Privacy Policy for Sheraton Edinburgh View

Sheraton Edinburgh View (“we”, “us”, or “our”) is committed to safeguarding the privacy and personal data of all users who visit and interact with our website, sheratonedinburghview.com. The protection of your information is of paramount importance, and we are firmly dedicated to complying with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and all other applicable data protection laws and regulations.

1. Introduction: Our Commitment to Privacy

Your privacy is a fundamental right, and we respect and honor your control over your personal information. This Privacy Policy sets forth how we collect, use, disclose, and protect your data when you access or interact with sheratonedinburghview.com. We implement robust data protection practices to ensure the security and confidentiality of your personal data.

2. Scope of Policy and Data Controller

This Policy applies to all users of sheratonedinburghview.com, including visitors, customers, subscribers, and partners. Sheraton Edinburgh View is the data controller of the personal data collected and processed through our website. Should you have any privacy-related queries, you may contact us at [email protected].

3. Categories of Personal Data We Process

We may collect, use, and store different types of personal information:

a) Usage Data
Includes data about how you use our website such as your IP address, browser type and version, device identifiers, access times, pages viewed, referral sources, and website navigation paths.

b) Account Data
Includes data you provide when creating an account or booking with us, such as your full name, email address, telephone number, residential or billing address, and authentication credentials.

c) Profile Data
Includes preferences, past bookings, activity history, feedback responses, behavior on our platform, and interest-based interactions with our services.

d) Communication Data
Includes all communications with us, such as inquiries, support requests, correspondence and records of contact via email or through forms on sheratonedinburghview.com.

e) Technical Data
Includes data gathered from your device when you use our website, such as device type, operating system, screen resolution, language preferences, and system configurations.

f) Transaction Data
Includes records of reservations, payment details (excluding full payment card numbers), billing information, and delivery data if applicable.

g) Preference Data
Includes your marketing preferences, consent records, product and service interests, and engagement with promotional campaigns.

4. Legal Bases for Processing

We process your personal data under the following legal grounds:

– Performance of a Contract: When it is necessary for us to fulfill booking or service-related obligations.
– Legitimate Interests: To manage, secure, and improve our services, unless overridden by your fundamental rights.
– Consent: Where you have expressly given us permission (e.g., for marketing communications).
– Legal Obligation: When required to comply with applicable laws and regulations.

5. Your Rights Under Data Protection Laws

You have the following data protection rights, subject to the limitations and exceptions under applicable law:

– Right of Access: To obtain details of the personal data we hold about you.
– Right to Rectification: To request correction of inaccurate or incomplete data.
– Right to Erasure: To request deletion of your data, where legally applicable.
– Right to Restriction: To limit our processing in certain circumstances.
– Right to Data Portability: To receive a copy of your data in a machine-readable format.
– Right to Object: To object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us at [email protected].

6. Security Measures

We have implemented a combination of technical, administrative, and physical safeguards to protect your data from accidental loss, misuse, or unauthorized access. These include:

– Encryption of personal data in transit and at rest.
– Access control policies to restrict data access to authorized personnel only.
– Regular security training and awareness programs for our staff.
– Automatic and secure backups to protect data integrity and availability.

7. International Data Transfers

Where your personal data is transferred outside the European Economic Area (EEA) or the United Kingdom, including to data processors or service providers, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or other legally compliant mechanisms, to ensure your personal information receives an adequate level of protection.

8. Data Retention

We retain personal data only for as long as necessary, based on the following schedule:

– Usage and Technical Data: 26 months
– Account Data: As long as the account remains active, and for 5 years thereafter for legal purposes
– Transaction Data: Retained for up to 7 years for tax and regulatory compliance
– Communication Data: 3 years following the last interaction
– Preference and Profile Data: Retained until consent is withdrawn or deemed expired (typically 2 years from last engagement)

Once retention periods expire, data will be securely deleted or anonymized.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance user experience and measure engagement. Types of cookies used include:

– Essential Cookies: Required for website functionality and security.
– Functional Cookies: Remember user preferences and settings.
– Analytical Cookies: Collect anonymized data to improve website performance.
– Performance Cookies: Monitor user behavior to optimize experience.

10. Cookie Management and Compliance

Users are prompted with a cookie consent banner upon first visit to sheratonedinburghview.com, in compliance with GDPR and CCPA requirements. You may manage or withdraw consent at any time via the Cookie Settings link in the website footer. Additionally, your browser’s settings allow you to reject or remove cookies.

California residents may opt-out of the “sale” or “sharing” of personal data by following the Do Not Sell or Share My Personal Information link, where applicable.

11. Children’s Data Protection

Our services are not directed to children under the age of 13, and we do not knowingly collect personal data from anyone in this age group. If we learn we have collected personal information from a child under 13 without verified parental consent, we will delete such information promptly.

12. Policy Updates

We reserve the right to modify this Privacy Policy at any time to reflect evolving legal, regulatory, or operational requirements. Updated policies will be made available at sheratonedinburghview.com and, where appropriate, we will notify you by email or via prominent notice on our site.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us at:

Email: [email protected]

We are committed to protecting your privacy and upholding your rights under applicable data protection laws. Thank you for trusting Sheraton Edinburgh View.