Privacy Policy

OneHotel.asia site privacy policy: updated on 24th February 2025

Introduction

This website and related services are owned and operated by OneHotel Co., Ltd. a Thai registered company providing hospitality software as a service, including payment facilitator and payment gateway services, enabling hotels, independent properties to process payments both VCCs and guest’s credit cards (via payment links), OneHotel Co., Ltd., offers its software web applications through the following domain names: www.1hotelconnect.com, www.1hotelsolution.com, www.1hotelrez.com for each of its individual software modules, whereas www.onehotel.asia only gives basic information about the company, products, services it offers as well as any marketing or PR activities.

We understand that you care about how your information is used and shared when you enter it on our websites, www.onehotel.asia and other 3 domain names mentioned above, or use OneHotel’s payment services as a merchant (hotel’s website) or shopper (guests), and this notice describes our privacy policy and practices.

OneHotel Co., Ltd. respects each individual’s right to personal privacy. We will collect and use information through our website including registration forms, inquiry forms, product transaction forms, mobile and API services only in the ways disclosed in this statement.

Online payment transactions involve transfer of data across international borders, as well backing up of data at our secured data centers in Singapore and Thailand. This means that data may be transferred, processed and stored outside Thailand. By submitting your data directly or through a third party such as a merchant (hotel’s websites using our web application), you are agreeing to such transfer, processing and storage.

OneHotel Services and You

When using OneHotel’s services, technologies, functions, website or applications, the terms of this policy will apply.

OneHotel acts as a technology provider supplying secure online and mobile digital payment processing services as well as web applications that offer primary tools to hotels to facilitate their operations, bookings online such as PMS (Property Management System) www.1hotelsolution.com , Channel Manager www.1hotelconnect.com and Booking Engine www.1hotelrez.com to hotel businesses known as merchants so that they can sell their rooms and services to their guests both domestically and worldwide.

The personal information collected by OneHotel depends on how you are using our services.

Individuals typically interface with OneHotel in one of the following ways:

Site Visitor: If you are visiting our website for details about our products and services, you may be asked to enter your personal details on an online form to receive more information. Cookies may be used to track site usage to assist in product development or monitor behavior for marketing purposes. Visitors may initially be asked to expressly consent to cookie usage. Certain interactions with Sales and Support staff may involve recording of conversations and in such situations you will have the option to accept or reject such recording.

Merchant: you may be a business customer that has consented to OneHotel’s terms of service under a merchant or other formal agreement and use OneHotel to conduct secure online sales or an individual in the employ of such a party. To set up a merchant account you will need to provide personal details, business data and identifying documentation to comply with KYC and AML requirements relating to the payments industry. This information is required by OneHotel’s partners, which may include banks, as well as non-banks who provides similar services such as payment processing , payment gateways.

Shopper: You may be a business or consumer using OneHotel’s secure online payment technologies to complete the purchase of hotel rooms and services from a merchant (hotels) that has selected OneHotel as its payments solution. Your own choice of payment method will usually determine what personal data is passed to OneHotel to enable your payment transaction to take place. It could be name, address and credit/debit card details, electronic bank transfer information, or pay-wallet credentials if using a service such as PayPal, or tokenized data if using a service such as Apple Pay.

While such secure transactions may be completed in just a few seconds they are often complicated by the fact that live anti-fraud checks need to be conducted to verify that the actual card owner is generating the transaction. Data also has to be passed to the relevant payment processors; banks, payment card and payment account services may need to be notified; legal tax invoices generated, and transaction confirmations delivered; and this is dictated by the Shopper’s choice of payment method and selected merchant. Often these transactions may be international in nature, involving transfer of data across borders and continents. Some or all of these steps may all involve the transfer and sharing of personal data down a chain of service providers and third parties including merchant referrers, the storage of transaction records in accordance with regulatory or contractual requirements as well as the use of tracking cookies.

The relevant merchant (hotels) may need to receive personal data in order to facilitate the transaction and retain such data for their records in accordance with their own respective privacy policies. Shoppers may also have elected to pay in instalments using a ‘buy now pay later service’ that requires relevant personal data being shared with such service.

If a Shopper makes a purchase through a merchant that operates through a marketplace service (such as OTAs, booking.com , etc.) this may involve some personal data being transmitted to both the marketplace and the merchant and their respective privacy policies will apply.

The Information OneHotel Collects

The types of personal information we may obtain or you may choose to provide include:

• Contact information (such as name, postal address, email address, phone number)
• Business contact information, job function, title, department, name and size of organization
• Username and password
• Payment account data – such as credit card information
• Content provided (includes social media submissions – comments, articles, ratings)
• Mobile and device unique identifiers
• Geo-location data
• Business records and identification documents
• IP address, browser type, operating system
• Recording of conversations with Sales and Support
• Other information (such as tracking behavior, cookie preferences, language preferences, age, date of birth, gender and family status), time stamps, device details

Some of this information may be collected automatically by using technologies such as cookies and web beacons, when you interact with advertisements, mobile applications, sales pages, website pages and other digital applications. Often shoppers will provide information themselves when interacting with merchants to purchase goods and services.

Use of Information Collected

The information is collected to perform the following functions:

• Process payment transactions (including authorization, clearance, invoicing, tax calculation, currency exchange, shipping, delivery, processing refunds, chargebacks, provision of customer support and dispute resolution processes)
• Generation of invoices, transaction confirmation notices, delivery of licenses, access keys, product download files and associated documentation, subscription accounts, instant notifications relating to transactions, refunds and refund notices, warranty and dispute records, customer profiles, tax payments
• Communicate with you, respond to inquiries and send service notices, issue notices about functions and services you are registered to use including significant developments about the website and/or eCommerce services. (Users cannot normally op-out of this kind of email communication without cancelling the relevant service).
• When OneHotel acts as payment service provider, merchant and/or reseller for product suppliers, we may need to share relevant customer information with the specific merchant/product supplier involved in the transaction in order for them to fulfill the transaction. Such information is supplied on the condition that it will not be used for spamming or direct marketing by another party. Occasionally such product suppliers may sell, transfer or assign their business to new owners and in such circumstances data records may be accessible to the new owners subject to such parties satisfying the underwriting requirements of OneHotel and assuming the ongoing responsibility for the proper protection of such data by committing to relevant contractual provisions.
• Check applications for use of OneHotel services, perform account underwriting and KYC reviews, protect against and prevent customer and transaction fraud, unauthorized transactions, claims, manage risk exposure, conduct periodic risk reviews and credit checks.
• Evaluate business, product development, improve services, perform marketing activities, run billing, invoicing and account reconciliation functions, staff training and customer support records.
• Compliance with legislation, regulations, legal requirements and law enforcement measures, orders and subpoenas from judicial and governmental authorities, enforcement and defense of contractual and legal rights and claims, generation of reserves, guarantees and sureties.
• Perform data analysis and generation of aggregated data reports based on anonymized information for benefit of BlueSnap, Merchants, processing partners, regulators and customers, auditing practices, conducting business intelligence, performance reporting.
• Compliance with internal policies, card industry and payment scheme requirements.
• Payment Card Industry (PCI) assessment and validation.
• Provide you with content, data and advertising tailored to your individual interests, enabling you to access BlueSnap services such as the Merchant or Shopper Control panel, support, chargeback management services.
• Consensual storage of shopper payment information for subsequent or recurring transactions.
• Track sellers.
• Provide information to regulators, Card Associations, acquiring banks, investors and professional advisers.

OneHotel may also use information in other ways for which we provide specific notice of at the time of collection.

Site Visitor: As a guest we may set tracking and behavioral cookies when accessing BlueSnap site and landing pages. These may include IP, device, technical usage, time, language and geolocation data. If you decide to request more information, sign up for newsletters, set up a sales call or use support facilities you may be asked to provide name and contact details. Such information may be shared with advertising and marketing services to create and present more relevant and targeted marketing campaigns, content and products.

Shopper: To process payment and delivery of products and services OneHotel receives your transaction information – this may include name, ID info, address, email, phone number, delivery details, card/bank/pay wallet data, currency, transaction amount, gender, gift recipients, donations, IP, technical usage, language, geolocation and relevant affiliate tracking details. Support and post purchase services, refund and chargeback processes may require the use of similar information. You might have access to a shopper account generated by your merchant seller that is powered by or accessed through OneHotel, to review purchases and set preferences for instance related to subscription and recurring charge transactions and payment card details.

Merchants: Business-related information is collected including corporate structure, tax numbers, beneficial interests, beneficiaries, ID info, social security numbers, name, address, email, phone, banking details, references, financial information, locations, nationality, web site ownership, signatory information, staff access, PCI records, technical details, IP, verification and data relating to PCI/ KYC/AML/Transaction fraud checks, affiliate referral tracking details.

How and Where Information Is Stored

OneHotel maintains administrative, technical and physical safeguards designed to protect the personal information provided or collected against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or misuse. Data is also routinely backed up at secure locations in Thailand and Singapore in accordance with standard industry practice. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. Payment information is secured and protected in accordance with the Level 1 standards of the PCI-DSS via our technical partners, such as banks, PayPal, Omise, GHL, the definitive security certification of the payment card industry. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any further questions about privacy or security, or have reason to believe your data security has been compromised please contact us immediately by sending an email to: security@onehotel.asia.

The international nature of OneHotel’s services means that personal data may be transferred beyond your national borders when you use OneHotel’s services or purchase from or sell to persons or entities outside your country. By using such services you are deemed to understand and accept that data may be subject to such cross-border transfers.

How long data is retained

OneHotel stores personal information for as long as necessary to fulfill the purpose for which the personal information was collected and as required or authorized by law. We take measures to delete or permanently de-identify personal information as required by law or if no longer required for the purpose for which it was collected. Certain data relating to transaction records particularly billing and invoice information may be required to be safeguarded for significant periods of time in accordance with standard tax and accounting law and practices, or to enable refund and chargeback requests to be processed on behalf of shoppers.

Sharing of Personal Information

OneHotel does not sell or otherwise disclose personal information we collect about you except as disclosed in this Privacy Policy or as may be disclosed to you at the time information is collected. As indicated above data collected from web site visitors may be shared with marketing and advertising partners.

OneHotel may share personal information collected with its subsidiaries / partners and other OneHotel entities that process payment transactions as well as relevant merchants, fraud prevention services, card and alternative payment services, relevant banks, payment processors/acquirers and business partners.

OneHotel may share certain information with service providers who provide or perform services on behalf of OneHotel. We authorize such services providers to use or disclose such information only as necessary to perform services on our behalf or to comply with legal requirements. Such entities are required by contract and/or law to safeguard the privacy and security of personal information processed on our behalf. We may also share personal information with other parties with your express consent.

Personal data used with respect to payment transactions involving individuals of the EU/EEA, Switzerland and UK often needs to be passed to other parties as part of the transaction process. Transfers of data may be through APIs, email, and other formats, and may be bi-directional. OneHotel takes steps to ensure that such parties are committed to compliance with applicable data law including the GDPR and that any additional Data Processors or Sub-Processors used are retained under a contractual duty of compliance and are able to respond to data subject access requests. In certain situations, BlueSnap and its subsidiaries might be deemed to be acting on the instruction of other transaction services or together with such parties, in which case OneHotel shall itself be obligated to act in a manner compliant with applicable data law.

Certain Merchants might use checkout and other systems as part of the payment transaction process that might be integrated with OneHotel. Accordingly personal information that you provide to such services either directly or through your selected Merchant might be passed to OneHotel. OneHotel treats such personal information in accordance with this Privacy Policy, however other entities might have their own policies and these should be thoroughly checked by you.

OneHotel may use third-party service providers, for example to provide you with support when using our site and including the use of live chat software. When you sign up for our services we will share your personal information only as necessary for the third party to provide that service. Personal information collected relating to marketing and Merchant underwriting functions may be stored and processed on secure compliant cloud-based services provided by third parties to OneHotel. Such service providers are contractually required by OneHotel to act in compliance with relevant data law.

Merger, sale and/or transfer of corporate assets or reorganization

OneHotel may transfer information as part of any corporate merger, sale, acquisition, transfer or assets or reorganization without notice. Such transfer will be on the basis of the continuation of all privacy rights set out in this document. You will be notified via email and/or a prominent notice on our website of any change in OneHotel ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Payment data

Personal payment information such as credit card numbers, bank account information, name, email address and phone number is routinely collected and passed on to authorized payment processors, banks, acquirers, and credit card companies in order to make payments authorized by OneHotel customers. Such information is handled through industry standard secure protocols and where appropriate in accordance with relevant Payment Card Industry (PCI) compliance standards. Such data may also be passed when making payment through mobile devices.

Payment data may also be encrypted and securely stored by OneHotel and appropriate merchants and product suppliers in accordance with PCI standards. When expressly directed and approved by a customer it may be used to generate recurring or new transactions as requested by such customer. Transaction details may also be passed to relevant taxation authorities in respect of sales taxes, VAT, GST, withholding tax, and other relevant taxes and duties.

Minors

OneHotel does not actively market to children and we never knowingly ask a child under 13 to divulge personal information. Services and Information available to registered users on this site are NOT INTENDED FOR USE BY ANY PERSON UNDER THE AGE OF 18.

Please note that if it comes to our attention through reliable means that a registered user is under 18, we will cancel that user’s account. Online payment transaction forms are not provided for use in any event by persons under 18 years of age.

External links

OneHotel offer links to other websites. Please note: when clicking on links to other websites, we encourage you to read their privacy policies. Their standards may differ from ours.

Social Media Widgets

Our online properties may include social media features, such as the Facebook and X buttons and widgets, such as a ‘Share this’ button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy policy of the company providing it.

Changes in this policy & notification

OneHotel reserves the right to change this policy as and when it sees fit. If our policy on information collection or uses changes, we will advise you by posting a dated copy here and you are advised to visit this page regularly to check for updates. If you are a registered OneHotel merchant then you will also be advised via email. If we make any material changes we will notify you by email (sent to the email address specified in your account) or by means of a notice on this site prior to the change becoming effective.

Opt out process

You have the option not to be added to mailing lists operated by OneHotel or a merchant/product supplier. In the case of opt out, such decision will be relayed to the relevant product supplier. To exercise your opt out rights, please send an email to OptOut@onehotel.asia requesting that your personal information be deleted from any mailing lists operated by OneHotel or your product supplier. OneHotel will act on your request and inform your merchant/product supplier of your request in order to fully respect your decision. You may also follow the unsubscribe instructions located at the bottom of the emails you receive.

Cookie Policy and Tracking Technologies

We collect personal information about users over time and across different websites when you use our website or service. We also have third parties – as described below – that collect personal information this way. To do this, we use several tracking tools. Our vendors may also use these tools. These may include browser cookies and device IDs. We may also use web beacons, flash cookies, and similar technologies.

We use tracking tools, including cookies, on our websites. Cookies are small files that download when you access certain websites. To learn more, visit www.allaboutcookies.org or www.youronlinechoices.eu. These pages also explain how you can manage and delete cookies. We use tracking tools:

• To recognise new or past customers.
• To store your password if you are registered on our site.
• To improve our website.
• To serve you with interest-based or targeted advertising (see below for more on interest-based advertising) as permitted by law.
• To observe your behaviors and browsing activities over time across multiple websites or other platforms as permitted by law.
• To better understand the interests of our customers and our website visitors.

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not work. These cookies do not store any personally identifiable information.

We use Performance Cookies, Functionality Cookies, Targeting Cookies and Social Media Cookies.

• Performance Cookies
  These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
• Functionality Cookies
  These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
• Targeting Cookies
  These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They do not directly store personal information, but are based on uniquely identifying your browser and device. If you do not allow these cookies, you will experience less targeted advertising.
• Social Media Cookies
  These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

How Long Will Cookies Stay on Your Device?

The length of time a cookie will stay on your device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay on your device until they expire or are deleted.

Your browser may give you the ability to control cookies. How you do so depends on the type of cookie. Certain browsers can be set to reject browser cookies. To find out more about how to enable, disable, or delete cookies from your web browser, please visit www.allaboutcookies.org and www.adobe.com/devnet/security.html. To control flash cookies, which we may use on certain websites from time to time, you can go www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html. Why? Because flash cookies cannot be controlled through your browser settings.

Our Do Not Track Policy: Some websites have “do not track” features that allow you to tell a website not to track you. These features are not all uniform. We do not currently respond to those signals. If you block cookies, certain features on our sites may not work. If you block or reject cookies, not all of the tracking described here will stop.