Sunny Atlantic Beach Club
Information we collect
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.
How we use your information
We use the information we collect in various ways, including to:
- Provide, operate, and maintain our website
- Secure memberships and information for members
- Improve, personalize, and expand our website
- Understand and analyze how you use our website
- Develop new products, services, features, and functionality
- Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
- Send you emails
- Find and prevent fraud
sunnyatlantic follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Consumer Data and Privacy on Online Platforms
“Consumer Data and Privacy on Online Platforms,” New York Privacy Act, SB S5642 (the Act). The Act was introduced in May and seeks to regulate the storage, use, disclosure, and sale of consumer personal data by entities that conduct business in New York State or produce products or services that are intentionally targeted to residents of New York State.
- Fiduciary Duty. Most notably, the Act requires that legal entities “shall act in the best interests of the consumer, without regard to the interests of the entity, controller or data broker, in a manner expected by a reasonable consumer under the circumstances.” Specifically, the Act states that personal data of consumers “shall not be used, processed or transferred to a third party, unless the consumer provides express and documented consent.” The Act imposes a duty of care on every legal entity, or affiliate of a legal entity, with respect to securing consumer personal data against privacy risk and requires prompt disclosure of any unauthorized access. Moreover, the Act requires that legal entities enter into a contract with third parties imposing the same duty of care for consumer personal data prior disclosing, selling, or sharing the data with that party.
- Consumer Rights. The Act requires covered entities to provide consumers notice of their rights under the Act and provide consumers with the opportunity to opt-in or opt-out of the “processing of their personal data” using a method where the consumer must clearly select and indicate their consent or denial. Upon request, and without undue delay, covered entities are required to correct inaccurate personal data or delete personal data.
- Transparency. The Act requires covered entities to make a “clear, meaningful privacy notice” that is “in a form that is reasonably accessible to consumers,” which should include: the categories of personal data to be collected; the purpose for which the data is used and disclosed to third parties; the rights of the consumer under the Act; the categories of data shared with third parties; and the names of third parties with whom the entity shares data. If the entity sells personal data or processes data for direct marketing purposes, it must disclose the processing, as well as the manner in which a consumer may object to the processing.
- Enforcement. The Act defines violations as an unfair or deceptive act in trade or commerce, as well as, an unfair method of competition. The Act allows for the attorney general to bring an action for violations and also prescribes a private right of action on any harmed individual. Covered entities are subject to injunction and liable for damages and civil penalties.
GDPR Data Protection Rights
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.