Privacy Chronicle

When you're dealing with us, we'll collect a few things to make sure your stay's as smooth as a perfectly poured mead. Here's what we're talking about:

• Basic Contact Stuff: Your name, email, phone number, and mailing address. Y'know, the usual suspects so we can actually reach you about your reservation.
• Payment Details: Credit card info, billing address - though we don't actually store your full card numbers ourselves. That's handled through secure payment processors 'cause we're not messing around with that.
• Stay Preferences: Room type you're into, dietary restrictions if you're dining at our tavern, special requests like extra pillows or that corner suite with the tower view.
• Website Activity: Cookies and tracking stuff - what pages you visit, how long you hang out on our site, your IP address. Helps us figure out what's working and what's not.
• Event Info: If you're booking a wedding or corporate retreat, we'll need details about your event, guest counts, specific requirements - that sorta thing.

We're only collecting what we actually need to provide you with an awesome experience. We're not out here gathering random info for no reason.

So what do we actually do with all this stuff? Here's the breakdown:

• Processing Your Bookings: Pretty obvious one - we need your info to actually reserve your room, confirm your stay, and handle payments. Can't really run a hotel without this.
• Communicating With You: Sending confirmation emails, updates about your reservation, answering questions, letting you know about any changes. We might also send you post-stay surveys 'cause we genuinely wanna know how we did.
• Personalizing Your Experience: Remembering your preferences from previous visits, suggesting experiences you might dig based on what you've booked before, that kinda thing.
• Marketing & Promotions: If you've opted in, we'll send you news about special offers, upcoming events, seasonal packages. Don't worry though - you can unsubscribe anytime. No hard feelings.
• Improving Our Services: Analyzing website traffic, figuring out what guests love and what needs work, making sure our operations run smoothly.
• Legal Compliance: Sometimes we gotta keep records for tax purposes, handle disputes, or comply with Canadian regulations. It's just part of running a legit business.

Bottom line? We're using your info to make your stay better and keep things running properly. That's it.

We're not in the business of selling your personal info to random companies. Seriously. But there are a few situations where we need to share certain details:

• Service Providers: Payment processors, booking systems, email platforms - basically the tech that keeps everything running. These folks are bound by strict confidentiality agreements.
• Event Partners: If you're hosting a wedding or corporate event, we might need to share relevant details with caterers, entertainment providers, or other vendors you've selected.
• Legal Requirements: If we're legally obligated to share info - like a court order or government request - we'll comply. Hopefully this never happens, but gotta be upfront about it.
• Business Transfers: In the unlikely event that Runeborn Stronghold gets sold or merged with another company, your info would be transferred as part of that deal. Any new owner would still be bound by this privacy policy though.

That's pretty much it. We keep your circle of trust pretty tight around here.

Yeah, we use cookies - and not the delicious kind from our tavern kitchen. These are little bits of data that help our website remember you and work better. Here's what's going on:

• Essential Cookies: These keep the site functioning properly. Without 'em, you wouldn't be able to book rooms or navigate properly. These aren't optional.
• Performance Cookies: Help us understand how visitors use our site - which pages are popular, where people get stuck, loading times, that kinda stuff. All anonymous data.
• Functionality Cookies: Remember your preferences, like language settings or accessibility options, so you don't have to reset everything each visit.
• Marketing Cookies: Track your browsing to show you relevant ads on other sites. You can disable these through your browser settings if they bug you.

Most browsers let you control cookies through their settings. Just know that blocking some cookies might make parts of our site not work as well. Your call though.

Under Canadian privacy laws (specifically PIPEDA), you've got some solid rights when it comes to your personal info. Here's what you can do:

• Access Your Data: You can ask to see what personal information we've got on file about you. We'll provide it within 30 days.
• Correct Inaccuracies: If something's wrong or outdated, let us know and we'll fix it. We want accurate records too.
• Request Deletion: Want us to delete your info? We'll do it, unless we're legally required to keep it (like tax records or active reservations).
• Opt Out of Marketing: Every promotional email has an unsubscribe link. One click and you're done. No hoops to jump through.
• Withdraw Consent: If you've given us permission to use your data in specific ways, you can take that back anytime. Just reach out.
• Lodge a Complaint: If you think we've mishandled your info, you can contact the Office of the Privacy Commissioner of Canada. We'd prefer you talk to us first though so we can make it right.

To exercise any of these rights, shoot us an email at reservations@runebornstronghold.info or call us at (604) 555-7863. We'll get back to you quickly.

We take security seriously - like, medieval fortress level seriously. Here's what we've got in place:

• Encryption: All sensitive data's encrypted both in transit and at rest. We use industry-standard SSL/TLS protocols for anything transmitted over the internet.
• Secure Servers: Our data's stored on secure servers with firewalls, intrusion detection, and regular security audits. We're not messing around.
• Limited Access: Only authorized staff can access personal information, and only when they actually need it to do their jobs. Everyone's trained on privacy protocols.
• Regular Updates: We keep all our systems patched and updated to protect against new threats. Security's an ongoing thing, not a one-and-done deal.
• Payment Security: Credit card processing goes through PCI DSS compliant payment gateways. We never see or store your full card details.

That said, no system's 100% bulletproof. We do everything we can to keep your info safe, but if there's ever a breach, we'll notify you and the relevant authorities immediately as required by law.

We don't keep your info forever. Here's generally how long we hold onto different types of data:

• Reservation Records: Kept for 7 years after your stay for accounting and tax purposes. Canadian law requires this.
• Marketing Data: If you're subscribed to our emails, we'll keep your contact info until you unsubscribe or your email bounces repeatedly.
• Website Analytics: Usually aggregated and anonymized after 26 months. We're looking at trends, not tracking individuals long-term.
• Guest Preferences: If you've stayed with us before, we'll keep your preferences on file to make future stays better - unless you ask us to delete 'em.

Once we don't need your data anymore, we securely delete or anonymize it. No point keeping stuff around that we're not using.

Our website might link to other sites - social media platforms, partner services, local attractions, that kinda thing. Just so you know, we're not responsible for their privacy practices. Once you click away from our site, their rules apply, not ours.

We try to only link to reputable sites, but it's always smart to read their privacy policies too. Different companies handle data differently, and we can't vouch for everyone.

Same goes for any third-party booking platforms that might list us. If you book through another site, they'll have their own privacy policy covering that transaction.

Our services aren't directed at kids under 13, and we don't knowingly collect personal information from children. If you're booking a family stay, the adult making the reservation is responsible for any information about minors.

If we discover we've accidentally collected info from a child under 13, we'll delete it as quickly as possible. Parents or guardians who think we might have info about their child can contact us and we'll take care of it immediately.

We might update this privacy policy from time to time - new laws, changes to our operations, whatever. When we do make changes, we'll update the "Last Updated" date at the top of this page.

If we make any major changes that affect how we use your personal information, we'll notify you by email or through a prominent notice on our website before the changes take effect. We're not gonna sneak stuff past you.

It's a good idea to check back here occasionally, especially if it's been a while since you've reviewed our policy. Staying informed's always smart.