Privacy Policy

This policy applies to all information the Company collects through the Website, mobile application, and Services, including but not limited to:

• Any information you provide during booking, registration, or enquiry.
• Emails, phone calls, or other correspondence you exchange with the Company.
• Information submitted through forms, feedback, or reviews on the Website.
• Automatic data collected through cookies, tracking technologies, and analytics tools.

This policy does not apply to, nor does the Company take any responsibility for, any information collected by third parties through external links, advertisements, or third-party integrations on the Website.

As you navigate through and interact with our Website and Services, we may collect different types of information:

• Personal Information: Full name, date of birth, gender, email address, phone number, postal address, nationality, and government-issued identification (where required for booking or check-in).
• Financial Information: Payment card details, billing address, UPI identifiers, and transaction history — processed securely through our authorised payment gateway partners.
• Booking & Stay Data: Reservation dates, room preferences, number of guests, special requests, dietary requirements, and activity preferences.
• Technical & Usage Data: IP address, device type, operating system, browser type and version, screen resolution, referring URLs, pages visited, time spent on each page, click patterns, and search queries.
• Location Data: Approximate geographic location derived from your IP address or, with your consent, precise location from your mobile device.
• Communication Data: Records of correspondence with our team including emails, chat messages, phone call logs, and feedback or reviews submitted.

Cookies & Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance your browsing experience, remember your preferences, and analyse website traffic. "Cookies" are small data files placed on your device's storage that enable us to track usage patterns and personalise content. Most session cookies are automatically deleted when you close your browser. You may decline cookies by adjusting your browser settings; however, this may affect certain features of the Website.

The information we collect is used for the following purposes:

• Service Delivery: To process and manage your bookings, reservations, payments, and service requests at Thanima Farm Life.
• Communication: To respond to your enquiries, send booking confirmations, provide pre-arrival and post-stay information, and address complaints or feedback.
• Personalisation: To tailor your experience, remember your preferences (room type, dietary needs, activity interests), and provide personalised recommendations.
• Marketing & Promotions: To send promotional offers, newsletters, seasonal packages, and event invitations — only with your prior consent. You may opt out at any time.
• Analytics & Improvement: To analyse usage patterns, assess website performance, estimate audience demographics, improve our services, and develop new features and offerings.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.
• Security & Fraud Prevention: To detect, prevent, and respond to fraud, security threats, or other potentially prohibited or illegal activities.

The Company will not publish, sell, or rent your personal information to third parties for their marketing purposes without your explicit consent. If the Company determines that any information you have provided violates this Privacy Policy, the Company reserves the right to delete or restrict such information without liability.

Your information may be disclosed by the Company in the following circumstances:

• Service Providers: Trusted third-party vendors who assist us in operating the Website, processing payments, delivering services, or conducting analytics — bound by confidentiality obligations.
• Booking Partners: Online travel agencies (OTAs), channel managers, and booking engine providers to facilitate and manage your reservations.
• Legal Obligations: Government authorities, law enforcement agencies, or regulatory bodies when required by applicable law, court order, or legal process, or when the Company believes in good faith that disclosure is necessary to protect its rights, your safety, or the safety of others.
• Business Transfers: In connection with any merger, acquisition, restructuring, or sale of assets, your information may be transferred as a business asset, subject to the same privacy protections.
• With Your Consent: For any purpose disclosed to you at the time of collection, with your explicit approval.

We do not sell, trade, or otherwise transfer your personally identifiable information to external parties for marketing without your express consent. By providing information on the Website, you consent to us sharing such information with governmental, law enforcement, or regulatory authorities who exercise jurisdiction over the Company.

The Company takes the security of your personal data seriously and implements appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption: All data transmitted between your device and our servers is protected using industry-standard SSL/TLS encryption.
• Secure Payment Processing: Payment information is processed through PCI-DSS compliant payment gateways and is never stored on our servers.
• Access Controls: Strict role-based access controls ensure that only authorised personnel can access personal data, on a need-to-know basis.
• Regular Audits: Periodic security assessments and vulnerability testing to identify and address potential risks.
• Incident Response: A defined protocol for detecting, reporting, and responding to data breaches in compliance with applicable regulations.

As a user, you are responsible for maintaining the confidentiality of your account credentials. Do not share your username or password with any person. You are solely responsible for all activities conducted under your account. Given the nature of internet-based services, the Company cannot guarantee absolute security of data transmission. Any transmission of personal information is done at your own risk.

You may access, review, correct, or update your personal information at any time by contacting us at the details provided below, or through your account on our Website or mobile application. You may also request deletion of your personal data, subject to the following:

• The Company reserves the right to retain certain data as required for legitimate business purposes or to comply with legal, tax, or regulatory obligations.
• Residual copies of data may remain in backup systems for a limited period before being fully purged.
• The Company may, at its sole discretion, deny a modification request if it believes the change is required to comply with applicable laws.

The Website and Services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal data from individuals under the age of 18 without verifiable parental or guardian consent. In compliance with the DPDPA, processing of personal data of children (under 18 years) requires verifiable consent of the parent or lawful guardian. If it comes to our attention that personal data pertaining to an individual under 18 has been collected without appropriate consent, such data will be deleted without notice.

Our Website may contain links to third-party websites, booking platforms, payment gateways, social media pages, and advertising partners. These third-party services have their own privacy policies, and the Company assumes no responsibility for their content, practices, or data handling. We encourage you to review the privacy policies of any third-party services before providing your information. Third-party vendors, including Google, may use cookies (such as the DoubleClick cookie) to serve advertisements based on your prior visits to our Website. You may opt out of interest-based advertising by visiting Google Ads Settings.

This Privacy Policy forms an integral part of the Terms and Conditions governing your use of the Website and Services. By accessing or using the Website, you acknowledge that you have read, understood, and agree to be bound by both this Privacy Policy and the Terms and Conditions. In the event of any conflict between this Privacy Policy and the Terms and Conditions, the Terms and Conditions shall prevail to the extent of such inconsistency.

Your continued use of the Website following the posting of any amendments to this Privacy Policy constitutes your acceptance of such amendments. We recommend that you periodically review this page for the latest information on our privacy practices.

This Privacy Policy is subject to change at the Company's sole discretion. Any material changes will be communicated through a prominent notice on the Website's home page or via email to registered users. The revised policy will be effective immediately upon posting. We encourage you to review this Privacy Policy regularly to stay informed of how we protect your information.