Privacy Policy

1. Introduction

Northern Lights Resort ("we," "our," or "the Resort") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our resort, use our website, or interact with our services.

By staying at our resort or using our services, you consent to the data practices described in this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Information You Provide Directly

• Name, address, email address, and phone number
• Payment information (credit card details, billing address)
• Government-issued identification for check-in
• Reservation preferences and special requests
• Dietary restrictions and allergies
• Emergency contact information
• Feedback, reviews, and correspondence

2.2 Information Collected Automatically

• Check-in and check-out dates and times
• Room preferences and amenity usage
• Restaurant and spa service usage
• Activity participation and equipment rentals
• Security camera footage in public areas
• Website usage data (IP address, browser type, pages visited)
• Location data when using our mobile services

2.3 Information from Third Parties

• Travel agent or booking platform information
• Corporate account details for business travelers
• Social media information when you interact with our pages
• Credit check information for extended stays

3. How We Use Your Information

3.1 Reservation and Guest Services

• Process and confirm your reservations
• Provide accommodations and requested services
• Communicate about your stay and respond to inquiries
• Process payments and manage your account
• Provide concierge and activity booking services

3.2 Safety and Security

• Ensure the safety and security of guests and staff
• Prevent and detect fraud or unauthorized activities
• Comply with legal obligations and law enforcement requests
• Manage emergencies and contact emergency contacts if needed

3.3 Marketing and Communication

• Send promotional offers and newsletters (with your consent)
• Inform you about resort events and seasonal activities
• Conduct surveys and gather feedback
• Personalize your experience based on preferences
• Remarketing and advertising on third-party platforms

3.4 Business Operations

• Analyze usage patterns to improve our services
• Manage our loyalty and rewards programs
• Process job applications for employment
• Maintain business records and comply with legal requirements

4. Information Sharing and Disclosure

We do not sell or rent your personal information. We may share your information in the following circumstances:

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our resort, including:

• Payment processors and financial institutions
• Activity providers (dog sledding, tours, etc.)
• Transportation services
• Marketing and email service providers
• IT and security service providers

4.2 Legal Requirements

We may disclose information when required by law, court order, or government regulations, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change in ownership or control.

4.4 Consent

We may share your information with other parties when you provide explicit consent.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of sensitive data in transit and at rest
• Secure payment processing compliant with PCI-DSS standards
• Regular security audits and vulnerability assessments
• Employee training on data protection and privacy
• Physical security measures at our property
• Access controls and authentication requirements

Despite our efforts, no security system is impenetrable. We cannot guarantee the absolute security of your information.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Generally:

• Guest records: 7 years after your last stay
• Payment information: As required by financial regulations
• Marketing preferences: Until you unsubscribe or request deletion
• Security footage: 30-90 days unless needed for investigation
• Website analytics: 26 months

7. Your Rights and Choices

7.1 Access and Correction

You have the right to request access to the personal information we hold about you and to request corrections to any inaccurate information.

7.2 Opt-Out Rights

You may opt out of:

• Marketing emails by clicking the unsubscribe link
• Text messages by replying STOP
• Postal mailings by contacting us directly
• Cookies through your browser settings

7.3 Data Deletion

You may request deletion of your personal information, subject to our legal obligations to retain certain records.

7.4 Data Portability

You have the right to request a copy of your personal information in a structured, commonly used format.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience. These technologies help us:

• Remember your preferences and settings
• Analyze website traffic and usage patterns
• Provide personalized content and advertising
• Detect and prevent fraud

You can control cookies through your browser settings, though some features of our website may not function properly without cookies.

9. Children's Privacy

Our services are not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will promptly delete it. Parents or guardians who believe we may have information about a child under 13 should contact us immediately.

10. International Visitors

If you are visiting from outside the United States, please be aware that your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country. By using our services, you consent to this transfer and processing.

11. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to:

• Know what personal information we collect and how it's used
• Request deletion of personal information
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising privacy rights

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: