Karoo1 Hotel and Village (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

This policy details the types of personal information we collect, how it is used, and the steps we take to ensure your personal information is handled appropriately in accordance with the Protection of Personal Information Act, 2013 (POPIA), South Africa.

Information We Collect

  1. Personal Identification Information: We collect information that can identify you such as your name, email address, phone number, physical address, and payment information. This information is collected through direct interactions when you book a room, make inquiries, or interact with our services.
  2. Usage Data: We gather data about your interactions with our website including the pages you visit, the time spent on those pages, and other diagnostic data to help improve our services.

How We Use Your Information

  1. To Provide and Manage Your Bookings: Your information is used to manage reservations, process payments, and provide customer service.
  2. Communication: We use your information to respond to your inquiries and to send you important information regarding your bookings and our services.
  3. Improvement of Services: We analyze usage data to understand our customers’ needs and to improve our website and services.
  4. Legal Compliance: We may process your information to comply with applicable laws and regulations.

Disclosure of Information

Your personal information may be shared with service providers and other third parties if necessary to fulfill the purposes listed above, in compliance with POPIA guidelines. We ensure these parties respect the security of your data and treat it in accordance with the law.

Security of Your Personal Information

We implement appropriate technical and organizational measures to secure your personal data and protect it against unauthorized or unlawful processing, accidental loss, destruction, or damage.

Your Rights Under POPIA

Under POPIA, you have the right to:

  • Request access to the personal information we hold about you.
  • Request correction of any inaccurate information about you.
  • Request deletion of your personal information when no longer necessary.
  • Object to processing of your personal data.
  • Request restriction of processing your personal information.

Personal and Transactional Data
We collect various types of personal data including your name, email address, personal account preferences, and transactional data such as purchase information. This data is essential for the processing of your bookings, managing your stay at our hotel, and ensuring that we provide the best service possible.

Sensitive Personal Data
We may also collect sensitive personal data concerning health, especially in relation to any specific accommodations you require.

Technical Data
We collect technical data through cookies and other similar technologies to enhance your experience on our website by understanding how you use our services.

Legal Basis and Consent
We collect personal data based on the legal basis of contractual necessity, legal compliance, and where necessary, your consent, which you may withdraw at any time.

Generated Data
Personal data is also generated from technical processes such as contact forms, comments, cookies, analytics, and third-party embeds.


When visitors leave comments on our site or social platforms, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.


If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact Forms

We use contact form plugins to manage contact form submissions. The information is sent as email messages that only a select group of staff can access. We keep contact form submissions for six months for customer service purposes, but we do not use the information submitted through them for marketing purposes.


Our website uses cookies to retain user preferences, store information for things like shopping carts, and provide anonymized tracking data to third party applications like Google Analytics. As a user, you may prefer to disable cookies on this site and on others.


We use Google Analytics to track website usage and activity. Google’s privacy policy is available here. Users can opt-out of Google Analytics tracking using the Google Analytics Opt-out Browser Add-on.

Who We Share Your Data With

We share your data with trusted third-party providers including payment processors and cloud-based services necessary for our operations. We do not share your personal data with anyone unnecessarily or without ensuring that adequate data protection measures are in place.

How Long We Retain Your Data

  • Contact form entries are held for six months.
  • Analytics records are kept for a year.
  • Customer purchase records are retained for ten years to comply with legal requirements.

What Rights You Have Over Your Data

You have the right to request access, corrections, deletion, or restriction of your personal data. You may also have rights to object to processing, port your data, and withdraw consent.

Where Your Data is Sent

Our website is hosted and data is stored within South Africa with adequate safeguards in compliance with local and international standards. Any transfer of data outside of South Africa is carried out in compliance with applicable laws and security standards.

Additional Information

We employ robust security measures including encryption, SSL technology, and comprehensive cybersecurity policies to protect your data.

We have established procedures to handle any potential data breach effectively, including notifying affected individuals and any applicable regulators where we are legally required to do so.

We may receive data about you from third parties such as travel agencies and booking services, which we use to facilitate your bookings.

We do not use your data for any automated decision making or profiling.

Industry Regulatory Disclosure Requirements

As a hospitality provider, we comply with all local regulations and industry standards applicable to our operation and handling of personal data.

Contact Information

If you have any questions or concerns about our use of your personal information, please contact us at:

Email: info@karoo1.com
Address: N1-R318, De Doorns, Touws River 6875 Western Cape, South Africa

Changes to This Policy

We may update this policy from time to time. The latest version will always be posted on our website. We encourage you to review this policy occasionally to stay informed of how we are protecting your information.

This policy was last updated on 2024/05/07.

By using our services, you acknowledge that you have read and understand this Privacy Policy.