Privacy Policy

Introduction

Floripa Resort (www.floriparesort.com) operates a media‑news platform that delivers timely articles, analysis, and multimedia content to a global audience. This Privacy Policy explains how we collect, use, disclose, and protect personal information in compliance with the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable privacy frameworks. By accessing or using our website, you acknowledge that you have read, understood, and agree to the practices described herein.

Information We Collect

We collect both directly provided information and automatically generated data. The categories are described below.

Personal Identifiers

• Name – when you subscribe to newsletters, comment on articles, or register for an account.
• Email address – used for communication, verification, and delivery of newsletters.
• Postal address and phone number – collected only when you request physical copies of publications or participate in contests.

Device and Usage Data

• IP address – captured for security, analytics, and geolocation.
• Browser type, operating system, and device identifiers – used to optimise rendering and improve user experience.
• Pages visited, click‑through paths, and time spent on each page – recorded through analytics tools.

Location Data

When you enable location services in your browser, we may collect coarse or precise location information to deliver region‑specific news and advertising.

Cookies and Similar Technologies

We employ first‑party and third‑party cookies, web beacons, and local storage to remember preferences, manage sessions, and measure advertising performance. See the dedicated Cookies and Tracking Technologies section for details.

How We Use Your Data

We process personal data for the following legitimate purposes:

• Content delivery: Tailoring news feeds, recommending articles, and delivering newsletters based on your interests.
• Advertising and monetisation: Serving personalised ads via Google AdSense and other ad networks, measuring ad performance, and preventing fraud.
• Communication: Responding to enquiries, sending account‑related notifications, and providing customer support.
• Analytics and research: Understanding audience demographics, improving site functionality, and conducting market research in line with Google Search Central E‑E‑A‑T guidelines.
• Legal compliance: Responding to lawful requests, enforcing our Terms of Service, and protecting the rights, property, or safety of Floripa Resort, its users, or the public.

Legal Basis for Processing (GDPR)

For users located in the European Economic Area (EEA), we rely on the following lawful bases:

• Consent: When you voluntarily subscribe to newsletters or accept non‑essential cookies.
• Contractual necessity: To fulfil services you request, such as delivering a paid subscription.
• Legitimate interests: For analytics, fraud prevention, and personalised content, provided that your interests do not override our legitimate business needs.
• Legal obligation: When required to retain data for tax, accounting, or regulatory purposes.

We maintain records of the legal basis for each processing activity and will provide this information upon legitimate request.

Cookies and Tracking Technologies

Cookies are small text files stored on your device. They enable us to:

• Remember your language and display preferences.
• Maintain authenticated sessions.
• Analyse traffic via Google Analytics and similar services.
• Serve targeted advertising through Google AdSense, which uses its own privacy policy (Google Privacy Policy).

You may manage or withdraw consent for non‑essential cookies at any time via the cookie banner or your browser settings. Disabling essential cookies may affect core functionality such as login and content personalization.

Third‑Party Services

We partner with the following external providers, each of which may process personal data on our behalf:

• Google AdSense – delivers contextual and behavioural ads. See Google’s privacy policy for details.
• Google Analytics – measures site performance and audience insights.
• Social media plugins (e.g., Facebook, Twitter) – enable sharing of our articles. These platforms may set their own cookies.
• Email service providers (e.g., Mailchimp) – manage newsletter distribution and subscription preferences.

All third‑party processors are contractually bound to protect your data and use it only for the purposes we specify. We regularly review their compliance with GDPR, CCPA, and industry best practices.

User Rights

Depending on your jurisdiction, you may exercise the following rights:

• Right of access: Request a copy of the personal data we hold about you.
• Right to rectification: Request correction of inaccurate or incomplete data.
• Right to erasure (right to be forgotten): Request deletion of your data, subject to legal exceptions.
• Right to restriction of processing: Request that we limit how we use your data.
• Right to data portability: Receive your data in a structured, commonly used format.
• Right to object: Object to processing for direct marketing or legitimate interest reasons.
• Right to withdraw consent: Revoke any consent previously given, without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using the details provided in the Contact Information section. We will respond within the statutory timeframes (typically 30 days) and may request verification of your identity to protect against fraudulent requests.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, unless a longer retention period is required or permitted by law. General guidelines include:

• Account information: Retained for the duration of the account plus an additional 12 months after deactivation.
• Newsletter subscriptions: Retained until you unsubscribe.
• Analytics data: Aggregated data is retained for up to 24 months; raw IP addresses are anonymised after 14 days.
• Advertising identifiers: Retained for the period required by the ad network (typically 90 days).

International Data Transfers

Because Floripa Resort operates globally, personal data may be transferred outside the European Economic Area (EEA) to the United States or other jurisdictions. We ensure such transfers are protected by:

• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Binding Corporate Rules (BCRs) for intra‑group transfers.
• Adequacy decisions where applicable (e.g., United Kingdom).

These mechanisms provide a level of protection essentially equivalent to that required under EU law.

Security Measures

We implement a layered security approach, including:

• Transport Layer Security (TLS) encryption for data in transit.
• Secure storage with encryption at rest for sensitive identifiers.
• Regular vulnerability scanning, penetration testing, and security audits.
• Access controls based on the principle of least privilege, with multi‑factor authentication for administrative accounts.

While we strive to protect your information, no method of transmission over the internet is 100 % secure. We cannot guarantee absolute security, and you acknowledge the inherent risks of online communication.

Children’s Privacy

Our content is primarily intended for adults. We do not knowingly collect personal data from children under the age of 16. If we become aware that we have inadvertently gathered such information, we will delete it promptly. Parents or guardians who believe their child’s data has been collected may contact us to request removal.

Changes to This Privacy Policy

We review this Privacy Policy periodically and may update it to reflect changes in law, technology, or our business practices. When significant modifications are made, we will post a prominent notice on our website and, where feasible, notify affected users via email. The “Last Updated” date at the top of the page indicates the most recent revision.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact our Data Protection Officer at:

Floripa Resort – Data Protection Officer
Email: dpo@floriparesort.com
Address: Rua das Flores, 123, Florianópolis, Brazil
Phone: +55 48 1234‑5678

For complaints regarding our handling of personal data, you may also contact the relevant supervisory authority, such as the European Data Protection Board (EDPB) for EU residents or the California Attorney General’s Office for California residents.

By continuing to use Floripa Resort, you consent to the practices described in this Privacy Policy.