This Privacy Policy explains how Oceanic Khorfakkan Resort & Spa (“we,” “our,” or “us”) collects, uses, discloses, and protects your personal information when you make reservations through our direct booking engine at bookings.oceanichotel.com (“Website”).

By using our Website, you agree to the terms of this Privacy Policy. If you do not agree, please discontinue use of our services.

1. Information We Collect

We may collect the following types of information when you interact with our Website:

• Personal Identification: Name, email address, phone number, mailing address, nationality.
• Booking Details: Stay dates, number of guests, room preferences, special requests.
• Payment Information: Credit/debit card details and billing address (processed securely through our payment providers).
• Technical Data: IP address, browser type, device information, operating system, cookies, and browsing activity.

2. How We Use Your Information

We use your personal data to:

• Process and confirm your booking.
• Communicate with you about your reservation.
• Provide customer support.
• Process secure payments.
• Improve Website functionality and security.
• Comply with legal obligations.
• Send marketing communications (with your consent).

3. Sharing of Information

We do not sell your personal information. We may share it only with:

• Service Providers: Payment processors, booking system providers, IT and hosting services.
• Legal Authorities: If required by law, regulation, or court order.
• Business Transactions: In the event of a merger, acquisition, or sale of assets.

4. Cookies & Tracking Technologies

Our Website uses cookies to:

• Enable core booking functionality.
• Save your booking preferences.
• Analyze traffic and improve performance.
You can manage or disable cookies through your browser settings.

5. Data Retention

We keep your personal data only as long as needed to fulfill the purposes in this Privacy Policy, unless longer retention is required by law.

6. Data Security

We use reasonable technical and organizational measures to protect your data. However, no system is completely secure, and we cannot guarantee absolute protection.

7. Your Rights

General Rights

You may request access, correction, deletion, restriction, or transfer of your personal data. You may also object to our use of your data or withdraw consent (where applicable).

If you are located in the European Union or European Economic Area, you have the following rights under the

General Data Protection Regulation (GDPR):

• Right of Access
• Right to Rectification
• Right to Erasure (“Right to be Forgotten”)
• Right to Restrict Processing
• Right to Data Portability
• Right to Object
• Right to Lodge a Complaint

CCPA/CPRA Rights (California Residents)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA) and the

California Privacy Rights Act (CPRA):

• Right to Know
• Right to Delete
• Right to Correct
• Right to Opt-Out of Sale/Sharing (we do not sell personal data)
• Right to Non-Discrimination

8. International Transfers

If you are located outside [insert country], your information may be transferred to and processed in countries with different data protection laws. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) where required.

9. Children’s Privacy

Our services are not intended for children under 12. We do not knowingly collect data from children. If we become aware that we have done so, we will promptly delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last Updated” date.

11. Contact Us

For questions, concerns, or privacy requests, please contact:

Oceanic Khorfakkan Resort & Spa

• Email:
• Phone:
• Address:
If you are an EU/EEA resident, you may also contact our Data Protection Officer (DPO) at: DPO contact