Privacy Policy
Controller & Contact
- Controller: [Legal Entity Name]
- Address: [Address]
- Privacy: [Privacy Email]
- Support: [Support Email] | [Support Phone/WhatsApp]
This Privacy Policy explains how [Legal Entity Name] (“SaudiChalets”, “we”) collects and processes personal data when you use saudichalets.com (the “Platform”).
This is a practical policy written for real platform operations (accounts, listings, bookings, support).
1) Scope
This Policy applies to personal data processed when you use the Platform as a Guest or Owner, including accounts, listings, bookings, communications, and support.
2) Personal Data We Collect
A) Account data: name, username, email, phone number, user ID, login/session data.
B) Booking & transaction data: booking details, payment status, receipts/invoices, refunds/cancellations, security deposit fields (if applicable).
C) Owner listing data: listing details you submit (title, city, policies, rules, pricing), photos/media, owner contact details needed for bookings/support.
D) Communications: messages and support communications (when available).
E) Device/usage data: IP address, browser/device info, logs, timestamps, pages/actions. Approximate location from IP; precise location only if you enable it.
F) Cookies/local storage: essential session cookies, language preference, basic analytics (if enabled).
3) How We Use Personal Data
We use personal data to operate accounts, listings, and bookings; facilitate Guest–Owner communication; process payments/refunds (if enabled); prevent fraud/abuse; provide support; improve the Platform; and comply with legal obligations and enforce our Terms.
4) Sharing and Disclosure
A) Between Guests and Owners: we share what’s necessary to complete and support bookings (e.g., booking details and contact details needed for check-in/support).
B) Service providers: hosting, storage, database, analytics/error monitoring, customer support tools, and payment processors (if enabled). They may access data only to perform services for us and must protect it.
C) Legal and safety: if required by law or to protect rights/safety and prevent fraud/abuse.
5) Cross-Border Transfers
If we transfer personal data outside Saudi Arabia (e.g., certain cloud vendors), we do so only as permitted and with appropriate safeguards under applicable requirements.
6) Retention
We retain personal data only as long as needed for operating accounts/bookings, compliance (financial records, fraud prevention), and dispute handling/enforcement. Retention periods vary by data type and legal requirements.
7) Security
We apply reasonable security measures such as access control, encryption in transit (HTTPS), secure password hashing, and monitoring. No system is 100% secure.
8) Your Rights
Subject to applicable rules and exceptions, you may request access, correction, deletion where applicable, and withdrawal of consent where processing is based on consent.
To exercise rights, contact: [Privacy Email]. We may verify your identity before responding.
9) Marketing
If we send marketing communications, you can opt out at any time using the method provided or by contacting us.
10) Children
The Platform is not intended for children. If you believe a child’s data has been provided, contact us to request deletion.
11) Cookies
You can control cookies through browser settings. Some cookies are essential for login/session and core features.
12) Changes
We may update this Policy and change the “Last Updated” date. Continued use means you accept the updated Policy.