Privacy Policy for Sheraton Edinburgh View

1. Introduction

At Sheraton Edinburgh View (“we”, “our”, “us”), accessible via sheratonedinburghview.com, we are committed to protecting and respecting your privacy. We recognize the importance of safeguarding personal data and uphold a high standard of compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant local regulations. This Privacy Policy outlines how we collect, use, disclose, and secure your information, and your rights regarding that information.

2. Scope of This Policy and Data Controller Role

This Privacy Policy applies to all personal data collected through your interactions with our website (sheratonedinburghview.com), communications, and services. Sheraton Edinburgh View is the data controller responsible for the personal information collected and processed under this policy.

For any inquiries relating to your data, you may contact us at: [email protected].

3. Categories of Data We Process

We collect and process various categories of personal data, depending on your interaction with our website and services, including but not limited to:

a. Usage Data
Includes information about how you use our website such as your browser type and version, IP address, time zone setting, language settings, access times, pages viewed, interactions with website features, and the referral website.

b. Account Data
Includes personal and identifiable information submitted through registration or account creation such as your full name, billing/shipping address, email address, phone number, and other identifying details.

c. Profile Data
Includes preferences, browsing behavior, booking history, reviews, and interests derived from your use of our website or provided voluntarily.

d. Communication Data
Includes records of correspondence with us such as customer support inquiries, contact forms, live chat history, and email exchanges.

e. Technical Data
Includes information about your device, hardware model, operating system, system configurations, browser plugins, mobile network data, and device identifiers.

f. Transaction Data
Includes transaction details from booking accommodations or purchasing services or products, including payment card details (if applicable), billing records, delivery addresses and invoice history.

g. Preference Data
Includes information on your communication preferences, marketing and newsletter sign-up status, and product category interests.

4. Legal Bases for Processing Personal Data

We only process your personal data where we have a valid legal basis under applicable privacy laws. These legal bases include:

– Consent: When you have given specific consent for processing. For example, when you opt in to receive our marketing emails.
– Contractual Necessity: Where processing is required for performance of a contract to which you are party or to take steps at your request before entering into a contract.
– Legal Obligation: Where processing is required for compliance with our legal obligations.
– Legitimate Interests: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your rights and interests. This might include website analytics, service improvement, and fraud prevention.

5. Your Rights Under Data Protection Laws

Under GDPR, CCPA, and other applicable privacy laws, you have the following rights regarding your personal data:

– Right of Access: You have the right to request access to the personal data we hold about you.
– Right to Rectification: You may request that inaccurate or incomplete data be corrected.
– Right to Erasure (“Right to be Forgotten”): You can ask us to erase your personal data, subject to certain legal restrictions.
– Right to Restriction of Processing: You may request temporary or permanent restriction of processing in certain circumstances.
– Right to Data Portability: You are entitled to request a machine-readable copy of your data or to transmit it to another service provider.
– Right to Object: You may object to processing conducted under legitimate interests or for direct marketing.

To exercise any of these rights, please contact us using the details provided in Section 13 of this policy.

6. Security Measures

We take data security seriously and implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data. These measures include, but are not limited to:

– Encrypted data transmission using SSL/TLS
– Role-based access controls and authentication for internal personnel
– Regular data backups and secure storage infrastructure
– Ongoing data protection training for our employees

While we strive to protect your data, no system is completely immune from security risks, and users should also adopt appropriate safeguards.

7. International Data Transfers

When your personal data is transferred outside your jurisdiction, including outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place in accordance with GDPR and relevant laws. These may include Standard Contractual Clauses, adequacy decisions by the European Commission, or other legally accepted mechanisms.

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, regulatory, tax, accounting, or reporting obligations. Specific retention periods may include:

– Account Data: Retained for the duration of the user relationship and up to 7 years thereafter.
– Transaction Data: Retained for a minimum of 7 years for financial and audit obligations.
– Communication Data: Retained for 3 years post-interaction.
– Preference Data and Marketing Consents: Retained until you withdraw your consent.

When data is no longer required, it is securely deleted or anonymized.

9. Cookie Policy

We use cookies and similar technologies to enhance your experience on sheratonedinburghview.com. These may include:

– Essential Cookies: Necessary for website functionality (e.g., login, bookings).
– Functional Cookies: Enable additional functionality such as language preferences.
– Analytics Cookies: Help us understand user behavior and improve our website.
– Performance Cookies: Track website speed and technical performance metrics.

Third-party cookies may be implemented via integrated services such as analytics providers or social media plugins.

10. Cookie Management and Compliance

You have the option to manage your cookie preferences at any time. Upon your first visit to our website, you will be presented with a cookie banner to customize your selections or reject non-essential cookies under GDPR and CCPA requirements.

You may also configure browser settings to reject or alert you of cookie use. Please note that disabling certain cookies may affect the website’s functionality.

California residents may exercise their CCPA rights, including opting out of cookie-based sales or sharing of personal information, by using available cookie control tools or contacting us directly.

11. Children’s Privacy

Our website and services are not directed to children under the age of 13. We do not knowingly collect personal information from children. If we become aware that a child under 13 has provided us with personal information, we will delete such data promptly and take necessary steps to comply with legal requirements.

Parents and guardians who believe their child may have submitted personal data may contact us at [email protected].

12. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in legal, technical, or business requirements. When material changes are made, users will be notified through prominent website notices or other reasonable methods. Continued use of our website following updates constitutes your acceptance of the revised policy.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us using the details below:

Email: [email protected]
Website: https://sheratonedinburghview.com

We are committed to ensuring your privacy is respected and your personal data is handled in accordance with applicable laws.

This Policy is maintained in accordance with GDPR, CCPA, and other relevant privacy regulations. You may always reach out to us with privacy concerns or questions regarding your rights.