Privacy Policy


PRIVACY NOTICE

Effective 25 May 2018

What is the purpose of this notice?

After 23 years in business, Samesun hostels have processed hundreds of thousands of reservations. This notice is to share with our guests how we handle the information we collect from you – what we hold, where it’s from, who sees it, and what we do with it. We also aim to outline your rights under data protection law in relation to our processing of your data.

This data protection notice covers personal data that is collected through our website (samesun.com), our restaurants’ websites, our in-house booking engine; and through booking engines that are integrated into third party websites. Although you should bear in mind that where you access our booking engine on a third-party website, this data protection notice only applies to information we collect through your use of the booking engine, and does not apply to data collected or held by the operator of the third-party website.

Who controls the use of your personal data?

When this data protection notice mentions “we”, “us”, “our” or “Samesun” we are referring to Samesun Ventures Inc. This comprises the Canadian and USA hosteling companies that collect your data through reservation details, and are in charge of the processing of your personal data. For more information about us, please click here.

What personal data is collected?

Here’s the information that can be requested from you when you reserve at one of our hostels; this applies to a direct booking through our website, or through a third-party website.

  • Name
  • Address
  • Nationality
  • Email address
  • Phone number
  • Credit card number
  • Passport or identification number
  • Information about previous stays
  • Room or bed preference

 

Why do you use my personal data?

As you probably expect, the main reason we use your personal data is in order to process your bookings and to deal with any queries or issues that arise in relation to those bookings. We also use your personal data for other reasons, such as tailoring our confirmation emails so they are relevant to you, and monitoring your use of our websites to help us make improvements.

We collect your name as an identifier, and your credit card number to guarantee the reservation. By the terms of our cancellation policy, we will need this number to charge your card if you don’t show up to your booking without letting us know at least 24 hours prior to your scheduled arrival.

 

Similarly, you may be required to provide certain information if you want to enter into a competition, participate in a survey, or if you contact our management team with a query or complaint. We will inform you where such information is required.

Surveys, in particular, we consider to be instrumental to our operations. We get feedback from you so we can improve our product and give our guests the best possible experience. We don’t consider surveys marketing material, which is why you opt into it upon making a reservation. If you don’t want to participate, please let us know by emailing dpo@samesun.com, and we’ll make sure you don’t get a survey at the end of your stay.

Information you are required to provide

You are not obliged to provide us with any of your personal data. However, if you want to make a booking you will need to provide us with the information that is indicated as required on our reservations page at samesun.com. If you don’t provide us with this information, we won’t be able to process your booking. If you book with us directly, you’ll need to give us the following information only – your name, where you are from, your travel dates and preferred room type, email address, and a credit card number and expiry date. When you book with us, you’re agreeing to receive a confirmation letter and a pre-arrival letter.

Who do we share your personal data with?

We use two principal booking engines to process your data.

Internally in the hostel, we use a booking system called RoomMaster to hold your information, which interfaces with Siteminder to process the reservation data. Please review their respective policies on data protection by clicking on the names.

 

There are other ways that your data enters our systems. We work with certain Online Travel Agencies (OTAs), which are third party sites you can use to book with us. You give them your personal information directly, which they then pass on to us.

 

These sites are –

Booking.com 

Hostelworld

Dorms.com

Ctrip

Expedia.com

 

You can also book with us through agencies, who share your data with us in a similar way.

 

These are –

SWAP

STA 

Working Holiday Club

Kilroy

Stepwest 

Bamba

V Travel 

Experience Education

Please click on the names above to check out their respective privacy policies.

 

Although we hope it never happens, on very rare occasions our customers can get into difficulties whilst travelling. Where we think that there is a risk to your health or wellbeing, we may share your personal data with third parties in order to get you help. We may also receive requests from law enforcement agencies for personal data that we hold (e.g. we might be asked to assist with locating a missing person). In such circumstances we will only share your personal data with such law enforcement agencies in compliance with data protection law.

Samesun Ventures Inc may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Samesun Ventures Inc
  • To prevent or investigate possible wrongdoing in connection with our services
  • To protect the personal safety of guests or the public
  • To protect against legal liability

What other kinds of data do we collect?

We may also collect information that your browser sends whenever you visit our websites or when you access them by or through a mobile device – this is usage data.

This usage data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our websites that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the websites by or through a mobile device, this usage data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our websites and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Our website uses cookies to distinguish you from other users of our website. Cookies are used to ensure that we give you the best experience on our website, and allow us to improve our website.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.

 

We use the following types of cookies:

  • Strictly necessary cookies– These are cookies that are essential for the operation of our website. These cookies remember information you have entered on forms when you navigate to different pages during a web browser session, identify you as being logged in to our website, etc.
  • Performance cookies– These cookies allow us to recognise and count the number of visitors and to see how visitors move around on our website when they are using it. These cookies help us to improve the way the website works, for example, by ensuring that users are finding what they are looking for easily. These cookies provide statistics on how our website is used, help us improve the website by measuring any errors that occur, etc.
  • Functionality cookies– These are cookies that are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name, remember if we have already asked you if you want to fill in a survey, and remember your preferences, for example your choice of language or region.

 

Whether a cookie is considered as a ‘first’ or ‘third party’ cookie refers to the domain placing the cookie. First-party cookies are those cookies set by a website that is being visited by the user at the time (e.g. cookies placed by www.zoetis.com). Third-party cookies are cookies that are set by a domain other than that of the website being visited by the user. If a user visits a website and another entity sets a cookie through that website this would be a third-party cookie (e.g. Google Analytics).

Whether a cookie is considered as a ‘persistent’ or ‘session’ cookie refers to the duration of the cookie. A persistent cookie remains on a user’s device for the period of time specified in that cookie, and is activated each time that said user visits the website that created the concerned cookie. A session cookie allows to link the actions of a user during a browser session. A session starts when a user opens a browser window and ends when the browser window is closed. Once the browser is closed, all session cookies are deleted.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

 

Cookie Name Provider Category Duration Purpose
_ga Samesun.com Performance 2 years This cookie is used for Google Analytics to distinguish unique users by assigning a randomly generated number as a client identifier.
_gid Samesun.com Performance 1 day This cookie is used for Google Analytics to store and update a unique value for each page visited.
_gat Samesun.com Performance 1 minute This cookie is used for Google Analytics to throttle request rate.
__insp_dct
__insp_norec_sess
__insp_nv
__insp_slim
__insp_targlpt
__insp_targlpu
__insp_wid
Samesun.com Performance Session These cookies are used for Inspeclet to keep track of session information. These cookies are needed to accurately understand how visitors are navigating your website.
pll_language Samesun.com Functionality 1 year Polylang uses a cookie to remember the language selected by the user when he comes back to visit again the website. This cookie is also used to get the language information when not available in another way.
test_cookie doubleclick.net Functionality Session Used by Google DoubleClick to check if the user’s browser supports cookies.
tfw_exp twitter.com Performance 14 days This cookie is set due to Twitter integration and sharing capabilities for social media.

Our website may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other sites. When you go to other websites from here, we advise you to be aware and read their privacy policy.

Our website uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. Google Analytics does not identify individual users or associate your IP address with any other data held by Google. We use reports provided by Google Analytics to help us understand website traffic and webpage usage.

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s privacy policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out services provided by Google.

 

Retention of personal data

We retain your personal data on the principle that we keep it for no longer than is necessary for the purpose for which we collected it, and in accordance with any requirements that are imposed on us by law.

  • Transaction Data – If you are an active user of our website (i.e. you have made a booking in the last 6 months) we want to ensure that you have access to data in relation to your previous bookings, and that we have access to this data for our own business purposes. We therefore won’t delete your transaction data whilst you remain an active customer, unless you ask us to do so. If you cease to be an active customer, we will retain your personal data for a period of 6 months, after which point it gets purged from our system automatically.

For personal data that is not transaction data or related to confirmation emails, we will apply the following criteria:

  • Managing legal claims – When we assess how long we keep personal data we take into account whether that data may be required in order to defend any legal claims which may be made. If such data is required, we may keep it until the statute of limitations runs out in relation to the type of claim that can be made (which varies from 2 to 12 years).

 

Important Information about Consent

When we process your personal data on the basis of your consent, you are free to withdraw that consent at any time. You can withdraw your consent by contacting us using the contact details at the bottom of this notice. Please note that if you withdraw your consent we may not be able to continue to provide the related service to you.

Your rights under data protection law

 

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organization.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that Samesun refuses your request under rights of access, we will provide you with a reason as to why.

Our managers have been trained on how to help you exercise these rights. There are a few conditions and exemptions; get more details from the Information Commissioner’s Office

 

Other Relevant Privacy Policies

While we don’t advertise online through websites that aren’t our own, we do have a social media presence on a few sites that have their own data protections policies. These policies are available by following the links below:

 

How Do We Protect Your Data?

 

Our online services are hosted securely by OVH Canada, whose stringent data protection and security measures are listed here.

We train our employees about the importance of confidentiality and maintaining the privacy and security of your information. Access to your personal information is restricted to employees who need it to provide benefits or services to you.

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

 

Questions and Complaints

If you have any queries or complaints in connection with our processing of your personal data, you can get in touch with us using the following contact details:

Email: DPO@samesun.com

Phone: 1-877-972-6378
Mail: 245 Harvey Ave, Kelowna BC, V1Y 6C2, Canada