Privacy Policy of Coral Beach Club LimitedEffective Date: Jan 1st, 2025
1. General Provisions
This Privacy Policy applies to users of the Website at www.peninsula-tz.com and governs the collection, processing, and use of personal data. The Data Controller responsible for processing your personal data is Coral Beach Club Limited, registered under Tanzania’s Personal Data Protection Act, 2022 (PDPA), registration number: 0-000-000-466. For any privacy-related inquiries, you can contact our Data Protection Officer (DPO) at frontoffice@coralbeach-tz.com.2. Legal Basis for Processing Personal Data
In compliance with the Personal Data Protection Act, 2022 (PDPA) of Tanzania and Regulation (EU) 2016/679 (GDPR) for international guests, we process personal data based on the following legal grounds:- Contractual necessity (PDPA & GDPR Art. 6(1)(b)) – for booking and service fulfillment.
- Legal compliance (PDPA & GDPR Art. 6(1)(c)) – for regulatory and taxation purposes.
- Legitimate interests (PDPA & GDPR Art. 6(1)(f)) – for customer support and marketing analytics.
- User consent (PDPA & GDPR Art. 6(1)(a)) – for optional marketing communications and personalized services.
3. Types of Personal Data We Collect
We collect the following personal data when you visit our website, make a reservation, or use our services:- Identity data: Name, nationality, passport/ID details.
- Contact details: Phone number, email address.
- Transaction data: Payment details, invoice history.
- Service-related data: Booking preferences, room selections, dietary restrictions.
- Technical data: IP address, browser type, cookies, and tracking data.
4. Purpose of Processing Personal Data
We process your data to:- Manage reservations, check-ins, and check-outs.
- Provide customer service and respond to inquiries.
- Process payments and comply with financial regulations.
- Send booking confirmations, reminders, and feedback requests.
- Improve website functionality and user experience.
- Conduct personalized marketing (if consent is given).
- Ensure security and fraud prevention.
5. Data Retention Policy
Your data will be retained only for as long as necessary to fulfill the purposes outlined above:- Booking and service records: Up to 7 years (as per financial and legal requirements).
- Marketing data: Until you withdraw consent.
- Website usage data: As specified in our Cookies Policy.
6. Sharing and Transfers of Data
We do not sell or share personal data with unauthorized third parties. However, we may share information with:- Payment service providers to process transactions securely.
- Regulatory authorities where required by law.
- IT service providers to maintain and secure our systems.
7. Cookies and Tracking Technologies
Our website uses cookies to:- Improve user experience and website performance.
- Provide personalized content and targeted advertising (with user consent).
- Analyze site traffic using Google Analytics and other tools.
8. Your Rights Under PDPA & GDPR
As a data subject, you have the right to:- Access and request a copy of your data.
- Correct inaccurate or incomplete data.
- Delete personal data under specific conditions.
- Restrict processing where legally applicable.
- Withdraw consent for marketing communications.
- Object to automated decision-making.
- File a complaint with the Personal Data Protection Commission (PDPC) in Tanzania or the relevant GDPR authority.
9. Security Measures
We implement technical and organizational security measures such as:- Data encryption for sensitive transactions.
- Access controls to restrict unauthorized personnel.
- Regular security assessments and system monitoring.
10. Personal Data of Children
Our services are not intended for children under 18 years old. We do not knowingly collect data from minors without parental consent.11. Updates to This Privacy Policy
We may update this policy periodically. The latest version will always be available on our website. For further inquiries, please contact frontoffice@coralbeach-tz.com.