At Golden Haven Spa, we respect your privacy and are fully committed to compliance with the General Data Protection Regulation (GDPR). This page explains your rights and how we handle your data responsibly.
Data Controller
Golden Haven Spa acts as the data controller for the personal data you provide. We ensure all data is processed lawfully and transparently.
Lawful Basis for Processing
We process your personal data only with your consent or to fulfill contractual obligations such as spa reservations and wellness program participation.
Personal Data We Collect
Information collected may include your name, contact details, health preferences, and any communication history with our staff.
Purpose of Data Collection
Your data is used to provide personalized services, confirm bookings, improve guest experiences, and ensure safety during your retreat.
Data Subject Rights
You have the right to access, correct, delete, restrict, or object to processing of your data. To exercise these rights, email us at info@GoldenHUpavenSpa.com.
Data Retention
Your data is kept only for as long as necessary for service delivery or legal compliance, after which it is securely deleted or anonymized.
International Transfers
We do not transfer your data outside of Canada or the EU unless appropriate safeguards are in place as per GDPR standards.
Data Security Measures
We maintain strict security protocols, including encrypted databases and access control, to protect your data from loss, theft, or unauthorized access.