Privacy Policy

1.1 Personal Information You Provide

We collect personal information that you voluntarily provide when making a reservation, creating an account, contacting customer service, or otherwise interacting with us:

• Contact Information: Name, email address, phone number, mailing address
• Payment Information: Credit card number, billing address, expiration date
• Reservation Details: Check-in/check-out dates, room preferences, special requests
• Identification Information: Government-issued ID, passport number (where required by law)
• Profile Information: Username, password, preferences, loyalty program membership
• Communications: Correspondence with customer service, feedback, surveys

1.2 Information Collected Automatically

When you visit our website or use our mobile application, we automatically collect certain information about your device and usage:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent, click patterns, search queries
• Location Data: Geolocation information (with your consent)
• Cookies and Similar Technologies: See our Cookie Policy below

1.3 Information from Third Parties

We may receive information about you from third parties, including:

• Travel agencies and booking platforms
• Social media platforms (when you connect your account)
• Marketing partners and affiliates
• Background check services (for security purposes)
• Publicly available sources

We use the information we collect for the following purposes:

• Reservation Management: Processing bookings, managing stays, sending confirmations and updates
• Customer Service: Responding to inquiries, resolving issues, providing support
• Personalization: Tailoring your experience, remembering preferences, providing recommendations
• Marketing: Sending promotional communications (with your consent), advertising our services
• Security: Preventing fraud, verifying identity, protecting against unauthorized access
• Legal Compliance: Meeting legal obligations, responding to lawful requests
• Business Operations: Analyzing usage, improving services, developing new features
• Communication: Sending administrative information, policy updates, surveys

We may share your personal information in the following circumstances:

3.1 Service Providers

We share information with third-party vendors who perform services on our behalf:

• Payment processors and financial institutions
• Cloud hosting and data storage providers
• Customer service and communication platforms
• Marketing and advertising partners
• Analytics and website optimization services
• Background check and identity verification services

3.2 Legal Requirements

We may disclose information when required by law, regulation, legal process, or governmental request, including:

• Complying with subpoenas, court orders, or legal proceedings
• Responding to law enforcement requests
• Fulfilling regulatory obligations
• Protecting our rights, property, or safety

3.3 Business Transfers

In connection with a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of the transaction.

3.4 With Your Consent

We may share information with third parties when you explicitly consent to such sharing.

3.5 Aggregated and De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you for marketing, analytics, and research purposes.

4.1 Types of Cookies We Use

• Essential Cookies: Required for website functionality and security
• Preference Cookies: Remember your settings and preferences
• Analytics Cookies: Help us understand how you use our website
• Marketing Cookies: Used to deliver relevant advertisements

4.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling cookies may affect website functionality.

4.3 Third-Party Tracking

Third-party partners may use cookies, web beacons, and similar technologies to collect information about your online activities. We do not control these third-party tracking practices.

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law:

• Reservation Data: Retained for 7 years for tax and legal purposes
• Account Information: Retained while your account is active, plus 3 years
• Marketing Data: Retained until you opt out or 2 years after last engagement
• Security Logs: Retained for 1 year

We implement appropriate technical and organizational measures to protect your personal information:

• Encryption of data in transit (SSL/TLS)
• Encryption of sensitive data at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your information.

Depending on your location, you may have the following rights:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request transfer of your data to another service provider
• Opt-Out: Opt out of marketing communications and certain data sharing
• Restriction: Request restriction of processing your personal information
• Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@jalwaclubhotel.com. We will respond to your request within 30 days. You may also have the right to lodge a complaint with your local data protection authority.

JalwaClub Hotel operates globally. Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from your country's laws.

We implement appropriate safeguards for international transfers, including:

• Standard contractual clauses approved by relevant authorities
• Binding corporate rules for intra-company transfers
• Certification under privacy frameworks (e.g., Privacy Shield Framework)

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information.

Guests under 18 must be accompanied by a parent or legal guardian during their stay.

Our website may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website
• Updating the "Last updated" date
• Sending you an email notification (for significant changes)

Your continued use of our services after the effective date constitutes acceptance of the updated Privacy Policy.

12.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:

• Right to know what personal information is collected, used, shared, or sold
• Right to delete personal information
• Right to opt-out of sale or sharing of personal information
• Right to limit use and disclosure of sensitive personal information
• Right to non-discrimination for exercising privacy rights

We do not sell personal information as defined by the CCPA. We do share information with service providers and advertising partners for business purposes.

12.2 Nevada Residents

Nevada residents may opt out of the sale of covered information. We do not sell covered information as defined by Nevada law.

12.3 European Union and UK Residents (GDPR/UK GDPR)

Residents of the European Economic Area, United Kingdom, and Switzerland have rights under the General Data Protection Regulation and UK GDPR, as detailed in Section 7 above. Our legal basis for processing includes contract performance, legitimate interests, consent, and legal compliance.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: privacy@jalwaclubhotel.com
• Phone: 1-800-JALWACLUB HOTEL-1
• Mail: JalwaClub Hotel Privacy Office, 123 Hospitality Lane, Suite 100, Miami, FL 33101
• Data Protection Officer: dpo@jalwaclubhotel.com