Privacy Policy

Look, we get it - privacy policies can be a snooze-fest. But honestly? This stuff matters, especially when you're trusting us with your personal details and payment info while booking a luxury stay.

At Runeflare Empire Hotel, we've been hosting guests since we opened our doors on West Georgia Street, and we've always taken privacy seriously. This policy breaks down exactly what information we gather, why we need it, and what we do with it. No hidden surprises, no corporate double-speak.

                                         Quick Note: This policy applies to our website, reservations system, and any interactions you have with our hotel - whether you're booking online, calling us up, or chatting with our concierge team in person.
                                    

If you're based in Canada or the EU, you've got some extra rights under PIPEDA and GDPR respectively. We'll cover those later, but the main takeaway? You're in control of your data.

Alright, let's break down what we actually collect when you interact with us:

Personal Details You Give Us Directly

Name and contact info - your full name, email, phone number, and mailing address when you make a reservation
Payment information - credit card details, billing address (though we use secure processors, so we don't store full card numbers)
Government ID - sometimes required for check-in, especially for international guests or specific suite bookings
Preferences and special requests - dietary restrictions, room preferences, accessibility needs, celebration details
Loyalty program data - if you join our Empire Club rewards program

Stuff We Pick Up Automatically

Website behavior - pages you visit, how long you stick around, what you click on
Device and browser info - IP address, browser type, operating system, device identifiers
Location data - general location based on IP (not GPS tracking, don't worry)
Cookies and similar tech - more on this below, but they help us remember you and improve your experience

From Your Stay With Us

Check-in/check-out times - basic booking details
Service usage - spa appointments, restaurant reservations, room service orders, concierge requests
Feedback and reviews - surveys, comment cards, online reviews
Security footage - from cameras in public areas (lobbies, hallways, parking - never in guest rooms, obviously)

                                         Pro Tip: The more accurate info you give us about your preferences, the better we can personalize your stay. But it's always your call what to share.
                                    

We're not gonna sell your email to some sketchy marketing list - that's not our style. Here's what we actually do with your info:

The Obvious Stuff (Running the Hotel)

Processing your reservations and managing your bookings
Handling check-in and check-out
Providing the services you requested - room service, spa treatments, event coordination
Processing payments and sending you receipts
Answering your questions and handling customer service requests

Making Your Experience Better

Remembering your preferences for future stays
Customizing recommendations based on your interests
Managing loyalty rewards and special offers
Improving our website, services, and facilities based on feedback

Staying in Touch (When You Want Us To)

Sending booking confirmations and important updates about your stay
Marketing emails about special packages and events - but only if you've opted in
Requesting feedback after your visit
Keeping you posted on loyalty program benefits

Legal and Security Reasons

Complying with laws and regulations (tax stuff, mainly)
Preventing fraud and unauthorized transactions
Maintaining security throughout the property
Resolving disputes or legal claims if they come up

                                         About Marketing: We'll only send promotional emails if you've given us the thumbs up. You can opt out anytime by clicking the unsubscribe link at the bottom of any email - no hard feelings.
                                    

We don't just hand out your info to anyone who asks. But running a luxury hotel means working with some trusted partners. Here's who might see your data and why:

Service Providers We Work With

Payment processors - companies like Stripe or Moneris who handle credit card transactions securely
Booking platforms - if you reserved through a third-party site, they've got your info too
Technology partners - website hosting, email services, customer management systems
Marketing agencies - occasionally help us with campaigns, but they're bound by strict confidentiality agreements

Business Partners

Spa and wellness providers - when you book treatments
Restaurant partners - for dining reservations and special requests
Event vendors - if you're hosting a conference or celebration with us
Transportation services - when you arrange airport transfers or car services

Legal Requirements

Government authorities - when legally required (like tax reporting)
Law enforcement - if there's a valid legal request or investigation
Legal advisors - our lawyers, in case of disputes

                                         Important: All our partners sign agreements promising to protect your data and use it only for the specific purposes we've authorized. We vet these folks carefully.
                                    

We'll never sell your personal information to third parties for their marketing purposes. That's a hard line for us.

Not the chocolate chip kind, unfortunately. Web cookies are tiny files that help our site remember you and work properly. Here's the breakdown:

Types of Cookies We Use

Essential Cookies (The Must-Haves)

These keep the site functioning - stuff like remembering what's in your booking cart, keeping you logged in, and maintaining security. Without these, the site basically breaks, so they're not optional.

Performance Cookies

Help us understand how people use the site - which pages are popular, where folks are getting stuck, how long they stay. We use this to make improvements. Tools like Google Analytics fall into this category.

Functionality Cookies

Remember your preferences - language settings, currency, whether you want that newsletter popup to stop showing up every time. Makes your experience smoother.

Marketing Cookies

Track your browsing to show you relevant ads (like special packages you might actually care about). These are the ones you can definitely say no to without affecting the site's basic functions.

Managing Your Cookie Preferences

You've got options here:

Adjust settings in our cookie banner when you first visit the site
Change your browser settings to block or delete cookies (though some site features might not work as well)
Opt out of targeted advertising through industry tools like NAI or DAA

                                         Do Not Track: Most browsers have a "Do Not Track" setting. We respect that signal, though honestly, it's not universally recognized across the web yet.
                                    

We also use pixels and similar tech in emails to see if you've opened them or clicked links. Standard stuff for knowing whether our communications are actually useful.

Security isn't something we just slap on as an afterthought - it's built into everything we do. Here's how we keep your information safe:

Technical Safeguards

Encryption - all data transmitted to our site uses SSL/TLS encryption (that little padlock in your browser)
Secure servers - your data is stored on encrypted, access-controlled servers in Canada
Payment security - we're PCI-DSS compliant, meaning we meet strict standards for handling credit card info
Regular updates - our systems get patched and updated constantly to fix any vulnerabilities
Firewalls and monitoring - 24/7 system monitoring to catch and stop any suspicious activity

Physical Security

Access-controlled server rooms and offices
Background checks for staff who handle sensitive data
Secure disposal of physical documents containing personal info

Organizational Measures

Staff training - everyone on our team learns about privacy and data protection
Need-to-know access - employees only see the data they need to do their jobs
Confidentiality agreements - all staff and partners sign NDAs
Regular audits - we review our security practices regularly and fix any gaps

                                         Real Talk: No system is 100% hack-proof - anyone claiming that is lying. But we've invested heavily in protection and stay on top of emerging threats. If there's ever a breach affecting your data, we'll let you know ASAP and tell you what steps to take.
                                    

What You Can Do

Security is a two-way street. Here's how you can help protect your own info:

Use strong, unique passwords for your account
Don't share your login credentials with anyone
Be cautious of phishing emails pretending to be from us
Log out when using shared or public computers
Keep your devices and apps updated

Your data, your rules. Here's what you can do with the information we hold about you:

Rights Everyone Has

Access - request a copy of what personal data we have on file for you
Correction - ask us to fix any inaccurate or outdated information
Deletion - request that we delete your data (with some exceptions for legal obligations)
Opt-out - unsubscribe from marketing emails or stop certain data processing
Portability - get your data in a format you can transfer elsewhere

Additional Rights for Canadian Residents (PIPEDA)

Under Canada's Personal Information Protection

Quick Jump

Introduction

What Information We Collect