance, by setting a cookie on our website, the user would not have to log in with a password, thereby regularly saving time when they visit our site. Should the user want to temporarily disable this function, they can do so by clicking the log-out link. If a user rejects the cookie, they may still use our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site.
To learn more and to manage your cookies preferences, click here:
We use IP addresses to analyse trends, monitor the site, track user's movement and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.
This website contains links to other sites. Please be aware that LEXYL is not responsible for the privacy practices of other sites. We encourage our users, when they leave our site, to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this website.
All of our users' information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, a billing clerk or a customer service representative) are granted access to personally identifiable information. The servers on which we store personally identifiable information are kept in a secure location.
We send all new members a welcoming email to verify their password and username. Established members will receive information on new groups or hotel bids relating to their business. Out of respect for the privacy of our users, we present the option of not receiveing these types of communications.
Site and service updates
We send the user site and service announcement updates. Members are not able to un-subscribe from service announcements, which contain important information about the service. We communicate with the user regarding updates to our site and service and issues relating to their account via email or phone.
Correcting/Updating personal information
If a user's personally identifiable information changes (such as zip code), or if a user no longer desires our service, we will endeavor to provide a way to correct, update, or remove that user's personal data.
We use third-party advertising companies to serve ads when you visit our Website. These companies may use information (not including your name, address email address or telephone number) about your visits to this and other Web sites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, you can visit www.networkadvertising.org/managing/opt_out.asp
Notification of changes
Though we make every effort to preserve user privacy, we may need to disclose personal information when required by law wherein we have a good-faith belief that such action is necessary to comply with a current judicial proceeding, a court order or legal process served on our Web site.
EU General Data Protection Regulation 'GDPR'
Lexyl shall ensure appropriate operational and technical measures are in place to safeguard personal data against data security breaches;
LEXYL shall notify group coordinators without undue delay if it becomes aware of any actual data security breaches and shall provide reasonable information and cooperation to group coordinators so that group coordinators can fulfil any data-breach reporting obligations it may have under (and in accordance with the timescales required by) applicable data protection legislation;
LEXYL shall, upon request, provide the group coordinator with a list of subcontractors who process personal data;
LEXYL shall only appoint third-party vendors or service providers as subprocessors of personal data where LEXYL:
(A) concludes written contracts with such subprocessors which provide for data protection terms that are no less protective than the terms set out in these requirements;
(B) notifies the group coordinator of any intended additions of or substitutions to existing subprocessors prior to such appointment;
If the group coordinator has sufficient grounds (regarding data protection) to believe that a subprocessor, appointed by LEXYL, will render LEXYL unable to fulfil its data protection obligations under these requirements, and so the group coordinator may, within 7 days of receipt of notice of their appointment, object to LEXYL's appointment of such a subprocessor, in which case LEXYL will not allow that subprocessor to further access the personal data until the group coordinator has agreed to the appointment or substitution of the subcontractor or until the group coordinator withdraws their objection;
LEXYL shall establish policies and procedures to always provide sufficient and prompt assistance to group coordinators in responding to any and all requests, complaints or other communications received from any individual who is or may be the subject of any personal data processed by LEXYL.
Please note that our accountants, internal and external auditors, legal counsel and other professional advisors may have access to your personal data in order to provide us with applicable professional services in connection with our legal compliance requirements, including, without limitation, applicable securities laws or exchange listing rules, or otherwise in connection with our business.
Cross-border data transfers
LEXYL shall not transfer (and shall not permit any third party to transfer) personal data outside the territory of origination unless it takes any required compliance measures to enable such transfer legally; and
With regard to EEA Data, LEXYL shall not transfer (and shall not permit any third party to transfer) such data in any territory outside of the European Economic Area (EEA) unless it takes such measures to ensure that such transfer of EEA Data is consistent with the requirements of chapter V of the GDPR. For the avoidance of doubt, such measures may include LEXYL (or third party, as applicable):
(A) ensuring that it processes the EEA data in a country that has been deemed adequate by the European Commission pursuant to Article 45 of the GDPR;
(B) processing the EEA data pursuant to standard contractual clauses (or 'model clauses') approved by a decision of the European Commission;
(C) processing the EEA data in compliance with binding corporate rules that have been duly authorised by EEA data protection authorities that are competent for the EEA data; and
(D) with respect to transferring the EEA data to the United States, processing such data pursuant to the EU-US and/or Swiss-US Privacy Shield Frameworks, as applicable;
(E) LEXYL shall ensure that any person (including LEXYL's staff, agents and subcontractors) who is authorised to process personal data is subject to a strict duty of confidentiality (whether a contractual or statutory duty) and shall not permit any person to process the personal data who is not under such a duty of confidentiality; and
(F) with regard to EEA Data, LEXYL shall assist group coordinators to conduct data protection impact assessments to the extent such assessments are required by the GDPR, and if necessary, consult with relevant supervisory authorities pursuant to Articles 35-36 of the GDPR.
Please send all personal data removal requests to GDPR[AT]hotelplanner.com with your group-request ID number in the subject line of the email.