Effective Date: 16-05-2025 Welcome to Casa Dream The Resort ("we," "us," "our"). We are committed to protecting the privacy and security of the personal information of our guests and website visitors ("you," "your"). This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit our resort, use our website [Insert Website Address if different or primary], make reservations, or otherwise interact with us. This policy is designed to comply with applicable data protection laws in India. 2. Information We Collect We may collect the following types of personal information: a. Personal Identifiers and Contact Information: Full name, postal address, email address, phone number. Government-issued identification (e.g., Aadhar card, passport, driver's license) as required by law for check-in. Date of birth, nationality. b. Reservation and Stay Information: Dates of stay, room preferences, special requests (e.g., accessibility needs, dietary preferences if voluntarily provided). Information related to your booking (e.g., booking confirmation number, travel agent details if applicable). Vehicle information (license plate, make/model) for parking purposes. Names of accompanying guests. c. Financial Information: Credit/debit card details (number, expiry date, CVV) for booking guarantees, pre-authorization, and payment. Billing address. d. Technical Information (when you visit our website): IP address, browser type, operating system, referring URLs, pages viewed, and access times. Information collected through cookies and similar tracking technologies (see Section 8: Cookies). e. Communications: Records of your correspondence with us (e.g., emails, phone call summaries if applicable, feedback forms). f. CCTV Footage: Our premises are monitored by CCTV for security, safety, and operational purposes. Footage may capture your image. g. Health Information (Limited & Voluntary): Only if voluntarily provided by you for specific needs (e.g., allergies for meal preparation, medical emergencies, or as per our "Illness and Epidemics" policy). We will seek explicit consent where required. h. Information for Services: Information required to provide specific services you request (e.g., spa bookings, tour arrangements). 3. How We Collect Your Information a. Directly from You: When you make a reservation (online, by phone, or in person). During check-in and check-out. When you use our services or amenities. When you communicate with us (e.g., email, phone, feedback forms). When you subscribe to our newsletters or participate in promotions (with your consent). b. Automatically: Through CCTV cameras on our property. When you use our website (via cookies and similar technologies). c. From Third Parties: From online travel agencies (OTAs), travel agents, or corporate booking partners through whom you make a reservation. From publicly available sources, if necessary and permissible. 4. How We Use Your Information (Purpose and Legal Basis) We use your personal information for the following purposes, based on relevant legal grounds: a. To Provide and Manage Your Stay (Contractual Necessity): Processing your reservations, managing check-in/out. Providing guest services, amenities, and fulfilling your requests. Processing payments and pre-authorizations. b. To Communicate With You (Contractual Necessity & Legitimate Interest): Sending booking confirmations, pre-arrival information, and post-stay communications. Responding to your inquiries and feedback. c. For Security and Safety (Legitimate Interest & Legal Obligation): Monitoring our premises via CCTV to ensure the safety and security of guests, staff, and property. Verifying guest identity as required by law. Enforcing our Hotel Policy/House Rules. d. To Comply with Legal Obligations (Legal Obligation): Maintaining guest registers as required by local authorities. Responding to lawful requests from law enforcement or government authorities. Tax and accounting purposes. e. For Marketing and Promotions (Consent / Legitimate Interest): Sending you newsletters, special offers, or information about our services, where you have consented or where permitted by law (you can opt-out at any time). f. To Improve Our Services (Legitimate Interest): Analyzing guest feedback and usage patterns to enhance our offerings and guest experience. For internal training and quality control. g. To Handle Emergencies (Vital Interest): Assisting in case of medical emergencies or other urgent situations. 5. Data Sharing and Disclosure We do not sell your personal information. We may share your information with: a. Service Providers: Third-party vendors who provide services on our behalf, such as payment processors, IT support, email service providers, and marketing agencies (under strict confidentiality agreements). b. Legal Authorities: When required by law, regulation, legal process, or governmental request. c. Third-Party Booking Partners: If you made your reservation through a third party (e.g., OTA, travel agent), we may share necessary information with them regarding your stay. d. Emergency Services: In the event of an emergency, to protect your vital interests or the vital interests of others. e. Business Transfers: In connection with any merger, sale of hotel assets, financing, or acquisition of all or a portion of our business by another company. 6. Data Security We implement reasonable technical, administrative, and physical security measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include but not limited to data encryption where appropriate, access controls, secure servers, staff training. However, no method of transmission over the Internet or electronic storage is 100% secure. 7. Data Retention We will retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, guest registration data may be kept as per legal mandates. Financial transaction data will be kept for tax and audit purposes. Lost & Found records are retained as stated in our Hotel Policy. CCTV footage is typically retained for a limited period unless an incident requires longer retention for investigation. 8. Cookies and Tracking Technologies (for Website Users) Our website may use cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and for marketing purposes. What are cookies? Cookies are small text files stored on your device. How we use them: For website functionality, remembering your preferences, understanding how you use our site, and delivering relevant advertisements (with your consent where required). Your choices: You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of our website. 9. Your Rights Under applicable Indian data protection laws, you may have certain rights regarding your personal information, including: a. Right to Access: You can request a copy of the personal information we hold about you. b. Right to Rectification: You can request to correct any inaccurate or incomplete personal information. c. Right to Erasure (Right to be Forgotten): You can request the deletion of your personal information, subject to certain legal obligations or legitimate interests that may require us to retain it. d. Right to Restrict Processing: You may request that we limit the processing of your personal information in certain circumstances. e. Right to Data Portability: Where applicable, you may request to receive your personal information in a structured, commonly used, and machine-readable format. f. Right to Object/Withdraw Consent: You can object to certain processing activities or withdraw your consent at any time where we rely on consent as the legal basis for processing (e.g., for direct marketing). g. Right to Lodge a Complaint: You have the right to lodge a complaint with the relevant data protection authority if you believe our processing of your personal information violates applicable law. To exercise these rights, please contact us using the details in Section 12. We may need to verify your identity before processing your request. 10. Children's Privacy Our services are not primarily directed at children under the age of 18. We collect information about children only when they are guests as part of a family booking, with the consent of a parent or guardian. If we become aware that we have collected personal information from a child without appropriate parental consent, we will take steps to delete it. 11. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Effective Date." We encourage you to review this Privacy Policy periodically. 12. Contact Us If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Casa Dream The Resort Satbunga, Mukteshwar, Dist. Nainital, Uttarakhand +91-9910063148 privacy@casadream.in
Choose Rooms