Privacy Policy

StayInn, which consists of StayInn Kuching and Enchant Telok Melano by StayInn Kuching ("StayInn", "we", "us", "our"), respects your privacy and is committed to protecting the confidentiality and security of the personal data you provide to us or that we collect about you. This applies when you , contact guest services, or otherwise interact with us.

This Privacy Policy applies when you:

• Use our website www.stayinngateway.com, our mobile application, or other online products and services ("Site"),
• Contact our team (via phone, WhatsApp, email, or in person),
• Stay at our hotels, resorts, or glamping properties, or
• Otherwise interact with us.

This Policy applies to all properties managed and/or operated by StayInn or its affiliates and subsidiaries, including employees, contractors, and vendors.

StayInn complies with the Personal Data Protection Act 2010 (PDPA) of Malaysia. You will be asked to consent to this Privacy Policy when making a reservation, registering for promotions, or corresponding with us. Continued use of our services constitutes deemed consent to the terms below.

We may collect personal data you provide directly, including:

• Full name, IC/passport details, contact information.
• Booking and stay details: arrival/departure dates, room type, requests, preferences.
• Payment details: credit card, mobile payment, or bank transfer proof (screenshots received via WhatsApp/email are used only for verification and deleted within 30 days after check-out).
• Employment details (for staff and vendors), including bank info and contracts.
• Feedback, reviews, surveys, and opinions.
• CCTV images and on-site security records.
• Children/minors’ details for bookings, provided with consent of parent/guardian.

When you use our Site or digital platforms, we may collect:

• Log data: browser type, IP address, referral URL, access time.
• Device details: hardware model, OS, unique identifiers, mobile network.
• Location data (if consented on your device).
• Cookies and tracking technologies (see our Cookies Policy).

We may also receive information from:

• OTAs, travel agents, and booking partners.
• Payment processors and banks.
• Public sources and regulators.
• Family members or group organizers booking on your behalf.

• Process and confirm reservations, payments, and guest services.
• Register guests with local authorities, as required.
• Administer events, packages, and promotions.

• Personalize guest experiences and improve services.
• Manage membership, loyalty, or partner programs.
• Conduct market analysis, reporting, and quality assurance.
• Ensure security and safety at our properties.

• Comply with audit, tax, immigration, and employment laws.
• Maintain proper financial and guest records.

• Send promotional offers, newsletters, and updates (you may opt out anytime).
• Collect and use sensitive data (e.g., dietary/health preferences) when provided.

We may share your data:

• Within StayInn, affiliates, and BBnB Management (our appointed Personal Data Officer).
• With third-party providers (e.g., OTAs, payment processors, IT vendors).
• With regulators, auditors, EPF/SOCSO, tax authorities, and law enforcement when legally required.
• With travel organizers (e.g., companies booking group stays).
• In case of mergers, acquisitions, or restructuring.
• With advisors (lawyers, accountants).
• As aggregated or anonymized data for research and marketing.

Your personal data may be transferred outside Malaysia to locations where our service providers or affiliates operate. Such transfers are carried out in compliance with PDPA and subject to adequate safeguards.

We may use your contact details to send:

• Hotel and resort promotions, offers, or updates.
• Partner offers (e.g., travel, retail, lifestyle).

Opt-out: You can unsubscribe via the link in the message or by contacting our PDO.

We retain data as required by law and business practice:

• Guest records: up to 7 years after stay (for tax and audit).
• Staff employment records: up to 7 years post-employment.
• Vendor/contractor records: 7 years after contract ends.
• CCTV recordings: retained for 30 days, unless required for investigations.
• Payment proof screenshots: deleted within 30 days after check-out.

We implement technical and organizational measures to safeguard personal data, including:

• Role-based system access, secure storage, encryption.
• Restricted physical access to records.
• Contracts requiring third-party vendors to maintain equivalent security.

⚠️ While reasonable measures are taken, electronic communications may still carry risks of interception. StayInn is not liable for third-party breaches outside our control.

We may collect children’s data only when necessary for reservations, and only with parental/guardian consent. Online services are not intended for children under 13.

Our Site may link to third-party websites. We are not responsible for their practices—please review their privacy policies before sharing data.

Under PDPA, you may:

• Access and request a copy of your personal data.
• Correct inaccurate or outdated data.
• Withdraw consent for processing (subject to contractual/legal limitations).
• Restrict or object to processing.

Contact:

Personal Data Officer (PDO) – BBnB Management

📧 info@stayinngateway.com | 📞 0149996968

We may update this Privacy Policy from time to time. The latest version will always be available on our Site, with changes applying prospectively.

This Privacy Policy is governed by the laws of Malaysia and applies to all StayInn properties in Sarawak.