This Privacy Policy explains our personal data practices and the choices you can make about the way your personal data is used.
The Heart of Europe (The Heart of Europe, us, our or we) respects your privacy, and is committed to protecting the privacy, confidentiality and security of the personal data you provide to us or that we collect about you when you use our websites, social media pages.
We control, software applications available on computers and mobile devices that include a link to this Privacy Policy as well as when you provide your information on the telephone via our call centres or in person (collectively the Sites). Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. We are aware of our responsibilities to protect your personal data, to keep it secure and comply with applicable privacy and data protection laws. You may be asked to consent to the terms of this Privacy Policy when making a reservation, registering for events or promotions or otherwise corresponding with us via the Sites or if required by applicable law. Otherwise, your continued use of the Sites will constitute your deemed consent to the terms of this Privacy Policy.
PERSONAL INFORMATION WE COLLECT; Personal Information You Provide When using our Sites, you may voluntarily provide certain information about yourself or others, such as when you create an account or book a reservation. We may collect Personal Information (information that identifies you or relates to you as an identifiable person) that you may provide through the Sites about yourself or others such as: Name, date and place of birth, passport and visa information; Postal address; Telephone number; Email address; Information that allows us to provide specialized services to you or fulfil special requests, such as accommodating health or dietary conditions, but we do not collect sensitive information about you, such as health information, except as reasonably needed for us to provide services to you; Credit or debit card number, expiration date and security code; Social media account information; Stay or trip information and preferences, such as your preferred location/facilities, dates and number of people/children traveling with you; Demographic information (age, gender, country and preferred language); IP address; and Preferences for receiving communications from us or for surveys or promotional offers.
Automatically Collected Information Our websites collect statistical information about users to ensure a welcoming and accessible website. For this purpose we may track your movement within the websites, the pages from which you were referred, access times and browser types. We only use this information in aggregate and do not link it to you personally. To gauge the effectiveness of our websites and analyze site traffic, understand customer needs and trends, we do collect some generic information about our visitors. Our web servers recognize and automatically log a visitor’s domain name, the web page from which a visitor enters our websites, which pages a visitor visits and for how long, and the visitor’s IP address. We may use anonymous tracking technologies to collect, store and sometimes track information for statistical purposes and to improve the services we provide, including using it to evaluate and improve our website. We also collect and store information automatically using cookies and similar technology as described below. This information does not constitute Personal Information. If we combine anonymized or aggregated data with Personal Information, we will treat the combined information as Personal Information according to this Privacy Notice.
HOW WE USE YOUR INFORMATION; We may use Personal Information you submit and non-Personal Information we automatically collect for the purposes identified in this Privacy Policy for our business use and the legal bases, including, for example: Processing, fulfilling and recording reservations and/or purchases; Billing your credit card for advance purchase reservations and advance deposits; Contacting you for confirmation or customer service after reservations and purchases are made or after you sign up for or participate in certain activities; Conducting statistical or demographic analysis Tracking reservations and corresponding resort stays; Sending you emails that relate to a resort stay; Sending you communications such as guest surveys or promotional offers and benefits; Communicating special offers, competitions and featured items if you choose to receive such notices; Responding to your inquiries, complaints and other communications; and Providing for the safety and security of our guests and staff and meeting our legal and regulatory compliance requirement.
DISCLOSING YOUR INFORMATION; As an international resort and residences management company, we need to share information across numerous countries so that we can provide you with services on a consistent basis. Accordingly, your Personal Information may be shared as reasonably necessary and as set out in this Privacy Policy as follows to Any The Heart of Europe entity, resorts and/or residences managed by us; Tour operator, travel representative, personal assistant, employer or spouse that has supplied us with your Personal Information; Third parties which we have received your consent; Trusted third partners to process it for us, based on our instructions and in compliance with our Privacy Policy and any other appropriate confidentiality and security measures including; Our marketing and advertising partners to provide you with more-relevant ads on our websites and to encourage you to return to our websites and to MailChimp and others, who securely host emails and act as a supplier to distribute our email communications. We contractually require these service providers to keep your Personal Information safe and secure and they are only be permitted to use your Personal Information for the purposes we specify. To third parties not affiliated with The Heart of Europe if we have a good-faith belief that it is reasonably necessary to: (1) meet any applicable law, regulation, legal process or enforceable governmental request; (2) enforce applicable terms of service, including investigation of potential violations; (3) detect, prevent, or otherwise address illegality, fraud, security or technical issues; and (4) protect against harm to the rights, property or safety of The Heart of Europe, our users or the public as required or permitted by law; and (5) to any third parties to the extent necessary with respect to a sale of all or part of our business operations or assets and/or resorts that are no longer managed or owned by The Heart of Europe.
OVERSEAS DATA TRANSFERS; By using and/or purchasing our goods and services, we may transfer your Personal Information across multiple jurisdictions. Thus we may transfer and store your Personal Information: On our websites and servers located in Dubai, United Arab Emirates; In or to Dubai, United Arab Emirates where our corporate offices are located; To those countries where we might own, manage, operate or have sales offices in, and to countries where our trusted third party providers or advisors are located. Some of these countries may not offer the same level of privacy protection but we will take all reasonable steps to ensure such transfers are taken with adequate security to maintain your privacy.
EXPLAINING THE LEGAL BASES FOR PROCESSING; The legal bases for collecting and processing your Personal Information includes: Consent – we collect and process your data with your consent e.g. when you tick a box to receive marketing communication. Legal compliance – if required by applicable law, e.g. police, fraud investigations or court orders, we may need to collect and process your data. Legitimate interest – to pursue our legitimate interests such as providing services and products you have requested in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
SECURITY; We use reasonable technical, administrative and physical measures to protect Personal Information contained in our system against misuse, loss or alteration. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. We cannot enforce or control the security of the computers, electronic devices, or electronic communication method that you use to send e-mails and submit Personal Information to us over the Internet. You are responsible for ensuring that the computers, electronic devices and electronic communication methods you utilize will provide adequate security for communicating with us. We are not responsible for the disclosure or interception of your Personal Information before we receive it.
WITHDRAWING YOUR CONSENT; You do not have to provide us with your Personal Information. However, if you choose not to provide certain Personal Information we request and/or require consent to its use and disclosure, you will still be able to visit our Sites but you may be unable to access certain options, products or services and in we may not, as a result, be unable to fulfil your booking. We offer you the choice of how you receive communications from us. All marketing communications we send to you will provide you with a way to withdraw your consent to future marketing. If you no longer wish to receive marketing you may opt-out of receiving these communications by clicking on the opt-out section of the marketing communication or changing your account settings, this will remove you from our marketing lists. You have the right to tell us to stop using your information for our direct marketing purposes. Please send your written request, including your name and contact information to the address listed below in How To Contact Us. We will honor your request within 30 days of receiving it or sooner if required by applicable law. Please note that if you unsubscribe from marketing communications you will still receive operational and service messages from us regarding your booking and responses to your enquiries made to us, and that we may hold your details so we do not send you marketing communications in the future.
THIRD PARTY LINKS; We may permit third parties to link to our Sites or to post a link to their site on ours. We do not endorse these sites and are not responsible for other sites or their privacy practices. We do not assume responsibility or liability of any nature whatsoever for the activities conducted or information contained in the third party websites.
CHILDREN’S PRIVACY; We do not knowingly collect Personal Information from children under the age of 13, though we may collect Personal Information about a child as part of the guest registration process or to participate in activities on the websites or at the resorts but always with the consent of a parent or guardian. HOW LONG WE KEEP YOUR PERSONAL INFORMATION Whenever we collect or process your Personal Information, we will only keep it for as long as is necessary for the purpose for which it was collected, active legal proceedings, an identifiable and ongoing legal business need (such as record keeping) and to the extent permissible by applicable law. Where there is no sufficient justification to retain such Personal Information, such Personal Information will be safely and securely deleted, disposed of, blocked and/or anonymised for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
USER REGISTRATION CONTROLS FOR THE HEART OF EUROPE COMPANY’S ELECTRONIC AND SMART SERVICES, AND ACCESSING THEM; The user is committed to providing all the required information for registration on the website when needed, accurately and in accordance with the designated registration form.
They are also required to update their personal data in case of any changes. The company reserves the right, at its discretion, to accept or reject the registration request. From the date of acceptance of their registration, the user is responsible for all uses of their account and page, and for all logins to electronic and smart services using their username and password. The user must not disclose or share them or transfer their usage to any other party.
Furthermore, the user is obligated to immediately notify The Heart of Europe Company in case of losing their account data or username or any unauthorized use of their account. The user must ensure logging out of their account after completing their activities, and any damages incurred as a result of non-compliance will be their full responsibility.
The user is also responsible for any false statements, inaccurate information, or fraudulent messages sent by them through electronic or smart media for our services.
They are committed to all applicable national or international laws and regulations, including those related to data transmission, and to ensure that the subject, content, information terms, email, or other advertised content do not contain, without limitation, hate speech, obscene, indecent, demeaning, deceptive, or illegal writings or violate the intellectual property rights of any party.
TERMINATION OR SUSPENSION OF SERVICE; The company may be compelled to temporarily suspend the service for operational reasons, such as system maintenance, development, service updates, or other unforeseen reasons, without prior notice or specifying the duration of the service suspension.
Furthermore, any violation by the user of any term in the current terms of service may lead to the closure of their account or immediate termination of all related operations without prior notice.
Last updated: February/2024