Privacy Policy

Introduction

At Cocoon Sarti, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website or make a booking with us.

Data Controller

Information We Collect

We collect personal information that you provide directly to us and information collected automatically when you use our website.

Information you provide when booking

• Full name
• Email address
• Phone number
• Country of residence
• Check-in and check-out dates
• Special requests or preferences

Information collected automatically

• IP address
• Browser type and version
• Device type and operating system
• Pages visited and time spent on our website

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill your booking and provide accommodation services.
• Consent: For marketing communications and non-essential cookies, where you have given your consent.
• Legitimate Interests: To improve our services, prevent fraud, and ensure website security.
• Legal Obligation: To comply with tax, accounting, and other legal requirements.

How We Use Your Information

• Process and manage your accommodation booking
• Communicate with you about your reservation
• Improve our website and services
• Send promotional offers (only with your consent)
• Comply with legal obligations

Sharing Your Information

We may share your personal data with the following parties:

• Smoobu: Our property management system for booking synchronization
• Payment processors: To process secure payments
• Analytics providers: To help us understand website usage (anonymized data)
• Legal authorities: When required by law or to protect our rights

Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy. Booking data is retained for 7 years to comply with tax and accounting requirements. Marketing preferences are retained until you withdraw consent.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request a copy of your personal data we hold.
• Right to Rectification: Request correction of inaccurate personal data.
• Right to Erasure: Request deletion of your personal data (subject to legal obligations).
• Right to Restriction: Request limitation of processing in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for marketing.
• Right to Withdraw Consent: Withdraw your consent at any time for consent-based processing.

To exercise any of these rights, please contact us using the details provided below.

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our website uses SSL encryption to secure data transmission.

Cookies

We use cookies to enhance your browsing experience and analyze website traffic. For detailed information about our cookie usage, please see our Cookie Policy.

Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.