Effective Date: 1 January 2026 | Last Updated: 15 May 2026
This Privacy Policy explains how Calista Resort by Mavenco ("we", "our", or "us") collects, uses, and protects the personal information you provide when using our website, contacting us, or booking our services. By using our website or engaging with our services, you agree to the practices described in this policy.
1. Information We Collect
We collect personal information when you voluntarily provide it to us — for example, when you submit an enquiry form, make a booking, or contact us directly. The types of information we may collect include:
- Contact Information: Name, email address, phone number, and postal address.
- Event Details: Event type, preferred dates, estimated guest count, and special requirements.
- Booking Information: Payment details (processed securely via third-party providers), reservation details, and accommodation preferences.
- Communications: Records of correspondence, enquiries, and feedback submitted to us.
- Website Usage Data: IP address, browser type, pages visited, and time spent on our website, collected via cookies and analytics tools.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To respond to your enquiries and provide event planning assistance.
- To confirm, manage, and fulfil bookings and reservations.
- To send you information about our services, promotions, and updates — where you have opted in or where we have a legitimate interest to do so.
- To improve our website, services, and customer experience.
- To comply with legal obligations and resolve disputes.
- To process payments securely through our authorised payment partners.
We will not use your personal information for any purpose other than those described above without your explicit consent.
3. Sharing Of Information
We do not sell, rent, or trade your personal information to third parties. We may share your information only in the following limited circumstances:
- Service Providers: Trusted third-party vendors who assist in delivering our services (e.g., payment processors, email marketing platforms, analytics providers) — bound by confidentiality agreements.
- Event Partners: Where you have approved the engagement of specific vendors (decorators, photographers, caterers) in connection with your event.
- Legal Requirements: Where required by law, regulation, court order, or governmental authority.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
4. Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website traffic. Cookies are small text files stored on your device.
- Essential Cookies: Required for the website to function properly.
- Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics).
- Marketing Cookies: Used to deliver relevant advertisements and track campaign performance.
You may disable cookies through your browser settings, though this may affect your experience on our website. By continuing to use our website, you consent to our use of cookies as described.
5. Data Security
We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. These measures include:
- SSL/TLS encryption for data transmitted via our website.
- Secure, access-controlled storage systems for personal data.
- Regular security assessments and staff training on data protection practices.
While we strive to use commercially acceptable means to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.
6. Data Retention
We retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Generally:
- Enquiry and contact records are retained for up to 2 years after the last interaction.
- Booking and transaction records are retained for 7 years for accounting and legal compliance.
- Marketing opt-in records are retained until you withdraw consent.
When data is no longer required, it is securely deleted or anonymised.
7. Your Rights
You have the following rights regarding your personal information:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your data, subject to legal obligations.
- Objection: Object to certain uses of your data, including direct marketing.
- Portability: Request your data in a structured, machine-readable format.
- Withdraw Consent: Withdraw consent for marketing communications at any time.
To exercise any of these rights, please contact us at info@calistaresorts.com. We will respond within 30 days.
8. Children's Privacy
Our website and services are not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a child, please contact us immediately and we will take steps to delete it.
9. Changes To This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of our website or services after changes are made constitutes acceptance of the revised policy.
