Scope of This Policy
This Policy applies to personal data processed by Ladera Resort, whether:
- Collected directly from guests, employees, vendors, website users or other counterparties;
- Received through third-party services such as travel agencies, booking platforms, or affiliate marketing partners;
- Captured by electronic means (e.g., website forms, mobile apps, CCTV, Wi-Fi access points); or
- Processed manually or electronically by authorized Ladera Resort personnel.
This Policy is binding on all departments and units within Ladera Resort and applies to data processing that occurs within and outside of Saint Lucia, subject to applicable transfer safeguards under the DPA.
PERSONAL DATA
We take the protection of your Personal Data very seriously. We are registered as a Data Controller with the Data Protection Commissioner and we are committed to compliance with the DPA including its core Principles and the processing of Personal Data. Personal Data is collected only for a legitimate purpose and to the extent necessary e.g. for the purpose of performing a contract with a Data Subject, protecting the vital interest of the Data Subject or for our legitimate business purposes. We will not sell or make your Personal Data available to third parties unless it is integral to the services and goods provided by Ladera Resort. You can learn more about any third party processing by reading this policy and how we handle your data when you use our services.
For clarity, the following terms are more fully defined under the DPA but we have summarised their meaning as used throughout this Policy:
“Personal Data” means any information about a natural person relating to that person’s name, address, race, national or ethnic origin, religion, age, gender, marital status, education, medical or employment history.
“Data Subject” means an individual natural person to whom Personal Data relates.
“Sensitive Personal Data” means information about race, religion, health, biometric data, or criminal or financial records.
“Processing” means any operation concerning Personal Data including collection, storage, use, sharing, or destruction.
“Data Controller” means Ladera Resort, who either alone or with others, determines how Personal Data is processed.
At touch points throughout your interaction with us, we may collect the following Personal Data:
Contact information: name, gender, postal address, telephone number, email address
Payment information: Credit and debit card number or other payment date
Financial information in limited circumstances
Language preference
Date and place of birth
Nationality passport, visa or other government-issued identification data
Important dates, such as birthdays, anniversaries and special occasions
Employer details
Travel itinerary tour group or activity data
Interactions including prior guest visits, goods and services purchased, and special service and amenity requests
Social media account ID profile photo and other data publicly available
In limited circumstances, we also may collect:
Data about family members and companions, such as names and ages of children.
Biometric data such as digital images, and video and audio data via security cameras located in public areas, such as hallways and lobbies, in our properties.
Guest preferences and personalized data (“Personal Preferences”), such as your interests, activities, hobbies, food and beverage choices, services and amenities of which you advise us or which we learn about during your visit.
If you submit any Personal Data about other people to us or our Service Providers, third parties contracted by Ladera Resort to provide services as part of our overall Services, such as making a reservation for another individual, you represent that you have the authority to do so and you permit us to use the data to fulfil your request for our Services.