“PII” is generally defined as information that may be able to identify you such as, but not limited to, your name, address, telephone number, email address, credit or debit card number, social security number, bank account number or code, photograph, or age, among other things. We only collect PII that you voluntarily provide to us.
You can generally visit and browse the Site without revealing any PII to us, but some features or areas of the Site will ask or require you to provide PII to use those features or areas. For example, PII may be requested when you reserve a room through the Site, request information from the Resort, create a user account, or enter certain contests or other promotional activities. You will be required to provide certain PII during check-in, to verify your identity and comply with our policies and applicable laws.
We may use your PII to:
OUR COLLECTION AND USE OF ANONYMOUS DATA
“Anonymous Data” refers to general information that does not identify you personally (unlike PII), including clicks, pages views and durations, IP address, referral links, use of particular services, and interest in services, information or features of the Site or other parties made available through or found at the Site. Anonymous Data is automatically collected by our servers when you visit the Site, including through the use of technology such as cookies and web beacons. We may use and share Anonymous Data as we deem useful in our sole discretion, including to operate, maintain, develop, market and improve the Site, our Resort, and our services.
We use both session cookies (temporary files that are deleted when you close your browser) and persistent cookies (files that stay on your computer until you delete them or they expire).
We also use third party advertising technology to serve Resort advertisements to you on other sites. The technology gathers anonymous data about your Site visits and visits to other sites where Resort advertisements appear in order to serve you with Resort advertisements on third party sites. When these advertisements are served to you, third party persistent cookies may be put on your computer.
The Resort, through its third party advertising/marketing vendors, may also use pixel tags to collect Anonymous Data. The pixel tags are computer coding usually fixed to Site pages or emails that allows our vendors to anonymously collect certain pieces of information. The Resort, in conjunction with our advertising/marketing and email vendors, may use pixel tags to:
allow our advertising/marketing vendors to recognize cookies on your browser when you visit the Site. This assists our advertising/marketing vendors with determining if you reached the Site by clicking on a specific ad and/or to track your responses to Resort advertisements served on third party sites. It may also reveal if a Site reservation was executed. determine your technical ability to receive HTML emails. The pixel tag allows us to know if an email sent to you is opened and marks email addresses as ones that can receive HTML emails. determine how many users open a specific email. This allows us or our email vendor to collect anonymous and aggregated statistics about a specific email blast or campaign. allow us or our third party advertising/marketing vendors to deliver targeted advertising on third party sites. allow us to make the Site more usable and make our customer support better. allow us to deliver to you promotional materials, offers, and other information that we believe would be relevant. you may set or configure your browser to block or disable cookies. Please review your browser instructions for details on that. Please note that by disabling cookies, this could affect your use of the Site and/or restrict your interaction with the Site. Please note that our advertising/marketing vendors may handle “do not track” requests differently from the Resort.
SHARING OF PII
Except as noted in this Policy, we do not sell or share your PII with any person or entity outside of the Resort. We do not share PII with any other parties for direct marketing purposes. We may provide your PII or other information to other vendors and service agencies that we use to assist us in running the Site and our business. For example, we may share certain portions of your PII with:
We share PII with these and other vendors only for the purposes specified by us.
The Site may integrate with social media sites/apps or tools which let you share content, information and/or actions you create or take on the Site with such social media sites/apps, and vice versa. What you choose to share can become public depending on your privacy settings for those social media sites/apps. Please review the privacy policies of those social media sites/apps for details about how each site/app handles content, information, and/or actions you share through them.
We may disclose your PII and other information if we believe in good faith: (1) it is required by law or as part of a legal process; (2) it allows us to protect and enforce our legal rights, including but not limited to, to limit harm or damages to the Resort, Resort property, and/or Resort personnel; (3) it is needed to respond to a governmental or law enforcement investigation or request; (4) it is needed to protect the safety, property, and/or other legal rights of the Resort and its employees, guests, and Site visitors, and/or other members of the public; and/or (5) it is needed to prevent physical harm or damage to any person or Resort property, and/or to respond to any other situation deemed an emergency by us.
We may share your PII with a third party if our ownership status changes, such as in the event such third party acquires our Resort.
REVIEW OF COLLECTED PII
If you would like to review or edit any room reservation made through the Site, or revise the PII collected from you that makes up our customer database, please contact us as set forth at the end of this Policy.
Please note that we reserve the right to maintain proper business and transactional records required by law, even if such records contain your PII.
If you would like to opt out of receiving further promotional emails from us, please follow the opt out instructions at the bottom of the email or send us a detailed email at the address set forth at the end of this Policy.
Please note that any removal of content by us does not ensure or guarantee complete or comprehensive removal of the content in all places. The content may have been shared or reposted by other parties, or federal or state law may require maintenance of the content or information.
RESPONSE TO “DO NOT TRACK” REQUESTS/SIGNALS
At the present time, we do not respond to nor process “do not track” or similar technical requests not to be tracked.
DATA SECURITY AND RETENTION
We use, implement, and maintain industry standard technological security measures that are reasonably designed to help protect your PII from loss, unauthorized access, or disclosure both in storage/rest and in transmission.
While we take the issue of protecting your PII seriously, you should exercise discretion in what information you transmit to the Site. No transmission sent over the Internet can be guaranteed to be fully secure, and therefore the transmitted information may be intercepted by others before it reaches us. If you are concerned about sending information to us over the Internet, please send the information by mail or call us to make other arrangements. We do not control and are not responsible for the security of information while in transit to us via the Internet.
We generally retain your personal data only as long as may be reasonably necessary to carry out the purposes set forth in this Policy. We retain collected information to: (1) process room reservations and other services and actions performed through the Site; (2) maintain a customer database; and (3) otherwise fulfill the stated purpose for why the information was collected. We will also retain collected information connected to business records for periods of time required by law. Our collection times will be consistent with applicable law.
The Site is intended for individuals 18 years of age and older located in the United States. The Site is not directed at, marketed to, nor intended for, users younger than 18 years of age. If we learn that any PII was provided through the Site by a person younger than 18 years of age, we will make commercially reasonable efforts to delete such PII promptly.
LOCAL COUNTRY PRIVACY RIGHTS
Depending on your country and state of residency, you are entitled to request: (a) information regarding your personal information we have collected (including the categories of personal information we have collected, the categories of sources of such information, and the purposes for which we have collected or sold such information); (b) notice of whether we have disclosed your personal information to third parties (and if so, what categories of information we have disclosed, and what categories of third parties we have disclosed it to); (c) a copy of your personal information collected by us in the past 12 months; (d) that your personal information be deleted; and (e) that your personal information not be sold to third parties. We will not discriminate against you if you choose to exercise any of these rights. If you are a California resident, you may also opt-out of the sale of your personal information here: Do Not Sell My Personal Information email@example.com. To request such notice, please submit a written request to us (see Contact Information, below). We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request. If we deny your request, we will provide you with a written explanation of the reasons for our determination.
If we need to transfer personal data from the EU to a country outside the EU, we take reasonable steps to ensure such personal data is appropriately protected. For jurisdictions that are not the subject of a data privacy adequacy decision by the European Commission, we use binding corporate rules, EU model clauses, or other permitted mechanisms to ensure an appropriate level of data privacy and security. Where we are processing your personal data based on your consent, you have the right at any time to withdraw such consent by contacting us as set forth below. Please note that we may continue to process such personal data only if supported by another lawful basis (such as to fulfill our obligations to you, in connection with our legitimate business interest, or as required by law).
We are typically the data controller, as that term is used in applicable privacy laws, for any personal data that we collect from you. However, when we collect personal data about you from a third party (e.g., travel agencies), the third party may be the data collector for such data and we may be the data processor. If we are acting as the data processor, we will only process the relevant personal data as requested by the data controller, and may need to refer any inquiries from you to the applicable data controller.
INQUIRIES OR COMPLAINTS
If you have any questions or complaints about our data processing practices, please first contact us at as set forth below. If we are unable to resolve your complaint, you also have the right to raise your inquiry or complaint with the applicable data protection authority in your home country.
EXTERNAL LINKS AND THIRD PARTY SITES
The Site may contain links to external websites not controlled by us. We are not responsible for the privacy practices and data collection policies for third party sites. You should consult the privacy policies of those sites for details.
If you have any questions about this Policy or our data practices, please contact us at:
Sandestin Golf and Beach Resort
9300 Emerald Coast Pkwy W, Miramar Beach, FL 32550