DATA PROTECTION AND PRIVACY POLICY

The purpose shall be to safeguard the data of guests while staying there and to comply with the personal data protection legislation. Gathering Data: The personal data collected in the course of booking names, address, contact details, and methods of payment made for processing bookings, facilitating communication during and after staying, as well as offering services without the consent of third-party disclosure. Data Security: All personal data is kept in safe databases with encryption. Only authorized personnel have access to guest information, and all systems are regularly updated to prevent data breaches. Guest Rights: Guests have the right to access, correct, or delete their personal data. Any requests related to data management should be addressed to the resort's Data Protection Officer (DPO). Retention and Disposal: Personal information is kept only for such time as is necessary to maintain a business or to satisfy a legal requirement. Guest information will be properly deleted or destroyed when it is no longer required. Third Party Service Providers. The Resort may use third-party service providers (like payment processors), but such third-party service providers are contractually bound to maintain guest information confidential.