This Privacy Policy (the "Policy") applies to personal data and information regarding guests and other individuals with whom we do business and to the management of the data and information of such guests and individuals in any form, whether electronic or written.
Whilst we make every effort to protect your personal data, no security measure can guarantee that your personal data and information will not be subject to interference, misuse or hacking and, notwithstanding any other provision in this Policy, we shall not be responsible for any loss, misuse or alteration arising from and/or as a result of such incident(s).
1. Your Use of the Web or App Services
Use of this Web or App Services constitutes your agreement to the terms of this Policy and the application of any applicable laws and regulations. Whenever you submit Personal Data and/or other information via the Web or App Services, you acknowledge that such data and information will be collected, used and disclosed in accordance with this Policy.
2. Data Protection Legislation
It is our policy to comply with the Personal Data (Privacy) Ordinance, Chapter 486 of the laws of Hong Kong (the "Hong Kong requirements"). In addition, we adhere to the European Data Protection Legislation as described below to the extent it applies to the Personal Data we process about you (the European Data Protection Legislation and the Hong Kong Requirements jointly referred to as the "Data Protection Legislation").
For the purposes of this Policy, "European Data Protection Legislation" means all applicable legislation relating to data protection in the European Economic Area ("EEA"), including the EU General Data Protection Regulation 2016/679 ("GDPR") and all legislation implementing or made under or pursuant to or replacing or superseding the GDPR. Where this Policy uses terms which are defined in the GDPR, the definitions set out in the GDPR will apply.
"Personal Data" is data relating to you from which you can be reasonably identified. Examples of Personal Data include your full name, email address, postal address, telephone number, job title or the company you work for. We recognise that your Personal Data is valuable and we process it in accordance with the applicable laws, and to the extent that it applies to your Personal Data, with the Hong Kong Requirements and/or European Data Protection Legislation.
3. Data controller
CDG is responsible as data controller for the processing of your Personal Data collected via the Web or App Services under the European Data Protection Legislation and the Hong Kong Requirements as applicable.
4. Types of Personal Information We Collect
When we need to collect personal data from you to provide you with a particular membership or service, we will ask you to voluntarily supply us with the information we need. The information collected includes but is not limited to:
4.1 For eNewsletters (eNews subscription):
4.1.1 Prefix
4.1.2 Name
4.1.3 Email address
4.1.4 Mobile phone no.
4.1.5. Preferred language
4.1.6 Consent and marketing channel preference for promotional materials
4.2 For Membership Programme correspondence:
4.2.1 Prefix
4.2.2 Gender
4.2.3 Name
4.2.4 Email address
4.2.5 Mobile phone no.
4.2.6 Contact phone no.
4.2.7 Country/District of residence
4.2.8 Correspondence address
4.2.9 Social media account
4.2.10 Birthday
4.2.11 Company Name, Title and Company Address
4.2.12 Consent and marketing channel preference for promotional materials
4.2.13 Service preference
4.2.14 Preferred language
4.3 For Restaurant booking:
4.3.1 Prefix
4.3.2 Name
4.3.3 Email address
4.3.4 Company name
4.3.5 Mobile phone no.
4.3.6 Contact phone no.
4.3.7 Postal address (Country/District of residence/City/Postal Code/etc.)
4.3.8 Correspondence address
4.3.9 Payment type
4.3.10 Special requests
4.3.11 Reservation email option
4.3.12 Credit card information
4.3.13 Consent and marketing channel preference for promotional materials
4.4 For Banquet bookings:
4.4.1 Banquet choice
4.4.2 Booking guest's and contact guest's prefix
4.4.3 Booking guest's and contact guest's name
4.4.4 Booking guest's and contact guest's email address
4.4.5 Booking guest's and contact guest's company name
4.4.6 Booking guest's and contact guest's mobile/contact phone no
4.4.7 Booking guest's and contact guest's Postal address (Country/District of residence/City/Postal Code/etc.)
4.4.8 Source of booking
4.4.9 Event start/end date and flexibility on such dates
4.4.10 Nature of event
4.4.11 Expected number of guests
4.4.12 Event set up
4.4.13 Consent and marketing channel preference for promotional materials
5. Purpose of Personal Data Collection
You acknowledge and agree that such personal data will be used by us for the following purposes:
5.1 The provision of any goods and /or services offered by any member of the CDG, including processing your reservations and managing your bookings. In these circumstances, we will use your Personal Data to perform services under an agreement with you because we will be unable to provide our services without such information;
5.2 The analysis, verification and /or checking of your credit, credit history, on-going credit worthiness; the processing of any payment instructions, direct debit facilities and/or credit facilities you requested; the determination of the amount of debt owed to or by you and/or the processing and/or collection of amounts outstanding from you and those providing security for your obligations, as it is in our legitimate interest to receive payment for the services we provided to you;
5.3 For loyalty program applicants and members, the processing of your application and administering your Membership; the provision of privileges, benefits and services with regards to the memberships and any member of the CDG, including the distribution of an e-newsletter if you subscribed to it, as it is in our legitimate interest to use your Personal Data to communicate with you, to respond to your requests and to develop the relationship between us in the context of establishing and operating your membership. If the Personal Data you submitted comprises an email address, we may send you service related emails (e.g. transactional emails, service and policy updates in respect of matters related to or arising from the use of services offered on the Websites or the App by any member of the CDG) because it is in our legitimate interest to keep you informed of your account activities or service charges. It may also be necessary for us to:
5.3.1 use your Personal Data to perform an agreement with you, where we will be unable to provide our services without such information;
5.3.2 use your Personal Data to comply with a legal obligation relating to how we manage our relationship with you;
5.4 The conduct of market analysis, market research, customer satisfaction and quality assurance surveys, as it is in our legitimate interest to understand the trends in the use and popularity of our services so that we can fine-tune or improve our services and offer new services based on such research and analysis;
5.5 Responding to requests for information and services, as it is in our legitimate interest to use your Personal Data to communicate with you, to respond to your requests about the services and facilities you require and to develop the relationship between us in the context of your use of our services and facilities;
5.6 Disclosing the winner of contests and lucky draw competitions conducted by us or on our behalf, asit is in our legitimate interest to develop the relationship between us in the context of your participation in our contests, privileges, benefits and other advantages we offer, which we will only communicate to you subject to the next bullet point;
5.7 Facilitating direct marketing, promotional and customer management purposes, including sending you sales, promotional communications or special offers from any member of the CDG if you have consented to receive them through the channels you designated to receive promotional materials, as further described under the chapter “Direct Marketing”.
6. Information we collect from your browser and your device
When you make use of the Web or App Services, we may automatically collect information about your interaction with the Web or App Services such as your IP address, traffic data, clickstream information, time stamp, location data, web logs, other communication data and the resources that you access. We automatically collect this data using various technologies such as cookies, web logs and beacons (as described below). This data is primarily used for delivering and optimising services offered by us, such as:
a) authenticating your identity and recording certain data for the purposes described in "Purposes of Personal Data Collection" above;
b) providing you with relevant, personalised contents to focus on your interested topics; and
c) improving our services, whereby we may occasionally display different versions of contents to you and measure your usage of our Web or App Services.
To the extent this information constitutes Personal Data, we use it to ensure that the Web or App Services will be presented in the most effective manner for you and your device, because it is our goal to improve our customers' online experience in relation to the Web or App Services.
Use of Cookies
Cookies are small text files that are stored on your browser and the hard drive of your computer, mobile or other handheld device. Our Web or App Services use “cookies” to enhance your use of the Web or App Services, to monitor your activity during your visit(s) to the Websites or your use of the App and to distinguish you from other users. Our use of cookies allows us to provide you with a good experience when you browse through the Websites or the App by displaying contents effectively and obtaining and analysing statistics about the use of the Web or App Services.
By continuing to use the Web or App Services you consent to our use of cookies as explained in this Policy.
The following table sets out the types of cookies used on the Websites and the App and provides detail about what they are used for. When you use the Websites or the App for the first time, cookies which are essential to make the Websites or the App operate (see those identified as "essential cookies" below) will have been set but other cookies will not have been set unless you agreed to those cookies being set at that time. If you have agreed to accept cookies then the Websites or the App (as the case maybe) will remember this and continue to set cookies each time you visit. If you do not want cookies to be stored, then you may turn off certain cookies listed below individually or you can select the appropriate options on your web browser to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of the Websites or the App, such as being able to log on to member specific areas.
For Websites under the CDG
Cookie Type | Cookie Name | Function and Purpose | Further Information |
cafedecogroup.com | |||
Essential Cookies | __cfduid | Used by the content network, Cloudflare, to identify trusted web traffic. | Cannot turn cookie off |
ASP.NET_SessionId | Preserves the visitor's session state across page requests | Cannot turn cookie off | |
Tracking Cookies | _ga, _gat, _gid | Google Analytics (www.googletagmanager.com) | Blocking this cookie will prevent Google Analytics to track you across all websites |
HMACCOUNT | Baidu Analytics (hm.baidu.com) | Blocking this cookie will prevent Baidu Analytics to track you across all websites | |
Functionality Cookies | CMSPreferredCulture | This cookie is used to recognize you when you return to the Website. | Blocking this cookie will prevent the Site to change the language |
Targeting and advertising Cookies | test_cookie, IDE | DoubleClick (doubleclick.net) – Advertising and Analytics Solutions | For further information about this cookie, please visit https://www.doubleclick.net |
Other Cookies (3rd party Cookies) | __atuvc, __atuvs, uvc, xtc, | AddThis (addthis.com) – Social Media Sharing Function | For further information about this cookie, please visit addthis.com |
For Loyalty Program (cafedecogroup.com/en-us/privilege/) | |||
Essential Cookies | email, password | For identify member login account information | Cannot turn cookie off |
Tracking Cookies | membership number, last login, isLoginbyFB, isLoggedin, lastLogin, LastUpdateOn | For identify member login & web browsing / traffic information | Cannot turn cookie off |
Functionality Cookies | FacebookID, FacebookEmail, IsRememberMe, HideBannerCookie | For recognizing member when they return to the website | Cannot turn cookie off |
If you would like to disable cookies, you can set your web browser to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on the Websites or the App. How to alter your cookie setting will depend on the type of browser you use. We have provided examples of how to disable cookies on the most popular browsers below:
Microsoft Internet Explorer
- choose the “tools” menu then “Internet Options”;
- click on the “privacy” tab; and
- select the appropriate setting.
Mozilla Firefox
- choose the “tools” menu then “Options”;
- click on the “privacy” menu then “Options”;
- click on the “privacy” icon; and
- find the “cookie” menu and select the relevant options.
Please note that Google and other third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies as a result of you visiting other websites, over which we have no control.
7. Disclosure and Transfer
7.1 We reserve the right to disclose any personal data and information we have concerning you if we are compelled to do so by a court of law or requested to do so by a governmental entity or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property. We also reserve the right to retain information collected and to process such information to comply with accounting and tax rules and regulations. In addition, we may make certain disclosures in answering your query or providing you with services. By using the Web or App Services, you agree to disclosures to the following third parties:
7.1.1 advertisers, which may collect aggregated but anonymous statistics;
7.1.2 payment processors who will collect your payment information if you choose to purchase services from us;
7.1.3 other companies and individuals which we employ to provide certain services such as email marketing services (e.g. analysing customer lists, deliverability statistics, opens and clicks), marketing assistance or consulting services. These third parties may have access to information needed to perform their function but cannot use that information for any other purpose;
7.1.4 our service providers and sub-contractors for the performance of any contract we entered into with them or you;
7.1.5 our business partners, but only to the extent you have purchased or expressed an interest in a product or service of such business partner or interacted with or otherwise authorised the sharing of your Personal Data with such business partner;
7.1.6 credit reporting agencies and other financial institutions including our own bankers, service providers; our professional advisers, such as our accountants, auditors and lawyers, insurers and industry groups having a legitimate reason to receive such information;
7.1.7 a purchaser or successor entity in the event of a sale or other corporate transaction involving some or all of our business or as needed to effect the sale or transfer of business assets, or as needed for external audit, compliance or corporate governance related matters;
7.1.8 any of the affiliates and the parent company of the CDG, and any company, its successors or assigns which has a direct or indirect interest in CDG or in joint venture or co-operation with CDG;
7.1.9 any actual or proposed assignee or transferee of the CDG; and
7.1.10 any other person under a duty of confidentiality to the CDG
7.2 We may share aggregated demographic information with business partners, affiliates or other entities. This aggregated information is not linked or traceable to any personally identifiable information about you.
7.3 Except as described herein, we do not permit the sale or transfer of personally identifiable information to third parties.
8. Storage and transfer of your Personal Data to Other Countries
If you provide Personal Data to us, it may be transferred to, processed in, stored at or accessible from a destination outside the European Economic Area ("EEA"), such as Hong Kong, Japan, the United States of America, or any other country in which the CDG or its service providers maintain facilities. All practical steps are taken to ensure that all data is treated confidentially, kept secured and protected against unauthorised or accidental access, processing, erasure, loss or other use and is maintained and kept no longer than is necessary for the purpose for which it is intended.
The CDG is located in Hong Kong, a territory which has not been deemed to offer adequate data protection by the European Commission. If you provide your Personal Data to us in circumstances where our processing of it is subject to European Data Protection Legislation, please note that you are doing so on the basis that you explicitly consent to the transfer of your data outside the EEA. The potential consequence of you explicitly consenting to this is that there is a risk that your Personal Data will not be protected in a manner that complies with European Data Protection Legislation. You can withdraw your consent for this reason at any time by emailing us at info@cafedecogroup.com. Withdrawing your consent will not affect our use of the Personal Data prior to your withdrawing that consent but it will mean that we will not be able to contact you about the services we offer in future.
Where we pass your Personal Data that is subject to European Data Protection Legislation from a location inside the EEA to parties located outside the EEA that do not offer adequate protection as determined by the European Commission, and if they are not subscribed to an approved data protection framework, such as the EU-US Privacy Shield that permits us to transfer the Personal Data to them from the EEA, we will enter into agreements which enable us to transfer Personal Data to them and that enable you to exercise your rights in accordance with the European Data Protection Legislation. A copy of these terms can be obtained by emailing us at info@cafedecogroup.com.
9. Direct marketing
9.1 When you opt-in to receive communications from us, you are giving your consent for your Personal Data below to be used by us to contact you (depending on your selection) by email, direct mail and telephone including but not limited to phone calls, text messages, multi-media messages and instant messaging applications, and to deliver personalized Web or App Services experiences, to share information about relevant services, news and events in relation to any member of the CDG and its offering, including but not limited to residential, offices, commercial and industrial buildings, shops, hotels, serviced apartments, shopping malls and the events, room sales promotion, food & beverage promotion, banquet and conference services, the CDG membership programme, surveys by e-mail or telephone on our service quality, educational, recruitment, charitable and non-profitable causes:
9.1.1 For eNewsletters (eNews subscription)
9.1.1.1 Prefix
9.1.1.2 Name
9.1.1.3 Email address
9.1.1.4 Mobile phone no.
9.1.2 For Loyalty Programme correspondence
9.1.2.1 Prefix
9.1.2.2 Gender
9.1.2.3 Name
9.1.2.4 Email address
9.1.2.5 Mobile phone no.
9.1.2.6 Contact phone no.
9.1.2.7 Country/District of residence
9.1.2.8 Correspondence address
9.1.2.9 Social media account
9.1.2.10 Birthday
9.1.2.11 Company Name, Title and Company Address
9.1.2.12 Consent and marketing channel preference for promotional materials
9.1.2.13 Service preference
9.1.2.14 Preferred language
9.2 We may not use your Personal Data for direct marketing purpose unless we have received your consent. We seek for your permission before we use your personal information for direct marketing during the loyalty program application process, online e-newsletter subscription, restaurant booking etc. Your consent may also be communicated to us without charge by checking the opt-in / consent box in the Website or the App or by writing to our Customer Relationship Management Team (“CRM Team”) at info@cafedecogroup.com or by post to Cafe Deco Group, Unit B, 9/F, E. Wah Factory Building,
56-60 Wong Chuk Hang Road, Wong Chuk Hang, Hong Kong. When you enter your contact details for the purposes of receiving marketing communications and click "sign up", you will be consenting to us contacting you for these purposes.
9.3 You may opt-out from receiving marketing communications at any time with no additional charges, by:
9.3.1 Following the "opt-out" instructions contained in the communications
9.3.2 Amend the marketing materials preference from time to time through choices in the Profile Update pages after logging into the Loyalty Program Area
9.3.3 Contacting CRM Team by mail, email or phone
Cafe Deco Group
a: Unit B, 9/F, E. Wah Factory Building, 56-60 Wong Chuk Hang Road, Wong Chuk Hang, Hong Kong
e: info@cafedecogroup.com
t: (852) 2290 6660
w: www.cafedecogroup.com
(Please indicate “Opt-out from receiving marketing communications”)
9.4 Withdrawing your consent will not affect our use of the Personal Data prior to you withdrawing that consent but it will mean that we will not be able to contact you about the services we offer in future. When your opt-out request is received, your contact details will be “suppressed” rather than deleted. This will ensure that your request is recorded and retained unless you provide a later consent that overrides it.
9.5 We will let you know where you should provide us with Personal Data in order to perform an agreement with you or to comply with a legal obligation. If you do not provide us with the Personal Data in these circumstances, we may be unable to respond to your enquiry and/or engage in further communications with you.
10. Data Retention and Security
10.1 You further acknowledge and agree that the Personal Data will be retained by us for the purposes as mentioned aforesaid as well as for other purposes that may be agreed between you and us or required by law from time to time.
10.2 We will only retain the Personal Data collected from you for as long as your account is active or has otherwise not been cancelled and you have not requested that your Personal Data be deleted. We will retain Personal Data to fulfil the purposes for which we have initially collected it, unless otherwise required by law. All Personal Data will be retained only as necessary to comply with our legal obligations.
10.3 We will delete our record of your Personal Data after 18 months at the latest from our last contact with you although we may retain a record of the existence of the relationship, to the extent and for so long as we are required to do so by law. For example, if you have contacted us to ask us for the processing of your Personal Data to be erased, we will retain a record of your request in order to ensure we comply with your wishes.
10.4 We will take all practicable steps to ensure the data held by us are protected against unauthorized or accidental access, process, erasure, loss or other use.
11. Changes to the Policy
11.1 The Policy will be modified from time to time. Any changes to this Policy will be posted to the Websites and the App and, where appropriate, notified to you by email, so that you are always informed of the way we collect and use your Personal Data.
11.2 Any changes to our Policy will become effective upon posting of the revised policy on the Websites or App unless otherwise stated. We encourage you to periodically review our privacy policy to ensure familiarity with our most current version.
12. How to Access or Correct your Personal Data
12.1 Under and in accordance with the Ordinance, you have the right to:
12.1.1 check whether we hold your Personal Data and obtain copy of your Personal Data;
12.1.2 require us to correct any Personal Data which is inaccurate; and
12.1.3 ascertain our policies and practices (from time to time) in relation to the Personal Data and to be informed of the kind of Personal Data held by us
12.2 We have the right to charge a reasonable fee for processing any data access request. All requests for 12.1.1 to 12.1.3 above shall be made in writing and addressed to:
Cafe Deco Group
a: Unit B, 9/F, E. Wah Factory Building, 56-60 Wong Chuk Hang Road, Wong Chuk Hang, Hong Kong
(Please indicate “Personal Data Access Request” on the email subject or on the envelope.)
13. Rights of Users in the European Economic Area
With respect to the Personal Data that the CDG collects from you from the Web or App Services, to the extent that you are located in the EEA under the European Data Protection Legislation you have the right to:
13.1 request access to that Personal Data;
13.2 receive a copy of the Personal Data that you have provided to us in a structured, commonly used and machine readable format so that you can share it with others;
13.3 request the transfer of your Personal Data to another party;
13.4 ask that Personal Data be erased;
13.5 object to us possessing your Personal Data by asking for the processing of that Personal Data to be restricted or stopped. For example, if we use Personal Data for marketing purposes; and
13.6 make a complaint to a European data protection authority about the manner in which we process your Personal Data. The contact details for the European data protection authorities can be found at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
Please contact us to exercise these rights or for additional information at:
Cafe Deco Group
a: Unit B, 9/F, E. Wah Factory Building, 56-60 Wong Chuk Hang Road, Wong Chuk Hang, Hong Kong
e: info@cafedecogroup.com
(Please indicate “Personal Data Access Request” on the email subject or on the envelope. )
In addition to the above, you have the right to review, update, and correct your account information and preferences at any time by managing your account’s Profile page. If there is any information that you are not able to edit or delete, please contact us to make the necessary amendments.
You have the right to request for your account to be terminated and your information deleted when there is no longer a legitimate or legal reason for us to keep your Personal Data.
On the other hand, if you wish to change or use other services affiliated to us, you may request for your Personal Data to be transferred or transmitted to such services.
14. Contact Information
If you wish to contact us about the privacy-related matters described above or find out more information about our privacy practices, please use the contact details below:
Cafe Deco Group
a: Unit B, 9/F, E. Wah Factory Building, 56-60 Wong Chuk Hang Road, Wong Chuk Hang, Hong Kong
e: info@cafedecogroup.com
(Please indicate “Personal Data Access Request” on the email subject or on the envelope. )
Last updated: Nov 2021