Check In
Check Out
Promo Code

GDPR (General Data Protection Regulation) Privacy Policy

The GDPR will give more controls over guest data. We will secure your information as per the privacy and security policies. This will give clear explanation about who are we, information we keep with us, how we are going to use and how long data’s will keep with us. This statement will mention the rights as per the data protection law.


We Are

The Grand Hotel, Nuwara Eliya is a place where our guests are pampered to a royal stay, where their comfort and happiness becomes our main goal.

We pledge to provide regal, personalized service and facilities for all our guests who are welcomed, with arms wide open to a majestic, exclusive, luxurious refined ambiance.

The Grand hotel, Nuwara eliya experience rejuvenates the heart, body and soul, where guests experience the unexpected.

You can be able to contact us through [email protected] for General Data Protection inquiries and Reservations.


Collecting Information

To give best services or to meet your requirements we will receive some personal information’s, which will include your names, address, Nationality, contact number, Arrival Date, Departure Date, email, occupation and payment details.

Apart of this any likes dislikes, diseases and other details will give us to feed better services for you.

We are using STAAH system for Booking Engine and Channel Manager. STAAH is covered by general regulations such as not viewing guest information by third parties, STAAH and us (the support team) are also still considered third parties, and we cannot view this information on your Channel Manager or Booking Engine. Only your team (the property) can access this information using the Access Key.

  • What personal information you collect - General Guest information is collected such as Name, contact number, email address, country etc. However, these are not accessible by anyone except the properties.
  • How you collect it – a booking form that you see when going through the booking engine.
  • What you use it for – used only to send email confirmation to guest & hotel.
  • How you keep it secure – STAAH meets all GDRP regulations on how data should be stored, STAAH is also PCI certified to ensure CC details are also secure.
  • Whether you share it with third parties – no information is shared with any third party, including STAAH and their support team (so even we cannot access this information)


Personal information Usage

We will use your information’s to,
  • Provide the best services as per your requirement
  • Contact with you for better services
  • Make best product
  • Give a memorable experiences
  • Take analytical statistic

At the same time we offer Weddings and Pre-shoots. All the given details will keep as safely and we won’t share with other personals.


Securing your personal information

We are following security procedures strictly for the storage and disclosure of guest personal information’s as per the Tourism Industry Practices

We have developed website with Hypertext Transfer Protocol Secure (HTTPS). Guest correspondences are communicating through Secure Sockets Layer (SSL). All the communication between server and browser is encrypted. Phishing attacks can’t be happen and data can’t be modified (Data Integrity).


When do we share your personal information?

To prevent Financial Crimes, we will share your information’s to Fraud Prevention Agencies and Police Requirements.


How long do we keep your information for?

We will keep your records for 7 days and details will erase from the system.


Your rights

As per the data protection law’s you have right to change your consent and to request your details of any personal information that we hold about you.

We would love to email you Gift Vouchers and offers through contactable ways. You have right to inform or ask not to use any personal information’s for promotional or marketing purposes.