Privacy Policy
1. Introduction
At Boca Chica Hotel, accessible via bocachicahotel.com, we are committed to safeguarding the personal information and privacy rights of all individuals who interact with our services, in accordance with applicable data protection laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are firmly committed to transparency and accountability in how we handle your personal data and implement privacy-by-design principles in all aspects of our service offerings.
2. Scope of this Policy and Data Controller Role
This Privacy Policy applies to all personal information collected through our website, bocachicahotel.com, and related services or communications. Boca Chica Hotel acts as the “data controller” for personal data collected via our website and as such determines the purposes and means of processing that data. Our practices comply with all applicable data protection regulations within jurisdictions we operate, including the European Union and the State of California.
3. Categories of Data Processed
We collect and process a variety of personal data as detailed below:
a. Usage Data
We automatically collect information relating to how visitors interact with our website. This includes IP addresses, browser type, device identifiers, operating system, referral sources, pages visited, session durations, and patterns of navigation.
b. Account Data
When you create an account or register for services through bocachicahotel.com, we collect your name, postal address, email address, and telephone number.
c. Profile Data
We may collect data that reflects your preferences, previous interactions with our services, purchase history, travel specifications, loyalty programs, language preferences, and user behavior across our platform.
d. Communication Data
Personal data contained in communications sent to us, including support queries, survey responses, and chat transcripts, will be stored and processed. This may include customer service records and correspondence history.
e. Technical Data
Includes device information, system configuration settings, time zone, screen resolution, and browser plug-in types utilized while interacting with our digital platforms.
f. Transaction Data
If you make bookings or purchases through our website, we collect transaction-related information including payment details, billing addresses, reservation history, and delivery preferences.
g. Preference Data
We process marketing and communication preferences, such as opt-ins for newsletters and interactions with promotional content, as well as your interests related to accommodation, travel, and related services.
4. Legal Bases for Processing
We process personal data on the following legal grounds:
– Consent: Where you have expressly provided permission for the use of your data for specific purposes, such as marketing communications.
– Contractual Necessity: Where processing is required to fulfill our contractual obligations to you (e.g., to confirm hotel bookings or process payments).
– Legal Obligation: Where we are mandated to comply with applicable legal requirements (e.g., for taxation or regulatory disclosures).
– Legitimate Interests: Where such interests are not overridden by your data protection rights, such as website improvement, fraud prevention, or customer service analysis.
5. Your Rights
You have the following data protection rights under GDPR and CCPA:
– Right to Access: You may request confirmation of whether we process your personal data and obtain a copy of such data.
– Right to Rectification: You may correct or update inaccurate or incomplete data about you.
– Right to Erasure: You may request deletion of your personal data under certain conditions (subject to legal exceptions).
– Right to Restriction: You may request to limit processing of your data where accuracy is contested or processing is unlawful.
– Right to Portability: You may request to receive your personal data in a structured, commonly-used format and have it transmitted to another controller where feasible.
– Right to Object: You may object to processing conducted on legitimate interest grounds, including direct marketing.
– Right to Non-Discrimination (CCPA): We will not deny services, charge different prices, or provide different service levels if you exercise your data rights.
To exercise any of these rights, please contact us at [email protected].
6. Security Measures
We implement a range of technical and organizational safeguards designed to ensure the confidentiality, integrity, and availability of personal data. These include:
– Encryption of data in transit and at rest using industry-standard protocols.
– Role-based access controls that restrict data access to authorized personnel.
– Regular security training for employees handling personal data.
– Routine threat detection, system monitoring, server patching, and secure back-up procedures.
7. International Transfers
Your data may be transferred to and stored in countries outside your jurisdiction, including countries that may not offer equivalent data protection standards as your home country. In such cases, we rely on appropriate safeguards such as European Commission’s Standard Contractual Clauses or equivalent legal mechanisms to ensure the lawful transfer and adequate protection of your data.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:
– Usage Data: 12 months for analytics and performance optimization.
– Account Data: Throughout the duration of your account and up to 3 years after last activity.
– Transaction Data: Retained for up to 7 years for legal and accounting purposes.
– Communication Data: Retained for customer service tracking and legal defense for up to 3 years.
– Marketing Preference Data: Retained for up to 24 months after last interaction or until opt-out.
– Technical Data: Up to 12 months, unless required for security auditing.
All data deemed no longer necessary is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on bocachicahotel.com for the following purposes:
– Essential Cookies: Required to operate the website (e.g., session management, user authentication).
– Functional Cookies: Enhances functionality such as language preferences or saved filters.
– Analytics Cookies: Help us understand how users interact with the site for performance improvement.
– Performance Cookies: Improve page load times and overall system effectiveness.
10. Cookie Management Compliance
Users are presented with a cookie banner on first visit to bocachicahotel.com. You can manage cookie preferences via embedded tools or modify browser settings to delete or block cookies. Where GDPR or CCPA apply, non-essential cookies are only activated with your affirmative consent.
11. Children’s Privacy
Our services are not directed to children under the age of 13. We do not knowingly collect or solicit personal data from anyone under 13. If we become aware that such data has been collected, we will promptly delete it. Parents or guardians who believe that their child may have provided personal data may contact us at [email protected].
12. Policy Updates
We may revise this Privacy Policy from time to time in response to changes in legal, technical, or business developments. We will notify users of any substantial modifications via conspicuous notice on our website or direct communication when appropriate. Continued use of our website following changes assumes acceptance of the revised policy.
13. Contact
For any questions, concerns, or requests related to this Privacy Policy or our data practices, you may contact us at:
Email: [email protected]
Website: bocachicahotel.com
We remain committed to upholding the highest standards of privacy and data protection. Please reach out to [email protected] if you have any concerns about how we handle your personal information.