Privacy Policy

Personal Details You Give Us

When you book a stay or sign up for our workshops, we'll ask for things like:

• Your name and contact info (email, phone number)
• Mailing address for billing and correspondence
• Payment card details (we don't store full card numbers though - more on that later)
• Special requests or preferences (like room location, dietary needs for our restaurant, etc.)
• Emergency contact information if you're staying with us

Stuff We Collect Automatically

Like most websites these days, we gather some technical info when you visit:

• Your IP address and general location (city/region level - we're not tracking your exact coordinates)
• Browser type and device info
• Pages you visit and how long you hang out on them
• Where you came from (like if you clicked a link from another site)
• Cookies and similar tracking tech (there's a whole section on this below)

Info From Your Stay

If you're a guest at the hotel, we might also collect:

• Check-in/check-out dates and room preferences
• Services you use (spa appointments, workshop registrations, restaurant reservations)
• Feedback and reviews you share with us
• Photos or content if you participate in our social media initiatives (always with your permission)

We don't ask for stuff we don't need. If something seems optional, it genuinely is - we won't penalize you for skipping those fields.

Alright, so what do we actually do with all this info? Here's the rundown:

The Essential Stuff

• Processing your bookings - Pretty obvious, but we need your details to reserve your room or workshop spot
• Payment processing - Gotta handle transactions securely
• Communicating with you - Confirmation emails, pre-arrival info, answering your questions
• Providing the services you booked - Whether that's a room, spa treatment, or blacksmithing class
• Legal compliance - Tax records, safety regulations, that sort of thing

Making Your Experience Better

• Personalizing your stay - Remembering you prefer a ground-floor room or take your coffee black
• Sending relevant updates - New workshop offerings, seasonal spa packages (only if you've opted in)
• Improving our services - Analyzing trends to figure out what's working and what needs tweaking
• Customer support - Helping resolve any issues or concerns during or after your visit

Marketing (With Your Permission)

We'd love to keep you in the loop about special offers and events, but only if you want us to. You can:

• Opt in or out at any time
• Choose which types of messages you want
• Unsubscribe from marketing emails with one click

Important note: Even if you unsubscribe from marketing, we'll still send you essential stuff like booking confirmations and receipts - we kinda have to.

Let's be crystal clear: we do not sell your personal information. Period.

That said, running a hotel and spa means we sometimes need to share certain info with trusted partners who help us operate. Here's who might see your data and why:

Service Providers We Work With

• Payment processors - To handle credit card transactions securely
• Booking platforms - If you found us through a travel site, they'll have your reservation details
• Email service providers - For sending you confirmations and newsletters
• Cloud hosting services - Where we securely store our data
• Accounting software - For financial records and tax compliance

Local Artisan Partners

Our workshop instructors (potters, blacksmiths, woodworkers) might receive your name and contact info if you've signed up for their classes - but only the minimum they need to run the session.

Legal Requirements

We might have to disclose information if:

• Required by Canadian law or legal process
• Necessary to protect someone's safety
• To prevent fraud or illegal activity
• As part of a business transfer (like if we were ever sold - though we're family-owned and not planning on that!)

All our partners are contractually obligated to protect your data and can only use it for the specific purposes we've authorized. We vet them carefully.

Okay, let's talk cookies - and nope, not the kind from our bakery (though those are excellent too).

What Are Cookies Anyway?

They're tiny text files that get stored on your device when you visit websites. They help us remember stuff about your visit so the site works better for you.

Types of Cookies We Use

Managing Your Cookie Preferences

You're in control here. You can:

• Adjust settings in your browser to block or delete cookies
• Use our cookie preference tool (that banner you saw when you first visited)
• Opt out of third-party advertising cookies through industry opt-out pages

Fair warning: If you block all cookies, some parts of the site might not work properly - especially the booking system. The essential ones are really, well, essential.

Under Canadian privacy laws (PIPEDA) and GDPR (for our European guests), you've got some solid rights when it comes to your personal data. Here's what you can do:

Access Your Data

Want to know what information we have about you? Just ask. We'll provide a copy of your personal data we're holding. First request is free - though if you ask for like the 10th copy in a month, we might charge a small admin fee.

Correct Inaccurate Information

If something's wrong or outdated, let us know and we'll fix it. Easy peasy.

Delete Your Data

Also known as the "right to be forgotten." You can ask us to delete your personal info, and we will - unless we legally have to keep it (like tax records or if there's an ongoing legal matter).

Object to Processing

Not cool with how we're using your data for something? You can object. We'll stop unless we have a compelling legal reason to continue.

Restrict Processing

Ask us to limit how we use your data in certain circumstances - like if you're challenging the accuracy of the information.

Data Portability

Want to take your data elsewhere? We can provide it in a commonly-used, machine-readable format.

Withdraw Consent

Changed your mind about marketing emails or other optional stuff? You can withdraw consent anytime. Won't affect anything we did with your permission before you withdrew it, but we'll stop going forward.

How to Exercise These Rights

Just reach out to us:

• Email: reservations@quanattyraforge.info
• Phone: (905) 847-2940
• Mail: 1847 Heritage Lane, Niagara-on-the-Lake, ON L0S 1J0, Canada

We'll respond within 30 days. If we need more time (complex requests happen), we'll let you know.

Not happy with our response? You can file a complaint with the Office of the Privacy Commissioner of Canada or your local data protection authority.

Look, we take security seriously. Our building might be from 1847, but our data protection is definitely 21st century.

Technical Safeguards

• SSL/TLS encryption - Your data is encrypted when transmitted between your browser and our servers (that's the little padlock in your address bar)
• Secure payment processing - We use PCI-DSS compliant payment processors. We never see or store your full credit card details
• Regular security updates - Our systems and software are kept current with the latest security patches
• Firewalls and intrusion detection - Multiple layers of protection against unauthorized access
• Data encryption at rest - Information stored in our databases is encrypted

Organizational Measures

• Limited access - Only staff who actually need access to personal data get it
• Staff training - Everyone on our team is trained on privacy and data protection
• Confidentiality agreements - All employees sign agreements protecting guest information
• Regular audits - We review our security practices and procedures regularly

What We Ask From You

Security is a two-way street. Please help us out by:

• Using a strong, unique password if you create an account
• Not sharing your login credentials
• Being cautious of phishing emails (we'll never ask for your password via email)
• Letting us know immediately if you think your account has been compromised

In Case of a Breach

Despite our best efforts, no system is 100% secure. If we ever experience a data breach that affects your personal information, we'll notify you and the relevant authorities as required by law - and we'll be transparent about what happened and what we're doing about it.

We don't keep your info forever - that'd be weird and unnecessary. Here's our approach:

Booking & Guest Records

We keep reservation and stay information for 7 years after your visit. Why so long? Mostly for tax and accounting requirements - Canadian law makes us. After that, it gets securely deleted unless there's a specific legal reason to keep it.

Payment Information

Financial transaction records stick around for 7 years too (again, tax law stuff). But remember, we don't actually store your full credit card details - those live with our payment processor.

Marketing Communications

If you're on our mailing list, we'll keep your contact info until you unsubscribe or until you've been inactive for 3 years. If you haven't opened an email from us in that time, we figure you're not interested and we'll remove you.

Account Information

If you created an online account but never used it, we'll delete it after 2 years of inactivity. We'll send you a heads-up email first though.

Website Analytics

Anonymous browsing data gets aggregated and retained for 26 months, then deleted. This helps us spot long-term trends without hanging onto individual user data indefinitely.

Special Circumstances

We might keep data longer if:

• There's an ongoing legal matter or investigation
• You've