Privacy Policy
At Okawati Hotel (“we”, “us”, “our”), accessible at okawatihotel.com, we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and protect your personal data when you visit our website, book a stay, or otherwise interact with us. It also informs you of your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
We recognize the importance of safeguarding personal data and are dedicated to preserving the confidentiality, integrity, and availability of the information you entrust to us. We handle all personal information responsibly, transparently, and in accordance with applicable data protection legislation.
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of okawatihotel.com and any services offered through the website. For the purposes of the GDPR and other privacy regulations, Okawati Hotel is the “Data Controller,” responsible for determining the purposes and means of processing your personal information.
3. Categories of Data Processed
We collect and process various categories of personal data to operate and improve our services. This may include, but is not limited to:
a. Usage Data
Information regarding how you interact with okawatihotel.com, including your browser type, IP address, pages visited, session times, and referring URLs.
b. Account Data
Information you provide when creating or editing an account, such as full name, billing and home address, email address, and phone number.
c. Profile Data
Data collected for personalization of services, including your preferences, room bookings, stay history, and behavioral data captured through your interactions.
d. Communication Data
Records and content of your communications with us, including customer support requests, inquiries, feedback, and contact history.
e. Technical Data
Information about the devices you use to access our website, including operating system, device identifiers, screen resolution, language settings, and system configurations.
f. Transaction Data
Payment and transaction-related information, including credit/debit card details (processed via secure third-party providers), payment confirmation, billing info, and details of services rendered or booked.
g. Preference Data
Indications of your marketing and communication preferences, opt-in or opt-out requests, and interests in specific services or offers.
4. Legal Bases for Processing
We process your personal data on one or more of the following legal bases:
– Consent: Where you have provided clear permission for us to process your data for a specific purpose, such as email marketing.
– Contractual Necessity: To fulfill obligations under a contract with you, such as processing your reservation or responding to service requests.
– Legal Obligation: To comply with legal or regulatory requirements.
– Legitimate Interests: For purposes such as improving our services, enhancing security, detecting fraud, and communicating with you about your account, provided these interests are not overridden by your rights.
5. Your Rights Under Data Protection Laws
Subject to applicable laws, you have the following rights concerning your personal data:
– Right of Access – to request a copy of the data we hold about you.
– Right to Rectification – to correct inaccuracies in your personal data.
– Right to Erasure – to request deletion of your data where legally permissible.
– Right to Restrict Processing – to limit how your data is used.
– Right to Data Portability – to obtain a machine-readable copy of your data.
– Right to Object – to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement a range of technical and organizational measures to protect your personal data, including:
– Data encryption during transmission and storage;
– Secure access controls and authentication protocols;
– Regular data backups and secure data restoration practices;
– Employee training on data protection principles and security awareness.
While we take reasonable measures to safeguard your data, no method of transmission or storage is entirely secure. We encourage you to take precautions to protect your own information.
7. International Transfers
Your data may be processed or stored in countries outside your residence, including countries that may not offer an equivalent level of data protection. In such cases, we rely on:
– Standard Contractual Clauses (SCCs) approved by the European Commission;
– Adequacy decisions issued by relevant authorities;
– Other appropriate legal safeguards ensuring your data is protected.
8. Data Retention
We only retain your personal data for as long as necessary for the purposes for which it was collected and to comply with legal, accounting, or regulatory requirements. Typical retention periods include:
– Booking and transactional data: up to 7 years;
– Communication records: up to 3 years after last interaction;
– Marketing preference data: until revoked or up to 5 years;
– Usage and technical data: up to 2 years for analytical purposes.
9. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance your browsing experience. Cookies we use fall into the following categories:
– Essential Cookies: Necessary for site functionality and booking processes.
– Functional Cookies: Enable personalization and enhance usability.
– Analytics Cookies: Help us understand how users interact with the website.
– Performance Cookies: Measure website performance for optimization.
10. Cookie Management and Compliance
You can manage your cookie preferences using the settings provided via our cookie banner or your browser’s configuration tools. Consent for non-essential cookies is obtained prior to placement and conforms to requirements under GDPR and CCPA.
Users from California, under the CCPA, have the right to opt out of the “sale” of their personal data (as defined by the Act). Although Okawati Hotel does not monetize your data, we honor applicable rights. You may contact us at [email protected] for any opt-out or inquiries.
11. Children’s Privacy
Our services are not intended for children under the age of 13, and we do not knowingly collect or process personal data of minors without verifiable parental consent. If we learn that we have inadvertently collected data from a child under 13 without proper consent, we will promptly delete it.
12. Policy Updates and Notification
We reserve the right to update this Privacy Policy at any time in response to evolving legal, technical, or operational requirements. Significant changes to this Policy will be communicated via notice on okawatihotel.com or through direct communication where appropriate.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please contact us at:
Email: [email protected]
We are committed to compliance with all applicable data protection laws and to ensuring that your privacy is respected and protected at all times. Please feel free to reach out with any inquiries related to your rights or our privacy practices.