Data controller. Identify the entity name, address, and contact (e.g. privacy email).
What we collect. Describe categories: contact form fields, technical logs, analytics (if any), language preference, booking-related data, etc.
Purpose and legal basis. Contract, legitimate interest, consent — as applicable.
Retention. How long you keep each category of data.
Recipients & transfers. Hosting, email, analytics vendors; transfers outside the EEA if relevant (safeguards).
Rights. Access, rectification, erasure, restriction, portability, objection, complaint to a supervisory authority.
Cookies & similar technologies. Summarise and link to your cookie policy.
Updates. How you notify users of material changes.
Contact. How to reach you for privacy requests.