This Privacy Statement is provided in accordance with the requirements of the UAE Personal Data Protection Law, Federal Decree-Law No. 45 of 2021 and the General Data Protection Regulation ((EU) 2016/679) (GDPR), and any other Data Protection laws implementing the same principles (Data Protection Law).

JARH values you as a visitor or guest to our website or facilities and recognizes that privacy is important to you, we respect your privacy and are committed to protecting your Personal Data. This Privacy Statement will inform you as to how we look after your Personal Data, and how we collect, use, and disclose your Personal Data

Please also note that this Privacy Statement only applies to the use of your Personal Data provided or obtained by us directly. This policy does not apply to, and we are not responsible for, personal information collected during your communications with third parties. In the event, you share information with third parties you can visit their website or connect to them directly about the terms of their data protection policy.

Please note that our website is not intended for children and minors, and we do not knowingly solicit or collect Personal Data from anyone under the age of 18, other than from a parent or legal guardian with consent. As a parent or legal guardian, please do not allow your children to submit Personal Data without your permission.

This Privacy Statement applies globally but depending on where you live there may be local variations to comply with local legislation. You can contact the JA Data Protection Manager should you have any queries.

If you have any queries concerning your Personal Data or about this Privacy Statement or want to exercise your rights set out in this Privacy Statement, you can fill out the Data Subject Request form. Please contact us by sending an email to dataprotection@jaresorts.com or by post at the following address to the attention of the JA Data Protection Manager.

Compliance and Data Protection

JA Resorts & Hotels

Dutco House, 10 floors, PO Box 233

Dubai, United Arab Emirates

Alternatively, if you are located in the EEA or the United Kingdom and have questions about your Personal Data or would like to make any request in relation to it, you may contact our representative at:

For the EU Representative: You can contact them by post at

Taylor Vinters Europe Limited, Clifton House, Fitzwilliam Street Lower, Dublin, D02 XT91, Ireland

or by email at representative@taylorvinters.com.

For the UK Representative: You can contact them by post at

Taylor Vinters trading name of Mishcon de Reya LLP, Africa House, 70 Kingsway, London, WC2B 6AH,

or by email at representative@taylorvinters.com

Throughout your guest journey, we, or service providers acting on our behalf, collect Personal Data in accordance with the law, and to serve you better. Personal Data is information that may identify you as an individual. Types of Personal Data are described in more detail below under the heading Data Categories.

We (and our service providers) use your Personal Data for legitimate business interests including the following:

• In connection with our website, web, Mobile, social media pages, and HTML-Formatted email messages.
• To process your information on behalf of third parties, such as tour operators, travel companies, and other service providers, including loyalty scheme providers, corporate customers, and marketing partners.
• When you visit or stay as a guest at one of our properties, including when you use services such as restaurants, childcare services, and spas, reach out to our call centre, or through other offline interactions.
• To provide our services to you, including enabling you to make, and us to accept, reservations online for our hotels and/or other JARH services, and to assist you to enjoy our services.
• To verify your identity.
• To help us with feedback to improve our services.
• Social media account ID, profile photo, and other data publicly available, or data made available by linking your social media and loyalty accounts
• Images, video, and audio data via security cameras located in public areas, such as hallways and lobbies, in our properties; and
• You may give us your Personal Data by filling in forms or by corresponding with us by post, phone, email, or otherwise. This includes Personal Data you provide online when you book an accommodation, sign up for a newsletter or participate in a survey, contest, or promotional offer.
• As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this Personal Data by using cookies, and other similar technologies. Please see the cookie statement for further details.
• When you visit our hotel properties, information may be collected about you through such properties’ ‘close circuit cameras’ electronic key cards, and other security systems.

We primarily use Personal Data to perform the contract between us or with your travel provider, including to provide you with services, and to comply with local legal requirements. JARH will also process your Personal Data for different purposes. These processing activities may be for more than one lawful ground depending on the specific purpose for which we are using your data. Personal data is processed both manually and electronically in accordance with these purposes and in compliance with Data Protection Law. We permit only authorized employees and third-party providers to have access to your information. Such employees and third-party providers are appropriately designated and authorized to process data only according to the applicable contract terms or the instructions we provide them.

In the context of the hotel booking process, whether this takes place online on our website, through an online booking channel, via a travel agent or tour operator, through our call centre, or directly at the hotel – we process your Personal Data for the purpose of (i) enabling you to reserve a room in the hotel of your choice (ii) verifying the availability of the hotel and to administer the booking (iii) sending you a booking confirmation and (iv) sending you pre-arrival emails. You may unsubscribe from pre-arrival emails at any time by clicking on the unsubscribe link in the emails sent to you.

Processing is necessary to take steps to enter and perform a contract.

Typically we will collect the following information about you: Address, booking details (including reservation number), Date of arrival and departure, Email address, First name / Last name, First name / Last name of co-guest(s), Payment card type, number and expiration date, Loyalty membership number, Telephone number, Title, passport details, nationality, date of birth, gender, hotel room preferences, special requests, dietary and physical requirements.

When staying at the hotel, we will collect and process your Personal Data on the counter directly from you through the booking form for the purpose of:

1. Registering your arrival and departure at the hotel.
2. Assigning you a key card to your room.
3. Obtaining a credit card guarantee or hotel deposit to ensure payment of your stay.
4. Creating or updating your profile in our hotel management system.
5. Assessing your eligibility for a room upgrade and other benefits and managing this if applicable.
6. Managing the payment of your stay.
7. Administering and facilitating access to Wi-Fi, TV, and other connectivity services (including access to business centre amenities.
8. Performance of the contract such as establishing, printing, or sending an invoice for your stay.
9. Complying with local legal requirements to collect a copy of your passport or identity card.

In the event you have booked a room in one of our hotels but do not show up – without canceling – on the date of arrival communicated, we will process your Personal Data for the purposes of (i) canceling your stay and any other reservation you may have made, and (ii) managing, processing, and settling any outstanding payment that may be due.

When you stay in one of our hotels, we endeavour to make your stay as pleasant as possible. This requires processing your Personal Data for the purposes of providing specific services during your hotel stay. These services include housekeeping and maintenance, returning lost or forgotten items to you, food and beverage services, spa, health clubs, event booking, free Wi-Fi, childcare, sign up for a newsletter, equipment rental, and other activities available at our properties. In the event you make use of additional services or facilities at one of our hotels, your Personal Data may be processed. We also use a third-party software, platforms, and service providers in connection with a booking or providing these services, and such third parties will process your Personal Data in connection with these services.

JA Resorts & Hotels is pleased to extend the opportunity to you to join our chosen loyalty program, ‘Discovery’ by Global Hotel Alliance, which is operated through a third-party provider, GHA Loyalty DMCC, and its parent company GHA Services SA (together “GHA”). If you choose to sign up for the Discovery loyalty program at one of our hotels during your stay or when using any of our other services, then in doing so you will be consenting to the collection of your personal information by us on behalf of GHA. For more information about the Discovery loyalty program and GHA, including its privacy policy and applicable terms and conditions, you can visit www.discoveryloyalty.com

JA Resorts & Hotels is pleased to extend the opportunity to you to join our F&B loyalty program, “E+ or eliteclub”, which is operated through a third-party provider, Plan B Solutions DMCC. If you choose to sign up for the E+ loyalty program at one of our hotels during your stay or when using any of our other services, then in doing so you will be consenting to the collection of your personal information by us on behalf of Plan B Solutions DMCC. For more information about the E+ loyalty program and eliteclub, including its privacy policy and applicable terms and conditions, you can visit eliteclub Mobile Application and the website store.eliteclub.global

If you are a guest or user of our Marina or sports facilities, we use a Marina Management software system called Harbour Assist owned by a third-party company Viking Systems Limited to store and manage the data and records of JA Marina users. Viking Systems Limited is based in the UK and uses servers situated in Ireland. Appropriate measures and systems are in place to protect and maintain the confidentiality and security of the Personal Data held and to comply with applicable data protection laws and regulations. For more information about Harbour Assist and Viking Systems Limited, including its privacy policy, you can visit their website https://harbourassist.com/ and https://harbourassist.com/privacy-policy/

If you have explicitly consented to receive our newsletters or marketing communications, we may, from time to time, contact you with information about our services and latest offers and process your Personal Data for this purpose. We carry out the following marketing activities using the personal information of the data subjects:

• Email Marketing
• Online Personalized Advertising
• Social Media Marketing
• SMS Marketing

We may process your Personal Data obtained through social media platforms (including Facebook, Instagram, LinkedIn, and Twitter) or online reviews, concerning our Hospitality brands for the purposes of (i) addressing your questions or complaints and (ii) monitoring our online reputation and (iii) improving our services and identifying opportunities on which we can focus. We also use third-party software, platforms, and service providers in connection with these services, and such third parties will process your Personal Data in connection with these services.

If you no longer want to receive our newsletters or marketing emails, please let us know by contacting dataprotection@jaresorts.com.

There are several activities associated with this purpose, such as: ensuring the security of on-site services; responding to, handling, and documenting on-site accidents and medical and other emergencies (including facilitating in-house doctor services); requesting assistance from emergency services, and sending notifications and alerts in the event of incidents or emergencies. JARH ensures the legal basis e.g., the performance of the contract such as ensuring the safety of guests and personnel through interactions with on-site security personnel. Legitimate interests, such as monitoring properties through CCTV to ensure the safety of guests and personnel, Legal obligations, such as documenting on-site accidents, and Individuals’ vital interests, such as contacting medical or emergency services for an ill guest.

Under certain circumstances, Data Protection Law grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions in relation to your Personal Data. These rights may be limited, for example, if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information that we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request via email at dataprotection@jaresorts.com

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.

As the sending of information via the internet is not totally secure, we cannot guarantee the security of the data that you choose to send to us electronically, and sending such information is at your own risk. You should avoid sending payment card numbers or other sensitive data to us via email. Our reservations team will only ask for payment card details via a secure payment link.

When you provide information, you accept and agree that it may be necessary for us to transfer it to other locations outside of the United Arab Emirates. Where we use certain service providers, we may use specific contract terms to provide suitable protection measures which enable the enforcement of the Data Subject’s rights. In doing so we will take all reasonable steps to ensure your Personal Data is transferred and stored securely.

We may disclose your personal information in accordance with this Privacy Policy Statement and as follows:

• As necessary for the purposes of performing any service which you have requested (including to third-party providers of products and services available at our properties.
• To group companies or affiliates of JA Resorts & Hotels.
• To our guest connect booking engine provider in connection with your booking or purchase and to other third parties providing products or services to us or on our behalf for them to perform such services (including payment card providers and companies providing information technology tools or services).
• As required by any legal, regulatory, or governmental body, or as required for any legal purpose or process, including to our legal advisers and insurance providers, compliance with laws or similar, or in seeking to detect or prevent fraud and other crimes.
• In addition, we may collect non-personal information relating to your visit or activities which do not individually identify you. We may disclose, aggregate with other information, transfer, or otherwise use this data to help us better understand and improve our website or our products and services
• In certain circumstances, courts, law enforcement agencies, regulatory agencies, or security authorities in those other countries may be entitled to access your Personal Data.
• Some of the countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here). The JARH enters Standard Contractual Clauses or another approved mechanism for cross-border transfer where appropriate.

We will not otherwise disclose your personal information to another party without your prior consent

We hold your personal information in accordance with our Data Retention policies. Generally, we do not keep personal information for longer than is necessary for the purposes for which it was collected or to fulfill legal obligations. We will retain Personal Data for a reasonable period, considering legitimate business needs to capture and retain such information. Information will also be retained for a period necessary to comply with local laws and federal regulations, or country-specific regulations and requirements.

Details of retention periods for different aspects of your Personal Data are available on request from us by contacting us.

We may also collect “Other Data” that generally do not reveal your specific identity or do not directly relate to an identified individual. we will treat Other Data as Personal Data. Other Data include your browser or device, your use of Apps, Cookies or similar technologies that enable a website to keep track of a user’s site preferences, activities, and internet usage. This includes information about your visits to our website and visiting patterns.

We also use cookies to recognize you whenever you visit our website, which helps to speed up your access and makes your online experience more efficient.

Typically, information collected is statistical and does not personally identify you, although we may obtain information about your computer or another electronic device, such as your IP address, browser, and other internet log information. Personal Data will only be collected where you voluntarily provide it. We suggest changing the DNT settings in your browser. You can also manage your cookie settings on our website. Please refer to our Cookie Policy for further details https://www.jaresortshotels.com/corporate/cookies-policy. We collect data from pixel tags (also known as web beacons and clear GIFs), which are used with some Online Services, Analytics you can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, We collect your IP address, We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services.

If you leave JA Resorts & Hotels’ website via a link to a third-party website, we are not responsible for the content or policies of those other websites and we encourage you to review the privacy policies or policies published thereon.

The wifi internet service available for use by guests and patrons at JA Resorts & Hotels properties is provided by a third-party internet service provider and is subject to their terms of use and policies, which are accessible via the sign-in page.

Any revision in this Privacy Policy is at the discretion of JA Resorts & Hotels to make sure it complies with the applicable law and conforms to changes in our business. We may need to update this Privacy Policy, and we reserve the right to do so at any time.