Privacy Policy for Tioga Lodge
At Tioga Lodge (“we”, “us”, or “our”), accessible at tiogalodge.com, we are committed to protecting the privacy and personal data of all individuals who visit or interact with our website. This Privacy Policy outlines how we collect, use, store, and share your personal data, as well as the rights you have under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Commitment to Privacy and Data Protection
We view the protection of your personal information as a fundamental responsibility. Whether you are exploring lodging options, contacting us, or making a reservation at tiogalodge.com, we strive to ensure that your data is processed securely, transparently, and in accordance with your rights and expectations.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the collection and processing of personal data through tiogalodge.com. In accordance with applicable data protection laws, Tioga Lodge acts as the Data Controller for information collected via our website, meaning we determine the purposes and means of processing your personal data.
For any queries or concerns related to privacy practices, you may contact us at [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of data when you access tiogalodge.com or use our services:
a. Usage Data:
Includes information such as your browser type and version, IP address, time zone, referring URLs, website interactions, and session duration.
b. Account Data:
Includes details such as your full name, billing and/or physical address, email address, and telephone number when you create an account or make a reservation.
c. Profile Data:
Includes data related to your stay preferences, purchase history, service usage, and behavioral interactions with our website.
d. Communication Data:
Includes records of customer support inquiries, messages received via email or contact forms, and any other communication history.
e. Technical Data:
Includes device type, operating system, internet service provider, device identifiers, language settings, and browser configurations.
f. Transaction Data:
Includes payment details (processed through secure third-party gateways), booking information, invoice numbers, and delivery or fulfillment records.
g. Preference Data:
Includes your consents for marketing communications, opt-ins for promotional offers, and preferences for products or services.
4. Legal Bases for Data Processing
We process your personal data pursuant to one or more of the following legal bases:
– Consent: Where you have explicitly provided consent (e.g., marketing communications).
– Contract: Where processing is necessary for the performance of a contract with you (e.g., booking accommodations).
– Legal Obligation: When required to comply with applicable laws and regulations.
– Legitimate Interests: For purposes such as security, fraud prevention, or improving website functionality, provided such purposes do not override your rights and freedoms.
5. Your Data Protection Rights
Under GDPR and, where applicable, the CCPA, you have the following rights regarding your personal data:
– Right of Access: You have the right to request access to your personal data.
– Right to Rectification: You may update or correct any inaccurate personal information we hold.
– Right to Erasure: You may request deletion of your personal data, subject to legal or contractual obligations.
– Right to Restriction: You have the right to request a suspension of processing under certain circumstances.
– Right to Data Portability: You may receive your personal data in a structured, commonly used format for transfer to another data controller.
– Right to Object: You may object to processing based on our legitimate interests or direct marketing.
– Right to Withdraw Consent: Where consent is the legal basis, you may withdraw it at any time without affecting prior processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We employ robust technical and organizational safeguards to protect your personal information, including:
– Data encryption in transit and at rest
– Role-based access controls and authentication procedures
– Routine data backups and disaster recovery protocols
– Staff training in data protection best practices
– Secure hosting of our website and infrastructure
7. International Data Transfers
Your personal data may be processed outside your jurisdiction, including in countries not deemed to provide equivalent data protection. In such cases, we use safeguard mechanisms such as Standard Contractual Clauses approved by the European Commission or other lawful transfer methods to ensure that your personal data remains protected.
8. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy or as required by law. Data retention periods are outlined as follows:
– Usage Data: up to 26 months
– Account and Profile Data: duration of your relationship with us + 3 years
– Communication and Preference Data: 3 years after last interaction
– Transaction Data: 7 years for financial and tax compliance
– Technical Data: retained in system logs for up to 18 months
Data not subject to a legal obligation will be securely deleted when no longer necessary.
9. Cookie Policy
Tioga Lodge uses cookies and similar technologies to enhance user experience and ensure website functionality. The types of cookies we use include:
– Essential Cookies: Necessary for the operation of our website and core services.
– Functional Cookies: Remember preferences like language and location.
– Performance Cookies: Gather analytics on website performance and user behavior.
– Analytics Cookies: Track user activity to improve service offerings and site usability.
10. Cookie Management and Compliance
Upon first visit to tiogalodge.com, you will be presented with a cookie banner allowing you to manage your cookie preferences. You may accept all, reject non-essential cookies, or tailor your settings. At any time, you can modify your cookie preferences through your browser settings or our cookie consent manager.
We adhere to GDPR and CCPA requirements in honoring user opt-outs and Do Not Track settings. If you are a California resident, you may exercise your rights under the CCPA by contacting us regarding access to, deletion of, or opting out from the sale (if applicable) of your personal data.
11. Protection of Children’s Privacy
Our services are not directed to children under the age of 13, and we do not knowingly collect or solicit personal data from anyone under 13. If we become aware that we have collected data from a child without verifiable parental consent, we will take reasonable steps to delete such information promptly.
12. Updates to this Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in legal or regulatory obligations or our internal practices. When updates are made, we will revise the policy available on tiogalodge.com and, where appropriate, notify users of material changes via prominent notices or direct communication.
13. Contact Information
If you have questions, concerns, or wish to exercise your privacy rights under this policy, please contact us at:
Email: [email protected]
We are committed to maintaining your trust and to complying with all applicable privacy laws, including the GDPR and CCPA. Should you have any concerns regarding your personal data, please do not hesitate to reach out.