Privacy Policy

We're pretty serious about keeping your info safe and sound. Here's the straight talk on how we handle your data at Xenorith Odyssey.

Last Updated: October 27, 2025
Download PDF
Quick Navigation

Overview

Look, we get it - nobody actually enjoys reading these things. But we've tried to make this as painless as possible.

At Xenorith Odyssey, we're committed to protecting your privacy while you're planning your mountain getaway or already enjoying our retreat. This policy spells out what info we collect, why we need it, and what we do with it. We're based in Canada, so we follow all the relevant privacy laws including PIPEDA (that's the Personal Information Protection and Electronic Documents Act, but nobody calls it that).

We don't sell your personal data. Period. We're in the hospitality business, not the data brokerage business. Everything we collect is used to make your stay better and keep our operations running smoothly.

Information We Collect

When you book with us or reach out, here's what we typically gather:

  • Your name (first and last - we need to know who's checking in)
  • Email address (for confirmations and updates)
  • Phone number (in case we need to reach you about your reservation)
  • Home or billing address
  • Date of birth (sometimes required for certain activities or age-restricted services)
  • Government ID or passport details (required for check-in and security purposes)

We collect payment card information to process your bookings and purchases. Important note: we don't store your full credit card numbers on our servers. That stuff goes through encrypted payment processors who specialize in keeping financial data secure. We only keep the last four digits for reference and billing disputes.

  • Credit or debit card details (processed securely through third-party payment gateways)
  • Billing address
  • Transaction history with us

  • Check-in and check-out dates
  • Room type preferences
  • Special requests (like dietary restrictions, accessibility needs, or if you want extra pillows)
  • Spa appointments and wellness program participation
  • Activity bookings (guided hikes, events, etc.)
  • Previous stay history to personalize future visits

When you visit our website, we automatically collect some technical info that helps us improve your browsing experience:

  • IP address and general location data
  • Browser type and version
  • Device information (desktop, mobile, tablet)
  • Pages you visit and how long you stay
  • Referring website (how you found us)
  • Cookies and similar tracking technologies (more on this below)

  • Email correspondence with our team
  • Phone call records (for quality and training purposes)
  • Survey responses and feedback forms
  • Reviews you leave about your experience
  • Newsletter subscription preferences

How We Use Your Information

We're not collecting this stuff just for fun. Here's what we actually do with your info:

Booking Management

Process your reservations, send confirmations, handle modifications or cancellations, and basically make sure you've got a place to stay when you arrive.

Customer Service

Respond to your questions, handle any issues that come up, and generally make sure you're happy with your experience at Xenorith Odyssey.

Payment Processing

Charge your card, issue refunds when needed, and keep records for accounting purposes. Pretty standard stuff.

Personalization

Remember your preferences so we can tailor your experience. If you always request a mountain-view suite on the third floor, we'll try to make that happen.

Marketing Communications

Send you promotions, special offers, and updates about the resort (only if you've opted in - we're not spammers).

Analytics & Improvement

Figure out what's working and what's not, so we can keep improving our services and website experience.

Security & Fraud Prevention

Protect against unauthorized access, fraudulent bookings, and other security threats to keep everyone safe.

Legal Compliance

Meet our legal obligations, respond to lawful requests from authorities, and maintain records as required by law.

When We Share Your Data

We're selective about who gets access to your information. Here's the deal:

Service Providers

We work with trusted third-party companies that help us run the resort - payment processors, booking systems, email services, etc. These folks only get the info they need to do their job, and they're contractually obligated to keep it secure and confidential.

Business Partners

Sometimes we partner with local tour operators, transportation services, or event organizers to enhance your stay. We'll only share what's necessary to coordinate these services, and only with your consent.

Legal Requirements

If we're legally required to disclose your info (like in response to a court order or government request), we'll do so. We'll also share information if necessary to protect our rights, property, or safety, or that of our guests and staff.

Business Transfers

If Xenorith Odyssey is sold or merged with another company, your information would be transferred as part of that transaction. You'd be notified beforehand, of course.

What we DON'T do: We don't sell your personal information to data brokers, advertisers, or random companies. Your data stays with us and our trusted partners, period.

Cookies & Tracking Technologies

Yeah, we use cookies - and not the chocolate chip kind. These are small text files that help our website work better and remember your preferences.

Types of Cookies We Use:
Cookie Type Purpose Duration
Essential Cookies Required for the website to function properly - things like keeping you logged in and remembering what's in your cart. Session or up to 1 year
Performance Cookies Help us understand how visitors use our site so we can improve it. These track things like which pages are most popular. Up to 2 years
Functionality Cookies Remember your preferences (like language settings or display options) to personalize your experience. Up to 1 year
Advertising Cookies Track your browsing to show you relevant ads on other websites. You can opt out of these through your browser settings. Up to 2 years
Managing Cookies

You can control or delete cookies through your browser settings. Keep in mind that blocking certain cookies might affect how well the website works. Most browsers let you refuse cookies entirely or delete them after you close your browser.

Data Security

We take security seriously. Here's how we protect your information:

  • Encryption: All sensitive data is encrypted both in transit (using SSL/TLS) and at rest. That means your info is scrambled when it travels over the internet and when it's stored on our servers.
  • Access Controls: Only authorized staff members can access personal data, and only when they need it to do their jobs. We use role-based access controls and authentication systems.
  • Regular Security Audits: We conduct regular security assessments and vulnerability testing to identify and fix potential weaknesses.
  • Secure Payment Processing: We use PCI-DSS compliant payment processors, which means they meet the highest security standards for handling credit card information.
  • Employee Training: Our team receives regular training on data protection and privacy best practices.
  • Incident Response: We've got procedures in place to respond quickly if there's ever a security breach, including notifying affected individuals as required by law.

Reality check: No system is 100% secure, and we can't guarantee absolute security. But we're constantly working to keep your data as safe as possible using industry-standard practices.