Privacy Policy

Last updated: January 1, 2025

Hermiston Inn & Suites ("we," "us," or "our") is the data controller for personal information collected through this website and during your stay. Your privacy is important to us. This policy explains what information we collect, why we collect it, how we use it, and what rights you have regarding your data.

By visiting this website, making a reservation, or staying with us, you acknowledge that you have read and agree to this Privacy Policy. You may browse our website without providing personal information; however, certain features — such as reservations and contact forms — require you to provide information directly.

We take care of your personal data and are committed to guaranteeing its confidentiality and security. We process only the minimum data necessary to operate our business and serve you well.

1. Information We Collect

We collect information in two ways: information you provide to us directly, and information collected automatically when you use our website.

Information you provide:

• Name, mailing address, email address, and phone number
• Payment card details (processed securely through our payment processor)
• Reservation details including dates, room preferences, and special requests
• Messages or inquiries submitted through our contact form
• Feedback, reviews, or survey responses you choose to share

Information collected automatically:

• IP address, browser type and version, and operating system
• Device identifiers and time zone settings
• Pages visited, time spent on pages, referring URLs, and click patterns
• Cookies and similar tracking technologies (see Section 5)

Automatically collected data is used to identify potential misuse and generate aggregated usage statistics. It does not, on its own, identify you as an individual.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Reservation fulfillment: Confirming, managing, and processing your booking and payment
• Guest services: Providing hospitality and accommodations during your stay
• Communications: Sending booking confirmations, pre-arrival information, receipts, and responses to your inquiries
• Marketing (with consent): Sending promotional offers or newsletters — you may opt out at any time
• Security and fraud prevention: Protecting the safety of guests, staff, and property
• Legal compliance: Meeting applicable tax, accounting, and regulatory obligations
• Service improvement: Analyzing usage patterns to improve our website and guest experience

3. Sharing Your Information

We do not sell or rent your personal information to third parties. We share information only in these limited circumstances:

• Service providers: Trusted vendors who help operate our business, including our property management system (Mews), payment processors, and website hosting providers. All are contractually required to protect your data and may not use it for any other purpose.
• Booking platforms: If your reservation originated through a third-party booking site, that platform may share your data with us subject to their own privacy policy.
• Legal requirements: When required by law, subpoena, or court order, or when necessary to protect the rights, safety, and property of guests, staff, or the hotel.
• Emergency situations: When disclosure is necessary to prevent harm to guests, staff, or the property.
• Business transfers: In the event of a sale, merger, or acquisition of the hotel, guest information may be transferred as part of that transaction. You will be notified of any such change.

All third parties who receive your data are required to maintain its confidentiality and security.

4. Data Security

We secure your information on computer servers in a controlled, secure environment protected from unauthorized access, use, or disclosure. We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information from loss, misuse, unauthorized access, disclosure, alteration, and destruction.

Payment information is handled through PCI-DSS-compliant processors — we do not store full payment card numbers on our systems. No method of transmission over the internet is completely secure, and we cannot guarantee absolute security; however, we use industry-standard practices and promptly address any suspected breach.

5. Cookies & Tracking Technologies

Our website uses cookies — small text files stored on your device — to enhance your experience. We use them to:

• Keep the booking engine and website functioning correctly
• Remember your preferences across visits
• Analyze website traffic and usage patterns through aggregated, anonymized data

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the booking engine and certain website features. We do not use cookies to sell your data or serve third-party advertising.

6. Data Retention

We retain personal information only as long as necessary to fulfill the purposes described in this policy and to comply with our legal obligations. In practice:

• Reservation and payment records are retained for up to seven years for tax and accounting purposes
• Marketing preferences and contact records are retained until you opt out or request deletion
• Automatically collected website data is typically retained in aggregated form only

When data is no longer needed, it is securely deleted or anonymized.

7. Your Rights

Depending on where you live, you may have specific rights regarding your personal information. We honor these rights regardless of your location.

All guests have the right to:

• Access: Request a copy of the personal information we hold about you
• Correction: Request that inaccurate information be corrected
• Deletion: Request that your personal information be deleted, subject to legal retention obligations
• Opt-out: Unsubscribe from marketing communications at any time by contacting us or using the unsubscribe link in any email we send

European residents (GDPR) additionally have the right to:

• Restrict how we process your data
• Receive your data in a portable, machine-readable format
• Object to processing based on legitimate interests
• Not be subject to solely automated decision-making
• Lodge a complaint with a supervisory authority in your country

Please note that your information may be transferred outside of Europe, including to Canada and the United States, where it is subject to applicable U.S. law.

California residents (CCPA/CPRA) additionally have the right to:

• Know what categories of personal information we collect and why
• Know whether your personal information is sold or disclosed, and to whom (we do not sell it)
• Opt out of the sale of personal information (not applicable — we do not sell data)
• Non-discrimination for exercising any of these rights

To exercise any of these rights, contact us at admin@hermistoninn.com. We will respond within 30 days.

8. Children's Privacy

Our website is not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately so we can delete it.

9. Third-Party Links

Our website may contain links to third-party websites, including booking platforms and mapping services. We are not responsible for the privacy practices of those sites. We encourage you to review their privacy policies independently before providing any personal information.

10. Legal Disclosure

We may disclose your personal information when required to do so by law — including in response to a subpoena, court order, or government request — or when we believe disclosure is necessary to protect the rights, safety, or property of guests, staff, or the hotel, or to investigate suspected fraud.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we do, we will revise the "last updated" date at the top of this page. Continued use of our website or services after any changes constitutes your acceptance of the updated policy. For material changes, we will make reasonable efforts to notify you.

12. Contact Us

For privacy-related requests — including accessing, correcting, or deleting your data — please contact us:

• Hermiston Inn & Suites
• 655 N 1st St, Hermiston, OR 97838
• Phone: (541) 567-7777
• General inquiries: info@hermistoninn.com
• Privacy requests: admin@hermistoninn.com
• Lobby open 24/7