Privacy Policy

We're serious about keeping your info safe and respecting your privacy. Here's the honest breakdown of what we collect and why.

Last updated: October 23, 2025

Quick Navigation
Questions about privacy?

Our team's here to help clarify anything.

Get in Touch

Look, we get it - nobody actually enjoys reading privacy policies. But here's the thing: at Jade Flare Citadel Hotel, we think you deserve to know exactly what happens with your personal details when you stay with us or even just browse our site.

This policy covers everything from booking a room to signing up for spa appointments or joining our loyalty program. We've tried to keep the legal jargon to a minimum and just tell it like it is.

By using our website or services, you're agreeing to what's outlined here. If something doesn't sit right with you, we'd honestly rather you reach out and ask us about it before proceeding.

Personal Information You Give Us

When you book a room or use our services, we'll ask for stuff like:

  • Your name, email address, and phone number
  • Payment info (credit card details, billing address)
  • Passport or ID information when required for check-in
  • Special requests or preferences (like dietary needs or room temperature preferences)
  • Emergency contact details
Information We Collect Automatically

When you're browsing our site, we automatically pick up some technical details:

  • IP address and device information
  • Browser type and operating system
  • Pages you visit and how long you stick around
  • Referring websites that brought you to us
  • Location data (if you've given permission)
Info from Third Parties

Sometimes we get details from booking platforms, travel agencies, or corporate accounts if you've booked through them. We also use analytics services to understand how folks interact with our site.

We're not collecting your info just for fun. Here's what we actually do with it:

Booking & Reservations

Processing your reservations, sending confirmations, and managing your stay from check-in to check-out.

Payment Processing

Handling transactions securely, processing refunds, and keeping financial records for accounting purposes.

Communication

Sending booking confirmations, updates about your stay, responding to inquiries, and sharing important info.

Service Improvement

Analyzing trends, understanding what guests love (or don't), and making our hotel experience better.

Marketing

Sending promotional offers and newsletters (only if you've opted in - we won't spam you otherwise).

Legal Compliance

Meeting regulatory requirements, handling disputes, and protecting our rights and yours.

We're not in the business of selling your data - that's just not our style. But there are some situations where we need to share information:

Service Providers

We work with trusted partners who help us run the hotel - payment processors, booking systems, email services, and cloud storage providers. These folks only get access to what they need to do their job, and they're contractually obligated to keep your data safe.

Business Partners

If you book through a travel agency or corporate account, we'll share relevant details with them. We might also work with local tour operators or transportation services if you've requested those services through us.

Legal Requirements

Sometimes we're legally required to share info with government authorities, law enforcement, or regulatory bodies. We'll only do this when we have to - not just on a whim.

Business Transfers

If we ever merge with another company or get acquired (hey, you never know), your data might be transferred as part of that deal. We'd make sure the new owners respect this privacy policy though.

Yeah, we use cookies - but not the edible kind (though our restaurant has plenty of those). These are small files that help our website remember you and work properly.

Types of Cookies We Use:
  • Essential Cookies: These keep the site functioning - you can't really opt out of these if you wanna use the site.
  • Performance Cookies: Help us understand which pages are popular and how visitors move around the site.
  • Functional Cookies: Remember your preferences like language settings or login details.
  • Advertising Cookies: Track your browsing to show you relevant ads (you can disable these if they annoy you).

You can manage cookie preferences through your browser settings. Just keep in mind that blocking certain cookies might make some features not work as well.

We also use analytics tools like Google Analytics to understand site traffic and user behavior. These services have their own privacy policies that you might wanna check out.

Your data belongs to you, and you've got rights. Here's what you can do:

Access Your Data

Request a copy of all the personal information we have about you. We'll send it over in a readable format.

Correct Inaccuracies

If something's wrong or outdated, let us know and we'll fix it ASAP.

Delete Your Data

Ask us to delete your information (though we might need to keep some stuff for legal reasons).

Opt Out of Marketing

Unsubscribe from promotional emails anytime. There's an unsubscribe link in every marketing email we send.

Data Portability

Get your data in a format you can take to another service provider.

Object to Processing

Tell us to stop processing your data for certain purposes like direct marketing.

To exercise any of these rights, just shoot us an email at reservations@jadeflarecitadel.info or give us a call at (416) 555-8847. We'll get back to you within 30 days.

We take security pretty seriously around here. Your data's protected with industry-standard security measures:

  • Encryption: All sensitive data is encrypted both in transit and at rest. We use SSL/TLS protocols for data transmission.
  • Access Controls: Only authorized staff members can access your personal information, and they're trained on data protection.
  • Regular Security Audits: We regularly test our systems for vulnerabilities and patch 'em up quickly.
  • Secure Payment Processing: We use PCI-DSS compliant payment processors. We don't store your full credit card details on our servers.
  • Physical Security: Our servers are housed in secure facilities with restricted access.

Important: While we do everything we can to protect your data, no system's 100% secure. If we ever experience a data breach that affects you, we'll let you know right away and tell you what steps to take.

We're based in Toronto, Canada, but sometimes your data might travel internationally - especially if we're using cloud services or working with international partners.

Canada's got solid privacy laws (thanks, PIPEDA!), but if your data goes somewhere else, we make sure:

  • The destination country has adequate data protection laws, or
  • We've got contracts in place that require the same level of protection we'd provide, or
  • You've given us explicit consent for the transfer

If you're visiting us from the EU, EEA, or UK, we comply with GDPR requirements for international data transfers. We use standard contractual clauses approved by the European Commission.

Our services aren't directed at kids under 16, and we don't knowingly collect their personal information without parental consent.

If you're booking for a family with children, we'll ask for their ages and any special needs, but this is collected through the adult making the reservation.

If we somehow find out we've collected data from a child without proper consent, we'll delete it promptly. Parents or guardians who believe we might have info about their child can contact us at reservations@jadeflarecitadel.info.