Privacy Policy
Nyapi O Resort (“we,” “us,” or “our”) values your privacy and is committed to safeguarding your personal data through lawful, transparent, and secure data processing practices. This Privacy Policy outlines how we handle personal data collected through our website, nyapioresort.com, and in the course of interacting with you. We are committed to honoring all applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), ensuring your personal information remains confidential and protected.
1. Introduction
We are committed to protecting your privacy and ensuring the secure processing of your personal data. This Privacy Policy is designed to provide you with a transparent explanation of how your data is collected, used, stored, and shared when you access our website (nyapioresort.com), communicate with our team, or utilize our services. We adhere strictly to internationally recognized privacy principles and regulations and strive to maintain the trust you place in us.
2. Scope and Data Controller
This Privacy Policy applies to all users of nyapioresort.com and any affiliated services where this Privacy Policy is referenced. Nyapi O Resort is the data controller responsible for the collection and processing of your personal data, and we invite you to contact us at any time with privacy-related inquiries via [email protected].
3. Categories of Personal Data We Process
We collect and process various categories of personal data, as described below:
a) Usage Data – This includes data relating to your interactions with our website, such as your IP address, browser type and version, referral source, pages visited, time spent on pages, and other diagnostic data.
b) Account Data – This includes information supplied when you create or update an account, such as your name, mailing address, email address, and phone number.
c) Profile Data – This refers to your preferences, prior bookings, feedback, activity on our website, travel interests, and other profile attributes that personalize your experience.
d) Communication Data – Includes the content of emails, chat correspondence, customer service interactions, inquiries, feedback, complaint logs, and other forms of communication.
e) Technical Data – Information about the device and system used to access our site, including operating system, device type, browser settings, and other system-level details.
f) Transaction Data – Data related to your financial interactions with us, including billing information, payment method, booking history, and delivery information of any products or services.
g) Preference Data – Includes your preferences for receiving marketing communications, newsletters, notifications, and details about services and activities of interest.
4. Legal Bases for Processing
We process your personal data under the following legal bases as defined by the GDPR:
– Contractual Necessity: Processing required for the performance of a contract to which you are a party or to take steps at your request prior to entering in such a contract.
– Legitimate Interests: Processing necessary for our legitimate interests, provided those interests do not override your fundamental rights and freedoms.
– Consent: We seek your explicit consent before processing specific types of personal data or sending marketing communications.
– Legal Obligation: Processing necessary to comply with our legal or regulatory obligations.
5. Your Rights
Subject to applicable laws, you have the following rights with respect to your personal data:
– Right of Access – To request access to your personal information and receive a copy of it.
– Right to Rectification – To request correction of inaccurate or incomplete data.
– Right to Erasure – To request deletion of data where it is no longer necessary or processed unlawfully, subject to our legal obligations and legitimate interests.
– Right to Restrict Processing – To request a restriction on processing in specific circumstances.
– Right to Data Portability – To obtain and reuse your personal data for your own purposes across different services.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ industry-standard security measures to protect your personal data, including but not limited to:
– Encryption of data during transmission and at rest where appropriate;
– Access controls and authentication mechanisms to prevent unauthorized access;
– Periodic security audits and system monitoring;
– Staff training on data protection obligations;
– Regular data backups and disaster recovery systems.
7. International Transfers
Your personal data may be transferred to and maintained on servers located outside your region, including countries not considered to offer an equivalent level of data protection by the European Commission. In such cases, transfers will be protected through appropriate safeguards, such as the European Commission Standard Contractual Clauses or international frameworks compliant with global privacy regulations.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as legally required. Retention periods depend on the nature of the data:
– Usage Data: up to 12 months for analytic and diagnostic purposes;
– Account Data and Profile Data: Retained for the duration of account or customer relationship and up to 6 years following account deactivation;
– Communication Data: Retained for up to 3 years post-resolution;
– Transaction Data: Retained for a minimum of 7 years for tax and business record compliance;
– Marketing Preference Data: Retained until preference is modified or consent withdrawn.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance user experience on nyapioresort.com. Cookies may be:
– Essential: Required for you to navigate and use key features (e.g., secure login).
– Functional: Remembering your settings or login status to personalize your visit.
– Performance: Collecting anonymous usage data to improve website performance.
– Analytics: Measuring how users interact with our content to optimize the experience.
10. Cookie Management and Compliance
Upon your first visit to nyapioresort.com, you will be presented with a cookie consent banner. Under GDPR and CCPA, you have the right to accept, reject, or manage your cookie preferences at any time. You can also manage cookies directly from your browser settings. Essential cookies cannot be disabled, as they are fundamental to the operation of our website.
11. Children’s Privacy
Our website and services are not directed to children under the age of 13. We do not knowingly collect or solicit personal information from anyone under 13. If we learn we have collected information from a child under 13 without verified parental consent, we will delete it promptly. If you believe we may have inadvertently collected such data, please notify us at [email protected].
12. Policy Updates and Notifications
We reserve the right to revise this Privacy Policy from time to time to reflect legal developments or changes in our business practices. When updates are made, we will revise the policy on nyapioresort.com and, where required, notify you through appropriate means. We encourage users to periodically review this page to stay informed of how we handle their data.
13. Contact Information
If you have any questions, requests, or concerns related to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Our continued compliance with applicable data protection laws is foundational to our operations. If you believe your data privacy rights have been violated, you also have the right to lodge a complaint with a data protection authority in your jurisdiction. We welcome the opportunity to resolve any concerns you may have.