Last updated: 1 February 2022
OWNER AND DATA CONTROLLER
Sahana Villa (“us”, “we”, or “our”) operates https://sahanavilla.com (the “Site”).
Address:Jl. Kayu Aya Oberoi Street No.35B, Seminyak, Kuta, Kabupaten Badung, Bali 80361, Indonesia
Contact email: firstname.lastname@example.org
We are committed to protecting and respecting your privacy.
This Site collects some personal data from its users.
By submitting personal data to us, you agree to us using your personal data as follows.
INFORMATION COLLECTION, PURPOSE AND USE
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to name, email address, cookies, usage data, password.
We may use your personal information to
- send you our newsletters from time to time
- manage contacts and send messages
- ensure that content from our site is presented in the most effective manner for you and for your computer
- provide you with information, products or services that you request from us which may be of interest to you
- carry out our obligations arising from any contracts entered into between you and us
- interact with external social networks and platforms (e.g. social media widgets and share bars)
- allow registration and authentication (e.g. affiliate portals and membership areas)
- allow access to third-party services’ accounts
- monitor infrastructure
- manage hosting and backend infrastructure
- interact with live chat platforms
- carry out remarketing and behavioural targeting (including display ads)
- display content from external platforms
- carry out commercial affiliation (e.g. display ads)
- interact with support and feedback platforms
- manage user database
Like many site operators, we collect information that your browser sends whenever you visit our Site.
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this data.
Cookies are text files with a small amount of data, which may include an anonymous unique identifier.
Cookies are sent to your browser from a website and stored on your computer’s or tablet device’s or mobile device’s part of the hard drive specifically designated for cookies.
Like many sites, we use “cookies” to recognize, collect, and/or track information about, and relevant to, your usage of the Site.
Your personal data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
LAWFUL BASIS OF PROCESSING PERSONAL DATA UNDER THE GDPR
We may process personal data relating to users if one of the following applies:
- users have given their consent for one or more specific purposes;
- provision of data is necessary for the performance of an agreement with the user and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which we are subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in us;
- processing is necessary for the purposes of the legitimate interests pursued by us or by a third party.
We process and store your personal data for as long as required by the purpose they have been collected for.
- personal data collected for purposes related to the performance of a contract between us and the user will be retained until such contract has been fully performed;
- personal data collected for the purposes of our legitimate interests will be retained as long as needed to fulfil such purposes;
- we may be allowed to retain personal data for a longer period whenever the user has given consent to such processing, as long as such consent is not withdrawn;
- we may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
We do not sell, trade, or otherwise transfer to outside parties your personal information unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
YOUR RIGHTS UNDER THE GDPR
Users based in the European Union have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their personal data.
- Object to processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent.
- Access their data. Users have the right to learn if data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their data and ask for it to be updated or corrected.
- Restrict the processing of their data. Users have the right, under certain circumstances, to restrict the processing of their data. In this case, we will not process their data for any purpose other than storing it.
- Have their personal data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their data from us.
- Receive their data and have it transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any undue delay.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection supervisory authority.
You can exercise your right to prevent such processing by contacting us at email@example.com.
These requests can be exercised free of charge and will be addressed by us as soon as possible and always within thirty (30) days.
The security of your personal information is important to us.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our Site as safe as possible.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Unfortunately, no method of transmission over the internet is completely secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.