EN / JP / KO

scroll

PRIVACY POLICY

Effective Date: February 14, 2025

Last Updated: February 14, 2025

Leopalace Resort Guam ("we," "our," or "us") values your privacy.
This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you visit our website and use our services.
By accessing our website, you agree to the terms outlined in this policy.

Table of Contents

1. Information We Collect

We may collect the following types of personal information:

  • Personal Identification Information: Name, email address, phone number, mailing address
  • Booking and Transaction Information: Reservation details, payment details, billing information
  • Technical Information: IP address, browser type, operating system, referring website, and browsing behavior
  • Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies

We do not collect or store sensitive personal information unless required by law.

1.1 Definition of Personal Information

For the purposes of this Privacy Policy, "Personal Information" means any information that identifies you as an individual or relates to an identifiable person. In compliance with Guam's Data Breach Notification Law, personal information includes, but is not limited to:

  • Full Name combined with one or more of the following:
    • Social Security Number (SSN)
    • Passport Number, Driver's License, or other Government-Issued ID
    • Credit Card or Financial Account Information (including account numbers, security codes, or passwords)
    • Medical or Health Insurance Information

We do not collect or store sensitive personal information unless required by law or for payment processing.

2. How We Use Your Information

We use your personal information for the following purposes:

  • To provide and manage hotel reservations
  • To process payments and transactions
  • To improve our services and website functionality
  • To send promotional offers and updates (with your consent)
  • To comply with legal and regulatory requirements

We do not sell or rent your personal information to third parties.

3. Sharing of Your Information

We may share your information in the following situations:

  • With service providers who assist in hotel operations, payment processing, email marketing, and customer service
  • With legal authorities if required by law or in response to legal requests
  • With business partners in case of a merger, acquisition, or other business transition

Any third parties receiving your information are required to protect it under applicable privacy laws. We only share the necessary information for providing our services.

4. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. The types of cookies we use include:

  • Essential Cookies: Required for website functionality
  • Analytical Cookies: Help us understand website traffic and usage patterns
  • Marketing Cookies: Used for targeted advertising and promotions

You can manage your cookie preferences through your browser settings or via our Cookie Preferences tool on our website.

5. Data Retention Policy

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, or as required by applicable laws and regulations. Our general retention periods are:

  • Booking and transaction information: Retained for 7 years for accounting and legal compliance
  • Contact information for marketing purposes: Retained until you opt out
  • Inactive user accounts: Deleted after 18 months of inactivity.

You may request deletion of your data at any time, subject to legal and operational requirements.

6. Data Security

We implement appropriate security measures to protect your personal information from unauthorized access, disclosure, or misuse. However, no method of data transmission over the internet is 100% secure. If you suspect unauthorized access to your data, please contact us immediately.

6.1 Data Breach Notification

We take the security of your personal information seriously. However, in the event of a data breach involving unencrypted personal information that may result in identity theft or fraud, we will notify affected individuals as required by Guam law (9 GCA Chapter 48 – Data Breach Notification Law).

Notification Process

  • If we determine that a data breach has occurred and it poses a risk to affected individuals, we will provide notice in one or more of the following ways:
    • Written notice sent via mail.
    • Electronic notice if you have agreed to receive electronic communications.
    • Public notice on our website and local media if direct notification is impractical.
  • The notification will include:
    • The type of personal information compromised.
    • The date and circumstances of the breach (if known).
    • Steps taken to mitigate the breach and prevent future occurrences.
    • Contact details for further inquiries.
  • If the breach does not pose a significant risk of harm, notification may not be required.

6.2 Risk Assessment for Data Breaches

If we become aware of unauthorized access to personal information, we will conduct a risk assessment to determine whether the breach could result in identity theft, fraud, or other harm to affected individuals. If no significant risk is found, notification may not be required under Guam law.

However, if a significant risk is identified, we will immediately notify affected individuals following our Data Breach Notification Policy (Section 6.1).

7. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal data:

  • Access, update, or correct your personal information
  • Request deletion of your data, subject to legal and operational requirements
  • Opt-out of marketing communications

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect and to opt out of the sale of your data (although we do not sell data).

If you are a resident of the European Union, your rights under the General Data Protection Regulation (GDPR) may include the right to restrict processing and data portability.

To exercise your rights, please contact us at leasing@leopalaceguam.com.

8. Children's Privacy

Our website and services are not intended for children under the age of 13, and we do not knowingly collect or store personal information from children without parental consent. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.

8.1 Compliance with COPPA

Our website and services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA).

If we discover that we have inadvertently collected personal information from a child under 13:

  • We will immediately delete such information from our records.
  • Parents or guardians may contact us at leasing@leopalaceguam.com to request the deletion of their child's information.

9. International Data Transfers

As we operate in Guam, your personal information may be stored and processed in different countries. We comply with applicable data protection laws to ensure your information is safeguarded, including entering into standard contractual clauses (SCCs) where required.

9.1 Compliance with International Data Protection Standards

As a business operating in Guam (a U.S. territory), your personal information may be stored and processed in different countries, including the United States and other jurisdictions where our service providers operate.

To ensure the security of your information, we comply with:

  • U.S. federal data protection laws.
  • Standard Contractual Clauses (SCCs) where required for international data transfers.

If you are located outside the United States, please be aware that your data may be transferred to a country with different data protection laws than your own.

10. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy regularly.

11. Contact Information

If you have any questions about this Privacy Policy, please contact us at:

Leopalace Resort Guam

221 Lake View Drive, Yona, 96915 Guam

Email: leasing@leopalaceguam.com

Phone: +1 671-471-0001