Privacy Policy for Tioga Lodge
Tioga Lodge (“we,” “our,” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, store, and safeguard your personal data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Your trust is important to us, and we are dedicated to handling your data ethically and in accordance with your rights.
1. Commitment to Privacy and Data Protection
At Tioga Lodge, accessible at tiogalodge.com, your privacy and the security of your data are of paramount importance. We handle your personal data responsibly and transparently, and we implement measures to ensure your information is protected at every stage of interaction with our website and services.
2. Scope of this Policy and Data Controller
This Privacy Policy applies to all personal data collected or processed by us through our website, tiogalodge.com, and related services. Tioga Lodge is the data controller responsible for determining the purposes and methods by which your personal data is processed.
If you have any questions regarding this Privacy Policy, or how your information is handled, you can contact us at: [email protected].
3. Categories of Data Processed
We collect and process various categories of data through tiogalodge.com, depending on your interaction with our website and services:
a. Usage Data
Includes information such as IP address, browser type and version, time zone setting, page interaction data, and session duration. This data is automatically collected through the use of cookies and server logs.
b. Account Data
Includes your full name, billing or physical address, phone number, email address, password (where applicable), and any identifiers necessary for user account management and authentication.
c. Profile Data
Encompasses preferences, past bookings, purchase history, lodging interests, and browsing patterns, used to enhance your website and lodging experience.
d. Communication Data
Covers any correspondence including support requests, inquiries submitted through contact forms, customer service chat logs, or email exchanges between you and our team.
e. Technical Data
Includes device identifiers, hardware models, operating system, browser plug-ins, screen resolutions, and other device and software specifications.
f. Transaction Data
Covers details of bookings, payment card data (processed securely via PCI-DSS-compliant processors), transaction history, delivery information, and billing details.
g. Preference Data
Refers to your consent choices and preferences related to marketing, newsletters, survey participation, and lodging or travel-related product interests.
4. Legal Bases for Processing
Depending on the nature of your interaction with tiogalodge.com, we process personal data under the following legal bases:
– Consent: When you voluntarily provide information or explicitly opt into marketing communications.
– Contractual Necessity: When data is required to fulfill your reservations, bookings, or to deliver requested services.
– Legitimate Interests: Where processing is necessary for our business operations, provided those interests are not overridden by your rights.
– Legal Obligation: Where we are required by law to process certain data (e.g., maintaining payment records for tax and audit purposes).
5. Your Rights Under Data Protection Laws
Subject to your location and the applicable law, you may exercise the following rights regarding your personal data:
– Right of Access: Obtain confirmation of whether we hold your personal data and a copy of such data.
– Right to Rectification: Request correction of inaccurate or incomplete data.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your data, subject to legal and contractual restrictions.
– Right to Restrict Processing: Limit how your data is processed under specific circumstances.
– Right to Data Portability: Receive your data in a commonly used, machine-readable format and transfer it to another controller.
– Right to Object: Object to processing based on legitimate interests, direct marketing, or profiling.
– Right to Withdraw Consent: Withdraw your consent at any time where consent was the basis for processing.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We take appropriate technical and organizational measures to safeguard your data:
– Data encryption protocols secure personal data both in transit and at rest.
– Secure servers, firewalls, and access controls prevent unauthorized access.
– Regular staff training on data handling and privacy obligations.
– Access to personal data is restricted to authorized personnel only.
– Frequent backups are maintained to ensure data resilience.
7. International Data Transfers
Where your data is transferred outside the European Economic Area (EEA) or other applicable jurisdictions, we ensure that such transfers are subject to appropriate safeguards. These include Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other lawful mechanisms.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including legal, accounting, or reporting requirements. Primary retention periods are as follows:
– Usage Data: Up to 26 months
– Account Data: Active duration of account + 12 months
– Profile and Preference Data: Up to 24 months post last interaction
– Communication Data: Up to 3 years after last correspondence
– Technical Data: Up to 12 months
– Transaction Data: Retained for 7 years for tax/legal compliance
Following the retention period, your data is securely deleted or anonymized.
9. Cookie Policy
Our website uses cookies and similar technologies to enhance user experience and analyze performance. These include:
– Essential Cookies: Required for basic website operations and security.
– Functional Cookies: Enable personalization such as language or region selection.
– Analytics Cookies: Collect anonymous data for performance and usage insights.
– Performance Cookies: Help monitor website responsiveness, errors, and loading times.
You may review our full cookie usage at tiogalodge.com in the designated Cookie Settings section.
10. Cookie Management and GDPR/CCPA Compliance
You can manage your cookie preferences directly through our website banner or browser settings. We honor “Do Not Sell My Personal Information” requests under CCPA and support opt-in mechanisms for EU residents per GDPR provisions. Users may accept or reject cookies upon visiting the site, and may withdraw consent at any time.
11. Protection of Children’s Personal Data
Tioga Lodge does not knowingly collect data from children under the age of 13. If you are a parent or guardian and believe your child has provided us with personal data without consent, please contact us at [email protected]. We will promptly delete such data from our records.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or technology. When changes are made, we will revise the content on this page and notify users on tiogalodge.com where appropriate. Continued use of the website indicates acceptance of the revised policy.
13. Contact Information
If you have questions, concerns, or wish to exercise your data protection rights, please contact us using the details below:
Email: [email protected]
Website: https://tiogalodge.com
We are committed to upholding your privacy rights and complying with all applicable privacy legislation, including GDPR and CCPA. Please reach out with any concerns, and we will address your inquiry diligently.