Privacy Policy

We're not in the business of selling your data. Here's what we actually do with it:

• Processing reservations: Obvious one - we need your info to book your suite and make sure everything's ready when you arrive.
• Communication: Sending confirmation emails, pre-arrival details, and answering your questions. Our concierge team might reach out if there's something special you've requested.
• Service delivery: Making sure our valet knows you're arriving, the spa has your appointment scheduled, or the restaurant has your dietary preferences on file.
• Improving our services: We look at feedback and booking patterns to figure out what's working and what needs tweaking.
• Marketing (with your okay): If you've opted in, we'll send occasional emails about special offers or new services. You can unsubscribe anytime - no hard feelings.
• Legal obligations: Sometimes we're required by law to keep certain records or share info with authorities. It's rare, but it happens.

Bottom line: we use your info to provide the luxury experience you're paying for and to comply with the law. That's it.

We're pretty protective of your info, but there are a few situations where we need to share it:

• Service providers: Payment processors, booking platforms, and tech companies that help run our systems. They're all under strict contracts to protect your data.
• Business partners: If you book spa treatments or dining reservations, those teams need your details. They're all part of our operation though.
• Legal requirements: If law enforcement shows up with a warrant or there's a legitimate legal obligation, we'll comply. Again, this is super rare.
• Business transitions: If we ever sell the hotel or merge with another company, your data would transfer as part of that deal. You'd be notified if this happens.

We don't sell or rent your personal information to third parties for their marketing purposes. Period. That's not how we operate.

Security isn't just an IT thing for us - it's baked into everything we do:

• Encryption: All payment data and sensitive info is encrypted both when it's moving around and when it's stored. Think of it as a digital vault.
• Access controls: Only staff who genuinely need access to your info can see it. Our front desk team can see booking details, but they can't access your full payment info.
• Regular security audits: We run regular checks and tests to make sure our systems are secure and up-to-date.
• Staff training: Everyone on our team is trained on privacy and security protocols. It's part of the job here.
• Secure facilities: Physical records are locked up, and our servers are in secure data centers with multiple layers of protection.

No system is 100% bulletproof, but we're doing everything reasonably possible to keep your data safe. If there's ever a breach that affects you, we'll let you know right away.

Yeah, we use cookies. Not the chocolate chip kind, unfortunately. Here's the breakdown:

• Essential cookies: These keep the website functioning. Without them, you can't book a room or log into your account. These are non-negotiable.
• Analytics cookies: Help us understand how people use our site - which pages are popular, where people get stuck, that kind of thing. We use this to make improvements.
• Marketing cookies: These track your browsing to show you relevant ads on other sites. You can opt out of these in your browser settings.
• Preference cookies: Remember your settings and preferences so you don't have to re-enter them every time you visit.

Most browsers let you control cookies through their settings. Just know that blocking certain cookies might make parts of our site not work properly.

We also use tools like Google Analytics to understand our website traffic better. These services have their own privacy policies if you want to dig deeper.

It's your data, and you've got rights. Here's what you can do:

• Access: You can ask to see what personal info we have on file about you. Just drop us an email.
• Correction: If something's wrong or outdated, let us know and we'll fix it.
• Deletion: Want us to delete your data? We can do that, unless we're legally required to keep it (like tax records).
• Opt-out of marketing: Every marketing email has an unsubscribe link. Click it and you're off the list - no questions asked.
• Data portability: You can request a copy of your data in a format that's easy to transfer elsewhere.
• Withdraw consent: If you've given us permission for something specific, you can change your mind anytime.
• Lodge a complaint: If you think we've mishandled your data, you can complain to the Office of the Privacy Commissioner of Canada.

To exercise any of these rights, just reach out to us at reservations@quantarionatspire.info or call (416) 555-7843. We'll respond within 30 days.

We don't hang onto your info longer than necessary. Here's our general approach:

• Booking information: We keep this for up to 7 years for accounting and tax purposes. It's a legal requirement.
• Marketing data: If you've opted in to marketing emails, we'll keep your contact info until you unsubscribe or after 3 years of inactivity.
• Guest preferences: We'll hold onto your preferences (room type, dietary needs, etc.) as long as you're an active guest or loyalty member.
• Website analytics: This data is usually anonymized and kept for 2 years to help us track trends.
• Security footage: CCTV recordings are typically kept for 30 days unless needed for an investigation.

When we no longer need your data, we securely delete or anonymize it. We don't just let old files sit around collecting digital dust.

We're based in Toronto, but we welcome guests from all over the world. Here's what that means for your data:

Most of your information stays in Canada, but some of our service providers (like payment processors or cloud storage companies) might be based in other countries, including the United States. When data crosses borders, it's subject to the laws of that country.

We only work with providers who meet strict privacy and security standards. Your data is protected by contractual agreements no matter where it's processed.

If you're visiting from the EU, you should know that Canada's privacy laws are recognized as providing adequate protection under GDPR. So you're covered.

Our services aren't directed at kids under 13, and we don't knowingly collect their personal information through our website or booking systems.

If a child is staying with us as part of a family booking, we'll have their name and age for room assignment purposes, but that info is linked to the adult who made the reservation.

If we discover we've accidentally collected personal info from a child under 13, we'll delete it as quickly as possible. Parents or guardians can contact us if they have concerns about their child's information.

Things change - technology evolves, laws get updated, and we improve our services. When we need to update this privacy policy, here's how we'll handle it:

• We'll post the updated version on this page with a new "Last Updated" date at the top.
• If it's a major change that affects how we use your data, we'll send you an email notification (if we have your email on file).
• The updated policy takes effect as soon as it's posted, unless we specify otherwise.

We recommend checking this page occasionally if you're a regular guest. It's not exactly thrilling reading, but it's good to stay informed about how your info is handled.

Look, privacy policies can be confusing. If you've got questions, concerns, or just want to chat about how we handle your data, we're here to help.

We'll respond to privacy-related inquiries within 30 days, though usually much faster. Our team takes this stuff seriously, and we're happy to walk you through anything that's unclear.

If you're not satisfied with our response, you can always file a complaint with the Office of the Privacy Commissioner of Canada. Their website has all the info you need to do that.