Skip to content

Privacy

Policy

DATA PROTECTION NOTICE

Purpose

In our dealings with you, we are called upon to process your personal data. The purpose of this Data Protection Notice is to explain to you:

Application

This Data Protection Notice applies to any processing of your personal information by us, whether such information is provided to us through our website, by email, through the filling of forms (including employment-related ones), through the exchange of contractual documents, by letter or fax, verbally, or through any other means.

By entering into a business relationship with us, or by providing your personal data to us, you confirm that you are agreeable to the processing of your personal data in accordance with the terms of this Data Protection Notice.

Technical terms

We have tried to use simple and plain English as far as possible in this Data Protection Notice. However, data protection is a complex subject and the use of technical terms from time to time is inevitable. We have therefore set out below definitions of the technical terms we have used in this document:

“Personal data”: Any data which allows or could allow us to identify you.

“Processing”: Any manipulation of personal data, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1. Who we are and how we may be contacted

Details about us and how we may be contacted are set out in the table found in the schedule of this Data Protection Notice (the “Information Table”).

We have appointed a Data Protection Officer to monitor the adherence to data protection principles within our organisation. His name and contact details are also set out in the Information Table. You may wish to contact him if you have any query regarding this Data Protection Notice or any other matter relating to your personal data.

2. The categories of personal data we collect
Categories

The categories of personal data we collect are set out in the Information Table.

While we have attempted to make the list as exhaustive as possible, there is a possibility we may have omitted come categories due to the complexity of our organisation and the intricacies of our operations.

We encourage you to get in touch with our Data Protection Officer if you find that any of your personal data which we collect is not listed in this Data Protection Notice. We will then endeavour to promptly amend this Data Protection Notice accordingly.

Personal data of children

We do not knowingly process data relating to a child under the age of 16, without the consent of his parents or guardians. If you are a child under the age of 16, please ensure that you (a) obtain the consent of your parents or guardians before providing such data to us; and (b) provide a record of such consent to us.

If you provide us with the personal data of another person, you are responsible for ensuring that such person is made aware of the information contained in this Data Protection Notice and that the person has given you his consent for sharing his personal data with us.

Special categories of personal data

Special categories of personal data are data pertaining to racial or ethnic origin, political opinion or adherence, his religious or philosophical beliefs, membership of a trade union, physical or mental health or condition, sexual orientation, practices or preferences, genetic data or biometric data uniquely identifying someone or data relating to the commission or alleged commission of an offence.

We do not collect any of your personal data which falls within the special categories of personal data, unless:

a) you have consented to the processing for one or more specified purposes;

b) the processing is necessary:

  • for the performance of a contract to which you are a party or in order to take steps at your request before entering into a contract;
  • for compliance with any legal obligation to which we are subject;
  • for the purpose of historical, statistical or scientific research; or
  • for such other legitimate purposes as may be authorised by law

The special categories of data which we may collect, in accordance with the above terms, are set out in the Information Table.

Cookies

Please note that we collect information via cookies and other similar technologies (such as web beacons).

Cookies are small text files that are automatically placed on your computer or mobile device when you visit a website. They are stored by your internet browser. Cookies contain basic information about your use of the internet. Your browser sends these cookies back to our website every time you visit it, so it can recognise your computer or mobile device and personalise and enhance your browsing experience.

We invite you to read our Cookie Policy if you wish to further understand our use of cookies in relation to your personal data.

3. The purpose for which we collect personal data and the lawful basis for such collection
3.1 Purpose

We collect personal data for a number of purposes, including:

  • to provide services to our clients. You will find a brief description of the services we provide in the Information Table;
  • to enter into contractual relationships with suppliers and service providers and execute such contracts;
  • to keep a database of clients and potential clients to communicate with in respect of our services and matters related thereto;
  • to comply with our legal obligations towards authorities, including the Mauritius Revenue Authority, the Registrar of Companies and the regulators;
  • to keep a database of candidates who have sent CVs to us, for potential future use;
  • to keep appropriate employment-related information on employees;
  • to provide facilities and benefits to our employees;
  • for security purposes;
  • to generate statistics and reports on different aspects of our business; and
  • for such other purposes as may be related, directly or indirectly, to our business activities.
3.2 Lawful Basis

The law (a) provides that we cannot process personal data unless we have a lawful basis for such processing; and (b) lists a number of lawful bases for the processing of data.

The lawful bases which apply to our processing of your personal data are as follows:

a) your consent having been obtained; and/or

b) the processing being necessary:

  • for the performance of a contract to which you are a party or in order to take steps at your request before entering into a contract with you; and/or
  • for compliance with any legal obligation to which we are subject; and/or
  • for the purpose of historical, statistical or scientific research; and/or
  • for the legitimate interests pursued by us (except if the processing is unwarranted in any particular case having regard to the harm and prejudice to your rights and freedoms or legitimate interests).
4. The intended recipients of the personal data

The primary purpose of collecting your personal data is for our own uses, in connection with our business relationship with you. In this context, we may disclose your personal information to our collaborators, including our employees, consultants, advisors, directors and service providers who need to access the personal data.

However, we may also be required to disclose your personal data to third parties to comply with our legal obligations. Such third parties may include the Registrar of Companies, the Mauritius Revenue Authority, the Stock Exchange of Mauritius Ltd, the Financial Services Commission and other government authorities.

As you are aware, we form part of the ENL Group, which includes ENL Limited, its subsidiaries as well as any company related to, or an associate, of ENL Limited. For the avoidance of doubt, ENL Group shall include the Rogers Group of companies. The Rogers Group of companies in turns includes Rogers and Company Limited, its subsidiaries as well as any company related to, or an associate, of Rogers and Company Limited. “Related” shall be construed in accordance with the Companies Act 2001 and “associate” shall mean those companies disclosed as associates in the audited financial statements of ENL Limited and Rogers and Company Limited as the case may be.

In this context, we may, from time to time, disclose your personal information to other companies forming part of the ENL Group. The objective of this disclosure is to develop a centralised database of clients, which would help the Rogers Group and the ENL Group better identify your needs and provide tailor-made packages and services to you. Your consent will be sought before such sharing is done.

5. Whether the supply of personal data is voluntary or mandatory

The provision of personal data is of course entirely voluntary. You are free to choose whether to provide your personal data to us or not. Please note however that if you choose not to provide your personal data to us, we may not be able to provide certain services to you or enter into a contractual relationship with you.

6. Your rights relating to your personal data being processed by us

The law confers upon you a number of rights relating to the personal data being processed by us. These rights are set out below. If you wish to exercise any of the said rights, we encourage you to contact our Data Protection Officer.

6.1 Right to withdraw consent at any time

Where we process your personal data on the basis of your consent, you may withdraw such consent at any time. The withdrawal of your consent will not affect the lawfulness of any processing done by us prior to such withdrawal.

Please note that withdrawing your consent may result in us not being able to provide certain services to you or enter into a contractual relationship with you.

6.2 Right of access

You may request a copy of the personal data we hold about you. Kindly ensure that such request is made in writing to our Data Protection Officer.

Please note that if, in our opinion, your request is manifestly excessive, we may either not attend to your request or charge a fee for attending to same.

6.3 Rectification, erasure or restriction of processing

You may also, at any time, request:

  • to have any inaccurate personal data we hold on you corrected. This includes the right to supplement and/or update existing personal data provided to us;
  • that we erase any personal data we hold on you where (i) such data is no longer necessary in relation to the purpose for which it was collected or otherwise processed; (ii) you have withdrawn your consent to us holding and processing such data and there are no overriding legitimate grounds for the continued processing; or (iii) your personal data has been unlawfully processed.

You will understand that this right is not absolute and that it will not be applicable where the exceptions provided for by law apply, including where our processing of your personal data is necessary for the purpose of historical, statistical or scientific research or for compliance with a legal obligation or for the establishment, exercise or defence of a legal claim;

  • us to restrict processing of your personal data where (i) the accuracy of your personal data is contested by you. This restriction will apply for such period as may be necessary to enable us to verify the accuracy of the data; (ii) we no longer need the personal data for the purpose of processing; (iii) you deem the processing of your personal data to be unlawful, but do not wish us to erase it; or (iv) you have objected to the processing of your data. Such restriction will apply pending verification as to our legitimate grounds to keep processing the personal data, despite your objection.
6.4 Right to object

You have the right to object to our processing of your personal data at any time. Upon receiving such objection, we will stop processing your personal data, except where there are compelling legitimate grounds to continue such processing;

6.5 Right to lodge a complaint

If you feel that we have not processed your personal data lawfully, please do feel free to contact us through our Data Protection Officer.

If you remain unsatisfied, you may lodge a complaint with the Data Protection Commissioner in Mauritius. Her contact details are as follows:

Address: 5th Floor, SICOM Tower, Wall Street, Ebène
Email address: dpo@govmu.org
Phone number: + (230) 460-0253
Fax: + (230) 489-7346
7. The possible existence of automated decision making in respect of your personal data

Automated decision making occurs when a decision which produces legal effect or significantly affects the data subject is taken by technological means without any human intervention. An example of this is where a customer record is selected by an algorithm for a direct marketing or customer communication campaign based on a set of parameters.

We will not process your personal data in such a way as to subject you to a decision which produces legal effects concerning you or which significantly affects, you, based solely on automated processing except:

  • where the decision is necessary for entering into, or performing, a contract between us;
  • where the decision is authorised by a law to which we are subject and which lays down suitable measures to safeguard your rights, freedoms and legitimate interests; or
  • where the decision is based on your explicit consent, such as where we, or another entity within the ENL Group, aims at evaluating certain characteristics of yours (profiling) after obtaining your consent for such processing. Profiling is used to provide you with tailored information regarding the products and services offered by the ENL Group. To this end, data analysis using third parties may be undertaken. This enables the ENL Group to target appropriate communications and advertisements at you, including recommending products and services that we think might be suitable for you.

You can ask not to be subjected to a decision which is based solely on automated processing, including profiling, where that decision:

  • (a) produces legal effects concerning you; or
  • (b) otherwise significantly affects you.

In such situations, you can request that a decision that has been taken automatically by technological means be reviewed by a human being. We will ensure measures are in place to allow you to express your point of view, and/or contest the automated decision.

8. The period for which we will store your personal data

The law provides that where the purpose for keeping any personal data has lapsed, we should destroy the data as soon as reasonably practicable.

We will keep storing your data for as long as is necessary:

  • for us to fulfil the purposes we collected it for;
  • for the performance of any contract which may exist between us;
  • for us to share with you the latest news regarding our organisation and our services;
  • for us to keep a record of your preferences in order to service you again on future occasions;
  • for us to satisfy any legal requirement, including statutory reporting obligations;
  • for the keeping of adequate records for historical, financial or statistical purposes;
  • for security purposes;
  • for the prevention of fraud and abuse; and
  • for us to defend or enforce our rights.

We wish to draw your attention to the fact that the legal prescription period in Mauritius (i.e. the period during which one party may sue another after the happening of an event) is 10 years for non-immovable-property-related matters. Depending on the nature of our relationship with you, we may, in this context, also choose to keep your personal data for at least the legal prescription period in order to be able to defend or enforce our rights.

In some circumstances, we may anonymise your personal data by pseudonymisation or encryption, such that the personal data can no longer be associated with you, for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. Whether, and in what circumstances, we may transfer your personal information to another country, and the safeguards we have put in place in relation to such transfer

Please refer to the Information Table.

10. How we conduct direct marketing

You may from time to time receive communication of advertising or marketing material from us and from companies within the ENL Group (“Direct Marketing”) if:

  • you have given your consent;
  • you asked for a quote or other information on us;
  • legitimate interest is able to apply under the applicable law;
  • you have, at any time, purchased goods or services from us and have not opted out of receiving advertising or marketing material;
  • you have entered into a contractual relationship with us; or
  • you have provided us with your personal data when you entered a competition or registered for a promotion.

You have the right, at any time, to object to the processing of your personal data for direct marketing purposes. Where we receive such an objection from you, we will stop processing your data for direct marketing purposes.

Unless otherwise expressly written by us when you are being asked to provide your consent, your express consent to receive marketing material or latest news from us will entitle you to receive such marketing material or latest news from those entities within the ENL Group.

If you no longer wish to receive our latest news or marketing information from entities within the ENL Group, let us know by contacting us or click on the "Unsubscribe" link at the bottom of our email sent to you and you will be redirected to a confirmation page that confirms you have been unsubscribed. Upon confirmation, you will be removed from our contact list for direct marketing purposes. It may happen that you are still interested in receiving latest news or marketing information in respect of specific brands within ENL Group. If this is the case, you may also have the option to customise your choice to receive latest news and marketing information from specific (and not all) entities within the ENL Group, by contacting us through our Data Protection Officer or clicking here.

11. Queries

If you have any queries on this Data Protection Notice, we encourage you to get in touch with us through our Data Protection Officer. 

THE INFORMATION TABLE
Who we are
Rogers Hospitality Operations Ltd and the entities which are listed below in Annex A.
Our contact details
Telephone number: [+230 2669700]
Fax number: [+230 2669797]
Email address: [webmaster@rogershospitality.com]
Our Data Protection Officer
Valerie Saillard-Mille
Her contact details are the same as above.
The categories of personal data we collect (including the special categories of personal data)
Please refer to Annex B below.
Our services
Please refer to Annex A below for the list of our entities and their corresponding activities.
Transfer of personal data to another country
We endeavour to ensure that whenever we transfer personal data to other countries, the recipients of such personal data comply with all applicable data protection laws and principles.
Annex A - The List of entities that form part of the enterprise
Rogers Hospitality Operations Ltd
Tourism and hospitality
Veranda Tamarin Ltd
- Wholesale trade
- Transport by road
- General retailer
- Owns hotels
- Owns and manages fitness centres
- Restaurants (including liquor & other alcoholic beverages) with entertainment
- Retail sale of other goods in specialised stores
Heritage Golf Club Ltd
- Wholesale trade
- Retail sale of other goods in specialised stores
VLH Training Ltd
- Training Institution / (Education)
Seven Colours Spa Ltd
- Distributor of general merchandise
- Tourism
Heritage Events Co Ltd
- Business/Professional and Management Consultancy Service (including medical and para-medical practitioners and optician)(Firm)
Annex B - The categories of personal data we hold (Examples)
Identity
- First name
- Maiden name
- Last name
- Username or similar identifier
- Marital status
- Job title
- Date of birth
- Gender
- Signature
Contact details
- Email Address
- Telephone numbers
- Fax numbers
- Address
- Country
- City
- Postal code
Financial
- Credit/Debit card numbers
- Payment card details (including security code numbers) and other related billing information
- Bank details
- Payment card details
Transactional
- Payments to and from you
- Services/goods purchase history
Technical
- Internet Protocol (IP) address
- Login data
- Browser type and version
- Time zone setting and location
- Browser plug-in types and versions
- Operating system and platform
- Other technology on the devices used to access our website
- Traffic data
- Media Access Control (MAC) address
- Smartphone Defined User name
- Surfing history
Preferences and interests
- Golf
- Beach
- Family
- Wellness
- Nature
- Adventure
- Food
- Romance
- Wedding
- Business
- Shopping
- Culture
- Discovery
Usage
- Information about how you use our website and service (You may also wish to consult our Cookie Policy).
Additional information we collect if your relationship with us is an HR-related one (solicitation, recruitment or employment)
- Qualifications
- CVs
- Records of past employment
- Employment records, including remuneration details, attendance records, performance-related information
- Fingerprints, if we operate a fingerprint-based access systems
Special categories of personal data
- Fingerprints (for the purposes of operating a fingerprint-based access system for employees)
- Criminal records, including certificate of character (for HR purposes and to meet our obligations towards the Financial Services Commission)
- Trade union membership records (if you are an employee)
- Health records (if you are an employee and are or wish to become a member of Rogers Pension Fund or Rogers Group Provident Association)
Others
- Photographs
- Videos, including where we operate CCTV surveillance systems