Privacy Policy

Version V1.0 | Last updated: December 3, 2025

PRIVACY POLICY

Effective Date: 1 December 2025

1. INTRODUCTION

This Privacy Policy explains how [Your Hotel/Company Name] ("we," "us," "our") collects, uses, shares, and protects your personal information when you use our website, mobile applications, and booking services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. INFORMATION WE COLLECT

2.1 Information You Provide
- Name, email address, phone number
- Billing and payment information
- Passport/ID information (when required)
- Date of birth
- Preferences (room type, amenities, dietary requirements)
- Communication preferences
- Special requests and accessibility needs

2.2 Automatically Collected Information
- IP address and device information
- Browser type and operating system
- Pages viewed and time spent on our site
- Referring website
- Location data (with your permission)
- Cookies and similar technologies

2.3 Third-Party Information
- Information from payment processors
- Data from online travel agencies
- Social media profile information (if you connect accounts)
- Reviews and ratings from third-party platforms

3. HOW WE USE YOUR INFORMATION

- Process and manage reservations
- Communicate about your booking
- Process payments and prevent fraud
- Provide customer support
- Personalize your experience
- Send marketing communications (with consent)
- Improve our Services
- Comply with legal obligations
- Ensure security and prevent misuse

4. LEGAL BASIS FOR PROCESSING (GDPR)

We process your personal data based on:
- Contract performance (to fulfill your booking)
- Legitimate interests (improve services, prevent fraud)
- Legal obligations (tax, accounting, law enforcement)
- Your consent (marketing communications, optional features)

5. HOW WE SHARE YOUR INFORMATION

We may share your information with:
- Service providers (payment processors, cloud hosting, email services)
- Business partners (tour operators, transportation providers)
- Legal authorities (when required by law)
- Corporate transactions (mergers, acquisitions)

We do not sell your personal information to third parties.

6. COOKIES AND TRACKING

We use cookies to:
- Remember your preferences
- Analyze website usage
- Provide personalized content
- Enable certain features

You can control cookies through your browser settings. Disabling cookies may limit functionality.

Cookie Types:
- Essential: Required for site operation
- Performance: Analytics and usage tracking
- Functional: Remember your preferences
- Advertising: Deliver relevant ads

7. DATA RETENTION

We retain your information:
- Booking data: 7 years (legal/tax requirements)
- Marketing data: Until you unsubscribe
- Account data: While active plus reasonable period
- Payment data: As required by payment processors

8. YOUR RIGHTS

You have the right to:
- Access your personal data
- Correct inaccurate information
- Delete your data (right to be forgotten)
- Object to processing
- Restrict processing
- Data portability
- Withdraw consent
- Lodge a complaint with supervisory authority

To exercise these rights, contact: [privacy@yourdomain.com]

9. SECURITY

We implement security measures including:
- Encryption (SSL/TLS)
- Secure servers and firewalls
- Access controls
- Regular security audits
- Staff training

However, no internet transmission is 100% secure.

10. INTERNATIONAL TRANSFERS

Your data may be transferred to countries outside your residence. We ensure appropriate safeguards are in place through:
- Standard contractual clauses
- Adequacy decisions
- Privacy Shield (where applicable)

11. CHILDREN'S PRIVACY

Our Services are not intended for children under 18. We do not knowingly collect children's data without parental consent.

12. THIRD-PARTY LINKS

Our website may link to third-party sites. We are not responsible for their privacy practices.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy. Material changes will be notified via email or website notice. Continued use constitutes acceptance.

14. CONTACT US

For privacy questions or concerns:
[Your Company Name]
Email: [privacy@yourdomain.com]
Phone: [Your Phone]
Address: [Your Address]

Data Protection Officer: [dpo@yourdomain.com] (if applicable)

REGIONAL ADDENDUMS

FOR EU/UK RESIDENTS (GDPR):
Data Controller: [Your Company Name]
Legal Basis: As described in Section 4
Supervisory Authority: [Relevant authority in your country]
Data Protection Rights: As described in Section 8

FOR CALIFORNIA RESIDENTS (CCPA):
Categories of personal information collected: Identifiers, commercial information, internet activity, geolocation
Business purposes: As described in Section 3
Third parties with whom we share data: As described in Section 5
Your CCPA rights: Right to know, delete, opt-out of sale (we don't sell data)
Non-discrimination: We won't discriminate for exercising rights
Contact for CCPA requests: [privacy@yourdomain.com]

Last Updated: [Date]