POPIA Compliance Statement

Effective Date: September 2025

Hilton Accommodation (8 Hilton College Rd, Hilton, South Africa) is committed to protecting personal information in accordance with the Protection of Personal Information Act 4 of 2013 (POPIA). This statement outlines our obligations, the rights of our guests, and the safeguards we apply to ensure compliance.

1. Purpose of Data Collection

Hilton Accommodation collects and processes personal information solely for legitimate purposes, including:

  • Processing and confirming accommodation bookings.

  • Communicating with guests regarding their stay.

  • Complying with legal, financial, and regulatory obligations.

  • Enhancing guest services and maintaining security.

2. Lawful Processing

All personal information is processed lawfully and fairly, and only to the extent necessary for providing our accommodation services. We do not collect irrelevant or excessive data.

3. Categories of Personal Information

The information we may process includes:

  • Full names, identification/passport details, and contact information.

  • Booking details, such as dates of stay, preferences, and special requests.

  • Payment information, which is securely processed via NightsBridge (Hilton Accommodation does not store card details).

  • Communication records, such as emails, phone calls, or WhatsApp messages.

4. Data Subject Rights

Under POPIA, guests have the right to:

  • Request access to personal information held by Hilton Accommodation.

  • Request correction or deletion of inaccurate or unnecessary information.

  • Object to the processing of personal information in certain circumstances.

  • Withdraw consent for marketing communications at any time.

  • Lodge a complaint with the Information Regulator if they believe their personal data has been misused.

5. Data Security & Safeguards

Hilton Accommodation implements appropriate technical and organisational measures to protect personal information against loss, unauthorised access, alteration, or disclosure.

  • Physical security measures are applied to office and record storage.

  • Digital safeguards include encryption, access controls, and secure communication protocols.

  • NightsBridge applies its own security measures for bookings and payments.

6. Data Retention

  • Personal information is retained only as long as necessary to fulfil the purpose for which it was collected or to comply with legal and financial obligations.

  • Booking and invoicing records may be retained for up to seven years in accordance with South African tax law.

  • Information no longer required is securely deleted or destroyed.

7. Information Sharing

  • Hilton Accommodation does not sell or share personal information with unauthorised third parties.

  • Information may be shared with service providers strictly where necessary to facilitate bookings, housekeeping, maintenance, or legal compliance.

  • Third parties receiving personal information are required to apply adequate safeguards.

8. Breach Notification

In the event of a security compromise involving personal information:

  • Hilton Accommodation will notify the affected individuals without undue delay.

  • The Information Regulator of South Africa will be informed as required by law.

  • Steps will be taken to mitigate risks and prevent future breaches.

9. Contact Details

For enquiries about POPIA compliance or to exercise your rights, please contact:

Information Officer
Hilton Accommodation
Email: admin@hiltonaccommodation.co.za
Tel: +27 71 671 8023