As a global organization, JA Resorts & Hotels’, (JARH) commitment to service includes respecting and protecting the privacy of our website users, partners, and guests. Our policies and practices are explained here. References to JA Resorts & Hotels, we, us, our or similar mean JA Resorts & Hotels LLC, a limited liability company organized and existing under the laws of Dubai, United Arab Emirates, together with its subsidiaries, branches, and sister companies (and their respective owners, operators, officers, managers, and employees).
This Privacy Statement is provided in accordance with the requirements of the UAE Personal Data Protection Law, Federal Decree-Law No. 45 of 2021 and the General Data Protection Regulation ((EU) 2016/679) (GDPR), and any other Data Protection laws implementing the same principles (Data Protection Law).
JARH values you as a visitor or guest to our website or facilities and recognizes that privacy is important to you, we respect your privacy and are committed to protecting your Personal Data. This Privacy Statement will inform you as to how we look after your Personal Data, and how we collect, use, and disclose your Personal Data
Please also note that this Privacy Statement only applies to the use of your Personal Data provided or obtained by us directly. This policy does not apply to, and we are not responsible for, personal information collected during your communications with third parties. In the event, you share information with third parties you can visit their website or connect to them directly about the terms of their data protection policy.
Please note that our website is not intended for children and minors, and we do not knowingly solicit or collect Personal Data from anyone under the age of 18, other than from a parent or legal guardian with consent. As a parent or legal guardian, please do not allow your children to submit Personal Data without your permission.
This Privacy Statement applies globally but depending on where you live there may be local variations to comply with local legislation. You can contact the JA Data Protection Manager should you have any queries.
If you have any queries concerning your Personal Data or about this Privacy Statement or want to exercise your rights set out in this Privacy Statement, you can fill out the Data Subject Request form. Please contact us by sending an email to dataprotection@jaresorts.com or by post at the following address to the attention of the JA Data Protection Manager.
Compliance and Data Protection
JA Resorts & Hotels
Dutco House, 10 floors, PO Box 233
Dubai, United Arab Emirates
Alternatively, if you are located in the EEA or the United Kingdom and have questions about your Personal Data or would like to make any request in relation to it, you may contact our representative at:
For the EU Representative: You can contact them by post at
Taylor Vinters Europe Limited, Clifton House, Fitzwilliam Street Lower, Dublin, D02 XT91, Ireland
or by email at representative@taylorvinters.com.
For the UK Representative: You can contact them by post at
Taylor Vinters trading name of Mishcon de Reya LLP, Africa House, 70 Kingsway, London, WC2B 6AH,
or by email at representative@taylorvinters.com
Throughout your guest journey, we, or service providers acting on our behalf, collect Personal Data in accordance with the law, and to serve you better. Personal Data is information that may identify you as an individual. Types of Personal Data are described in more detail below under the heading Data Categories.
We (and our service providers) use your Personal Data for legitimate business interests including the following:
Each time our website is accessed, our system automatically collects data and information from the computer system. This is e.g. information like
The purpose of using reCAPTCHA is to prevent spam/abuse and that the Data is transferred to Google’s servers. Google’s privacy policy. or https://policies.google.com/privacy https://policies.google.com/technologies/cookies
We primarily use Personal Data to perform the contract between us or with your travel provider, including to provide you with services, and to comply with local legal requirements. JARH will also process your Personal Data for different purposes. These processing activities may be for more than one lawful ground depending on the specific purpose for which we are using your data. Personal data is processed both manually and electronically in accordance with these purposes and in compliance with Data Protection Law. We permit only authorized employees and third-party providers to have access to your information. Such employees and third-party providers are appropriately designated and authorized to process data only according to the applicable contract terms or the instructions we provide them.
In the context of the hotel booking process, whether this takes place online on our website, through an online booking channel, via a travel agent or tour operator, through our call centre, or directly at the hotel – we process your Personal Data for the purpose of (i) enabling you to reserve a room in the hotel of your choice (ii) verifying the availability of the hotel and to administer the booking (iii) sending you a booking confirmation and (iv) sending you pre-arrival emails. You may unsubscribe from pre-arrival emails at any time by clicking on the unsubscribe link in the emails sent to you.
Processing is necessary to take steps to enter and perform a contract.
Typically we will collect the following information about you: Address, booking details (including reservation number), Date of arrival and departure, Email address, First name / Last name, First name / Last name of co-guest(s), Payment card type, number and expiration date, Loyalty membership number, Telephone number, Title, passport details, nationality, date of birth, gender, hotel room preferences, special requests, dietary and physical requirements.
When staying at the hotel, we will collect and process your Personal Data on the counter directly from you through the booking form for the purpose of:
In the event you have booked a room in one of our hotels but do not show up – without canceling – on the date of arrival communicated, we will process your Personal Data for the purposes of (i) canceling your stay and any other reservation you may have made, and (ii) managing, processing, and settling any outstanding payment that may be due.
When you stay in one of our hotels, we endeavour to make your stay as pleasant as possible. This requires processing your Personal Data for the purposes of providing specific services during your hotel stay. These services include housekeeping and maintenance, returning lost or forgotten items to you, food and beverage services, spa, health clubs, event booking, free Wi-Fi, childcare, sign up for a newsletter, equipment rental, and other activities available at our properties. In the event you make use of additional services or facilities at one of our hotels, your Personal Data may be processed. We also use a third-party software, platforms, and service providers in connection with a booking or providing these services, and such third parties will process your Personal Data in connection with these services.
JA Resorts & Hotels is pleased to extend the opportunity to you to join our chosen loyalty program, ‘Discovery’ by Global Hotel Alliance, which is operated through a third-party provider, GHA Loyalty DMCC, and its parent company GHA Services SA (together “GHA”). If you choose to sign up for the Discovery loyalty program at one of our hotels during your stay or when using any of our other services, then in doing so you will be consenting to the collection of your personal information by us on behalf of GHA. For more information about the Discovery loyalty program and GHA, including its privacy policy and applicable terms and conditions, you can visit www.discoveryloyalty.com
JA Resorts & Hotels is pleased to extend the opportunity to you to join our F&B loyalty program, “E+ or eliteclub”, which is operated through a third-party provider, Plan B Solutions DMCC. If you choose to sign up for the E+ loyalty program at one of our hotels during your stay or when using any of our other services, then in doing so you will be consenting to the collection of your personal information by us on behalf of Plan B Solutions DMCC. For more information about the E+ loyalty program and eliteclub, including its privacy policy and applicable terms and conditions, you can visit eliteclub Mobile Application and the website store.eliteclub.global
If you are a guest or user of our Marina or sports facilities, we use a Marina Management software system called Harbour Assist owned by a third-party company Viking Systems Limited to store and manage the data and records of JA Marina users. Viking Systems Limited is based in the UK and uses servers situated in Ireland. Appropriate measures and systems are in place to protect and maintain the confidentiality and security of the Personal Data held and to comply with applicable data protection laws and regulations. For more information about Harbour Assist and Viking Systems Limited, including its privacy policy, you can visit their website https://harbourassist.com/ and https://harbourassist.com/privacy-policy/
If you have explicitly consented to receive our newsletters or marketing communications, we may, from time to time, contact you with information about our services and latest offers and process your Personal Data for this purpose. We carry out the following marketing activities using the personal information of the data subjects:
We may process your Personal Data obtained through social media platforms (including Facebook, Instagram, LinkedIn, and Twitter) or online reviews, concerning our Hospitality brands for the purposes of (i) addressing your questions or complaints and (ii) monitoring our online reputation and (iii) improving our services and identifying opportunities on which we can focus. We also use third-party software, platforms, and service providers in connection with these services, and such third parties will process your Personal Data in connection with these services.
If you no longer want to receive our newsletters or marketing emails, please let us know by contacting dataprotection@jaresorts.com.
There are several activities associated with this purpose, such as: ensuring the security of on-site services; responding to, handling, and documenting on-site accidents and medical and other emergencies (including facilitating in-house doctor services); requesting assistance from emergency services, and sending notifications and alerts in the event of incidents or emergencies. JARH ensures the legal basis e.g., the performance of the contract such as ensuring the safety of guests and personnel through interactions with on-site security personnel. Legitimate interests, such as monitoring properties through CCTV to ensure the safety of guests and personnel, Legal obligations, such as documenting on-site accidents, and Individuals’ vital interests, such as contacting medical or emergency services for an ill guest.
Under certain circumstances, Data Protection Law grants specific rights, summarized below, which you can in principle exercise free of charge, subject to statutory exceptions in relation to your Personal Data. These rights may be limited, for example, if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information that we are required by law to keep or have compelling legitimate interests in keeping. To exercise any of your rights, you can file a request via email at dataprotection@jaresorts.com
Request access to your Personal Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Data we hold about you and to check how we are processing it.
This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
This request enables you to ask us to delete or remove Personal Data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing.
Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
You may object to processing your Personal Data where we are relying on a legitimate interest (or those of a third party). You also have the right to object to where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
You may ask us to restrict the processing of your Personal Data when you contest the accuracy of Personal Data. In such an event, we will restrict the processing until we can verify the accuracy of your data.
You may request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
If we rely on your consent (or explicit consent) as our legal basis for processing your Personal Data, you have the right to withdraw that consent at any time.
We try to respond to all legitimate requests within one month or within the timeframe specified by the applicable Data Protection Law. If your request is particularly complex it could take us longer than a month.
You can exercise these rights by contacting Data Protection Manager or by using the online form, DSR FORM.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
As the sending of information via the internet is not totally secure, we cannot guarantee the security of the data that you choose to send to us electronically, and sending such information is at your own risk. You should avoid sending payment card numbers or other sensitive data to us via email. Our reservations team will only ask for payment card details via a secure payment link.
When you provide information, you accept and agree that it may be necessary for us to transfer it to other locations outside of the United Arab Emirates. Where we use certain service providers, we may use specific contract terms to provide suitable protection measures which enable the enforcement of the Data Subject’s rights. In doing so we will take all reasonable steps to ensure your Personal Data is transferred and stored securely.
We may disclose your personal information in accordance with this Privacy Policy Statement and as follows:
We will not otherwise disclose your personal information to another party without your prior consent
We hold your personal information in accordance with our Data Retention policies. Generally, we do not keep personal information for longer than is necessary for the purposes for which it was collected or to fulfill legal obligations. We will retain Personal Data for a reasonable period, considering legitimate business needs to capture and retain such information. Information will also be retained for a period necessary to comply with local laws and federal regulations, or country-specific regulations and requirements.
Details of retention periods for different aspects of your Personal Data are available on request from us by contacting us.
We may also collect “Other Data” that generally do not reveal your specific identity or do not directly relate to an identified individual. we will treat Other Data as Personal Data. Other Data include your browser or device, your use of Apps, Cookies or similar technologies that enable a website to keep track of a user’s site preferences, activities, and internet usage. This includes information about your visits to our website and visiting patterns.
We also use cookies to recognize you whenever you visit our website, which helps to speed up your access and makes your online experience more efficient.
Typically, information collected is statistical and does not personally identify you, although we may obtain information about your computer or another electronic device, such as your IP address, browser, and other internet log information. Personal Data will only be collected where you voluntarily provide it. We suggest changing the DNT settings in your browser. You can also manage your cookie settings on our website. Please refer to our Cookie Policy for further details https://www.jaresortshotels.com/corporate/cookies-policy. We collect data from pixel tags (also known as web beacons and clear GIFs), which are used with some Online Services, Analytics you can learn about Google’s practices by going to www.google.com/policies/privacy/partners/, We collect your IP address, We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services.
If you leave JA Resorts & Hotels’ website via a link to a third-party website, we are not responsible for the content or policies of those other websites and we encourage you to review the privacy policies or policies published thereon.
The wifi internet service available for use by guests and patrons at JA Resorts & Hotels properties is provided by a third-party internet service provider and is subject to their terms of use and policies, which are accessible via the sign-in page.
Any revision in this Privacy Policy is at the discretion of JA Resorts & Hotels to make sure it complies with the applicable law and conforms to changes in our business. We may need to update this Privacy Policy, and we reserve the right to do so at any time.