Miracle Springs Resort & Spa will not collect any personally-identifiable information about its visitors and guests (e.g., your name, address, telephone number, or email address) (“Personal Information”) through our websites unless it has been provided to us voluntarily. You may provide us with your Personal Information by making a reservation, by using our services, by providing it to us in communications such as comment cards and surveys, or by participating in a marketing initiative. From time to time, Miracle Springs Resort & Spa offers packages or other services that involve third parties. If you are participating in these packages or services, your Personal Information will be shared with that third party to the extent necessary to provide the service and/or process the purchase or request. We may use the information you provide to send you offers and information about Miracle Springs Resort & Spa. If you do not wish to receive such offers and information, you may unsubscribe at any time by following instructions provided in each marketing message.
ADDITIONAL INFORMATION COLLECTED AUTOMATICALLY
WHY COLLECT PERSONAL INFORMATION
Miracle Springs Resort & Spa collects Personal Information for a variety of reasons, including to establish and maintain a responsible business relationship with our visitors and guests, to better understand the needs of our visitors and guests in order to provide better service, to develop and improve products and services for our visitors and guests, and to adhere to legal and regulatory requirements.
Miracle Springs Resort & Spa uses safeguards and technology that acts in accordance with applicable laws and industry standards to guard Personal Information against loss, destruction, misuse, improper disclosure, and unauthorized access or modification. These safeguards are routinely tested internally and periodically audited by Miracle Springs Resort & Spa IT Department. We make all reasonable efforts to ensure that Personal Information we collect is not altered in any way, or reprocessed in a way that makes it incompatible with the purpose for which it was originally collected.
GENERAL DATA PROTECTION REGULATION
On May 25, 2018, the General Data Protection Regulation (“GDPR”) began enforcement in the European Economic Area (EEA), the United Kingdom and Switzerland. The GDPR is a new data privacy regulation that applies to organizations that process personal data of EEA, UK and Swiss residents (“Data Subjects”), regardless of where those organizations are located. The law is the most significant change in data privacy regulation in the past 20 years, and Miracle Springs Resort & Spa has been working to prepare for its implementation.