Last updated: 4/2022
The Grande Colonial Hotel and NINE-TEN Restaurant respect the privacy of all our guests, and we are committed to protecting it. This policy describes how we collect, use, and disclose information about our guests.
We collect information that can identify you personally, such as your name, mailing address, telephone number, email address, credit card information, etc. ("personal data") only when it is voluntarily provided to us by you or by a third party (such as a travel agency) on your behalf.
We collect personal data when it is provided through forms on our Sites (hereinafter, company URLs - www.gclj.com and www.nine-ten.com - are collectively referred to as the "Sites"), mobile applications, over the phone, through physical mail or e-mail, guest satisfaction comment cards, or in-person. This includes, for example, information you provide when you make a reservation, purchase a gift card on the Sites, sign up to receive emails, offers or other information, email us or our properties through the Sites, submit a question or report a problem, or submit a Request for Proposal to plan a meeting, wedding, or special event.
Our Sites do not collect, save or store any personal data from you while you simply browse this Sites, unless you voluntarily and intentionally provide it to us (for example, by making an online booking or requesting further information).
Our servers automatically collect certain technical, non-personal information when you use our Sites or mobile applications. Technical data may include your browser type, operating system, page views and clicks, location data, IP address, unique device ID, and referral URLs.
USE OF INFORMATION
We use your personal data to fulfill the purpose for which it was provided, or as otherwise set forth in this policy. For example, we may use your personal data as necessary to:
- process your reservation request and payment;
- contact you about your hotel and/or restaurant reservation;
- make requested changes to your reservation or user account;
- provide you with a personalized experience on our Sites;
- respond to your inquiries and other communications;
- register you to receive marketing/promotional e-mails, or other information for which you've expressed an interest;
- respond to private dining/catering inquiries; and
- to comply with legal requirements.
You may opt out of receiving any promotional or marketing emails at any time by contacting us directly at email@example.com or by following the "opt out" or "unsubscribe" links in such emails. All emails distributed to our lists will contain easy, online access to unsubscribe. We may, however, continue to contact you with relevant information about your past or upcoming reservations with us, service interruptions, and status of account. When you make a hotel reservation, for example, we will automatically send you a Reservation Confirmation, Reservation Cancellation, Pre-Stay Arrival Letter, and Post-Stay Follow-Up Letter/Survey to the email address on file. These transactional communications are intended solely to provide information about your past or upcoming visit.
We may use the usage data we collect for any reason we deem appropriate, including to improve, maintain, and operate our Sites and services.
SHARING OF INFORMATION
We will not sell any of your personal data to any outside organization. We only disclose your personal data to third parties as reasonably necessary to carry out the permitted uses described in the "USE OF INFORMATION" section of this policy. For example, we may share personal data with:
- our payment processors, technical and customer support contractors, and other service providers who are required to keep the personal data confidential and are prohibited from using it other than to carry out their services on our behalf;
- our successors in the event of a sale, merger, acquisition, or similar transaction affecting the relevant portion of our business; and
- legal and governmental authorities or other third parties, to the extent required to comply with a legal order or applicable law.
SECURITY OF PERSONAL DATA
The Grande Colonial Hotel and NINE-TEN Restaurant are committed to the security of your personal data. We use commercially reasonable technical measures to protect personal data in our possession, and our Sites uses secure socket layer (SSL) encryption technology to help protect the privacy of credit card information, name, address, email and other sensitive information you provide to us.
Our Sites may assign one or more "cookies" to your Internet browser. Cookies, among other things, speed navigation through our Sites, keep track of information so that you do not have to re-enter it each time you visit our Sites, and may provide you with customized content. A cookie is an Internet mechanism composed of a small text file containing a unique identification number that permits a web server to send small pieces of information or text by means of your browser and place them on your computer's hard drive for storage. This text lets the web server know if you have previously visited the web page. Cookies by themselves cannot be used to find out the identity of any user.
Our Sites do not currently respond to "Do Not Track" signals that may be sent by your device or browser.
LINKS TO THIRD PARTY WEB SITES
INFORMATION FOR CALIFORNIA RESIDENTS
The California Consumer Privacy Act (CCPA) entitles California residents to certain additional protections regarding personal data. For purposes of this section alone, "personal data" means any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. California residents have the right to request:
- information regarding your personal information we have collected (including the categories of personal information we have collected, the categories of sources of such information, and the purposes for which we have collected such information);
- notice of whether we have disclosed your personal information to third parties (and if so, what categories of information we have disclosed, and what categories of third parties we have disclosed it to);
- a copy of your personal information collected by us in the past 12 months; and
- that your personal information be deleted.
We will not discriminate against you if you choose to exercise any of these rights. To do so, please contact our Data Protection Officer at firstname.lastname@example.org or call 858.263.7966. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request. This request may be made no more than once per calendar year. Please be aware that not all information sharing is covered by the California privacy rights requirements and only information on covered sharing will be included in our response.
INFORMATION FOR EUROPEAN UNION CITIZENS
Your principal rights under the European Union General Data Protection Regulation (GDPR) are: (a) right of access; (b) right to rectification; (c) right to erasure; (d) right to restriction of processing; (e) right to data portability; and (f) right to object. You may file a complaint with the applicable supervisory authority if you believe we are not complying with applicable data protection laws.
To exercise these rights under GDPR, please contact our Data Protection Officer at email@example.com or call 858.263.7966. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request.
DATA STORAGE PERIOD
The Grande Colonial shall store your personal data for as long as it is needed to achieve the purpose of the use of data or when the statutory limitation period is over and the document storage period provided by law has come to an end (seven years as set out in Section 22.4.3 of Laws Pertaining to the California Innkeeper). To the extent permissible by applicable law, we will retain your personal information for such period as necessary to satisfy or to fulfill the following:
- the purposes for which that personal information was provided,
- an identifiable and ongoing business need, including record keeping, and/or
- a requirement to retain records that may be relevant to any notified regulatory investigations, to resolve disputes, enforce agreements, or for active legal proceedings.
Our Sites and services are not intended for children and we do not knowingly solicit or collect personal data from children. If we are notified or discover that a child under the age of 18 has submitted personal data to us, we will take reasonable steps to delete the information. Our Sites are not directed to or intended to be used by individuals under the age of 18. We may present information regarding kids programs on some of our Sites for the reference of adults that are interested in activities or programs for children. We do not knowingly collect personal information from anyone under the age of 18. If we are notified that we have collected or received personal information from a child under the age of 18, we will take reasonable steps to delete that information in accordance with applicable laws. If you are the parent or guardian of a child under the age of 18 and you believe your child has provided us personal information about themselves, please contact our Data Protection Officer at firstname.lastname@example.org or call 858.263.7966. We may require verification of your identity before further processing your request. In certain instances, we may be permitted by law to decline some or all of such request.
CHANGES TO THIS POLICY
We may update this policy from time to time. We will always post the then-current version of this policy on our Sites, and will indicate at the top of the policy the date on which the latest version took effect. Please review this policy from time-to-time to stay updated on our privacy practices.
QUESTIONS ABOUT THIS POLICY
If you have any questions about this policy or our privacy practices, please contact OUR Data Protection Officer at:
We will do our best to answer your questions and resolve your concerns.