Your Privacy Matters to Us

We're not in the business of hoarding data for fun. Here's what we actually do with it:

• Process your reservations - Kind of the main point, right?
• Send you confirmations and updates - No surprises when you arrive
• Handle payments securely - Through encrypted channels
• Improve your experience - Remember your favorite room or that you're allergic to shellfish
• Send you occasional updates - Only if you've opted in, and you can unsubscribe anytime
• Respond to your questions - When you reach out, we wanna help
• Comply with legal stuff - Tax records, financial reporting, that kind of thing
• Prevent fraud - Keeping things safe for everyone

We'll never use your info for anything you haven't agreed to, and we won't sell it to third parties. That's a promise.

Yeah, we use cookies - but not to spy on you or anything creepy like that. They're basically little files that help our site remember you and work properly.

Essential Cookies

These keep the site running. Without 'em, you wouldn't be able to book a room or navigate around. They're non-negotiable if you wanna use the site.

Preference Cookies

Remember your language choice, currency preference, and whether you like dark mode? That's these guys at work.

Analytics Cookies

Help us understand which pages are popular, where people get stuck, and how we can make things better. All anonymous, no personal identification.

Marketing Cookies

Only if you've said it's okay - these show you relevant ads about our stargazing experiences or spa treatments when you're browsing elsewhere.

You can manage your cookie preferences through your browser settings anytime. Just know that blocking certain cookies might affect how the site works for you.

We keep your info pretty close to the chest, but there are a few trusted partners who need access to help us serve you:

• Payment processors - They handle transactions securely (think Stripe, PayPal, etc.)
• Email service providers - So we can send you booking confirmations
• Cloud hosting services - Where our secure servers live
• Analytics platforms - Help us understand site performance (all anonymized)
• Legal authorities - Only if required by law or to protect our rights

All these partners are bound by strict confidentiality agreements and can only use your data for the specific purposes we've outlined. No funny business.

Security isn't just a checkbox for us - it's baked into everything we do. Here's how we protect your information:

• SSL encryption - That little padlock in your browser means all data is encrypted in transit
• Secure servers - Hosted in certified data centers with 24/7 monitoring
• Access controls - Only authorized team members can access guest data, and it's logged
• Regular security audits - We test our systems regularly for vulnerabilities
• PCI compliance - For payment card data handling
• Data backups - Encrypted backups in case something goes wrong
• Staff training - Our team knows how to handle your data properly

Look, no system is 100% foolproof, but we're doing everything we can to keep your info locked down tight.

Your data, your rules. Under GDPR and Canadian privacy laws (PIPEDA), you've got some solid rights:

Access Your Data

Wanna know what we have on file? Just ask, and we'll send you a copy within 30 days.

Correct Inaccuracies

If something's wrong, let us know and we'll fix it ASAP.

Delete Your Data

The "right to be forgotten" - we'll erase your personal info unless we're legally required to keep it.

Opt Out of Marketing

Click unsubscribe on any email, or just tell us you don't wanna hear from us anymore.

Data Portability

Get your data in a format you can use elsewhere.

Withdraw Consent

Changed your mind about something you agreed to? No problem, just let us know.

To exercise any of these rights, shoot us an email at reservations@noctyrianodyssey.info or call us at (604) 555-0198.

We don't hang onto your info forever - just as long as we need it:

• Booking info - Up to 7 years (tax and accounting requirements)
• Guest preferences - Until you ask us to delete them or close your account
• Marketing data - Until you unsubscribe, then we remove it within 30 days
• Website analytics - Anonymized data retained for 26 months
• Support inquiries - 3 years after resolution

After these periods, we either delete the data or anonymize it so it can't be traced back to you.

We're based in Canada, but some of our service providers might be located in other countries (like the US). When your data crosses borders, we make sure it's protected:

• We only work with providers who meet stringent privacy standards
• Data transfer agreements are in place with all international partners
• EU-US Privacy Shield principles are followed where applicable
• Standard Contractual Clauses (SCCs) approved by the EU Commission

Basically, your data's protected no matter where it physically sits on a server.

Our services aren't designed for kids under 16, and we don't knowingly collect their personal information. If you're booking for a family with children, we only need the adults' details.

If we somehow end up with data from someone under 16 without parental consent, let us know and we'll delete it immediately.

Privacy laws and our practices evolve, so we might update this policy from time to time. When we do:

• We'll post the updated version here with a new "last updated" date
• If it's a significant change, we'll email you or show a notification on the site
• Your continued use of our services after changes means you're cool with the updates

We recommend checking back occasionally to stay in the loop.