Book Now

Privacy Policy

  • Home
  • Privacy Policy

Effective Date: June 4th, 2026
Last Updated: June 4th, 2026

 

1. INTRODUCTION

Tijili Benoa (“we”, “us”, “our”) is committed to protecting your privacy and personal data in accordance with Law No. 27 of 2022 concerning Personal Data Protection (the “PDP Law”) of the Republic of Indonesia, as well as other applicable global data protection regulations (including the GDPR for our guests in the European Economic Area).

This Privacy Policy explains how we collect, use, store, disclose, and protect your personal data when you:

  • Visit our website at www.tijilihotels.com/tijili-benoa/ or our mobile applications;

  • Make a reservation or stay at Tijili Benoa (located at Jl. Pratama No.62, Tanjung Benoa, South Kuta, Badung, Bali);

  • Contact us via email, phone, WhatsApp, or social media;

  • Subscribe to our newsletters, promotions, or loyalty programs;

  • Interact with us online or offline (including during events, weddings, or meetings).

By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please do not use our website or services.

 

2. DATA CONTROLLER INFORMATION

Data Controller:
PT. [Nama Badan Hukum Tijili Benoa]
Tijili Benoa Hotel
Jl. Pratama No.62, Tanjung Benoa, South Kuta
Badung, Bali 80361, Indonesia

Contact Person / Data Protection Officer:
📧 privacy.benoa@tijilihotels.com
📞 +62 361 472 8900

We are the data controller responsible for determining the purposes and means of processing your personal data in connection with our hotel operations and services.

 

3. PERSONAL DATA WE COLLECT

A. Information You Provide Voluntarily

We may collect the following categories of personal data when you interact with us:

Category Examples of Data
Identity Data Full name, date of birth, nationality, passport/ID number
Contact Data Email address, phone number, mailing address
Booking & Stay Data Arrival/departure dates, room preferences, number of guests, special requests, dietary restrictions, travel itinerary
Payment Data Credit/debit card information (processed via PCI DSS-compliant gateways; we do not store full card details)
Preferences Bed type, pillow preferences, language, interests (e.g., spa, dining, golf)
Communication Data Content of emails, WhatsApp messages, or calls with our staff
Event/Wedding Data Information provided when booking weddings, meetings, or events (including guest lists)
Marketing Data Your consent preferences, newsletter subscriptions, survey responses
Loyalty/Program Data Participation in any membership or loyalty programs
B. Information Collected Automatically

When you browse our website or use our services, we may automatically collect:

  • Technical Data: IP address, browser type and version, device type, operating system, time zone setting;

  • Usage Data: Pages visited, clickstream data, date and time of access, referring/exit pages;

  • Location Data: General geographic location (e.g., country/city) derived from your IP address;

  • Cookies and Tracking Technologies: As described in Section 12 below.

C. Information from Third Parties

We may receive your personal data from:

  • Travel agents, online booking platforms (e.g., SwiftBook), and tour operators;

  • Social media platforms (when you interact with our pages);

  • Payment processors and banks.

Note: We do not knowingly collect personal data from children under 18 without parental or guardian consent. If such data is collected (e.g., for family stays), it is processed solely for service provision.

 

4. HOW WE USE YOUR PERSONAL DATA

We use your personal data only for legitimate purposes, as permitted by the PDP Law and other applicable regulations.

Purpose Legal Basis Data Used
Process bookings and transactions Contractual necessity Identity, contact, booking, payment
Provide hotel services (check-in, room assignments, F&B, spa, activities) Contractual necessity Identity, booking, preferences
Communicate with you (confirmations, pre-arrival info, post-stay feedback) Contractual necessity / Legitimate interest Contact, booking
Personalize your stay (room preferences, special occasions, dietary needs) Legitimate interest / Consent Preferences, special requests
Send marketing communications (newsletters, promotions, offers) Consent (opt-in required) Contact, preferences
Improve our services, website, and guest experience Legitimate interest Usage data, feedback
Comply with legal obligations (immigration, tax, security) Legal obligation Identity, passport, booking
Prevent fraud and ensure security Legitimate interest / Legal obligation Payment, IP address, technical
Manage events, weddings, meetings Contractual necessity Identity, contact, event data

We will not use your personal data for purposes incompatible with those listed above without obtaining your prior consent.

 

5. SHARING AND DISCLOSURE OF PERSONAL DATA

We may share your personal data with the following parties, only to the extent necessary and in accordance with the law:

A. Internal Sharing

  • Authorized employees and departments at Tijili Benoa (front desk, F&B, spa, housekeeping, sales, events) who need access to provide services to you.

B. Third-Party Service Providers

We work with trusted third parties to operate our business. These parties are bound by Data Processing Agreements and may only process your data on our instructions:

Provider Type Examples
Booking engines and PMS SwiftBook, property management systems
Payment processors Banks, PCI-compliant gateways
IT and cloud services Data hosting, CRM, email marketing platforms (e.g., Mailchimp)
Analytics providers Google Analytics, Facebook Pixel
Security and surveillance CCTV systems
Transport services Airport transfer providers
Tour and activity operators External vendors for excursions
C. Legal and Regulatory Disclosures

We may disclose your personal data if required to do so by law, such as:

  • Compliance with immigration reporting to Indonesian authorities;

  • Response to a court order, subpoena, or government request;

  • Enforcement of our Terms and Conditions;

  • Protection of our rights, property, or safety (or that of our guests or employees).

D. Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the successor entity, provided that the new entity agrees to adhere to this Privacy Policy.

Important: We do not sell your personal data to third parties for their own marketing purposes.

 

6. INTERNATIONAL DATA TRANSFERS

Your personal data may be transferred to and processed in countries outside Indonesia, including the United States or European Union, where our third-party service providers (e.g., cloud hosting, analytics, email platforms) are located.

When we transfer your data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) adopted by the European Commission;

  • Binding corporate rules (where applicable);

  • Compliance with the cross-border data transfer provisions of the Indonesian PDP Law.

You may request a copy of these safeguards by contacting us at privacy.benoa@tijilihotels.com.

 

7. DATA RETENTION

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Data Category Retention Period
Booking and stay records Up to 5 years (for legal and tax purposes)
Marketing data Until you withdraw consent or unsubscribe
Payment data (masked) Up to 13 months (for fraud prevention)
CCTV footage Up to 30 days (unless required for incident investigation)
Cookie data Up to 6 months (see Section 12)
Guest identification (passport/ID) As required by Indonesian immigration law, then securely deleted

Once personal data is no longer required, we will securely delete or anonymize it.

 

8. YOUR RIGHTS

Under the Indonesian PDP Law and, where applicable, the GDPR, you have the following rights regarding your personal data:

Right Description
Right to Access Request a copy of the personal data we hold about you
Right to Rectification Request correction of inaccurate or incomplete data
Right to Erasure (Right to be Forgotten) Request deletion of your personal data, subject to legal obligations
Right to Restrict Processing Request limitation of how we use your data
Right to Data Portability Receive your data in a structured, machine-readable format
Right to Object Object to processing based on legitimate interests (e.g., direct marketing)
Right to Withdraw Consent Withdraw previously given consent at any time (without affecting prior processing)
Right to Lodge a Complaint File a complaint with the Indonesian data protection authority (when established)
How to Exercise Your Rights

To exercise any of these rights, please contact us at:

📧 privacy.benoa@tijilihotels.com

Please include:

  • Your full name;

  • Your email address or booking ID;

  • A clear description of your request;

  • A copy of your identification (passport or KTP) for verification purposes.

We will respond to your request within 30 days. If your request is complex or numerous, we may extend this period by an additional 30 days and will inform you accordingly.

 

9. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption: SSL/TLS encryption for data transmitted through our website;

  • Access Controls: Role-based access, strong passwords, and multi-factor authentication for staff;

  • Firewalls and Antivirus: Network and endpoint protection;

  • PCI DSS Compliance: For secure payment card processing;

  • Staff Training: Regular training on data protection and privacy;

  • Incident Response: A breach notification procedure in case of a data security incident.

While we strive to protect your personal data, no system is completely secure. You acknowledge that any data transmission is at your own risk.

 

10. COOKIES AND TRACKING TECHNOLOGIES

Our website uses cookies and similar tracking technologies (pixels, web beacons) to enhance your browsing experience and analyze site usage.

A. What Are Cookies?

Cookies are small text files stored on your device when you visit a website.

B. Types of Cookies We Use
Cookie Type Purpose Consent Required
Essential Cookies Required for website functionality (e.g., booking engine, security) No (strictly necessary)
Performance/Analytics Cookies Collect anonymous usage data (e.g., Google Analytics) Yes
Preference Cookies Remember your language, currency, or other settings Yes
Marketing Cookies Deliver targeted advertisements (e.g., Facebook Pixel) Yes
C. Cookie Consent Management

When you first visit our website, a cookie banner will appear, allowing you to:

  • Accept all cookies;

  • Reject non-essential cookies;

  • Customize your preferences by category.

You may change your cookie preferences at any time via the “Cookie Settings” link in our website footer. You may also disable cookies through your browser settings; however, disabling essential cookies may affect website functionality.

D. Third-Party Cookies

We use the following third-party services that place cookies on your device:

  • Google Analytics: To analyze website traffic and user behavior (opt-out available at tools.google.com/dlpage/gaoptout);

  • Facebook Pixel: For ad targeting and conversion tracking;

  • Booking Engine Cookies: Provided by SwiftBook or similar platforms.

For more information, please refer to the privacy policies of these third parties.

 

11. CHILDREN’S PRIVACY

Tijili Benoa welcomes families, but we do not knowingly collect personal data from children under the age of 18 without the consent of a parent or legal guardian.

If we discover that we have inadvertently collected personal data from a child under 18 without parental consent, we will delete that information promptly.

For family stays, any data provided about children (e.g., names, ages, dietary restrictions) will be processed solely for service provision and will not be used for marketing purposes.

 

12. THIRD-PARTY LINKS

Our website may contain links to external websites (e.g., social media platforms, tour operators, payment gateways). We are not responsible for the privacy practices or content of these third-party sites. We encourage you to read their privacy policies before submitting any personal data.

 

13. MARKETING AND NEWSLETTERS

With your explicit consent (opt-in), we may send you marketing communications, including:

  • Newsletters featuring special offers, promotions, and events at Tijili Benoa;

  • Surveys and feedback requests;

  • Birthday or anniversary greetings.

You may withdraw your consent at any time by:

  • Clicking the “unsubscribe” link at the bottom of any marketing email;

  • Replying “STOP” to any WhatsApp marketing message;

  • Contacting us at privacy.benoa@tijilihotels.com.

Even if you opt out of marketing communications, we will continue to send you transactional messages related to your bookings (e.g., confirmation emails, pre-arrival information).

 

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our practices, or technology.

  • The “Last Updated” date at the top of this page indicates when the policy was last revised.

  • Material changes will be communicated via a notice on our website or by email to registered guests.

Your continued use of our website or services after any changes constitutes your acceptance of the revised Privacy Policy.

 

15. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Officer at:

📧 privacy.benoa@tijilihotels.com
📞 +62 361 472 8900
📍 Tijili Benoa Hotel, Jl. Pratama No.62, Tanjung Benoa, South Kuta, Badung, Bali 80361, Indonesia

For matters requiring formal correspondence, please send a written request to our physical address.

 

16. COMPLAINTS AND DISPUTE RESOLUTION

If you believe that we have violated your privacy rights under the Indonesian PDP Law, you have the right to lodge a complaint with the relevant data protection supervisory authority in Indonesia (once established).

Alternatively, you may contact us directly at privacy.benoa@tijilihotels.com to resolve any concerns. Disputes arising from this Privacy Policy shall be governed by the laws of the Republic of Indonesia and subject to the exclusive jurisdiction of the courts in Denpasar, Bali.

 

Tijili Benoa – Where Happiness Happens, Responsibly.