Privacy Policy

1. Who we are (data controller)

This Privacy Policy explains how we collect and process personal data when you visit our website bluedolphinbeachhome.com, join our pre-launch mailing list or otherwise interact with us online.

For the purposes of the EU General Data Protection Regulation (GDPR), the data controller is:

Blue Dolphin Beach Home
Owner / Representative: BlueDolphinBeachHome
Registered / postal address: PO Box 196, Mebane NC 27302
Email: privacy@bluedolphinbeachhome.com

If you stay with us in Sardinia, we may also process personal data offline (e.g. to comply with local guest registration and tax rules). This notice focuses on our website and email marketing; local check-in forms and contracts may provide additional information where needed.

2. What this Privacy Policy covers

This Privacy Policy applies to:

• Visitors to our website and landing pages;
• People who sign up to our newsletter or pre-launch VIP list;
• People who contact us via email or web forms.

It does not apply to external websites, booking platforms or social networks that we may link to. Those services are governed by their own privacy policies.

3. Personal data we collect

3.1 Data you provide directly

When you interact with us, you may provide:

• Contact details – such as first name, last name, email address, country of residence and language preference;
• Booking-related information – such as desired dates of stay, number of guests, special requests or preferences, if you choose to share these in your message;
• Marketing preferences – for example, whether you wish to receive emails about launches, special offers or Sardinia travel tips;
• Any other information you decide to include in a free-text message.

3.2 Data collected automatically

When you visit our website, certain technical information is collected automatically by our hosting and analytics tools, such as:

• IP address and approximate location (country / region);
• Device type, operating system and browser type;
• Pages visited, time and date of visit, time spent on each page;
• Referring website or campaign (e.g. if you clicked from a social post).

We use privacy-friendly analytics (for example, a tool such as Plausible or a similar service) that does not build marketing profiles or sell data to third parties. Where possible, data is anonymised or aggregated.

4. Purposes and legal bases for processing

We process your personal data for the following purposes and legal bases:

(a) Managing our newsletter and pre-launch VIP list

• Purpose: to send you information about the opening of Blue Dolphin Beach Home, early-bird offers, and curated Sardinia content.
• Legal basis: your consent (Art. 6(1)(a) GDPR), expressed when you submit your email address via the signup form and confirm your subscription (double opt-in).

(b) Responding to enquiries and pre-contractual steps

• Purpose: to answer your questions, provide information about potential stays, and take steps at your request before entering into a booking agreement.
• Legal basis: the processing is necessary for pre-contractual steps or performance of a contract (Art. 6(1)(b) GDPR).

(c) Operating and protecting our website

• Purpose: to run, maintain and secure the website, including troubleshooting, preventing abuse or attacks, and collecting basic statistics about traffic.
• Legal basis: our legitimate interest in operating a secure and user-friendly site (Art. 6(1)(f) GDPR).

(d) Complying with legal obligations

• Purpose: to comply with our legal, tax and accounting obligations, and to respond to lawful requests from public authorities.
• Legal basis: compliance with a legal obligation (Art. 6(1)(c) GDPR).

5. Cookies and similar technologies

Our website currently uses only a limited set of cookies and similar technologies, primarily for:

• Essential functionality (for example, remembering your language selection);
• Privacy-friendly analytics to understand which pages are visited, without tracking individual users across the web.

If we introduce additional cookies (for example, for marketing, remarketing or embedded services), we will update this policy and, where required, ask for your prior consent via a cookie banner.

6. Email marketing and Brevo

We use Brevo a European email and marketing automation platform, to manage our mailing lists and send emails to subscribers. Brevo acts as our data processor under GDPR, and processes your data only on our documented instructions. :contentReference[oaicite:4]{index=4}

When you join our list, your data is stored in Brevo and may include:

• Email address;
• First name and last name (if provided);
• Preferred language (e.g. EN / IT / DE / FR);
• Technical information about email delivery and interaction, such as opens or link clicks. We use these metrics to understand engagement and improve our content, not to make automated decisions about you.

You can unsubscribe from our emails at any time by clicking the “unsubscribe” link included in every message, or by contacting us directly.

7. Recipients and international transfers

7.1 Service providers (data processors)

We share personal data with trusted service providers who help us operate our website and communications, for example:

• Website hosting and infrastructure services (e.g. a cloud hosting provider);
• Email and marketing automation (Brevo / Sendinblue);
• Privacy-friendly analytics provider;
• Professional advisers (such as accountants or lawyers) where necessary.

These providers process your data only as necessary to provide their services, under contracts that include appropriate data protection clauses.

7.2 Transfers outside the European Economic Area (EEA)

Our hosting and main mailing provider are located in the EU or EEA where possible. However, some tools or backups may involve transfers of personal data to countries outside the EEA (for example, if we access accounts from the United States).

In such cases, we rely on appropriate safeguards under GDPR – such as Standard Contractual Clauses adopted by the European Commission – or ensure that an adequacy decision is in place for the destination country.

8. How long we keep your data

We keep personal data only for as long as necessary for the purposes described above:

• Newsletter / VIP list data: until you withdraw your consent by unsubscribing, plus a short additional period to record that you no longer wish to receive emails and to handle any legal claims.
• Enquiries by email or form: typically for up to 24 months after our last interaction, unless a longer period is required by law (for example, accounting records).
• Technical logs and security-related data: generally for a few months unless we need to retain them longer to investigate an incident or satisfy a legal requirement.

When data is no longer needed, we delete it or anonymise it so that it can no longer be linked to an identifiable person.

9. Your rights under GDPR

If you are in the European Economic Area, the UK or a country with similar data protection laws, you have a number of rights in relation to your personal data, including:

• Right of access – to obtain confirmation whether we process your data and receive a copy;
• Right to rectification – to have incomplete or inaccurate data corrected;
• Right to erasure – to ask us to delete your data in certain circumstances;
• Right to restriction – to limit processing of your data in specific situations;
• Right to data portability – to receive personal data you provided in a structured, commonly used format and transmit it to another controller where technically feasible;
• Right to object – to object at any time to processing based on our legitimate interests, and to object to direct marketing;
• Right to withdraw consent – where processing is based on your consent, you can withdraw that consent at any time (this does not affect processing carried out before withdrawal).

These rights may be subject to limitations and conditions under applicable law. More information is available from your local data protection authority. :contentReference[oaicite:5]{index=5}

10. How to exercise your rights or contact us

To exercise any of your rights or to ask a question about this Privacy Policy, please contact us at:

Email: privacy@bluedolphinbeachhome.com
Postal mail: PO Box 196, Mebane NC 27302

For security reasons, we may ask you to provide additional information to confirm your identity before we act on your request. We aim to respond to all valid requests within one month, as required by GDPR, unless your request is particularly complex.

Right to lodge a complaint

If you believe your data protection rights have been infringed, you also have the right to lodge a complaint with your local supervisory authority (for example, the data protection authority in the EU Member State where you live, work or where the alleged infringement occurred).

11. Security

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include secure hosting, strong account passwords, access