Privacy Policy

Last Updated: 21/04/2025

Introduction:

Suite Collection (“ we ”, “ us ”, or “ our ”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our services, including our website and any related mobile applications (collectively, the “ Services ”). We act as the “data controller” of your personal data for purposes of applicable data protection laws (such as the EU General Data Protection Regulation (GDPR)). By using the Services, you agree to the collection and use of information in accordance with this Policy. If you do not agree, please discontinue use of our Services. This Policy is intended to comply with the GDPR (European Union), the California Consumer Privacy Act (CCPA) (as amended by the CPRA), and other global privacy regulations. In case local laws impose stricter requirements than this Policy, we will follow those laws in that jurisdiction.

Personal Data We Collect

We collect personal data (information that relates to an identified or identifiable individual) that you provide to us directly, that is collected automatically through your use of our Services, or from third parties. The types of personal data we may collect include:

  • Contact Information: Name, email address, telephone number, postal address, and other identifiers you provide.
  • Identity and Travel Documents: Date of birth, nationality, passport or ID number, visa information, loyalty program or frequent flyer numbers, and other information required for booking travel or verifying your identity.
  • Booking Details: Information related to your travel bookings or inquiries, such as destinations, travel dates, accommodation and transport preferences, special requests, and any preferences or dietary/health requirements relevant to your travel (which may reveal sensitive personal data like health or religious information, collected with your consent when required).
  • Payment Information: Payment card details or other payment information needed to process your booking and related billing information (note: we process payments securely and do not store full card numbers unless necessary).
  • Account Credentials: If you create an account, we collect login credentials (such as username and password). We also maintain your account preferences and settings.
  • Device and Usage Data: When you use our website, we collect technical information such as your IP address, browser type, device identifiers, and browsing actions. We use cookies and similar tracking technologies to collect data about your interactions with our site (see Cookies and Tracking Technologies below). This may include information like pages viewed, links clicked, and search queries.
  • Location Data: With your permission (for example, if you use a mobile app and consent to location access), we may collect geolocation data to offer location-based services (such as nearby offers or relevant destination information).
  • Communications: Copies of your communications with us, including inquiries, feedback, or complaints via customer service emails, phone calls, or chat. (Phone calls may be recorded for quality assurance and training, and we will inform you at the start of the call if recording is in effect, where required by law.)
  • Children’s Data: Our Services are not intended for use by children. We do not knowingly collect personal data from anyone under the age of 16 (or the minimum age in your jurisdiction for consent to data processing). See Children’s Privacy below for more details. If you are a parent or guardian and believe your child has provided personal data, please contact us to delete the information.

We collect the personal data directly from you when you fill in forms on our site (for example, when creating an account or making a booking), communicate with us, or subscribe to newsletters. We also gather data from third parties that assist in providing our Services – for example, if you log in via a social media account or refer to a travel partner, we may receive your information from those sources (subject to their privacy policies). In addition, we may obtain demographic or fraud-detection information from third-party verification services to help us validate or supplement the data you provide.

Purposes of Use of Personal Data

We use your personal data for the following purposes:

  • To Provide Our Services: We process your personal data to facilitate your travel bookings and purchases. This includes using your information to make travel reservations (hotel, flight, transport, tours) in your name, to issue tickets or confirmations, and to provide you with the products and services you requested. For example, we use your identity and payment information to book a hotel or tour and your contact details to send you booking confirmations and travel itineraries. Processing your data for these purposes is generally necessary for the performance of a contract with you (fulfilling your booking) or in order to take steps at your request prior to entering into a contract.
  • Customer Service and Communications: We use contact and booking information to communicate with you about your bookings and to support you. This includes sending service messages (such as booking confirmations, updates, itineraries, and travel alerts), responding to your inquiries or requests, managing changes or cancellations, and providing 24/7 customer support. We may also send you administrative emails for account management (e.g. password resets, policy updates). This processing is done to fulfill our contract with you or based on our legitimate interest in providing efficient customer service.
  • Personalization and User Experience: We may use your data to personalize your experience on our site, such as remembering your preferences (currency, language, past searches) and providing tailored recommendations or content. This helps us curate offers that might interest you (for example, suggesting luxury hotel packages based on your past bookings). Such processing is in our legitimate interests to improve our Services, and we obtain consent where required (for example, for certain cookies that personalize content).
  • Marketing and Promotional Communications: With your consent (or as otherwise permitted by law), we use contact information (like your email) to send you marketing communications, such as newsletters, special offers, or promotions from Suite Collection or our partners. You can unsubscribe from marketing emails at any time. We may also use data about your bookings or preferences to customize advertising on our site or third-party platforms, where allowed by applicable law. For example, we might show you ads for vacation packages similar to those you browsed. Where required by law (e.g., in the EU/EEA), we rely on your consent to send direct marketing or to use cookies/advertising IDs for targeted advertising. In other cases, we may rely on our legitimate interest in marketing our services to you, while providing you the right to opt-out.
  • Business Operations and Improvements: We analyze usage data, feedback, and transactions to understand how our Services are used. This helps us troubleshoot problems, perform data analytics, improve site functionality, enhance the content and user interface, and develop new features. We might use aggregated, anonymized data to identify trends or usage patterns (for example, to see which destinations are most popular). We do this under our legitimate interests in running and improving our business.
  • Fraud Detection and Security: We process personal data to maintain the security of our Services, our users, and our business. This includes using certain information to detect and prevent fraud, abuse, security incidents, and other harmful activity. For example, we may use device information and login data to identify suspicious logins, or use identity verification information to prevent fraudulent bookings. We also may use and share data as needed to protect legal rights and prevent misuse of our Services (such as enforcing our Terms of Use, preventing fraudulent transactions, and protecting our customers). Such processing is based on our legitimate interests in security or on legal obligations to which we are subject.
  • Legal Compliance: We process personal data as required to comply with legal obligations . This includes maintaining records for accounting or tax purposes, complying with lawful requests by public authorities, responding to legal process (e.g., court orders) and meeting regulatory reporting obligations. For example, travel regulations may require us to collect passport details for international travel or to disclose information to customs or immigration authorities. When we are subject to a legal obligation that requires processing of personal data (such as retaining transaction records for financial regulations), we process data on the basis of that legal requirement .
  • Other Purposes with Consent: We will ask for your consent if we need to use your personal data for a purpose that is not covered by the above. If you provide consent for a specific purpose, you have the right to withdraw it at any time, and we will stop that processing for the future. Withdrawing consent will not affect any processing already occurred when the consent was in effect.

We make sure we have a valid legal basis for each use of your information. Under GDPR, the main legal grounds we rely on are: consent, contract necessity, legal obligation, and legitimate interests , as described above ( Guidance on Legal Bases for Processing Personal Data | Data Protection Commission ). In rare cases, we may also process personal data to protect vital interests (e.g., in an emergency situation regarding a customer) or for tasks carried out in the public interest , but these are not common in our day-to-day business. If you have questions about the legal basis of specific processing, you can contact us (details below).

Disclosure of Personal Data to Third Parties

We do not sell your personal data for monetary compensation. However, we do share your information with certain third parties in order to run our business and fulfill our Services, as described here. When we share data, we ensure any third party has an appropriate reason to use your data and is contractually obliged to protect it. The categories of recipients of personal data include:

  • Travel Service Providers: When you book travel through Suite Collection, we must share relevant personal data with the companies that actually provide the travel services you requested – for example, the hotel, resort, airline, car rental agency, tour operator, insurance company, or other travel supplier involved. We act as an agent to pass your details to these providers so they can honor your booking . This typically includes sharing your name, contact details, and booking info, and may include passport or government ID details and nationality (for flight bookings or if required by the provider), and any special preferences or sensitive information you provided for the booking (e.g., meal preference or disability accommodation needs). Please note: Once transferred, your data will also be subject to the privacy practices of the respective travel provider, who may contact you if needed to facilitate the service. We encourage you to review the privacy policies of any travel providers you engage through our Service.
  • Service Providers & Processors: We share personal data with trusted third-party service providers who perform functions on our behalf and under our instructions (acting as “data processors”). For example, this includes payment processors (to securely handle credit card transactions), cloud hosting and storage providers (to store our data on secure servers), IT support and maintenance contractors, marketing/email distribution platforms (to send our communications), customer relationship management (CRM) software providers, analytics and search engine providers (to assist with improving our website and understanding usage), and fraud detection services. These third parties are bound by contractual obligations to process personal data only for our purposes and in line with this Privacy Policy and applicable law.
  • Within Our Corporate Group: If Suite Collection is part of a group of companies or has affiliates, we may share personal data with our corporate parent, subsidiaries, or affiliates as necessary (for example, if certain operations or data storage are centralized within our group). Any such entities will follow practices at least as protective as those described in this Policy.
  • Business Partners: In some cases, we may partner with other companies to offer joint promotions or bundled services (for example, a partnership with a luxury hotel chain for a special package). If you decide to take part in such offers, we may share your details with the relevant partner to the extent needed (e.g., to verify your eligibility or to fulfill the offer). We will do this only with your consent when required by law.
  • Advertising and Analytics Partners: We use third-party analytics tools (like Google Analytics) to collect information about usage of our Services, and advertising networks to serve ads on our behalf. These companies may set cookies or similar tracking tech on our site (with your consent where required) to collect usage data and preferences. The information shared is usually pseudonymous (like a cookie ID or hashed email) and is used to provide aggregate statistics or to serve you tailored advertisements. See our Cookie Policy for more details on these practices. You can opt out of certain sharing for advertising via our cookie consent tool or through industry opt-out sites as explained in the Cookie Policy.
  • Legal and Safety Reasons: We may disclose personal data if we believe in good faith that such disclosure is necessary to: (a) comply with any applicable law, regulation, legal process, or governmental request (for example, responding to a subpoena, tax authority request, or investigation by a data protection regulator); (b) enforce our Terms of Use or other agreements, or to investigate potential violations thereof; (c) detect, prevent, or address fraud, security, or technical issues; or (d) protect the rights, property, or safety of Suite Collection, our customers, or the public. This may involve sharing information with law enforcement, regulators, or legal counsel as appropriate.
  • Corporate Transactions: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal data may be transferred as part of that transaction. We would seek to ensure the new entity will honor the commitments we have made in this Policy, or we would notify you and give an opportunity to opt out of the transfer if required by law.

No Sale of Personal Information: We do not disclose personal information to third parties for their own direct marketing purposes without consent. In the context of CCPA, we do not “sell” your personal information for monetary value. If that changes in the future, we will update our practices and provide a “Do Not Sell or Share My Personal Information” option on our website. We also do not share personal information for cross-context behavioral advertising without the appropriate opt-outs in place (see California Privacy Rights below for more information on your opt-out rights).

When we share data with service providers or partners, we do so under agreements that protect your data. Where required, we rely on appropriate legal mechanisms for data sharing (for instance, standard contractual clauses for transfers outside certain regions – see next section). We only share the minimum information necessary and we do not allow third parties to use your data for purposes other than those specified by us.

International Data Transfers

Suite Collection is a global business. The personal data we collect from you may be transferred to and stored in countries other than your own , including the United States, the European Economic Area (EEA), and other regions. For example, if you are in the EU/UK, your data may be transferred to our servers or databases in a country outside the EEA (such as the United States) or to travel service providers in the country of your destination. These countries may have data protection laws that are different from (and potentially less protective than) the laws of your jurisdiction.

Whenever we transfer personal data across borders, we take steps to ensure that appropriate safeguards are in place to protect your information and ensure lawful transfer in accordance with GDPR and other regulations . If we transfer personal data from the EU/EEA, UK, or Switzerland to a country that is not deemed by the relevant authorities to provide an adequate level of data protection, we use approved Standard Contractual Clauses (SCCs) or other lawful mechanisms to ensure your data remains protected ( International data transfers | European Data Protection Board ). These SCCs are standard data protection clauses adopted by the European Commission that legally bind the recipient to protect the personal data to EU privacy standards. In some cases, we may rely on other safeguards such as an adequacy decision (if the destination country has been officially recognized as having adequate protections) ( International data transfers | European Data Protection Board ), or binding corporate rules for intragroup transfers, or your explicit consent where permitted by law (for example, if you explicitly consent to a booking that requires sending your data to a third-party provider in a country without an adequacy decision).

We also take technical and contractual measures to protect data in transit. This includes encryption and limiting the parties who can access the data. Third-party recipients of the data (such as service providers or travel partners) are also bound by confidentiality and data protection obligations.

Transfers involving US services: Some of our external processors (e.g., cloud service providers or analytics tools) are based in the United States or other countries outside the EU. In such cases, we ensure they have certified to an approved transfer framework (if applicable) or signed the necessary SCCs with us. For instance, if we use a US-based cloud provider, we will have an SCC in place as our safeguard. We monitor developments in international data transfer law and will adjust our practices as needed (for example, implementing any supplementary measures recommended by regulators).

By using our Services or submitting your information to us, you acknowledge that your personal data may be transferred internationally as described above. We will always handle your personal data in accordance with this Policy, wherever it is processed. If you have questions about our international transfer practices, please contact us (details in Contact Us section).

Your Rights and Choices

We respect your privacy rights and provide you with reasonable access to and control over your personal data. Depending on your location and applicable law , you may have some or all of the following rights:

1. Rights for Individuals in the European Economic Area (EEA), United Kingdom, and Similar Jurisdictions:

If you are in the EEA, UK, or a jurisdiction with comparable privacy laws, you have the following data subject rights under GDPR or those local laws:

  • Right to Be Informed: You have the right to be informed about the collection and use of your personal data. This Privacy Policy is one of the ways we inform you of how we process your data (purpose, recipients, retention, etc.).
  • Right of Access: You can request confirmation of whether we are processing your personal data and, if so, request access to that data. This allows you to receive a copy of the personal data we hold about you.
  • Right to Rectification: If the personal data we hold about you is inaccurate or incomplete, you have the right to request correction or completion. For example, you can update your account information in your profile settings or ask us to correct an error in your contact details.
  • Right to Erasure (Right to be “Forgotten”): You have the right to request the deletion of your personal data in certain circumstances. This applies, for instance, if the data is no longer necessary for the purposes collected, you withdraw consent (where the processing was based on consent), or you object to processing and we have no overriding legitimate grounds to continue, or if the data was unlawfully processed. Note that this right is not absolute – sometimes we must retain certain data to comply with legal obligations or for legitimate business purposes (we will inform you if an erasure request is unable to be fulfilled for such reasons).
  • Right to Restrict Processing: You have the right to request that we limit the processing of your personal data under certain conditions. For example, while we are verifying the accuracy of data you have contested or assessing an objection you have made, you may request that we restrict processing of the data (except for storing it) until the issue is resolved.
  • Right to Data Portability: You have the right to receive personal data you have provided to us in a structured, commonly used, machine-readable format, and to have that data transmitted to another controller where technically feasible. This right applies when the processing is based on your consent or on a contract with you, and is carried out by automated means.
  • Right to Object: You have the right to object to our processing of your personal data in certain situations. You can object at any time to processing of your data for direct marketing purposes, which we will honor. If we are processing your data based on legitimate interests, you can object if you feel it impacts your fundamental rights and freedoms – we will then reconsider the balance between our interests and your rights, and we will cease processing unless we have compelling legitimate grounds or need to continue for legal reasons.
  • Rights related to Automated Decision-Making: We do not make any decisions that have legal or similarly significant effects on you solely based on automated decision-making, including profiling, as defined under GDPR. In the event we ever implement such processes, you would have the right not to be subject to a decision based solely on automated processing that significantly affects you, and you would have the right to human intervention and to contest the decision ( A guide to individual rights | ICO ) ( A guide to individual rights | ICO ).
  • Right to Withdraw Consent: If you have given consent to any processing of personal data, you have the right to withdraw your consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal. For example, you can opt out of marketing emails by clicking the “unsubscribe” link, or adjust your cookie preferences on our site for any non-essential cookies.
  • Right to Lodge a Complaint: You have the right to lodge a complaint with a data protection supervisory authority, particularly in the country of your habitual residence, place of work, or of an alleged infringement of the GDPR. For example, EU residents can find their supervisory authority’s contact details on the European Data Protection Board website, and UK residents can contact the UK Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns before you approach a regulator, so please consider contacting us first.

We will not discriminate against you for exercising any of these rights. If you make a request related to your data, we will respond within one month, or as required by law, and will inform you if we need an extension or cannot fulfill your request for a legitimate reason.

2. Rights for California Residents:

If you are a California resident , you have specific privacy rights under the CCPA (as amended by the CPRA), in addition to the general rights above. These include the right to:

  • Know – You can request to know the categories and specific pieces of personal information we have collected about you, the categories of sources of that information, the business or commercial purpose for collecting (or selling/sharing, if applicable) the information, and the categories of third parties with whom the information has been disclosed ( Frequently Asked Questions (FAQs) - California Privacy Protection Agency (CPPA) ). Essentially, you may request a copy of the personal information we have about you (similar to the access right above) as well as additional transparency about our data practices specific to California.
  • Delete – You can request that we delete personal information we have collected from you and retained, subject to certain exceptions. For example, if the information is necessary to complete a transaction you requested, to detect fraud, to exercise free speech or another legal right, to comply with legal obligations, or for certain internal uses, we may deny the deletion request for those specific data elements. If we must deny a deletion request, we will explain the reasons.
  • Opt-Out of Sale or Sharing – You have the right to opt out of the “sale” of your personal information or the “sharing” of your personal information for cross-context behavioral advertising. As noted above, we do not sell personal information for money . If in the future we engage in any practices that fall under “sale” or targeted advertising “sharing” as defined by California law, we will provide a clear and conspicuous “Do Not Sell or Share My Personal Information” link or mechanism for you to exercise this right (and we will honor Global Privacy Control browser signals as an opt-out request, as required). California law also prohibits the sale or sharing of personal information of consumers under 16 without affirmative authorization – we do not knowingly sell or share data of minors under 16.
  • Correct – You can request that we correct inaccurate personal information that we maintain about you. Upon verification of your identity and the accuracy of the new information, we will correct our records.
  • Limit Use of Sensitive Personal Information – If we collect sensitive personal information (such as government IDs, precise geolocation, financial account passwords, etc.), California residents have the right to limit the use or disclosure of that sensitive information to the purposes allowed by law (such as to provide the requested services or for security/fraud prevention). Suite Collection’s collection of sensitive info is limited (generally to what is needed for travel, e.g., passport number or health/dietary info if you volunteer it for a booking). We only use sensitive data for the purposes for which you provided it (e.g., booking your flight or accommodating a disability or meal requirement) or other purposes permitted by CCPA. If in the future we intend to use sensitive data for additional purposes (like targeted advertising), we will provide a “Limit Use of My Sensitive Personal Information” option.
  • Non-Discrimination – You have the right not to receive discriminatory treatment for exercising any CCPA rights. This means we will not deny you services, charge you a different price, or provide a different level of quality of service just because you exercised your privacy rights. If we offer any financial incentives (e.g., a discount or rewards program in exchange for retaining or using your data), we will present the terms of such program and you can opt in with consent, and opt out at any time.

To exercise your California rights, you (or an authorized agent acting on your behalf) can contact us via the methods listed in Contact Us below. We may need to verify your identity (and authority, if through an agent) before processing your request, which may involve asking you to log into your account or provide certain information to match our records. We will only use information provided in a consumer request to verify your identity or fulfill the request. For requests to know or delete, we will confirm receipt within 10 business days and respond within 45 calendar days (with an extension of up to 45 more days if necessary, with notice to you). If you are a California resident under age 18 and a registered user of our Services, you may request removal of content or information you have publicly posted on our website by contacting us. We will make reasonable good faith efforts to remove the content from public view, or anonymize it, as required by California’s “Online Eraser” law (Business & Professions Code § 22581), although complete or comprehensive removal (e.g., from cached pages) cannot be guaranteed.

3. Other Jurisdictions:

Individuals in certain other jurisdictions may have similar rights under local laws. For example, residents of some U.S. states (such as Virginia, Colorado, Connecticut, Utah from 2023) have rights to access, delete, correct, or opt-out of certain data processing. Residents of Canada have the right to access and correct personal information we hold, and may withdraw consent where processing is based on consent. If you are in a jurisdiction with privacy rights not explicitly listed above, we will endeavor to honor your requests to the extent required by applicable law. You can contact us to inquire about your rights and how to exercise them.

Exercising Your Rights: To exercise any applicable rights, please contact us using the information in the Contact Us section at the end of this Policy. Specify clearly which right you wish to exercise and provide information to verify your identity. For certain requests, we may provide self-service options – for example, you can access and update your account data by logging into your account settings. For other requests (access, deletion, etc.), we will respond as described above according to applicable law. If we cannot fulfill a request, we will explain the reason in our response (for instance, certain requests may be denied if an exemption applies, such as when fulfilling the request would conflict with legal obligations).

Data Retention

We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Policy, and to comply with applicable legal or business requirements. This means:

  • If you are a customer, we will keep your data for as long as your account is active or as needed to provide you services (e.g., to maintain your bookings history, so you can review past trips, and to facilitate future bookings).
  • We retain personal data during the period in which you might legally bring claims against us (for example, if you made a booking, we may keep the data for the duration of the statutory limitation period to protect against potential disputes).
  • We may retain certain transaction records and correspondence (including personal data) as required by law or for legitimate business purposes. For instance, we keep invoice and payment records to satisfy tax and accounting obligations, typically for at least 7 years (or as required by local law). We also retain records of consents and opt-outs for at least the minimum duration required by regulations.
  • If you request deletion of your data, we will remove or anonymize the data in accordance with our deletion practices and applicable law (see Your Rights above). In some cases, we will only retain a suppressed record (limited information to ensure we don’t contact you again, or to maintain an audit trail).
  • If you have not used your account or our services for an extended period, we may deactivate your account and delete associated data in the course of our routine housekeeping, if not required for other purposes. We will provide advance notice if required by law.
  • We continuously review the data we have and erase or anonymize personal data that is no longer needed. For example, if we collected information for a promotion or event that has since ended, and no legal requirement compels further retention, we will delete that information.

When determining retention periods, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes of processing, and whether those can be achieved through other means, as well as legal requirements. In some instances, rather than delete data, we may anonymize it so it can no longer be associated with you, and use it for analytical or historical purposes. Once we no longer have a need to retain personal data in identifiable form, we will securely dispose of it or irreversibly anonymize the information.

Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. We use industry-standard security practices. These include:

  • Encryption: We use encryption protocols (such as TLS/SSL) to secure data in transit between your device and our websites (you can verify this by the presence of “https” and a padlock symbol in your browser’s address bar when you interact with our Services). Sensitive information like payment card numbers is encrypted during transmission to our payment processor. We also encrypt certain sensitive data at rest in our databases.
  • Access Controls: We limit access to personal data to employees, contractors, and agents who need such access to perform their job duties and who are subject to strict confidentiality obligations. Our staff are trained on data protection best practices. Administrative access to systems is restricted and requires strong authentication.
  • Network & System Security: Our servers are protected by firewalls, intrusion detection systems, and monitoring for vulnerabilities. We regularly update and patch our software and infrastructure to address security issues. We employ anti-virus and anti-malware solutions. Where we use third-party cloud providers, we rely on their robust security certifications and controls as well.
  • Anonymization and Pseudonymization: When feasible, we pseudonymize or anonymize personal data, meaning that we remove or replace identifiers so that the data alone can no longer be directly linked to an individual. For example, we may store transactional data in aggregate form for analysis, without personal identifiers.
  • Data Backups and Resilience: We maintain secure backup systems and have disaster recovery plans, so we can recover data in case of physical or technical incidents. Backups are stored securely and with access controls.
  • Vendor Due Diligence: We choose service providers that maintain high standards of security. We require our data processors to adhere to adequate security measures, and we include such requirements in our contracts with them.
  • Incident Response: We have an incident response plan in place to handle any suspected data breaches or security incidents. In the unlikely event of a data breach affecting your personal data, we will notify you and the relevant supervisory authority as required by law.

While we strive to protect your data, no system can be 100% secure . The transmission of information via the internet is not completely secure, so we cannot guarantee the absolute security of data sent to our site. You share and access your information at your own risk. It is also important for you to protect against unauthorized access to your account and personal data by keeping your login credentials (passwords, etc.) confidential and logging out of your account when you are finished. If you believe that your interaction with us is no longer secure (for example, if you suspect the security of your account or personal data has been compromised), please contact us immediately. We will take appropriate steps to investigate and address the issue.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to provide, personalize, and improve our Services. Cookies are small text files placed on your device (computer, smartphone, etc.) when you visit a website, which are then read on subsequent visits. We use cookies for several reasons:

  • Essential Cookies: These are necessary for our site to function properly. For example, they help remember items in your cart or allow you to log into secure areas of the site. Without these cookies, some Services (like account login or booking process) might not work Because they are essential, they are always active – but they do not collect personal data for marketing.
  • Functional Cookies: These cookies allow our site to remember choices you make (such as your username, language or region, or other preferences) to provide enhanced, more personalized features. They may also be used to provide services you have asked for (like live chat support) or to remember your preferences in the cookie consent tool. Functional cookies may be first-party or set by third-party providers whose services we added to our pages.
  • Analytics/Performance Cookies: We use these to collect information about how visitors use our site – for instance, which pages are visited most often, how users move around the site, and if they encounter errors. This helps us improve the website’s performance and your experience. We might use third-party analytics tools (like Google Analytics) that set their own cookies to track user interactions. The data collected is typically aggregated and does not directly identify individuals. For example, we learn overall usage stats rather than looking at what a single person did.

Advertising/Targeting Cookies: Suite Collection (and our advertising partners) may use cookies to deliver advertisements that are relevant to you and your interests. These cookies remember that you visited our site and track your browsing activities across the Internet. They are used to build a profile of your interests and show you relevant ads on other sites (sometimes known as interest-based advertising). For example, if you searched for luxury resorts on our site, you might later see an ad for our resort packages on a different website. These cookies are usually placed by third-party ad networks with our permission. They do not directly store your personal details (they typically rely on browser and device identifiers) but they uniquely identify your browser and internet device. If you opt out of these cookies, you will still see ads, but they may be less relevant to you.

We may also use related technologies like web beacons or pixels (tiny images embedded in pages or emails that track if they’re viewed), SDKs in mobile apps, or local storage, for similar purposes. For simplicity, we refer to all these as “cookies.”

Cookie Duration: Some cookies are session cookies , which exist only for the duration of your browser session and are deleted when you close the browser (for example, the cookie that keeps you logged in will be removed once you log out or close the browser). Others are persistent cookies that remain on your device for a set period of time or until you delete them. Persistent cookies help us recognize you on return visits. For example, a functional cookie might remember your preferred language for a year, so you don’t have to re-select it each time. Advertising and analytics cookies may persist from a few days up to a couple of years, depending on their function (for instance, an analytics cookie might last 24 months to track returning users over time, whereas an ad cookie might expire in 3 months if you don’t revisit certain sites). The specific duration of each cookie is set by us or the third party placing it. You can always delete cookies manually via your browser (see Managing Cookies below).

Managing or Withdrawing Consent to Cookies: On your first visit to our site (and periodically thereafter), you will see a cookie consent banner or pop-up. Except for strictly necessary cookies , we will not set cookies on your device without your consent when required by law (e.g., under the EU ePrivacy Directive, consent is needed for non-essential cookies). You have the right to choose which categories of cookies to accept or reject. Our banner allows you to accept all cookies or reject/adjust preferences for certain types (such as disabling analytics or marketing cookies). You can change your preferences at any time by accessing our Cookie Settings tool (usually found as a link like “Cookie Preferences” or in the site footer). If you withdraw consent for non-essential cookies, we will stop using them on future visits.

In addition, browser settings provide a way to manage cookies:

  • You can set your web browser to refuse all or some cookies, or to prompt you before accepting a cookie from websites. Most browsers also allow you to delete cookies that have already been set.
  • For example, in Chrome you can clear cookies and set preferences via Settings > Privacy and security ; in Safari via Preferences > Privacy ; in Firefox via Options > Privacy & Security ; and similarly for other browsers. Refer to your browser’s help documentation for specific instructions. Support articles for major browsers can be found here: Chrome (Google), Safari (Apple) , Firefox (Mozilla), Edge/Internet Explorer (Microsoft). (Links are provided on our website in the Cookie Policy section.)

Please note: if you disable or delete cookies, our site may not function as intended. For instance, if you block all cookies, you may not be able to use features like the booking engine or remain logged in. We recommend keeping essential cookies enabled for basic functionality.

Third-Party Cookies: Some cookies on our site are placed by third parties – for example, advertising networks, analytics providers, and partners. We do not control these cookies, but we endeavor to ensure that any third-party cookies on our site are from parties that respect your privacy and comply with regulations. You can use your browser or our consent tool to manage these cookies. Additionally, you can opt out of certain third-party advertising networks by visiting the Digital Advertising Alliance’s opt-out page or the Network Advertising Initiative’s opt-out page, or for EU users, the Your Online Choices site. These allow you to opt out of interest-based advertising from participating companies. Keep in mind this does not mean you will opt out of receiving any ads, but rather opt out of personalized (targeted) ads from those companies.

Do Not Track: “Do Not Track” (DNT) is a setting available in some web browsers that signals a preference not to be tracked across websites. Currently, there is no uniform standard for how to respond to DNT signals, and our site does not respond differently to browsers with DNT enabled. Instead, we offer the privacy controls described in this Policy (consent tools and opt-outs). If a consensus standard for DNT emerges, we will revisit this approach.

For more detailed information about the cookies and trackers we use, and the specific data they collect, please review our separate Cookie Policy (linked at the bottom of our website). By using our site with cookies enabled in your browser, you consent to our use of cookies as described in that policy. If you have any questions about our Cookie Policy or require further information, please contact us.

Children’s Privacy

Our Services are not directed to children under the age of 16 , and we do not knowingly collect personal data from children under 16 (or the relevant minimum age in your jurisdiction) without appropriate parental consent. If you are under 16, please do not use or register on our site or provide any personal information to us. Suite Collection is a travel service intended for use by adults (and minors traveling with adult supervision). A parent or guardian must make bookings on behalf of any minors.

In certain cases, we might collect information about children who are included as guests in a booking (for example, if you book travel for your family and provide the names/ages of your children). We process that information solely to fulfill the booking and travel requirements (such as providing child reservations to airlines or hotels) and with the consent of the parent or guardian who is making the booking. If we learn that we have inadvertently collected personal data directly from a child under 16 without verifiable parental consent, we will delete that information as quickly as possible.

If you are a parent or guardian and you believe we have collected personal information from your child without consent, please contact us immediately. We will take prompt steps to investigate and, if appropriate, delete the information from our records. We encourage parents to supervise their children’s online activities and to use parental controls or other tools to help provide a safe online environment.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. If we make material changes, we will post the updated Policy on our website and change the “Last Updated” date at the top. In some cases, we may notify you of significant changes by email or through a notice on our homepage (for example, if we start processing personal data for a new purpose that requires your consent, we will obtain your consent). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If you disagree with any changes to this Privacy Policy, you should stop using our Services and can request that we delete your personal data (as per your rights described above). Your continued use of our Services after the effective date of an updated Policy will constitute your acknowledgment of the changes and agreement to the updated terms, to the extent permitted by law.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us at:

Suite Collection PTY LTD

Email: welcome@suitecollection.com

Data Protection Officer: Tom Gibson

We will be happy to assist with inquiries about your personal data or to address any issues you may have. If you contact us to exercise a privacy right, please indicate the right you wish to exercise and provide us with information to verify your identity. For security, we may need to verify your identity before executing your request.

If you feel that we have not addressed your privacy question or concern satisfactorily, you have the right to contact your local data protection authority (for example, the EU supervisory authority or the California Privacy Protection Agency, as applicable). However, we kindly invite you to contact us first, so we can try our best to resolve the matter. Your privacy is important to us, and we will do our utmost to address any issues.

Cookie Policy

Last Updated: 21/04/2025

What Are Cookies?

This Cookie Policy explains how Suite Collection (“we” or “our”) uses cookies and similar technologies on our website. Cookies are small text files that websites save on your browser or device when you visit. They are widely used to make websites work, or work more efficiently, as well as to provide reporting information. Cookies help us remember your preferences, enhance your user experience, and understand how our site is performing. In this Policy, we also include similar tracking technologies like web beacons, pixels, or SDKs in the term “cookies.” We will outline what types of cookies we use, for what purposes, and how you can manage your cookie preferences.

By using our website with your browser set to accept cookies, you consent to our use of cookies as described here (except to the extent you later disable them). This Cookie Policy is complementary to our Privacy Policy and should be read together with it.

How We Use Cookies

We use both first-party cookies (set by Suite Collection’s domain) and third-party cookies (set by other domains with our permission) for several reasons:

  • Necessary Cookies: These cookies are essential for the basic functioning of our site. They enable core features such as secure log-in, session identification, and shopping cart functionality. For example, when you log into your account or add a travel booking to your cart, we use a cookie to maintain your session. Necessary cookies are usually first-party cookies set by us. They do not gather information about you for marketing or remember where you’ve been on the internet. Because the site cannot function properly without these cookies, they are always active; we do not require consent for strictly necessary cookies.
  • Functionality Cookies: These cookies allow our site to remember choices you have made in the past in order to provide enhanced, more personalized features. For instance, they may remember your username, language or region, so you don’t have to re-enter these every time. They might also remember changes you’ve made to text size, font, and other customizable parts of web pages. If the site offers specific features like a travel wishlist or saved preferences, these cookies ensure those features remember you. Functional cookies may be set by us or by third-party providers whose services we have added to our pages (for example, a live chat widget or a map feature). Disabling these cookies might make some features less convenient, but the site should still work.
  • Analytics/Performance Cookies: We use these cookies to collect information about how visitors use our website – which pages are visited, which links are clicked, what errors may have occurred, etc. This data helps us understand and improve our website’s performance and user experience. For example, we may use Google Analytics cookies to see which travel package pages are most popular or to identify if certain pages have a high bounce rate. The information collected by these cookies is aggregated and anonymous; it does not identify you personally. It tells us things like how many users visited our site, what pages they looked at and for how long, and what website referred them to us. This helps us analyze trends and make our site better. In some cases, these analytics cookies may be set by third-party analytics providers (like Google Analytics, Adobe Analytics, etc.) on our behalf. We treat them as third-party cookies, but the data is used by us for our purposes. We only use analytics cookies if you have given consent where required.
  • Advertising/Marketing Cookies: Suite Collection and our advertising partners use these cookies to deliver advertisements that are relevant to you and measure the effectiveness of ad campaigns. These cookies track your browsing habits on our site and other sites across the web in order to understand your interests. For example, if you browse luxury hotels on our site, an advertising cookie might note that, and our partner ad network may show you an ad for a Suite Collection resort deal when you later visit a news site. These cookies often come from third-party companies (such as ad networks like Google Ads, Facebook, or others) and may collect data via a unique identifier for your browser and device. They help limit the number of times you see the same ad and help us gauge the effectiveness of our marketing efforts (e.g., whether someone who saw an ad on another site later came and booked on our site). Marketing cookies may also include social media cookies that allow you to share content or log in via social networks, which can track your browsing for purposes of ad targeting. We will only use advertising cookies if you have opted in to them. If you disable these cookies, you will still see advertising, but it will be less targeted to your interests.

Other Tracking Technologies: In addition to cookies, we (or our partners) might use web beacons (transparent image files), pixels, or tags within our pages or emails. These work in conjunction with cookies to help us understand user behavior. For example, an email pixel can tell us if you opened a promotional email and clicked a link, which helps us make our communications more useful. Similarly, on the site, a beacon might log that a user visited a particular page. These technologies typically rely on cookies to function; thus, if you disable cookies, they will be largely disabled as well.

Cookies We Use (Categories and Examples):

To give you a clearer picture, here are the categories of cookies in use and examples of data they handle (note: for brevity, we don’t list every individual cookie by name, and specific cookies may change as we update our website):

  • Session Management (Essential): For example, we set a cookie to keep you logged in as you navigate through secure areas of the site. This cookie (e.g., session_id) contains a random unique identifier tied to your session and expires when you log out or close your browser. Another essential cookie keeps track of items you add to your booking cart or itinerary before checkout. Without these, the site would not remember your selections as you move between pages.
  • Preference Cookies (Functional): We might use a cookie to remember if you previously closed a pop-up or to store your preferred currency or language (e.g., site_lang=en). These cookies may persist for a few days or weeks so that your preference is “remembered” on subsequent visits. For instance, if you choose English and USD on your first visit, the site can auto-select those for you next time.
  • Analytics Cookies (Performance): Our analytics provider (e.g., Google) may set cookies named things like _ga, _gid which assign an anonymous ID to your device and track how you navigate our site. This helps count unique visitors and gather statistics like number of visits, pages viewed, traffic source (like whether you came from a search engine or another site). These cookies typically persist for 24 hours (_gid) up to 2 years (_ga). The data is aggregated so we see overall usage patterns, not individual user behavior. We also might use heatmap or A/B testing cookies that help us see where users click or how they respond to different page designs – again, to improve the site.

Advertising Cookies (Targeting): Ad partners may set cookies (such as Facebook Pixel or Google Ads cookies like IDE or _fbp) that collect information about your browsing of our site and other sites. They might store things like which pages or products you viewed, or that you searched for “Maldives vacation”. They use this to categorize your interests (e.g., “luxury travel enthusiast”) and show you ads accordingly. These cookies can persist for varying lengths (often 3 months to a year). If you consented to marketing cookies, these help ensure our ads reach people likely to be interested and help avoid showing you irrelevant content. They also allow frequency capping (limiting repeat ad views) and retargeting (showing you Suite Collection ads on other sites after you visited ours).

Cookie Duration: As noted, some cookies last only until you close your browser (session cookies), and others last longer (persistent cookies). Persistent cookies have expiration dates written into their code; for example, a cookie might be set to expire 30 days or 1 year after it’s created. When that expiration date is reached, the browser will automatically delete the cookie. We choose expiration durations that make sense for the cookie’s purpose. For example, a cookie storing your cookie consent preferences may last a year so we remember your choice, whereas a shopping cart cookie might last only a few days if your booking isn’t completed.

Please be aware that third-party cookies (like those from analytics or ad partners) have their own privacy policies and expiration periods; we do not control their settings, although we can choose whether to permit them on our site.

Managing Cookies and Consent

You have several options to manage or disable cookies to suit your preferences:

  • Cookie Consent Tool on our Site: When you first visit, you will see a cookie banner requesting your consent for non-essential cookies. You can accept all, reject all, or customize your choices (e.g., allow only certain categories like analytics but not advertising). If you want to change your decision later, you can access our Cookie Settings at any time (usually via a “Cookie Preferences” link in the website footer or settings menu). From there, you can adjust which categories of cookies are active and save your preferences. If you withdraw consent for a category, we will stop setting those cookies moving forward (note that it won’t automatically delete cookies already set; see browser controls below for deletion). Using our consent management platform (CMP) is the easiest way to ensure our site respects your preferences. For example, clicking “reject analytics cookies” in our CMP will disable Google Analytics on our site for your browser.
  • Browser Settings: Most web browsers allow you to control cookies via their settings. You can usually:
  • Clear existing cookies – remove some or all cookies stored on your browser.
  • Block cookies – instruct the browser to prevent cookies from being set. You might be able to block all cookies, or only third-party cookies, or only cookies from certain sites.
  • Receive alerts – set the browser to notify you when a website tries to set a cookie, so you can accept or decline.
  • The methods vary by browser: For instance, in Google Chrome, you can go to Settings > Privacy and security > Cookies and other site data to block or allow cookies and see current cookies; in Safari, go to Preferences > Privacy and choose to block all cookies or manage website data; in Mozilla Firefox, see Options > Privacy & Security > Cookies and Site Data. Microsoft Edge and other browsers have similar sections in their settings. We have provided direct links to instructions for major browsers on our site (Chrome , Safari , Firefox, Internet Explorer/Edge, which you can refer to for detailed guidance.
  • Note: Blocking all cookies might cause websites (including ours) to not function optimally. For example, if you block all third-party cookies, some embedded content or features provided by external providers might not load. Blocking all first-party cookies might prevent you from logging in or completing bookings. We suggest using a balanced approach: perhaps disable third-party cookies for more privacy, but allow first-party cookies so sites you use often will work.
  • Do-Not-Track and Global Privacy Controls: Some browsers have a “Do Not Track” (DNT) setting or newer “Global Privacy Control” (GPC) signals that aim to communicate your tracking preferences to websites. Currently, our site does not respond to DNT signals in a uniform way, because there is no widely-adopted standard for doing so. However, we do interpret Global Privacy Control signals as a valid opt-out request for CCPA purposes regarding the sale or sharing of personal info. If you have GPC enabled, we will treat it as if you had clicked “Do Not Sell or Share” for our site (meaning we will disable third-party marketing cookies for that browser by default). Apart from such regulations, for general cookie control, we recommend using the methods above (consent tool or browser settings) for now.
  • Opt-Out of Targeted Advertising: If you want to specifically opt out of interest-based advertising (and the related cookies), you can visit industry opt-out pages. The Network Advertising Initiative (NAI) offers an opt-out page for member companies. The Digital Advertising Alliance (DAA) offers a Consumer Choice tool for web users and a separate one for mobile app data (via app). In Europe, you can use the EDAA’s Your Online Choices page . These tools usually work by setting an opt-out cookie in your browser to signal your opt-out; make sure to allow that cookie, or else your opt-out may not be honored. Keep in mind that using these tools will opt you out of receiving targeted ads from participating networks, but you will still receive generic ads.

Cookie Consent in the EU: As an international company, we strive to comply with the EU ePrivacy Directive and GDPR requirements on cookies. This means we obtain your prior consent for any cookies that are not strictly necessary for our site’s operation. Our cookie banner is configured to not drop non-essential cookies (like analytics or advertising cookies) until you have given consent by clicking “Accept” or enabling those categories in preferences. If you choose to decline or ignore the banner, we will assume no consent for those categories and they will remain inactive. We also log and store records of user consents (and withdrawals) as required, to demonstrate compliance.

Third-Party Privacy Policies: Please note that any third-party cookies on our site are subject to the respective third parties’ privacy policies. For example, if we use Google Analytics, Google’s Privacy Policy will apply to the information Google collects. The same goes for Facebook, Twitter, or any social media plugins, etc. We provide links in our Privacy Policy or here for some of these major providers so you can read their policies and manage your preferences on their platforms. For instance:

We do not have control over these external services, but we do endeavor to work only with reputable partners who respect user privacy and offer opt-outs.

Changes to this Cookie Policy: We may update this Cookie Policy from time to time (for example, if we adopt new cookies or if regulations change). The “Last Updated” date at the top will reflect the latest revision. We encourage you to review this policy periodically. Significant changes may be communicated via a notice on our website or via email if appropriate. Continuing to use our site after we post any changes will signify your acceptance of those changes.

Contact Us: If you have any questions about our use of cookies or your choices, please contact us at [Contact Email] or via the methods listed in our Privacy Policy’s Contact section. We will be glad to assist you with any inquiries or concerns.

By using Suite Collection’s website, you trust us with your travel plans and also some of your data. We value that trust and aim to be transparent and responsible with our use of cookies and personal information. Thank you for reading our Cookie Policy, and happy browsing!

ABOUT SUITE COLLECTION
Luxury Suites, Extraordinary Experiences

Suite Collection is a curated collection of beautiful suites at the world's most iconic and unique destinations, complimented with access to the most awe-inspiring and incredible experiences on offer.

We are committed to enhancing your journey, one memorable moment at a time. Our Suite Collection promise to you is that our guests always get our best prices and personalised service that exceed your expectations.

JOIN THE WORLD OF SUITE COLLECTION
BOOK WITH PURPOSE

Beyond the luxury of our collection, our priority is to give back to those communities & people in need.

For every hotel or experience booked on Suite Collection, a portion will be donated to charities around the world with our hotel & experience partners.

A RELIABLE PLATFORM FOR LUXURY

Suite Collection is a trusted destination for luxury travel, offering a curated selection of the world’s finest hotel suites and access to the most extraordinary experiences.

Every property featured is handpicked for its design, service and character - ensuring only the best of the best make it onto our platform.

From iconic city stays to remote island escapes, Suite Collection delivers not just luxury, but reliability.

EXPERIENCE EXTRAORDINARY

At Suite Collection, our team of Experience Tailors is made up of seasoned travel experts with local insider knowledge and unparalleled access to the world’s most exclusive experiences and events.

From private yacht charters in the Mediterranean to front-row seats at global cultural and sporting events, we go beyond the ordinary to craft and elevate your travel.

Once you have selected your suite, opt-in to our Tailored Experiences to talk with our team about how we can enhance your next journey.

PERSONALISED SERVICE

Suite Collection combines seamless online booking with truly personalised service - each reservation made is followed up by a dedicated team member to ensure every detail is tailored to your preferences, creating a luxury experience from the moment of confirmation.

JOIN THE WORLD OF SUITE COLLECTION
VIEW SUITES
BACK TO TOP