Skip to main content

Privacy Policy

Last Updated: January 2026

1. Introduction

Hotel Etuna ("we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, make a reservation, stay with us, or interact with our guest and operator services.

This policy complies with:

  • Namibia Data Protection Bill (when enacted)
  • Namibia Constitution Article 13 (Right to Privacy)
  • General Data Protection Regulation (GDPR) for international users
  • Namibia Electronic Transactions Act 2019
  • Industry best practices for data protection

2. Data Controller

Hotel Etuna is the data controller responsible for your personal data. For questions about this policy or your data rights, contact us:

Hotel Etuna
Email: admin@hoteletuna.com
Phone: +264 65 231 177
Address: 5544 Valley Street, Ongwediva, Namibia

3. Information We Collect

3.1 Reservation and Contact Information

When you make an inquiry or booking, we collect:

  • Name and contact information (email, phone)
  • Booking details (dates, room preference, occupancy, special requests)
  • Identity information needed for check-in and compliance
  • Payment information (processed securely through third-party providers)

3.2 Guest Stay Data

During your relationship with Hotel Etuna, we may process:

  • Guest names and contact details
  • Booking and reservation information
  • Payment information (processed securely)
  • Preferences and special requests
  • Communication history

Important: If you use operator-facing tools on behalf of another guest or organization, you are responsible for collecting and sharing data lawfully.

3.3 Usage Data

We automatically collect:

  • IP addresses and device information
  • Browser type and version
  • Platform usage patterns and analytics
  • Error logs and performance data

3.4 Cookies and Tracking

We use cookies and similar technologies. See our Cookie Policy for details.

4. How We Use Your Information

We use your data for the following purposes:

4.1 Service Provision

  • To provide and maintain hotel booking and guest services
  • To process bookings and reservations
  • To enable AI concierge services (Sofia AI)
  • To coordinate guest operations and property service delivery

4.2 Legal Basis (GDPR)

We process your data based on:

  • Contractual necessity: To fulfill our service agreement
  • Legal obligation: To comply with applicable laws
  • Legitimate interests: To improve our services and ensure security
  • Consent: Where you have provided explicit consent

4.3 Communication

  • To send service-related notifications
  • To respond to your inquiries
  • To provide customer support
  • To send important updates about bookings, stays, and policy changes

4.4 Analytics and Improvement

  • To analyze website and service usage patterns
  • To improve guest experience and operational reliability
  • To detect and prevent fraud or abuse

5. Data Sharing and Disclosure

We do not sell your personal data. We may share data only in these circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who:

  • Host our infrastructure (with data processing agreements)
  • Process payments (PCI-DSS compliant)
  • Provide analytics services
  • Deliver email and communication services

All service providers are contractually bound to protect your data.

5.2 Legal Requirements

We may disclose data when required by:

  • Namibia laws and regulations
  • Court orders or legal processes
  • Government authorities
  • To protect our rights, property, or safety

5.3 Business Transfers

In the event of a merger, acquisition, or sale, your data may be transferred to the new entity, subject to the same privacy protections.

6. Data Security

We implement industry-standard security measures:

  • Encryption: Data in transit (TLS/SSL) and at rest
  • Access Controls: Role-based access and authentication
  • Regular Audits: Security assessments and penetration testing
  • Data Backup: Regular encrypted backups
  • Incident Response: Procedures for data breach response

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your data only as long as necessary:

  • Reservation Data: For the duration of booking management and required follow-up periods
  • Guest Data: As needed to deliver services and comply with legal obligations
  • Legal Requirements: As required by applicable laws
  • Analytics Data: Aggregated and anonymized data may be retained longer

When data is no longer required, we delete or anonymize it within a reasonable period, except where retention is required by law.

8. Your Data Rights

You have the following rights regarding your personal data:

8.1 Right to Access

You can request a copy of your personal data we hold.

8.2 Right to Rectification

You can request correction of inaccurate or incomplete data.

8.3 Right to Erasure

You can request deletion of your data, subject to legal retention requirements.

8.4 Right to Restrict Processing

You can request we limit how we process your data.

8.5 Right to Data Portability

You can request your data in a structured, machine-readable format.

8.6 Right to Object

You can object to processing based on legitimate interests.

8.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

To exercise these rights, contact us at admin@hoteletuna.com. We will respond within 30 days (or as required by applicable law).

9. International Data Transfers

Your data may be processed and stored outside Namibia, including in countries that may not have the same data protection laws. When we transfer data internationally, we ensure:

  • Appropriate safeguards are in place (e.g., Standard Contractual Clauses for GDPR)
  • Data is processed in accordance with this Privacy Policy
  • Security measures are maintained

For GDPR-covered transfers, we comply with Chapter V of the GDPR regarding international transfers.

10. Children's Privacy

Our website and services are not intended for independent use by individuals under 18 years of age. We do not knowingly collect personal data from children without lawful basis. If you believe we have collected such data in error, please contact us immediately.

11. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant supervisory authority within 72 hours (GDPR requirement)
  • Notify affected users without undue delay
  • Provide information about the nature of the breach and steps taken
  • Comply with Namibia data protection requirements when the Data Protection Bill is enacted

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • Email notification to registered users
  • Notice on the Platform
  • Updated "Last Updated" date

Continued use of our website and hotel services after changes constitutes acceptance of the updated policy.

13. Contact Us

For questions, concerns, or to exercise your data rights, contact us:

Data Protection Officer
Hotel Etuna
Email: admin@hoteletuna.com
Phone: +264 65 231 177
Address: 5544 Valley Street, Ongwediva, Namibia

For GDPR-related inquiries, you also have the right to lodge a complaint with your local data protection authority.

14. Related Policies

This Privacy Policy should be read together with: