Privacy

Privacy Policy of Coral Beach Club LimitedEffective Date: Jan 1st, 2025

1. General Provisions

This Privacy Policy applies to users of the Website at www.coralbeach-tz.com and governs the collection, processing, and use of personal data.The Data Controller responsible for processing your personal data is Coral Beach Club Limited, registered under Tanzania’s Personal Data Protection Act, 2022 (PDPA), registration number: 0-000-000-466.For any privacy-related inquiries, you can contact our Data Protection Officer (DPO) at frontoffice@coralbeach-tz.com.

2. Legal Basis for Processing Personal Data

In compliance with the Personal Data Protection Act, 2022 (PDPA) of Tanzania and Regulation (EU) 2016/679 (GDPR) for international guests, we process personal data based on the following legal grounds:

  • Contractual necessity (PDPA & GDPR Art. 6(1)(b)) – for booking and service fulfillment.
  • Legal compliance (PDPA & GDPR Art. 6(1)(c)) – for regulatory and taxation purposes.
  • Legitimate interests (PDPA & GDPR Art. 6(1)(f)) – for customer support and marketing analytics.
  • User consent (PDPA & GDPR Art. 6(1)(a)) – for optional marketing communications and personalized services.

3. Types of Personal Data We Collect

We collect the following personal data when you visit our website, make a reservation, or use our services:

  • Identity data: Name, nationality, passport/ID details.
  • Contact details: Phone number, email address.
  • Transaction data: Payment details, invoice history.
  • Service-related data: Booking preferences, room selections, dietary restrictions.
  • Technical data: IP address, browser type, cookies, and tracking data.

4. Purpose of Processing Personal Data

We process your data to:

  • Manage reservations, check-ins, and check-outs.
  • Provide customer service and respond to inquiries.
  • Process payments and comply with financial regulations.
  • Send booking confirmations, reminders, and feedback requests.
  • Improve website functionality and user experience.
  • Conduct personalized marketing (if consent is given).
  • Ensure security and fraud prevention.

5. Data Retention Policy

Your data will be retained only for as long as necessary to fulfill the purposes outlined above:

  • Booking and service records: Up to 7 years (as per financial and legal requirements).
  • Marketing data: Until you withdraw consent.
  • Website usage data: As specified in our Cookies Policy.

6. Sharing and Transfers of Data

We do not sell or share personal data with unauthorized third parties. However, we may share information with:

  • Payment service providers to process transactions securely.
  • Regulatory authorities where required by law.
  • IT service providers to maintain and secure our systems.

For international guests, data transfers outside Tanzania (including the EU) comply with GDPR regulations via Standard Contractual Clauses (SCCs) or equivalent safeguards.

7. Cookies and Tracking Technologies

Our website uses cookies to:

  • Improve user experience and website performance.
  • Provide personalized content and targeted advertising (with user consent).
  • Analyze site traffic using Google Analytics and other tools.

You can manage your cookie preferences or disable cookies via your browser settings. See our Cookies Policy for more details.

8. Your Rights Under PDPA & GDPR

As a data subject, you have the right to:

  • Access and request a copy of your data.
  • Correct inaccurate or incomplete data.
  • Delete personal data under specific conditions.
  • Restrict processing where legally applicable.
  • Withdraw consent for marketing communications.
  • Object to automated decision-making.
  • File a complaint with the Personal Data Protection Commission (PDPC) in Tanzania or the relevant GDPR authority.

9. Security Measures

We implement technical and organizational security measures such as:

  • Data encryption for sensitive transactions.
  • Access controls to restrict unauthorized personnel.
  • Regular security assessments and system monitoring.

10. Personal Data of Children

Our services are not intended for children under 18 years old. We do not knowingly collect data from minors without parental consent.

11. Updates to This Privacy Policy

We may update this policy periodically. The latest version will always be available on our website.For further inquiries, please contact frontoffice@coralbeach-tz.com.

12. Should you have booked a Half Board Package, kindly note that either Dinner or Lunch is included upto a value of $30 per person per night.Should your dinner selection exceed this amount, the difference will be charged as a supplement and can be settled directly at the hotel.
A Half Board set menu is also available for your convenience.
Please note that no refund will be provided for unutilised or underutilised package components