Privacy Policy
This Privacy Policy outlines how Nigi Nigi Boracay, accessible via https://niginigiboracay.com, (“the Website”, “we”, “us”, or “our”) collects, uses, stores, and discloses personal data of users (“you” or “your”). We are fully committed to safeguarding your personal privacy and protecting your personal data in compliance with applicable privacy laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
1. Our Commitment to Privacy and Data Protection
At Nigi Nigi Boracay, we value your privacy and are committed to transparent data practices. We apply a privacy-first approach, ensuring that your personal data is handled with respect, integrity, and in accordance with all applicable legal standards. We collect only what is necessary, retain it only as long as we need it, and use it solely for the purposes we communicate to you.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users, visitors, and data subjects who interact with niginigiboracay.com through any means, including web browsing, account creation, purchases, or communication. For the purposes of data protection laws, Nigi Nigi Boracay is the “Data Controller” of your personal data.
If you have questions about this policy or how we handle your data, you may contact us at [email protected].
3. Categories of Data We Process
We collect and process the following categories of personal data as appropriate and necessary for the operation of our business and services:
a) Usage Data
Includes data on how the Website is accessed and used, such as browser type, IP address, referral URL, session duration, and page interaction data.
b) Account Data
Includes personal details voluntarily provided to register or reserve services, such as your full name, email address, phone number, billing and mailing addresses.
c) Profile Data
Includes preference settings, transaction history, past bookings, feedback, and behavior data related to your interactions with our services.
d) Communication Data
Includes the content of communications with us, including customer support queries, form submissions, and messaging history.
e) Technical Data
Includes information about your device and system used to access the Website, such as operating system, device type, language preferences, and system configurations.
f) Transaction Data
Includes payment information (card type, last 4 digits), booking details, delivery information, and financial transactions conducted on niginigiboracay.com.
g) Preference Data
Includes your marketing and communication preferences, subscription history, location preferences, and interests in specific offerings or services.
4. Legal Bases for Processing
We will only process your personal data where there is a legal basis for doing so under GDPR and other applicable laws. These legal bases include:
– Consent: When you explicitly agree to the processing of personal data for specific purposes (e.g., email marketing).
– Contractual Necessity: To fulfill a service or contract with you (e.g., to process reservations).
– Legitimate Interests: When processing is necessary for our legitimate interests, such as business operations, fraud prevention, and service improvement, and where those interests are not overridden by your rights.
– Legal Obligations: When we are required to process data to comply with applicable laws or regulations.
5. Your Rights Under GDPR and CCPA
Subject to the conditions set out under applicable law, you may have the following rights:
– Right of Access: Request confirmation and access to your personal data held by us.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure (“Right to Be Forgotten”): Request deletion of your personal data where retention is no longer necessary.
– Right to Restriction: Request restriction on further processing under certain conditions.
– Right to Portability: Request to receive your data in a structured, commonly used, machine-readable format.
– Right to Object: Object to processing for direct marketing purposes or where processing is based on legitimate interests.
– Right to Non-Discrimination: Under CCPA, you have a right to non-discriminatory treatment for exercising your legal privacy rights.
To exercise your rights, please contact us at [email protected]. We may need to verify your identity before fulfilling your request.
6. Security Measures
We implement robust technical and organizational security measures to protect your personal information, including:
– Data encryption in transit and at rest;
– Access controls and authentication for internal systems;
– Regular data backups and system integrity checks;
– Staff privacy training and access minimization protocols.
These precautions are designed to prevent unauthorized access, disclosure, alteration, or destruction of your personal data.
7. International Transfers
We may transfer your personal data to countries outside your region (including countries outside the European Economic Area) where data protection laws may differ. Where such transfers occur, we use Standard Contractual Clauses or require appropriate safeguards to ensure your data receives equivalent protection.
8. Data Retention
We retain personal data only as long as necessary for the purposes we collected it, including satisfying legal, accounting, or reporting requirements. The retention periods vary depending on the category of data:
– Usage & Technical Data: up to 24 months
– Account & Profile Data: retained for the life of your account and up to 6 years thereafter
– Transaction & Communication Data: retained for up to 7 years to comply with financial and legal obligations
– Marketing Preferences: until consent is withdrawn
After the retention period expires, your data will be securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar tracking technologies to enhance your browsing experience, understand usage patterns, and deliver relevant content. Cookies used on niginigiboracay.com fall under these categories:
– Essential Cookies: Required for core site functionalities such as security, navigation, and processing reservations.
– Functional Cookies: Enable customization features like remembering language and location preferences.
– Analytics Cookies: Collect anonymous data to understand how visitors interact with the Website, including pages visited and session durations.
– Performance Cookies: Help monitor and improve site performance and user interface interactions.
10. Cookie Management and Compliance
We provide users with the ability to manage cookie preferences in compliance with GDPR and CCPA. Upon first visit, you will be presented with a cookie consent banner that allows you to accept, reject, or customize your cookie settings.
You may also manage your cookie preferences via your browser settings. Note that disabling certain cookies may impair site functionality.
To review or adjust your cookie preferences, visit the “Cookie Settings” link available in the footer of every page.
11. Special Protections for Children Under 13
Our services are not directed toward children under the age of 13. We do not knowingly collect or solicit personal data from individuals in this age group. If we become aware that data has been collected from a child under 13 without verifiable parental consent, we will take immediate steps to delete the information.
If you are a parent or guardian and believe we may have collected personal information from your child, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to update or modify this Privacy Policy at any time to stay compliant with applicable data protection legislation. All changes will be posted on this page. We will provide notice of material changes by means appropriate to the significance of those updates, which may include banner notices, email notifications, or other suitable methods.
We encourage users to review this Privacy Policy periodically to stay informed about our privacy practices.
13. Contact Us
Should you have any questions or concerns regarding this Privacy Policy, the handling of your personal data, or wish to exercise your rights, you may contact us through the following means:
Email: [email protected]
We are committed to ensuring full compliance with all applicable data protection laws. If you remain concerned about how your personal information is being handled, you retain the right to file a complaint with your local data protection authority.
By continuing to use niginigiboracay.com, you acknowledge that you have read and understood this Privacy Policy.