Privacy Policy
At Nyapio Resort (“we,” “us,” “our”), accessible via https://nyapioresort.com, we are committed to protecting your privacy and safeguarding your personal information in accordance with applicable data protection legislation, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our website, services, and features.
1. Commitment to Privacy and Data Protection
Your privacy is at the core of our operations. Nyapio Resort values your trust and is dedicated to handling your personal data with transparency, lawfulness, and fairness. Whether you are browsing nyapioresort.com or engaging our services, we take every measure to ensure that your personal data is protected and processed responsibly.
2. Scope of This Policy & Data Controller Role
This Privacy Policy applies to all users of our website, online facilities, and services offered through nyapioresort.com. For purposes of applicable data protection laws, Nyapio Resort acts as the “data controller” of your personal information. This means we determine the purposes and means of processing your personal data.
3. Categories of Data We Process
We process several categories of personal information to deliver and improve our services. The personal data we may collect includes:
a) Usage Data:
Including information about how you use our website and services such as IP address, browser type and version, geographical location, time zone settings, operating system, referral sources, page views, and session duration.
b) Account Data:
Provided directly by you when creating an account or booking services, such as your full name, billing and mailing addresses, email address, and phone number.
c) Profile Data:
Includes your preferences, past bookings, personalized services, feedback, and behavioral activity on nyapioresort.com.
d) Communication Data:
Comprises correspondence via email or other platforms including support requests, responses, and any additional context provided during interactions.
e) Technical Data:
Colleted through your interactions with our website and includes device identifiers, hardware model, operating systems, and system configuration details.
f) Transaction Data:
Encompasses payment details including transaction IDs, booking details, billing address, and delivery fulfillment information when applicable.
g) Preference Data:
Covers marketing and communications preferences, language selections, and expressed product or service interests.
4. Legal Bases for Processing
We process your personal data based on several lawful grounds:
– Consent: Where you have granted explicit permission for us to process data (e.g., subscribing to our newsletter).
– Contractual Necessity: To perform a contract with you or provide requested services.
– Legitimate Interests: Where such interests are not overridden by your rights and freedoms (e.g., security, service improvement).
– Legal Obligation: Where processing is required under applicable law.
5. Your Data Protection Rights
In accordance with GDPR and CCPA, you have several rights regarding your personal information:
– Right of Access: You may request copies of your personal data that we hold.
– Right to Rectification: You are entitled to request correction of any inaccurate or incomplete data.
– Right to Erasure: Under certain conditions, you may request the deletion of your personal data.
– Right to Restrict Processing: You may request a limitation on the way we use your data.
– Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format and request its transfer to another controller.
– Right to Object: You may object to our processing of your personal data under legitimate interests.
– Do Not Sell My Personal Information: Under CCPA, California residents may request that we do not sell their data.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement robust technical and organizational security measures to ensure the confidentiality, integrity, and availability of your personal data, including but not limited to:
– Data encryption in transit and at rest,
– Access control and user authentication procedures,
– Routine system backups and disaster recovery mechanisms,
– Employee privacy training and role-based access protocols.
7. International Data Transfers
Your data may be processed and stored outside your country of residence, including in jurisdictions that may not offer the same level of data protection as your own. In such cases, we rely on approved safeguards such as Standard Contractual Clauses and take additional steps to ensure compliance with applicable laws concerning international data transfers.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected:
– Usage Data: up to 36 months
– Account and Transaction Data: 7 years for legal, tax, and accounting obligations
– Communication Data: 3 years from the last contact
– Profile and Preference Data: until revoked or deleted by the user
– Cookie-related information: as per respective cookie expiration durations noted in our Cookie Policy
9. Cookie Policy
We use cookies and similar tracking technologies to provide a tailored browsing experience. Cookies fall under the following categories:
– Essential Cookies: Necessary for site functionality and security
– Functional Cookies: Remember your preferences for a smoother experience
– Analytics Cookies: Help us understand how users interact with our website
– Performance Cookies: Monitor system performance and usability
10. Cookie Management and Compliance
Consent for the use of non-essential cookies is obtained via our cookie consent banner. You can manage or withdraw your consent at any time through your browser settings or our cookie management platform. We adhere strictly to GDPR and CCPA guidelines, allowing granular control over data collected via cookies, including the right to opt-out of data sale or analytics tracking.
11. Protection of Children’s Privacy
Our website and services are not intended for children under 13. We do not knowingly collect personal information from children under 13 years of age. If we become aware that we have inadvertently received data from a child under 13, we will take immediate steps to delete such information.
12. Policy Updates
Nyapio Resort reserves the right to revise this Privacy Policy periodically. Any changes will be published on this page. Users are encouraged to review the policy periodically to stay informed of how we are protecting their data. Where legally required, we will notify you of material changes.
13. Contact Us
If you have any questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact us at:
Email: [email protected]
Website: https://nyapioresort.com
We take privacy seriously and are committed to upholding the highest standards of compliance and transparency. If you have any privacy-related concerns or believe your data rights have been infringed, please get in touch with us.