Privacy Policy

1. Information We Collect

Personal Information You Provide

We collect personal information that you voluntarily provide to us when you engage with our services, including:

• Reservation Information: Name, contact details (address, email, phone number), date of birth, payment information, and special accommodation requests
• Gaming Activity: Player account information, gaming preferences, transaction history, rewards program participation, and win/loss statements as required by gaming regulations
• Dining & Entertainment: Restaurant reservations, dietary preferences, entertainment ticket purchases, and event attendance
• Spa & Wellness: Appointment bookings, treatment preferences, health considerations, and service feedback
• Loyalty Program: Membership details, preferences, reward redemptions, and program participation history
• Communication: Correspondence through email, phone, chat, or in-person interactions, including feedback, complaints, and customer service inquiries
• Marketing Preferences: Subscription choices for newsletters, promotional offers, and event notifications

Information Collected Automatically

When you visit our physical property or digital platforms, we automatically collect certain information:

• Website Analytics: IP address, browser type and version, device information, operating system, referring URLs, pages viewed, time spent on pages, and click-stream data
• Security & Surveillance: Video surveillance recordings throughout our property for safety, security, and regulatory compliance purposes
• Location Data: Geolocation information when you use our mobile applications or access location-based services (with your permission)
• Transaction Data: Details of payments, purchases, and financial transactions processed through our systems
• Access Logs: Entry and exit times, keycard usage, and facility access records for security and operational purposes

Information from Third Parties

We may receive information about you from various third-party sources:

• Credit reporting agencies and fraud prevention services for identity verification and risk assessment
• Marketing partners and data analytics providers to enhance our understanding of customer preferences
• Social media platforms when you choose to interact with our social media presence
• Business partners, affiliates, and co-marketing entities with whom we have collaborative relationships
• Gaming regulatory authorities as required for compliance with casino operations regulations

2. How We Use Your Information

We use the collected information for various legitimate business purposes:

Service Delivery & Operations

• Process and manage hotel reservations, check-ins, and guest services
• Facilitate gaming activities and maintain accurate player account records
• Coordinate dining reservations, spa appointments, and entertainment bookings
• Provide personalized services based on your preferences and history
• Manage our loyalty rewards program and deliver member benefits
• Process payments, prevent fraud, and ensure transaction security

Communication & Marketing

• Send booking confirmations, service updates, and important property notifications
• Deliver promotional offers, special packages, and exclusive member benefits (with your consent)
• Distribute newsletters, event invitations, and resort updates
• Conduct surveys and gather feedback to improve our services
• Respond to inquiries, requests, and customer service needs

Legal & Regulatory Compliance

• Verify age and identity for gaming activities as mandated by New Jersey gaming laws
• Comply with anti-money laundering (AML) and know-your-customer (KYC) requirements
• Maintain records as required by casino gaming regulations and tax authorities
• Respond to legal processes, court orders, and regulatory inquiries
• Enforce our terms of service, house rules, and self-exclusion programs
• Report suspicious activities and transactions as required by law

Security & Safety

• Monitor premises through surveillance systems to ensure guest and employee safety
• Prevent fraud, theft, and other illegal activities
• Investigate security incidents and cooperate with law enforcement
• Maintain a safe and secure environment for all guests and staff
• Identify and manage individuals on self-exclusion or exclusion lists

Business Analytics & Improvement

• Analyze trends, preferences, and behavior to enhance our offerings
• Improve our website, mobile applications, and digital services
• Optimize operations, staffing, and resource allocation
• Develop new products, services, and amenities based on guest insights
• Conduct market research and competitive analysis

3. Information Sharing & Disclosure

We respect your privacy and only share your information in specific circumstances:

Service Providers & Business Partners

We may share information with trusted third-party service providers who assist us in operating our business:

• Payment Processors: To process credit card transactions and manage financial operations
• Technology Providers: Including cloud hosting, data storage, and IT infrastructure services
• Marketing Agencies: For email marketing, advertising campaigns, and promotional activities
• Analytics Providers: To analyze website usage, customer behavior, and business performance
• Booking Platforms: Third-party reservation systems and travel booking websites
• Customer Service: Call center operations and customer support platforms

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

Regulatory & Legal Authorities

• New Jersey Division of Gaming Enforcement and other gaming regulatory bodies
• Federal, state, and local law enforcement agencies when required by law
• Tax authorities for reporting and compliance purposes
• Financial crimes enforcement agencies for anti-money laundering compliance
• Courts and legal proceedings in response to subpoenas, court orders, or legal processes

Corporate Affiliates

We may share information with our parent company, subsidiaries, and affiliated entities for:

• Consolidated loyalty program management across properties
• Coordinated marketing and promotional activities
• Centralized customer service and support operations
• Shared technology infrastructure and data analytics

Business Transactions

In the event of a merger, acquisition, asset sale, or bankruptcy, your information may be transferred to the acquiring entity or involved parties. We will provide notice before your information becomes subject to a different privacy policy.

With Your Consent

We may share your information for any other purpose with your explicit consent or at your direction.

4. Data Security & Protection

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

• Encryption: Industry-standard SSL/TLS encryption for data transmission and storage
• Firewalls: Advanced firewall systems to prevent unauthorized access to our networks
• Access Controls: Multi-factor authentication and role-based access restrictions
• Secure Servers: Protected server infrastructure with regular security updates and patches
• Data Backup: Regular encrypted backups with secure off-site storage
• Intrusion Detection: Real-time monitoring systems to identify and respond to security threats

Physical Security

• Restricted access to facilities housing sensitive data and systems
• 24/7 security personnel and surveillance systems
• Secure document storage and disposal procedures
• Visitor access controls and logging systems

Organizational Measures

• Comprehensive employee training on data protection and privacy practices
• Strict confidentiality agreements for all staff members
• Regular security audits and vulnerability assessments
• Incident response plans and procedures
• Data protection impact assessments for new systems and processes

5. Your Privacy Rights

You have important rights regarding your personal information:

Access & Portability

• Right to Access: Request access to the personal information we hold about you
• Data Portability: Request a copy of your data in a commonly used, machine-readable format
• Information Summary: Receive a summary of data processing activities

Correction & Update

• Right to Rectification: Request correction of inaccurate or incomplete information
• Profile Updates: Update your account preferences and contact information at any time

Deletion & Restriction

• Right to Erasure: Request deletion of your personal information (subject to legal obligations)
• Restriction of Processing: Request limitation of how we process your data in certain circumstances
• Account Closure: Close your loyalty account and request data deletion

Marketing & Communication

• Opt-Out Rights: Unsubscribe from marketing emails, SMS messages, and promotional communications
• Preference Management: Choose which types of communications you wish to receive
• Do Not Sell: Opt-out of any sale of personal information (we do not sell personal data)

Objection & Complaint

• Right to Object: Object to processing based on legitimate interests
• Automated Decisions: Request human review of automated decision-making processes
• Supervisory Authority: File a complaint with relevant data protection authorities

6. Data Retention

We retain your personal information for different periods depending on the purpose and legal requirements:

Retention Periods

• Reservation Data: Retained for 7 years for accounting, tax, and operational purposes
• Gaming Records: Retained for 5 years as required by New Jersey gaming regulations
• Financial Transactions: Retained for 7 years to comply with tax and financial reporting requirements
• Marketing Data: Retained until you opt-out or close your account, plus 2 years
• Security Footage: Typically retained for 30-90 days unless needed for investigations
• Customer Service Records: Retained for 3 years for quality assurance and training
• Legal Claims: Retained as long as necessary to defend against or pursue legal claims

Deletion & Anonymization

After the retention period expires, we securely delete or anonymize your personal information. Anonymized data may be retained indefinitely for statistical analysis and business intelligence purposes without identifying you.

7. Children's Privacy

Travel Oasis Journeys does not knowingly collect or solicit personal information from individuals under the age of 21. Our services, particularly gaming activities, are intended for adults who meet the legal gambling age requirement.

8. International Data Transfers

Your information may be transferred to, stored, and processed in locations outside your state or country, including jurisdictions that may have different data protection laws. When we transfer data internationally, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by regulatory authorities
• Adequacy decisions recognizing equivalent data protection standards
• Binding corporate rules for transfers within our corporate group
• Your explicit consent for specific transfers when required

9. Third-Party Websites & Services

Our website and services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party platforms.

We are not responsible for the privacy practices or content of third-party sites. We encourage you to review the privacy policies of any third-party services before providing your information. We do not endorse or make any representations about third-party websites or their privacy practices.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of personal information we collected from you
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell your data)
• Right to Non-Discrimination: Equal service and pricing regardless of privacy choices
• Authorized Agent: Designate an authorized agent to make requests on your behalf

California residents may contact us to exercise these rights at [email protected] or (609) 449-1000.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in:

• Our business practices and operational procedures
• Legal or regulatory requirements
• Technology and security standards
• Corporate structure or ownership
• Guest feedback and industry best practices

When we make material changes to this policy, we will:

• Post the updated policy on our website with a new "Last Updated" date
• Provide prominent notice on our homepage for 30 days
• Send email notifications to registered users (if email provided)
• Obtain your consent if required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after changes are posted constitutes acceptance of the updated policy.