Miles Partnership, LLLP and Sandestin Beach Hotel, Ltd., d/b/a Hilton Sandestin Beach Golf Resort & Spa (“The Controllers”) collect personal data from individual users of www.hiltonsandestinbeach.com, www.serenitybytheseaspa.com and www.seagars.com. Certain elements of this data may constitute protected “personal data” as that term is defined in the E.U. General Data Protection Regulation (“GDPR”)*.
The following disclosures concerning The Controllers compliance with GDPR are presented for informational and compliance purposes only. Nothing in these disclosures constitutes a representation that any particular data or service is governed or subject to GDPR, nor do these disclosures represent or constitute any contract or undertaking with any individual.
GDPR is set to take effect on May 25, 2018. On and after that date, The Controllers will comply with GDPR to the extent applicable.
The Controllers utilize personal data including the information provided by you during usage of the website and submission of forms. The Controllers process this data for marketing purposes. This data may be used, for example, to send information electronically or physically that you request.
The Controllers may seek your consent to send communications (marketing communications). The Controllers will seek a separate consent to send these communications in certain cases which may be revoked by you at any time via email to [email protected] or by clicking unsubscribe on the pertinent email communication.
Recipients of personal data may include fulfillment providers for physical mailing, email deployers, technical providers of data storage, and back-end service providers. All employees of The Controllers who receive or review personal data have received training concerning maintaining the confidentiality of such data and committed themselves to confidentiality. Where appropriate, The Controllers will enter into written agreements governing the processing and confidentiality of personal data by third parties.
The Controllers will retain data only as long as is necessary.
If the GDPR applies to retention of your personal data, you have several rights including (i) the right to request access, rectification or erasure of your data, (ii) the right to lodge a complaint with the appropriate European Union supervisory authority, and (iii) to the extent processing of data is based on consent, you have the right to withdraw consent; (iv) the right to be informed about how we use your data; (v) the right to object to certain types of processing, including processing for direct marketing; (vi) the right to “block” or suppress further use of your data; and (vii) the right to obtain and reuse your personal information for your own purposes across different services.
*A copy of the GDPR is available here (last retrieved: April 10, 2018).