PRIVACY POLICY
www.villabalimanagement.com
VILLA BALI MANAGEMENT (PT Bali Taman Surga)
Type of site: e-commerce
The purpose of this privacy policy
The purpose of this privacy policy is to inform users of our site of the personal data that we will collect as well as the following information, if applicable:
The personal data that we will collect
Use of collected data
Who has access to the data collected
Site user rights
The site's cookies policy
This privacy policy works in conjunction with the terms and conditions of use of our site.
Applicable laws
In accordance with the General Data Protection Regulation (GDPR), this privacy policy complies with the following regulations.
Personal data must be:
processed in a lawful, fair and transparent manner with regard to the data subject (lawfulness, loyalty, transparency);
collected for specific, explicit and legitimate purposes, and not to be further processed in a manner incompatible with these purposes; further processing for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered, in accordance with Article 89 (1), to be incompatible with the original purposes (limitation purposes);
adequate, relevant and limited to what is necessary for the purposes for which they are processed (data minimization);
accurate and, if necessary, kept up to date; all reasonable measures must be taken to ensure that personal data which are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
kept in a form allowing the identification of the data subjects for a period not exceeding that necessary for the purposes for which they are processed; personal data may be kept for longer periods as long as they will be processed exclusively for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes in accordance with Article 89 , paragraph 1, provided that the appropriate technical and organizational measures required by the Regulation are implemented in order to guarantee the rights and freedoms of the data subject (limitation of retention);
processed in such a way as to ensure appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures (integrity and confidentiality).
Processing is only lawful if, and insofar as, at least one of the following conditions is met:
the data subject has consented to the processing of their personal data for one or more specific purposes;
the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the latter's request;
the processing is necessary for compliance with a legal obligation to which the controller is subject;
the processing is necessary to protect the vital interests of the data subject or of another natural person;
the processing is necessary for the performance of a task of public interest or relating to the exercise of public authority vested in the controller;
the processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular when the affected person is a child.
For residents of the State of California, this privacy policy is intended to comply with the California Consumer Privacy Act (CCPA). If there are any inconsistencies between this document and the CCPA, state law will apply. If we find any inconsistencies, we will change our policy to comply with the relevant law.
Consent
Users agree that by using our site they consent to:
the conditions set out in this privacy policy and
the collection, use and retention of the data listed in this policy.
Personal data we collect
Data collected automatically
When you visit and use our site, we may automatically collect and store the following information:
E-mail
phone number
document (S)
Data collected in a non-automatic way
We may also collect the following data when you perform certain functions on our site:
First and last name
E-mail
Phone number
This data may be collected using the following methods:
creation of an account or a reservation
Please note that we only collect data that helps us achieve the purpose set out in this privacy policy. We will not collect additional data without notifying you first.
How we use personal data
Personal data collected on our site will be used only for the purposes specified in this policy or indicated on the relevant pages of our site. We will not use your data beyond what we disclose.
The data we collect automatically is used for the following purposes:
statistical
The data we collect when the user performs certain functions may be used for the following purposes:
Communication
Who we share personal data with
Employees
We may disclose User Data to any member of our organization that they reasonably need to achieve the purposes set out in this policy.
Third parties
We may share user data with the following third parties:
We may share User Data with third parties for the following purposes:
Third parties will not be able to access user data beyond what is reasonably necessary to achieve the given purpose.
Other disclosures
We undertake not to sell or share your data with third parties, except in the following cases:
if the law requires it
if it is required for any legal proceedings
to prove or protect our legal rights
to buyers or potential buyers of this company in the event that we seek to sell the company
If you follow hyperlinks from our site to another site, please note that we are not responsible for and have no control over their privacy policies and practices.
How long we store personal data
We do not store user data beyond what is necessary to fulfill the purposes for which it is collected.
How we protect your personal data
In order to protect your security, we use the transport layer security protocol to transmit personal information through our system.
All data stored in our system is well secured and can only be accessed by our employees. Our employees are bound by strict confidentiality agreements and breach of this agreement would result in the employee's termination.
While we take all reasonable precautions to ensure that our user data is secure and that users are protected, there always remains the risk of harm. The Internet as a whole can be insecure at times and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.
Minors
The GDPR specifies that people under the age of 15 are considered minors for the purposes of data collection. Minors must have the consent of a legal representative for their data to be collected, processed and used.
Your rights as a user
Under the GDPR, users have the following rights as data subjects:
permission to access
right of rectification
right to erasure
right to restrict processing
right to data portability
right of objection
You will find more information on these rights in chapter 3 (art 12-23) of the GDPR.
How to modify, delete or contest the data collected
If you would like your information to be removed or changed in any way, please contact our Privacy Officer here:
Modifications
This privacy policy may be amended from time to time in order to maintain compliance with the law and to reflect any changes to our data collection process. We recommend that our users check our policy from time to time to ensure that they are notified of any updates. If necessary, we may notify users by email of changes to this policy.
Contact
If you have any questions for us, please feel free to contact us using the following:
info@villabalimanagement.com
jalan subak sari / canggu / berawa / bali
Effective Date: january 01, 2021