Privacy

1. GENERAL PROVISIONS

This Privacy Policy applies to users of the Website from The At Group (PTY) LTD at the URL: http://staymenyln.co.za. This website is operated under South African Law, and South Africa is the country of domicile.

2. PERSONAL DATA

Following the implementation of the requirements Protection of Personal Information Act (POPIA) of South Africa and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons concerning the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation – hereinafter referred to as “GDPR”), we inform you that:

1. We process data for the following purposes:
   1. performance of the contract or taking action at the request of the data subject before concluding the contract (legal basis: Article 6(1)(b) of GDPR), and Section 11(1)(b) of POPIA
   2. handling inquiries (Article 6(1)(f) of GDPR), and Section 11(1)(f) of POPIA
   3. handling complaints and claims (Article 6(1)(b) of GDPR), and Section 11(1)(b) of POPIA
   4. keeping records and fulfilling legal obligations imposed on the Controller (Article 6(1)(c) of GDPR), and Section 11(1)(c) of POPIA
   5. sending a newsletter (Article 6(1)(a) of GDPR), and Section 11(1)(a) of POPIA
   6. monitoring and improving the quality of the services – requesting completion of a survey or answering some questions about the quality of the services provided (Article 6(1)(f) of GDPR), and Section 11(1)(f) of POPIA
   7. displaying personalized commercial information on social networks (Art. 6(1)(a) of GDPR) and Section 11(1)(s) of POPIA
2. Providing data is voluntary, yet essential to use the services. In the case of expressing consent, it is voluntary and expressed by clicking the checkbox that includes the conditions of the consent granted.
3. If a person has agreed to the processing of data (legal basis: Article 6(1)(a) of GDPR) and Section 11(1)(a) of POPIA, the data is processed until the consent is withdrawn, but after this period, we have the right to archive information on who and when, and what consent was given (to establish, assert or defending legal claims). In other cases, the data is processed for the period justified by the execution of the purpose (e.g., performance of the contract, answering questions, tax regulations, etc.). The period of processing depends on the possibility of establishing, asserting, or defending claims or when data retention is required due to tax regulations.
4. You can revoke your consent at any time. Please click on the link, or send an email to: ___.
5. Each data subject has the right to access, correct, delete, or restrict the processing of personal data, the right to object, the right to transfer data, and the right to complain to a supervisory authority.
6. Transaction data, including personal data, is transferred directly by the user to the payment service provider.
7. The Website visitors may fill in a form and subscribe to the newsletter, and provide an email address and/or telephone number for automated contact.
8. The Website visitors may express their consent for Us to run advertising campaigns on social networks based on their email addresses.

3. DATA RECIPIENTS

We use the services of software and ICT system maintenance companies with whom we have entered into appropriate agreements. These agreements include data processing rules and confidentiality. The data is not shared, and none of these companies has the right to process the data in any other way than specified in the contract. Your data, if the company has access to it, may be processed only for the proper provision of services.

4. COOKIES

1. Cookies are transferred to web browsers and are then stored in the memory of devices and read by the server each time you connect to the Website.
2. We would like to point out that storing cookies does not allow us to access your private device or read any data other than the data stored in the cookies.
3. We use the so-called technical cookies, which enable the correct use of the message transmission and remembering your settings.
4. and to generate simple statistics of the Service.
5. We use cookies and data collection technologies to help us analyse traffic on the Website. This allows us to optimize its performance, improve the most popular solutions, and display dedicated messages and offers. You can consent, refuse to consent, revoke consent, or manage your settings by clicking here.
6. We use the following cookies:

5. GENERAL PRIVACY POLICY

We are committed to protecting your personal information in compliance with the Protection of Personal Information Act (POPIA) and the General Data Protection Regulation (GDPR). The policy outlines how we collect, use, and protect your data.

6 DATA COLLECTION

We collect personal information such as your name, contact details, and payment information when you make a booking or use our services.

7. DATA USE

Your data is used to process bookings, manage your stay, and improve our services. We may also use your information to send you promotional offers with your consent.

8. DATA PROTECTION

We implement appropriate technical and organizational measures to ensure the security of your personal information. Access to your data is restricted to authorized personnel only.

9. YOUR RIGHTS

You have the right to access, correct, or delete your personal information. You can also withdraw your consent for data processing at any time.

10. BOOKING FORM DISCLAIMER

By completing this booking form, you consent to the processing of your personal information in accordance with POPIA and GDPR. Your data will be used to manage your reservation and enhance your experience with us. We ensure that your information is handled securely and only shared with third parties as necessary to fulfill our services.

11. DATA BREACH NOTIFICATION

In the event of a data breach, we will notify the relevant authorities and affected individuals within 72hours, as required by POPIA and GDPR. We will provide details of the breach, the potential impact, and the measures taken to mitigate any harm

12. THIRD PARTY SERVICE PROVIDERS

We may share your personal information with third-party service providers who assist us in delivering our services. These providers are contractually obligated to comply with POPIA and GDPR, ensuring the protection of your data. We do not sell or rent your personal information to any third parties