GDPR (General Data Protection Regulation) Privacy Policy

GDPR Privacy Policy

Effective Date: 21/11/2024

At Hotel Vibration, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This policy outlines your rights under GDPR and explains how we collect, use, and safeguard your personal data.

1. Data Controller Information

Hotel Vibration is the Data Controller for the processing of your personal data. For any questions or concerns, you may contact us at:

Contact Information:

Hotel Vibration
Email: vibrationhotel@gmail.com
Phone: +94 91 4943857 l +94 777 606361
Address: The Vibration Hotel, A2, Hikkaduwa,Sri Lanka.

2. Personal Data We Collect

We may collect the following categories of personal data:

Identity Data: Name, date of birth, passport/ID details.
Contact Data: Email address, phone number, mailing address.
Transaction Data: Payment information, billing details, booking history.
Preferences: Dietary requirements, room preferences, or special requests.
Usage Data: IP address, browser type, operating system, and activity on our website.

3. Legal Basis for Data Processing

We process your personal data under the following lawful bases:

Contractual Obligation: To provide and manage your bookings or other services.
Legitimate Interest: To improve our services, ensure security, and enhance your experience.
Legal Obligation: To comply with applicable laws and regulations.
Consent: When you explicitly agree to marketing communications or optional services.

4. How We Use Your Personal Data

Your data will be used for the following purposes:

To process and manage reservations.
To communicate with you regarding your booking, including confirmations and updates.
To personalize your experience during your stay.
To send marketing communications (with your consent).
To comply with legal obligations, such as tax or immigration reporting.

5. Data Sharing and Transfers

We do not sell or share your data with third parties, except:

Service Providers: Payment processors, IT support, or marketing platforms.
Legal Authorities: When required by law or to protect our legal interests.

If your data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as Standard Contractual Clauses, are in place.

6. Your Rights Under GDPR

Under GDPR, you have the following rights:

Access: Request access to the personal data we hold about you.
Rectification: Request correction of inaccurate or incomplete data.
Erasure: Request deletion of your data (“right to be forgotten”).
Restriction: Restrict processing under certain conditions.
Portability: Receive your data in a structured, machine-readable format.
Objection: Object to data processing based on legitimate interests or direct marketing.
Withdraw Consent: Withdraw consent for data processing at any time.

To exercise these rights, please contact us at [Insert Email Address].

7. Data Retention

We retain your data only as long as necessary to fulfill the purposes outlined in this policy or as required by law.

8. Data Security

We implement strong security measures to protect your data against unauthorized access, loss, or misuse. However, no method of data transmission is entirely secure.

9. Cookies and Tracking

We use cookies and similar technologies on our website to improve user experience. You can manage your preferences or disable cookies in your browser settings.

10. Complaints

If you believe your data rights have been violated, you can file a complaint with:

Supervisory Authority: [Insert local data protection authority details]

Alternatively, you may contact us directly, and we will address your concerns promptly.

11. Updates to this Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Please review this page periodically for the latest updates.

Thank you for trusting Hotel Vibration. Your privacy is important to us, and we are committed to protecting your personal data.