Privacy Policy

Last Updated: May 2025

 

1. Introduction

Welcome to Bahari House. We are committed to protecting your personal information and respecting your privacy. This Privacy Policy explains what information we collect when you visit our website or make a booking, how we use it, who we share it with, and what rights you have. By using this website or submitting a booking request, you agree to the collection and use of your information as described in this policy.

 

2. Who We Are

Bahari House is the operator of this website and the responsible party (“operator” as defined under the Protection of Personal Information Act 4 of 2013, “POPIA”) for the personal information collected through it. For any privacy-related queries, you may contact us directly through the Contact page on this website.

 

3. What Information We Collect

3.1 Information You Provide Directly

When you submit a booking request or contact us, we collect:

  1. Full name
  2. Email address
  3. Phone number
  4. Country of residence
  5. Number of guests and travel dates
  6. Any additional information you provide in qualifying or vetting fields on the booking form
  7. Payment information, processed securely by PayFast (we do not store your card details)

 

3.2 Information Collected Automatically

When you visit our website, certain technical data may be collected automatically, including:

  1. IP address and approximate geographic location
  2. Browser type and version
  3. Pages visited and time spent on the site
  4. Referring URLs

 

This data is used for website security, performance monitoring, and improving your experience.

 

3.3 Cookie Information

Our website uses cookies to function correctly and to comply with applicable privacy regulations. We use Complianz to manage cookie consent. You will be presented with a cookie consent notice when you first visit the site, and you may adjust your preferences at any time.

Cookies we use may include:

  1. Strictly necessary cookies — required for the website and booking system to function
  2. Functional cookies — to remember your preferences
  3. Analytics cookies — to understand how visitors use the site (only with your consent)

 

4. How We Use Your Information

We use the information we collect for the following purposes:

  1. To process and manage your booking request, including host review and approval
  2. To communicate with you regarding your booking: confirmation, payment links, check-in instructions, and deposit reminders
  3. To verify your suitability as a guest prior to accepting your booking
  4. To process payments securely via PayFast
  5. To synchronise booking availability across platforms (Airbnb, LekkaSlaap) to prevent double bookings
  6. To send transactional emails via our SMTP mail system (WP Mail SMTP / Brevo)
  7. To comply with our legal obligations
  8. To improve our website and the guest experience

 

We do not use your personal information for unsolicited marketing without your explicit consent.

 

5. Legal Basis for Processing

We process your personal information on the following grounds: Contractual necessity: processing is required to fulfil a booking or take steps prior to entering into a booking agreement with you Legitimate interests such as fraud prevention, guest vetting, and website security Legal obligation: where we are required to retain or process information by law Consent for optional cookies and any marketing communications

 

6. Third-Party Service Providers

To operate this website and process bookings, we share relevant information with the following third-party service providers. Each is engaged to perform a specific function and is not permitted to use your data for their own purposes.

  1. Payment processing. Your payment card details are handled directly by PayFast and are not stored on our website. PayFast is a South African payment processor subject to applicable South African financial regulations
  2. Transactional email delivery. Booking confirmations, payment links, and other automated emails Complianz (Cookie consent management) manages your cookie preferences and stores your consent record
  3. WooCommerce processes and stores your booking information We do not sell your personal information to any third party.

 

7. International Data Transfers

Some of our third-party service providers operate internationally, which may involve your personal information being transferred to and stored in countries outside of South Africa. Where such transfers occur, we take reasonable steps to ensure that your information is handled securely and in accordance with this policy.

 

8. Data Retention

We retain your personal information for as long as is necessary to fulfil the purposes for which it was collected, including:

  1. Booking records: retained for a reasonable period after your stay for accounting, dispute resolution, and legal compliance purposes
  2. Payment records: retained as required by South African tax and financial regulations
  3. Cookie consent records: retained as required by Complianz for compliance verification

 

When your information is no longer required, we will delete or anonymise it securely.

 

9. Your Rights

Under the Protection of Personal Information Act (POPIA), and where applicable the GDPR, you have the following rights regarding your personal information:

  1. The right to be informed about how your information is used (this policy fulfils that obligation)
  2. The right to access the personal information we hold about you
  3. The right to request correction of inaccurate or incomplete information
  4. The right to request deletion of your information, subject to legal retention requirements
  5. The right to object to certain processing activities
  6. The right to withdraw consent where processing is based on consent

 

To exercise any of these rights, please contact us via the Contact page on this website. We will respond to your request within a reasonable timeframe and in accordance with our obligations under applicable law.

 

10. Children’s Privacy

This website is not directed at children under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected information from a minor, please contact us and we will delete it promptly.

 

11. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, loss, misuse, or disclosure. These measures include:

  1. Secure hosting with daily backups SSL/TLS encryption for all data transmitted through the website
  2. Payment processing handled entirely by PayFast, a PCI-compliant payment processor
  3. SMTP authentication for all transactional emails to prevent spoofing

 

No method of transmission over the internet is 100% secure. While we take your security seriously and do our best to protect your information, we cannot guarantee absolute security.

 

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we do, we will update the “Last Updated” date at the top of this page. We encourage you to review this policy periodically. Continued use of the website following any changes constitutes your acceptance of the revised policy.

 

13. Complaints

If you have a concern about how we handle your personal information and we have not resolved it to your satisfaction, you have the right to lodge a complaint with the Information Regulator of South Africa. Website: www.inforegulator.org.za  | Email: complaints.IR@justice.gov.za