Rainforest is located in Franz Josef Village close to the glacier of the same name on New Zealand’s West Coast, 5 hours drive from both Christchurch and Queenstown airports. Rainforest is committed to environmental stewardship and is proud to promote the Tiaki Promise.
Minimising Our Footprint
We care deeply about this land, so while we aim to take huge strides we endeavour to leave few footprints.
As a proud New Zealand owned and operated company we have a strong investment in maintaining the nature and diversity of this beautiful land. Our environmental focus is a conscious choice but one that also feels completely natural when we acknowledge how integral the health of the planet is to all of us. This commitment is not only written into our company core values but is actively practiced through our purchasing, processes and guest services.
We have numerous sustainable measures in place, many you will notice, many you will not. We are constantly reviewing all aspects of our business to see how we can lesson our footprint. If you see an opportunity we may have missed, or would like to share an idea with us, we would love to hear from you. Please email me personally with your comments or suggestions,
General Manager and head of Rainforest sustainability
Tiaki means to care for People and Place.
Rainforest is proud to promote the Tiaki Promise.
New Zealand is precious, and everyone who lives and travels here has a responsibility to look after it. The Tiaki Promise is a commitment to care for New Zealand, for now and for future generations.
By following the Tiaki Promise, you are making a commitment to New Zealand. To act as a guardian, protecting and preserving our home.
Nau Mai, Haere Mai Ki Aotearoa, Welcome to New Zealand.
Terms and Conditions
All rates displayed are in NZ dollars and are inclusive of taxes.
We use dynamic pricing and the price of our rooms, products and services fluctuates based on demand and other factors. Before confirming a reservation or purchase, we will provide you with a total price for the requested number of rooms and nights, together with the charges for any additional products or services you may have added. Depending on the room rate selected, payment may be due at the time the reservation is made through our site or at a later date, such as upon check-in at the hotel.
Unless otherwise indicated extras such as breakfast and other gratuities are not included in the rate but you may be able to add them to your reservation during the booking process or they may be available to you during your stay.
Payment of the full booking amount plus a security deposit is taken as a credit card pre-authorisation at check-in. The pre-authorised amount is set aside by the credit card company until check-out when we complete payment, release the security deposit and charge any additional room charges. This payment will be taken from the credit card registered to the booking unless otherwise organised.
Guests wishing to pay with debit card or cash must pre-pay the full booking amount at check-in. A credit card is still required for the security deposit pre-authorisation. Please see below for further information about pre-authorisation.
Rainforest Retreat are not responsible for currency conversion and therefore any questions regarding currency conversion must be directed to your credit card company.
PRE-AUTHORISATION & DEPOSIT
All reservations must be guaranteed with a valid credit card at time of booking. We pre-authorise all credit cards for a nominal amount on the day of booking to check for validity and sufficiency of funds. Please note this process validates the presented credit card, and protects both the cardholder and merchant from increasing fraud incidents. A deposit is not required at time of booking, except for Agent and Advance Rate Group Bookings.
We may pre-authorise a credit card for any charges we determine that the guest may be likely to consume during their stay. This may also include an amount to cover a security bond / deposit for damages. The pre-authorised amount is set aside by the credit card company for a period of up to 10-days. The pre-authorisation will affect your available funds and / or spending limit. For more information on this practice we suggest the cardholder contact their card issuer. No money is taken from your credit card but it will show as a ‘Pending Transaction’ and you may choose to use a different payment type to pay your final bill.
We require minimum of 48 hours’ notice prior to the date of arrival for all cancellations or amendments to accommodation reservations.
Any change to the arrival date, departure date or room type of this reservation is subject to the hotels’ availability at the time the change is requested and may result in a possible rate change or an additional fee.
Non-refundable bookings have no option to cancel or receive a refund at a later date.
Bookings made via an online agent such as Booking.com, Expedia or Ctrip must be cancelled by the guest via this agent before Rainforest Retreat is able to formally cancel the booking.
Rainforest Retreat will operate within the Consumer Guarantees Act & Fair-Trading Act.
OUR RIGHT TO CANCEL
We may cancel your reservation at any time with immediate effect by giving you written notice (which includes e-mail) if you do not pay us when you are required to do so or you breach the contract between us in any other material way. If we cancel your reservation where you are at fault, we reserve our legal rights in respect of your breach of contract.
We may also cancel your reservation if an event outside of our control (including industrial action, acts of terrorism, explosion, fire, flooding, and failure of power and/or water supplies or emergency evacuation) means that we are unable to make your room available to you. In such event we will contact you to let you know as soon as possible and if you have already paid for your room, we will refund your payment to you, or if you have not yet paid for your room, you will not have to make any payment to us.
Save as set out above, we will not be liable or responsible for any failure to perform, or delay in performance of, any of our obligations that is caused by an event outside of our control. Such limitation of liability does not affect your statutory rights.
THIRD PARTY BOOKINGS
Bookings made through a third-party website are subject to that site’s terms and conditions. Please be aware these may differ from ours.
MAXIMUM ROOM OCCUPANCY
The maximum number of guests per room type is clearly specified on our website and via all our online agent sites. Failure to book appropriate rooms/bed numbers for your group may result in members of your party being turned away and/or penalty charges.
Guests must be at least 18 years old in order to make a reservation or complete a purchase through our site or any other booking channel. In using this website and submitting credit card details you represent and warrant that you are of sufficient age to create a legal binding obligation for any liability incurred. For the avoidance of doubt, any persons aged 17 years or younger must be accompanied by a parent or guardian for the duration of their stay in our hotel.
All guests must provide valid identification in the form of a Driver’s License or Passport at check-in.
PRIVACY OF INFORMATION – WEBSITE USE
Rainforest Retreat recognises the privacy concerns of its customers, clients, guests, contacts and the users of its website. We store your details in our Property Management System as a profile. Which in the future can be used for any other bookings which will already have your preferences mentioned so we can cater all your needs.
Check-in is from 3pm.
If you arrive earlier on the date of your stay we are more than happy to hold your bags for you until your room is available.
Early check-in is subject to availability on the day of arrival.
We require valid photo identification on check-in in the form of Driver’s License or Passport and evidence of your booking reference for bookings made via travel agents and OTA websites.
The guest is not entitled to the provision of specific rooms unless the Hotel has confirmed this in writing.
We request that guests advise us of late arrival plans (arrival times after 20.00 NZT) prior to date of arrival. In these instances directions on how to obtain the room key will be informed by the Rainforest Retreat Reservations Team.
Entrance into the Rainforest Retreat building will be treated as an acceptance to our terms and conditions
In the event that the (a) guest does not arrive for their booking, the booking will be cancelled in its entirety at 09.00 NZT on the morning after the reservations set arrival date. Rainforest Retreat shall inform the guest of charges payable, which may range from the cost of one to two nights depending on the length of booking. The Hotel is not obliged to keep the room/apartment available after this time.
If remaining nights are required by the guest, the guest must notify the Hotel before 09.00 NZT and request that the Hotel sends an updated confirmation with amended dates of the reservation in writing. The remaining nights will then function as a new booking and the same No Show terms will apply.
Check-out time is 11am. We request that guests fully vacate the apartment by this time. Belongings cannot be stored in the apartment after this time however we have secure storage available on request.
Late check-out is subject to availability, must be pre-arranged and may incur additional charges.
If you wish to extend your stay please contact the team with as much notice as possible; extensions are subject to availability and may result in a room move. If you wish to shorten your stay this must be done with at least 24 hours’ notice of your new check-out date.
Any delays in vacating room after 11am will result in an additional delay fee on the top of the room rate.
All non-guest visitors must be met by a named guest and signed in at reception before accessing the building. The named guest is responsible for the visitor whilst onsite and liable for any damages, and room fees for that the visitor incurs.
There is a maximum of two non-guest visitors allowed access to the building per room/apartment unless otherwise pre-authorised with management. These visitors must be signed out by 10pm in compliance with our Fire and Egress process.
If Rainforest Retreat guests wish to add extra people to their room occupancy this must be pre-arranged with the front desk team and must not exceed the capacity of their room/apartment.
Smoking is not permitted inside any part of Rainforest Retreat buildings, this includes the use of vapes. There are designated areas for smokers outside the building. Any guest who smokes inside the rooms are liable to pay a cleaning fee. Any guest suspected or caught altering with smoke detectors or sprinklers will be asked to leave the property immediately without refund.
FIRE ALARM CHARGES
Our fire alarms are automatically connected to the fire service. If there is evidence to suggest that a heat or smoke sensor has been set off purposefully or through a guest’s active negligence, heavy use of aerosol products or smoking/vaping in the building the guest will be liable to pay the fire service call out charge (NZ$1200). Any guest suspected or caught altering with smoke detectors or sprinklers will be asked to leave the property immediately without refund.
STRONG ODOUR FOODS
We ask guests to refrain from cooking strong odour foods (shellfish, fish, cabbage) in their apartment/room. If an apartment/room is left uninhabitable after check-out due to strong odour we reserve the right to charge the guest a cleaning fee.
For a stress-free stay for all our guests in the hotel, Rainforest Retreat requests that you be mindful of other guests trying to rest. After 10pm we request you to respect all other guests and keep the noise level to a minimum. Should we receive any noise-complaints this will be considered as a first warning and if repeated, we reserve the right to ask you to leave the hotel premises quietly. We have the right to ask guests to leave, without refund, should inappropriate and/or threatening behaviour be observed.
a) The hotel is liable with due care and diligence of a prudent businessman for its contractual obligations. The guest has no right to claim for compensation. This does not apply to damage due to injury of life, body or health, if the hotel is responsible for the breach of duty, other damages based on deliberate or gross breach of duty of the hotel and damages based on deliberate or negligent offence of contractual obligations of the hotel. A breach of duty of the hotel is on par with a legal representative or a vicarious agent. Should there be any disturbance or imperfection in service, the hotel will resolve the matter upon knowledge or reproach by the guest. The guest is obliged to make a reasonable contribution in order resolve the problem and to minimize the possible damage.
We are liable to you as a result of our breach of these Purchase Terms for reasons within our control, we shall only be liable for losses that are direct losses and a reasonably foreseeable consequence of such breach.
b) Except as prohibited by applicable law or as set out in the “LIMITATION OF OUR LIABILITY” section, our maximum liability to you, whether in contract, tort (including negligence) or for breach of statutory duty shall in no event exceed the price of your reservation and purchase, if applicable, unless the Hotel Proprietors Act 1956 applies, in which case our liability will be limited to the maximum prescribed under that Act.
c) Messages, correspondence and consignments for guests are handed with due care. The hotel will take care of the delivery, storage and (if requested) forwarding at the guest’s costs. The client has no right to claim for compensation except in the case of intent or gross negligence.
DAMAGE & THEFT
If you or any member or invitee of your group causes damage to the hotel, removes hotel property, injures other guests or their property, or otherwise breaches any of these Purchase Terms, we reserve the right to:
- Cancel your reservation with immediate effect and (if appropriate) eject you from the hotel.
- Retain all sums paid by you and/or charge you the full amount of your reservation.
- Charge for any damage, loss of revenue, missing hotel property, handling fees.
- Refuse future reservations from you and/or refuse you entry or accommodation at any of our hotels.
We will not be liable for any refund or compensation in such circumstances.
Belongings that are left at Rainforest Retreat will be securely stored for up to 6 weeks. After this time items will be donated to our favoured local charity. Rainforest Retreat are not liable for lost property and storage.
If you believe you have left behind any of your personal belongings, please contact the hotel reception so this can be traced and returned to you as soon as possible.
Guests are liable for handling, postage and courier costs or charges for returning lost property. Alternatively, lost property can be collected in person from the Hotel Front Desk.
Where a guest feels that we have not responded adequately to an enquiry, or otherwise wishes to raise a dispute with us, guests can contact us at [email protected] We will endeavour to resolve the matter promptly.
Rainforest Retreat strongly recommend that at the time of booking you purchase comprehensive travel insurance to cover items including but limited to: loss of booking amount through cancellation, loss or damage to personal luggage or possessions, loss of money and medical expenses.
When you post and/or tag any social media content (including, without limitation, photos, text, graphics, audio, video, location information, comments or any other materials) in relation to Rainforest Retreat on social media sites (such as Instagram or Facebook) (“Social Content”), we may request your permission to use this Social Content in connection with our business. Such use may be in conjunction with our website, electronic media and/or print material.
By consenting to our request to use your Social Content, you agree to us publishing your name or username associated with that content, and using all or any of your Social Content.
You agree, represent and warrant that:
- You own, or have obtained from third parties, all appropriate rights in your Social Content.
- The Authorised Entities’ use of your Social Content will not violate the intellectual, proprietary or other rights of any third party, or any applicable law.
- The Social Content is not libellous, defamatory, obscene, pornographic, abusive, indecent, threatening, hateful, offensive or other unlawful.You release the Authorised Entities from any liability relating to its use of your Social Content in accordance with these Social Media Terms.
ACCESSING OUR SITE
Our site is made available free of charge. However, if you access our site through a mobile device, your mobile service provider may apply additional charges.
We do not guarantee that our site, or any content on it, will always be available or be uninterrupted. Access to our site is permitted on a temporary basis. We may suspend, withdraw, discontinue or change all or any part of our site without notice. We will not be liable to you if for any reason our site is unavailable at any time or for any period.
You agree not to use our site or transmit any information or communications to or through our site in a manner that violates any domestic or international law or is (or is intended to be) fraudulent or abusive. All information or communications transmitted to or through our site must not: contain any defamatory, libellous or obscene material, as determined by us; infringe upon the rights of any third party; or contain or otherwise constitute junk mail, spam, solicitations (commercial or non-commercial) or bulk communications of any kind.
We and our affiliates may cancel or modify any transaction (or any part thereof) where it appears that you have engaged in fraudulent or inappropriate activity or where it appears that the transaction contains or resulted from a mistake or error.
We (by ourselves or through our affiliates) are the owner, licensee or permitted user of the intellectual property rights in our site and of the content and material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.
You must not use any part of our site for commercial purposes without obtaining a licence to do so from us or, as the case may be, our licensors.
You must not copy, display, modify, download, reproduce or transfer to a third party any of the content or materials on our site in any way without our prior written permission. However, unless otherwise stated on our site, you may print and/or download an extract of any page(s) from our site for your personal use provided you: do not modify the printed copies or extracts; do not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text; and ensure that our status (and that of any identified licensors or contributors) as the owners of content on our site is acknowledged. If you breach this provision, your right to use our site will cease immediately and you must, at our option, return or destroy any printed copies or downloaded extracts of our site.
The trademarks, trade names, logos and trade dress displayed on our site (collectively, the “Trademarks”) are registered and/or common law Trademarks of us, our affiliates and various third parties as the case may be.
Rainforest Retreat believes that the responsible use of personal information collected on its website is critical to its business objectives and reputation. As part of our commitment to privacy, we have adopted this Online Privacy Statement.
The extent and type of information we receive from you on our website depends on what you do when visiting our sites. If you visit our site to read or download information, such as news stories or articles, much of the information we collect — such as the domain from which you access the Internet, the date and time you access our site, and the Internet address of the Web site from which you linked directly to our site –is statistical only and not personally identifiable. We use information about the number of visitors and their use of the site in aggregate form to make our site more useful and attractive to you.
We use personally identifiable information to respond to your requests and to provide you with information about Rainforest Retreat’s services. For example, if you send us an e-mail message requesting information about Rainforest Retreat, we may use your e-mail address and other information you supply to respond to your request. We do not share personal information with third parties except as necessary to carry out our business or as required by law or other legal processes, and we will never sell your personal information.
The data protection declaration of the Rainforest Retreat Ltd is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection declaration, we use, inter alia, the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Rainforest Retreat Ltd
46 Cron St
7886 Franz Josef
Phone: 0064 03 752 0220
Email: [email protected]
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
The website of the Rainforest Retreat Ltd collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.
When using these general data and information, the Rainforest Retreat Ltd does not draw any conclusions about the data subject. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisement, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the Rainforest Retreat Ltd analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
The data subject has the possibility to register on the website of the controller with the indication of personal data. Which personal data are transmitted to the controller is determined by the respective input mask used for the registration. The personal data entered by the data subject are collected and stored exclusively for internal use by the controller, and for his own purposes. The controller may request transfer to one or more processors (e.g. a parcel service) that also uses personal data for an internal purpose which is attributable to the controller.
By registering on the website of the controller, the IP address—assigned by the Internet service provider (ISP) and used by the data subject—date, and time of the registration are also stored. The storage of this data takes place against the background that this is the only way to prevent the misuse of our services, and, if necessary, to make it possible to investigate committed offenses. Insofar, the storage of this data is necessary to secure the controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.
The registration of the data subject, with the voluntary indication of personal data, is intended to enable the controller to offer the data subject contents or services that may only be offered to registered users due to the nature of the matter in question. Registered persons are free to change the personal data specified during the registration at any time, or to have them completely deleted from the data stock of the controller.
The data controller shall, at any time, provide information upon request to each data subject as to what personal data are stored about the data subject. In addition, the data controller shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations. The entirety of the controller’s employees are available to the data subject in this respect as contact persons.
The website of the Rainforest Retreat Ltd contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
The Rainforest Retreat Ltd offers users the possibility to leave individual comments on individual blog contributions on a blog, which is on the website of the controller. A blog is a web-based, publicly-accessible portal, through which one or more people called bloggers or web-bloggers may post articles or write down thoughts in so-called blogposts. Blogposts may usually be commented by third parties.
If a data subject leaves a comment on the blog published on this website, the comments made by the data subject are also stored and published, as well as information on the date of the commentary and on the user’s (pseudonym) chosen by the data subject. In addition, the IP address assigned by the Internet service provider (ISP) to the data subject is also logged. This storage of the IP address takes place for security reasons, and in case the data subject violates the rights of third parties, or posts illegal content through a given comment. The storage of these personal data is, therefore, in the own interest of the data controller, so that he can exculpate in the event of an infringement. This collected personal data will not be passed to third parties, unless such a transfer is required by law or serves the aim of the defense of the data controller.
The comments made in the blog of the Rainforest Retreat Ltd may be subscribed to by third parties. In particular, there is the possibility that a commenter subscribes to the comments following his comments on a particular blog post.
If a data subject decides to subscribe to the option, the controller will send an automatic confirmation e-mail to check the double opt-in procedure as to whether the owner of the specified e-mail address decided in favor of this option. The option to subscribe to comments may be terminated at any time.
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.
If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.
a) Right of confirmation
Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her are being processed. If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact any employee of the controller.
b) Right of access
Each data subject shall have the right granted by the European legislator to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the data subject, or to object to such processing;
- the existence of the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for the data subject.
Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to avail himself of this right of access, he or she may, at any time, contact any employee of the controller.
c) Right to rectification
Each data subject shall have the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact any employee of the controller.
d) Right to erasure (Right to be forgotten)
Each data subject shall have the right granted by the European legislator to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
- The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
- The data subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR.
- The personal data have been unlawfully processed.
- The personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.
- The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
If one of the aforementioned reasons applies, and a data subject wishes to request the erasure of personal data stored by the Rainforest Retreat Ltd, he or she may, at any time, contact any employee of the controller. An employee of Rainforest Retreat Ltd shall promptly ensure that the erasure request is complied with immediately.
Where the controller has made personal data public and is obliged pursuant to Article 17(1) to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform other controllers processing the personal data that the data subject has requested erasure by such controllers of any links to, or copy or replication of, those personal data, as far as processing is not required. An employees of the Rainforest Retreat Ltd will arrange the necessary measures in individual cases.
e) Right of restriction of processing
Each data subject shall have the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
- The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims.
- The data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
If one of the aforementioned conditions is met, and a data subject wishes to request the restriction of the processing of personal data stored by the Rainforest Retreat Ltd, he or she may at any time contact any employee of the controller. The employee of the Rainforest Retreat Ltd will arrange the restriction of the processing.
f) Right to data portability
Each data subject shall have the right granted by the European legislator, to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. He or she shall have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to assert the right to data portability, the data subject may at any time contact any employee of the Rainforest Retreat Ltd.
g) Right to object
Each data subject shall have the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR. This also applies to profiling based on these provisions.
The Rainforest Retreat Ltd shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
If the Rainforest Retreat Ltd processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing. This applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to the Rainforest Retreat Ltd to the processing for direct marketing purposes, the Rainforest Retreat Ltd will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to his or her particular situation, to object to processing of personal data concerning him or her by the Rainforest Retreat Ltd for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In order to exercise the right to object, the data subject may contact any employee of the Rainforest Retreat Ltd. In addition, the data subject is free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use his or her right to object by automated means using technical specifications.
h) Automated individual decision-making, including profiling
Each data subject shall have the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her, as long as the decision (1) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, or (3) is not based on the data subject’s explicit consent.
If the decision (1) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (2) it is based on the data subject’s explicit consent, the Rainforest Retreat Ltd shall implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express his or her point of view and contest the decision.
If the data subject wishes to exercise the rights concerning automated individual decision-making, he or she may, at any time, contact any employee of the Rainforest Retreat Ltd.
i) Right to withdraw data protection consent
Each data subject shall have the right granted by the European legislator to withdraw his or her consent to processing of his or her personal data at any time.
If the data subject wishes to exercise the right to withdraw the consent, he or she may, at any time, contact any employee of the Rainforest Retreat Ltd.
The data controller shall collect and process the personal data of applicants for the purpose of the processing of the application procedure. The processing may also be carried out electronically. This is the case, in particular, if an applicant submits corresponding application documents by e-mail or by means of a web form on the website to the controller. If the data controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the controller, the application documents shall be automatically erased two months after notification of the refusal decision, provided that no other legitimate interests of the controller are opposed to the erasure. Other legitimate interest in this relation is, e.g. a burden of proof in a procedure under the General Equal Treatment Act (AGG).
On this website, the controller has integrated components of the enterprise Facebook. Facebook is a social network.
A social network is a place for social meetings on the Internet, an online community, which usually allows users to communicate with each other and interact in a virtual space. A social network may serve as a platform for the exchange of opinions and experiences, or enable the Internet community to provide personal or business-related information. Facebook allows social network users to include the creation of private profiles, upload photos, and network through friend requests.
The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. If a person lives outside of the United States or Canada, the controller is the Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
With each call-up to one of the individual pages of this Internet website, which is operated by the controller and into which a Facebook component (Facebook plug-ins) was integrated, the web browser on the information technology system of the data subject is automatically prompted to download display of the corresponding Facebook component from Facebook through the Facebook component. An overview of all the Facebook Plug-ins may be accessed under https://developers.facebook.com/docs/plugins/. During the course of this technical procedure, Facebook is made aware of what specific sub-site of our website was visited by the data subject.
If the data subject is logged in at the same time on Facebook, Facebook detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-site of our Internet page was visited by the data subject. This information is collected through the Facebook component and associated with the respective Facebook account of the data subject. If the data subject clicks on one of the Facebook buttons integrated into our website, e.g. the “Like” button, or if the data subject submits a comment, then Facebook matches this information with the personal Facebook user account of the data subject and stores the personal data.
Facebook always receives, through the Facebook component, information about a visit to our website by the data subject, whenever the data subject is logged in at the same time on Facebook during the time of the call-up to our website. This occurs regardless of whether the data subject clicks on the Facebook component or not. If such a transmission of information to Facebook is not desirable for the data subject, then he or she may prevent this by logging off from their Facebook account before a call-up to our website is made.
The data protection guideline published by Facebook, which is available at https://facebook.com/about/privacy/, provides information about the collection, processing and use of personal data by Facebook. In addition, it is explained there what setting options Facebook offers to protect the privacy of the data subject. In addition, different configuration options are made available to allow the elimination of data transmission to Facebook. These applications may be used by the data subject to eliminate a data transmission to Facebook.
On this website, the controller has integrated the component of Google Analytics (with the anonymizer function). Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
For the web analytics through Google Analytics the controller uses the application “_gat. _anonymizeIp”. By means of this application the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.
The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.
Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this Internet site, which is operated by the controller and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, the enterprise Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.
The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following Link https://www.google.com/analytics/.
On this website, the controller has integrated Google Remarketing services. Google Remarketing is a feature of Google AdWords, which allows an enterprise to display advertising to Internet users who have previously resided on the enterprise’s Internet site. The integration of Google Remarketing therefore allows an enterprise to create user-based advertising and thus shows relevant advertisements to interested Internet users.
The operating company of the Google Remarketing services is the Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
The purpose of Google Remarketing is the insertion of interest-relevant advertising. Google Remarketing allows us to display ads on the Google network or on other websites, which are based on individual needs and matched to the interests of Internet users.
Google Remarketing sets a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google enables a recognition of the visitor of our website if he calls up consecutive web pages, which are also a member of the Google advertising network. With each call-up to an Internet site on which the service has been integrated by Google Remarketing, the web browser of the data subject identifies automatically with Google. During the course of this technical procedure, Google receives personal information, such as the IP address or the surfing behaviour of the user, which Google uses, inter alia, for the insertion of interest relevant advertising.
The cookie is used to store personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, personal data, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google may be deleted at any time via a web browser or other software programs.
In addition, the data subject has the possibility of objecting to the interest-based advertising by Google. For this purpose, the data subject must call up the link to www.google.de/settings/ads and make the desired settings on each Internet browser used by the data subject.
Further information and the actual data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.
On this website, the controller has integrated components of YouTube. YouTube is an Internet video portal that enables video publishers to set video clips and other users free of charge, which also provides free viewing, review and commenting on them. YouTube allows you to publish all kinds of videos, so you can access both full movies and TV broadcasts, as well as music videos, trailers, and videos made by users via the Internet portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, UNITED STATES. The YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, UNITED STATES.
With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a YouTube component (YouTube video) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding YouTube component. Further information about YouTube may be obtained under https://www.youtube.com/yt/about/en/. During the course of this technical procedure, YouTube and Google gain knowledge of what specific sub-page of our website was visited by the data subject.
If the data subject is logged in on YouTube, YouTube recognizes with each call-up to a sub-page that contains a YouTube video, which specific sub-page of our Internet site was visited by the data subject. This information is collected by YouTube and Google and assigned to the respective YouTube account of the data subject.
YouTube and Google will receive information through the YouTube component that the data subject has visited our website, if the data subject at the time of the call to our website is logged in on YouTube; this occurs regardless of whether the person clicks on a YouTube video or not. If such a transmission of this information to YouTube and Google is not desirable for the data subject, the delivery may be prevented if the data subject logs off from their own YouTube account before a call-up to our website is made.
YouTube’s data protection provisions, available at https://www.google.com/intl/en/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data. We have also explained what our legitimate interests are where relevant.
We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at [email protected] if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To register you as a new customer||(a) Identity
|Performance of a contract with you|
|To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests to recover debts owed to us
|To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
(d) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services
|To enable you to partake in a prize draw, competition or complete a survey||(a) Identity
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests to study how customers use our products/services, to develop them and grow our business
|To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity
|(a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise
(b) Necessary to comply with a legal obligation
|To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising||(a) Identity
(e) Marketing and Communications
|Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical (b) Usage||Necessary for our legitimate interests to define types of customers for our products and services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||(a) Identity
|Necessary for our legitimate interests to develop our products/services and grow our business|
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract.
We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions (e.g. information on the contractual partner).
Sometimes it may be necessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our company signs a contract with him or her. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded.
Before personal data is provided by the data subject, the data subject must contact any employee. The employee clarifies to the data subject whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.
As a responsible company, we do not use automatic decision-making or profiling.