Privacy Policy for Winter Summer Inn
1. Introduction
Winter Summer Inn (“we”, “us”, “our”) is committed to protecting the privacy and personal data of all visitors, users, and customers of our website, wintersummerinn.com (“Website”). We recognize the importance of data protection and are fully committed to upholding user privacy rights in accordance with applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines the types of personal information we collect, how it is processed, your rights, and how you can manage your choices regarding your information.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through wintersummerinn.com, directly from users or through third-party service providers acting on our behalf. Winter Summer Inn is the data controller responsible for any personal data collected and processed via this Website.
This policy covers both automated and manual processing of data and applies to all site users, including guests, registered account holders, and individuals who otherwise engage with us via digital means.
3. Categories of Data Processed
We collect and process the following categories of personal data:
– Usage Data: This includes details of how you use our Website, such as IP addresses, browser types, pages visited, referring URLs, session durations, and diagnostic logs.
– Account Data: Information you provide during account creation or communication with us, such as your name, email address, phone number, mailing address, and login credentials.
– Profile Data: Includes your preferences, past bookings, feedback, browsing patterns, and interests related to our products and services.
– Communication Data: Any information you submit through contact forms, support requests, or emails, as well as logs of communication history between you and us.
– Technical Data: Device-specific information such as operating system, screen resolution, language settings, internet service provider, and system configurations.
– Transaction Data: Records of purchases, booking history, credit card payment processing (via secure third-party providers), billing addresses, and other delivery-related details.
– Preference Data: Your marketing preferences, consent status, service interest selections, and personalization choices.
4. Legal Bases for Processing
We rely on the following legal bases for processing personal data:
– Consent: When you have given us clear consent to process your data for a specific purpose (e.g., subscribing to emails, accepting cookies).
– Contractual Necessity: When processing is required to fulfill our contract with you, such as providing reservations or customer service.
– Legitimate Interests: When processing is necessary for our legitimate business interests, provided these are not overridden by your rights and interests (e.g., improving the Website, detecting fraud).
– Legal Obligation: When we must process data to comply with applicable legal or regulatory obligations.
5. Your Rights
Subject to applicable laws, you have the following rights regarding your personal data:
– Right of Access: You have the right to obtain confirmation as to whether your personal data is being processed and to request a copy of such data.
– Right to Rectification: You may request correction of inaccurate or incomplete personal data we hold about you.
– Right to Erasure: Also known as the ‘right to be forgotten’, you may request the deletion of your personal data under certain conditions.
– Right to Restrict Processing: You may ask us to limit the processing of your data in specific situations.
– Right to Data Portability: Where legally required, you may request your data be provided in a structured, commonly used, and machine-readable format for transfer to another controller.
– Right to Object: You may object to processing based on our legitimate interests, including for direct marketing purposes.
To exercise any of these rights, you may contact us at [email protected].
6. Security Measures
We implement and maintain a range of technical and organizational measures to ensure the security of your personal data, including:
– End-to-end encryption for all data transfers
– Role-based access controls and regular auditing
– Multi-factor authentication for administrative interfaces
– Regular data backups and secure hosting facilities
– Ongoing employee training on privacy and data protection
7. International Transfers
Where your data is transferred outside the European Economic Area (EEA) or other regulated territories, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses approved by the European Commission
– Robust data protection agreements with service providers
– Adherence to applicable regional transfer mechanisms
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, or as required under applicable law. Retention periods include:
– Usage and Technical Data: 12 months
– Account and Profile Data: Retained for the duration of the user relationship plus 24 months
– Communication Data: 36 months from last contact
– Transaction Data: 7 years for tax and accounting purposes
– Preference Data: Until consent is withdrawn or the data becomes outdated
9. Cookie Policy
We use cookies and similar technologies to enhance user experience, improve performance, and analyze Website traffic. Categories of cookies include:
– Essential Cookies: Required for site functionality and security. These cannot be disabled through our cookie preferences tool.
– Functional Cookies: Enable personalization of content and remember user settings.
– Analytics Cookies: Help us understand behavior through aggregated usage metrics.
– Performance Cookies: Track system errors and performance statistics to improve the Website.
You will be prompted to accept or manage your cookie preferences when first visiting wintersummerinn.com.
10. Cookie Management and Compliance with GDPR & CCPA
In compliance with GDPR and CCPA requirements, users are provided with:
– A granular cookie consent banner offering opt-in choices
– The ability to manage preferences or withdraw consent at any time via the Cookie Settings link
– A clear “Do Not Sell My Personal Information” mechanism for California residents
– Transparent disclosure of third-party cookie providers and their purposes
11. Children’s Privacy
The Website is not intended for children under 13 years of age. We do not knowingly collect or solicit personal data from anyone under the age of 13. If you believe a child has provided personal information to us, please contact us promptly at [email protected] so we can take appropriate action.
12. Policy Updates & Notifications
We reserve the right to update this Privacy Policy to reflect changes in our practices, legal obligations, or technological advancements. All updates will be posted on this page. Where legally required, users will be notified about significant changes and, if applicable, asked for renewed consent.
13. How to Contact Us
If you have any questions, requests, or concerns regarding this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
Website: https://www.wintersummerinn.com
We are committed to resolving privacy concerns in a timely and respectful manner.
This Privacy Policy is developed to comply with the GDPR, CCPA, and applicable global data protection standards to ensure users of wintersummerinn.com have full transparency and control over their personal data.