Privacy Policy for FourSeasonsYosemite.com
1. Introduction: Our Commitment to Privacy and Data Protection
At FourSeasonsYosemite.com (“we,” “our,” or “us”), we recognize and deeply value your fundamental right to privacy. We are committed to upholding the highest standards of data protection in compliance with the Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR), the California Consumer Privacy Act as amended by the California Privacy Rights Act (“CCPA”), and all applicable privacy and data laws. This Privacy Policy outlines how we collect, use, store, and protect your personal information when you interact with our website and associated services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected via FourSeasonsYosemite.com and governs how we process data as a “data controller” as defined under the GDPR, and as a “business” under the CCPA. We are responsible for determining the purposes and means of processing your personal data. If you have any questions about this Privacy Policy or your rights under it, you may contact us at [email protected].
3. Categories of Data Processed
We may process the following categories of personal data, either directly from you or through automated technologies when you use FourSeasonsYosemite.com:
a. Usage Data:
Includes data about your interactions with our site such as IP address, browser type, browsing actions, session duration, and referring URLs. We use this data to enhance site functionality and security.
b. Account Data:
When you create an account, we collect your name, billing/shipping address, email address, and phone number to facilitate reservations, purchases, or communication.
c. Profile Data:
Includes information relating to preferences, past bookings or interactions, behavioral patterns on the site, and purchase history to improve your user experience and personalize our offerings.
d. Communication Data:
Includes records of communications sent to or received from you, including customer service interactions, support requests, emails, and contact submissions.
e. Technical Data:
Includes device type, operating system, time zone settings, browser plug-ins, and other system configurations to ensure seamless functionality and compatibility.
f. Transaction Data:
Encompasses payment and transaction details including billing information, booking details, and confirmation status. Note: We do not store full credit card numbers on our servers.
g. Preference Data:
Includes your marketing communication preferences, survey responses, and interest indicators related to products or services offered at FourSeasonsYosemite.com.
4. Legal Bases for Processing
We rely on the following legal bases for processing your personal data:
– Consent: Where you have explicitly given permission for specific processing activities.
– Performance of Contract: Where processing is necessary for fulfilling our contractual obligations to you (e.g., bookings, transactions).
– Legitimate Interests: For enhancing user experience, securing our platform, conducting analytics, and maintaining lawful business operations.
– Legal Obligation: Where processing is required to comply with applicable laws or enforceable governmental requests.
5. Your Rights
In accordance with applicable data protection laws, you have the following rights:
– Right of Access: To request confirmation of whether we hold your personal data and access to that data.
– Right to Rectification: To correct inaccurate or incomplete personal data.
– Right to Erasure: To request deletion of your personal data where legally applicable.
– Right to Restriction: To limit the processing of your data under certain conditions.
– Right to Data Portability: To request your personal data in a commonly used, machine-readable format for transmission to another service provider.
– Right to Object (GDPR) / Right to Opt-Out (CCPA): To object to or opt out of the processing of personal data for marketing or profiling purposes.
You may exercise these rights by contacting us at [email protected]. In some cases, we may require additional verification to confirm your identity.
6. Security Measures
We implement robust technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction. These include:
– End-to-end encryption of data in transit and at rest
– Role-based access control and two-factor authentication for internal systems
– Routine security assessments and application-level firewalls
– Regular staff training on data protection and confidentiality
– Redundant backups and secure disaster recovery systems
7. International Transfers
Data we collect through FourSeasonsYosemite.com may be transferred to and processed in countries outside your jurisdiction, including countries that may not provide the same level of data protection. When we transfer data internationally, we ensure appropriate safeguards, including the use of Standard Contractual Clauses approved by the European Commission or compliance through data transfer frameworks where applicable.
8. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected or for complying with legal, regulatory, accounting, or reporting requirements. Retention periods include:
– Usage Data: up to 12 months
– Account & Profile Data: retained for as long as your account remains active, and up to 5 years after the last interaction
– Communication Records: retained for 3 years for customer service quality and legal purposes
– Transaction Data: retained for 7 years for financial reporting and compliance
– Marketing Consents & Preferences: retained until you withdraw consent or unsubscribe
9. Cookie Policy
Fourseasonsyosemite.com uses cookies and similar technologies to enhance user experience. Our cookies fall into the following categories:
– Essential Cookies: Required for core website functionality (e.g., login, navigation).
– Functional Cookies: Enable site customization and localization preferences.
– Analytics Cookies: Collect anonymized data about user behavior to improve site performance.
– Performance Cookies: Monitor site reliability and system metrics.
We do not use cookies to serve targeted ads or sell user data.
10. Cookie Management and Compliance with GDPR & CCPA
Upon your first visit to FourSeasonsYosemite.com, we present a clear cookie consent banner enabling you to manage your preferences in accordance with GDPR and CCPA. You can update these preferences at any time via our Cookie Preferences settings page. Additionally, most browsers allow you to control cookies through browser settings. Note that disabling certain cookies may impact your ability to access or use some features of our website.
11. Special Protections for Children Under 13
Fourseasonsyosemite.com is not intended for children under the age of 13. We do not knowingly collect, solicit, or process personal data from individuals under 13 years of age without verifiable parental consent. If you believe that a child has provided us with personal data without such consent, please contact us at [email protected], and we will take appropriate steps to delete the information.
12. Policy Updates & User Notifications
We may update this Privacy Policy to reflect changes in data processing practices or legal requirements. Any significant changes will be communicated through prominent notices on our website or via email when appropriate. We encourage you to review this policy periodically to stay informed of how we protect your data.
13. Contact Us
If you have questions, comments, or concerns about this Privacy Policy or the handling of your personal data, please contact us at:
Email: [email protected]
Compliance Statement
We are fully committed to complying with all applicable data protection laws, including the GDPR and CCPA. For further inquiries or to exercise your rights, please reach out to us using the email address provided above.