This Privacy Notice provides information about how Maitre, LLC, with offices located at 151 West 19th Street, Suite 1101, New York, NY 10011 (“Maitre”, “we”, “our”, “us”) collects and processes the personal data of individuals (“you”,“your”) who visit and/or interact with our website www.maitrehotel.com (the “Website”), purchase or use our services, and to all subsequent correspondence or communications with those people, whether by email, telephone or otherwise.
If you are located in the European Union, Maitre is a “controller” of your personal data. This means that we are responsible for deciding the purposes and means by which we use the personal data we hold about you. “Personal data” is any information by which you or any living person can be individually identified either directly or directly but does not include anonymised data. There are “special categories” of more sensitive personal data which require a higher level of protection
As a controller, we are obliged to provide this Privacy Notice to you under the General Data Protection Regulation (EU) 2016/679 ( the “GDPR”). In brief this Privacy Notice explains:
This Privacy Notice does not form part of any contract, or offer to enter into a contract, with us. It may be amended by us at any time. We reserve the right to amend this Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice on the Website. We recommend that you check the Website often, referring to the date of the last modification listed at the top.
It is important that you read this Privacy Notice so that you are aware of how and why we are using your personal data. Please see Section 12 (Your Data Protection Rights) and Section 14 (Contact Us and Queries) for further information about how to contact us, your rights and how to exercise those rights.
This Privacy Notice applies to you when you access, browse and use our Website (through various domains) and interact with us on our Website.
We may collect, use, store and transfer different categories of personal data about you which we have grouped together as follows:
Identity Data including your first name and surname.
Username associated with your subscription.
Business Contact Data such as your name, title, organisation, job title, occupation, address, telephone number, email address and other personal data contained in documents and communications and otherwise received in the course of us providing our services.
General business interactions: Typically we process the following kinds of personal data when we communicate with prospective, existing or former clients, business contacts and other persons:
Marketing Data including your preferences in receiving marketing communications from us.
Financial Data such as your tax status, tax number, bank account details, financial information, transaction information, credit history including court judgments and any other information necessary for processing and collecting payments and fraud prevention.
Communications Data including your interactions with us and any complaints or feedback.
Identity Data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this
Usage Data including information about how you use the Website and our services.
Website: We collect, use and share aggregated data such as statistical data for various purposes. Aggregated data may be derived from your personal data but is not personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate Usage Data to calculate the percentage of users accessing a specific feature of our services.
Special categories of personal data
We do not collect any special categories of personal data about you (this is personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership; genetic data; biometric data for the purpose of uniquely identifying an individual or data concerning health or sexual orientation). Where we need to collect personal data by law, or under any terms we have agreed with you/your employer and you do not provide that personal data when requested, you may not be able to subscribe for or use some of our services. We will let you know at the time of collecting personal data from you whether you must provide the personal data in order to receive any of our services, and whether the provision of personal data requested by us is optional.
We may receive your personal data through various means including:
We obtain your Identity Data, Contact Data and Communications Data when you interact with us through the Website (including when these are accessed from mobile devices and by phone) or otherwise. This includes personal data you provide when you contact us to request a quote, book a live demo, email us and when you give us feedback.
We will receive your Business Contact Data and Financial Data through your interactions with us including when (a) you meet with us (in person or remotely) to discuss proposed or actual services or other service-related matters; (b) we communicate by post, email, telephone, SMS, video conference or by any other means; and (c) you furnish us, or our service providers, forms, documents, contracts and other materials containing your personal data.
We collect your Marketing Data when you indicate to us your preferences for receiving marketing communications from us.
As you browse and interact with the Website, we collect browser data. We collect this personal data by using cookies and other similar technologies. Please see our Cookies Policy for further details.
We may receive personal data about you from third parties. For example, we may receive personal data about you from: (a) Technical Data from Google Analytics to better understand the use of our Website. These features use cookies and anonymous identifiers to collect information.
The GDPR permit specific legal bases to process personal data. The legal bases we may rely on to process your personal data are:
Consent where you have provided freely given, specific, informed and unambiguous consent to the processing of your personal data.
Contractual Necessity where processing your personal data is necessary for our performance of a contract with you or to take steps at your request to enter a contract.
Legal Obligation where processing your personal data is necessary for compliance with our legal obligation.
Legitimate Interests where processing your personal data is necessary for our or a third party’s legitimate interests. We have a legitimate interest in carrying on, managing and administering our business. Part of our business management involves processing your personal data. However, your personal data will not be processed for our legitimate purposes if doing so would override your fundamental rights and freedoms which require protection of your personal data.
We have set out below a description of the ways we typically process your personal data and the legal reasons we rely on to do so.
(i) Website and our services
To administer and protect our business, services, our Website, and property hosted on or made available through the Website including implementing and monitoring security measures and access authentication controls; troubleshooting; data and usage analysis; testing; system maintenance; user support; and to use the outcome of support services to improve and protect our services, networks and systems. To anonymise personal data for statistical purposes, and to pseudonymise passwords for security purposes.
Necessary for the performance of a contract with you.
Necessary to comply with a legal obligation.
Necessary for our legitimate interests for running our business; network and systems security; to identify and/or prevent unlawful activity or other misconduct; manage disputes and to protect our interests; collate statistical information to enhance our services and business.
To use data analytics and other technologies to monitor usage of our Website, measure the performance of the Website and to optimise them, improve our services, marketing strategy and output, user interactions, relationships and experiences. We may also process information collected when you browse and use our Website to set default options for you (such as language and country).
Necessary for our legitimate interests to obtain insights into how our services are used; improve the services; identify technical issues; fix technical issues; keep our Website updated and relevant; balance web traffic; develop and manage our business and strategies for growth and marketing.
Generally, we do not rely on consent as a legal grounds for processing personal data although we will request your consent before setting any non-essential cookies or similar technologies on your computer or other device.
(ii) General business interactions
To manage our relationships including to:
(i)respond to communications;
(ii)schedule, prepare for and attend meetings (in person and remotely);
(iii)manage, administer and take decisions regarding the on-boarding of our clients;
(iv)provide, manage and administer our services and our relationship with our client including accounting, auditing, operational and taking other steps linked to the performance of our business relationship;
(v)carry out our obligations under and arising from any agreements with our client;
(vi)manage, collect and pursue monies owed to us;
(vii)notifying changes to Privacy Notice and to administer data protection, privacy and other rights.
Type of DataNecessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
Necessary to comply with a legal obligation.
Necessary for our legitimate interests for responding to communications, attracting new clients and business, running our business, on-boarding our client, providing our services, providing service information, and keeping records.
Conducting or exploring any re-organisation of some or all of our business and assets, merger or acquisition or other corporate deal.
Necessary for our legitimate interests to run our business, expand or otherwise restructure our business and assets; make corporate decisions, negotiate and enter into corporate transactions.
To deal with and manage complaints, claims and legal disputes involving our client, you and/or others; to identify and/or prevent fraud or other breaches of laws; conduct or assist with internal, government, regulatory, law enforcement and other investigations, inquiries or actions; comply with our insurance policies and to exercise or defend our legal rights or to comply with court orders or orders by applicable regulators.
Necessary for the performance of a contract with you.
Necessary to comply with a legal obligation.
Necessary for the purposes of obtaining legal advice or for the purposes of, or in connection with, legal claims, prospective legal claims, legal proceedings or prospective legal proceedings, or is otherwise necessary for the purposes of establishing, exercising or defending legal rights.
Necessary for our legitimate interests of managing our business including complying with our policies of insurance and complying with or cooperating with any regulatory requirement or matter.
We will only use your personal data for the purposes for which we collect it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. We may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Other individuals’ personal data
Information collected through third-party links and content
We reserve the right to disclose your personal data to third parties:
We may disclose your personal data for the purposes listed in Section 6 of this Privacy Notice to the categories of recipients described in this Section 8.
We require these parties to keep your personal data confidential and secure and to protect it in accordance with the law. They are only permitted to process your personal data for the lawful purpose for which it has been shared and in accordance with our instructions.
In connection with our business and for administrative, management and legal purposes, we may transfer your personal data to jurisdictions outside of the European Economic Area. Where we need to transfer your personal data, we shall ensure that the transfer is lawful and that there are appropriate security arrangements in place.
Maitre is committed to maintaining the security of your personal data it processes. We maintain appropriate physical, procedural, organisational and technical security measures intended to prevent loss, misuse, unauthorised access, disclosure, or modification of your personal data under our control. We also limit access to your personal data within our organisation and to third parties that need access to your information in providing services to us. They will only process your personal data on our instructions and are required to protect personal data. If you have reason to believe that your personal data is no longer secure, please notify us immediately using the contact information supplied in Section 14 (Contact Us and Queries ).
Please be aware that when you transmit information to us or to our service providers over the internet or another telecommunications network this can never be guaranteed to be 100% secure. For any payments which we take from you or pay online we will use a recognised third party online secure payment system, and we are not responsible for the security of this system. You should contact these third parties for information about the security of these internet, telecommunications systems or payment systems if you need further information.
We cannot guarantee against any loss, misuse, unauthorised disclosure, alteration or destruction of data but we take reasonable steps to prevent this from happening. We have put in place measures to protect the security of your personal data and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, tax or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You have various rights under the GDPR, subject to certain exemptions, in connection with our processing of your personal data, including those set out in the table below.
You are responsible for notifying us of any changes to your personal data that you provide to us.
If you have any questions or wish to exercise any of your data protection rights, you should raise these with our data protection team by emailing tech@maitrehotel.com. You may also raise complaints with the Data Protection Commission or another supervisory authority.
We will change this Privacy Notice from time to time and any changes will be contained in a revised Privacy Notice posted on the Website. This version of the Privacy Notice was last updated in August 2023.
