Privacy Policy
Effective Date: January 9, 2026
Last Updated: January 9, 2026
White Pine Manor (“we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit [www.whitepinemanor.com] (the “Site”), interact with us (e.g., by phone, email, SMS), or use our services (collectively, the “Services”).
This Policy is intended for visitors in the United States, the United Kingdom, and the European Economic Area (EEA). Additional disclosures for California residents appear in Notice at Collection (California) below.
If you have questions or would like to exercise your privacy rights, contact us at joann@whitepinemanor.com or by mail: White Pine Manor, 7831 N State Rd 59, Brazil, IN 47834.
1) Information We Collect
We collect information in three primary ways: (A) you provide it to us; (B) we collect it automatically; and (C) we receive it from third parties.
A. Information You Provide
-
Contact & Inquiry Data: name, email, phone number, city/state/country, preferred date(s), guest count, budget, and message content.
-
Booking & Contract Data: event date(s), package selection, add-on services, floor plans, seating charts, vendor lists, timelines, and contract signatures.
-
Payment & Billing Data: billing address and limited payment details (note: we use third-party processors to handle full card data; we do not store complete card numbers).
-
Photos/Testimonials: photos you submit or consent to share, testimonials/reviews, and social media handles (if you provide them).
-
Job Applicant Data (if applicable): résumé/CV, cover letter, work history, references.
-
SMS/Email Preferences: opt-ins, consents, and message content you send to us.
B. Information Collected Automatically
-
Device/Usage Data: IP address, browser type, ISP, referring/exit pages, date/time stamps, pages viewed, approximate location (country/city), and clickstream.
-
Cookies & Similar Technologies: to remember preferences, analyze traffic, and (if enabled) support marketing/retargeting. See Cookies & Tracking.
C. Information From Third Parties
-
Payment Processors: payment confirmations and limited billing metadata.
-
Analytics/Ad Partners: aggregated audience metrics (e.g., page performance, conversions).
-
Event/Vendor Platforms (if connected): planning updates or vendor interactions you’ve authorized (e.g., CRM or planning portal).
2) How We Use Your Information
We use personal information to:
-
Provide, operate, and improve the Site and Services;
-
Respond to inquiries, schedule tours, prepare proposals, and manage bookings;
-
Draft and execute contracts, process payments, and provide customer support;
-
Coordinate with your selected vendors (e.g., caterers, planners, photographers) per your instructions;
-
Send administrative messages (e.g., confirmations, reminders, updates, policy changes);
-
Send marketing communications (you can opt out anytime);
-
Personalize content and measure performance of our Site and ads;
-
Detect, prevent, and address security or technical issues, fraud, or illegal activity;
-
Comply with legal obligations and enforce our agreements.
Legal Bases (EEA/UK): Our processing is based on consent, contract necessity, legitimate interests (e.g., security, improvements, marketing to customers), and/or legal obligations, as applicable.
3) How We Share Information
We share information with:
-
Service Providers/Processors: website hosting, CRM, email/SMS platforms, payment processors, analytics, ad platforms, document e-signature, and IT/security vendors. These parties process data under instructions and appropriate safeguards.
-
Vendors You Select: per your request, we may share event details with vendors (e.g., caterers, planners, rental companies) to facilitate your event.
-
Legal/Compliance: to comply with law, respond to lawful requests, or protect rights, safety, and property.
-
Business Transfers: in connection with a merger, acquisition, financing, or sale of assets.
We [do not sell or share / may share] personal information for cross-context behavioral advertising. If you are in California, see Notice at Collection (California) for details and your choices.
4) Cookies & Tracking
We use:
-
Essential Cookies: required for core functionality (e.g., security, form submissions).
-
Analytics Cookies: to understand usage and improve performance.
-
Advertising Cookies/Pixels (optional): to measure ads and offer content that may be relevant to you.
You can manage cookies through browser settings. If you disable cookies, some features may not work as intended. Where required, we will request consent for non-essential cookies.
5) Marketing Communications & SMS
With your consent (where required), we may send promotional emails or SMS/MMS regarding tours, open houses, special offers, or planning tips.
-
Email: click “unsubscribe” in our emails or contact us.
-
SMS: reply STOP to opt out; HELP for help. Message & data rates may apply. Frequency varies. We do not sell your SMS opt-in data or share it for third-party marketing.
6) Retention
We keep personal information only as long as necessary to fulfill the purposes described above or as required by law. Typical retention periods:
-
Inquiries (no contract): up to [18–36 months];
-
Contracts/Invoices/Tax Records: up to [7 years] (or as required by law);
-
Marketing Preferences: until you opt out or your consent is withdrawn;
-
Photos/Testimonials: until consent is withdrawn or removal is requested.
7) Your Privacy Rights
Depending on your location, you may have rights to:
-
Access and know the data we hold about you;
-
Correct inaccuracies;
-
Delete your data;
-
Object to or restrict certain processing;
-
Opt out of marketing and (where applicable) targeted advertising/sharing;
-
Data portability;
-
Withdraw consent at any time (processing before withdrawal remains lawful).
To exercise rights, contact [privacy@yourdomain.com]. We may verify your identity and respond within the timeframe required by applicable law. You may authorize an agent to submit requests where permitted.
8) International Transfers (EEA/UK)
We may transfer personal information outside your country, including to the United States. Where required, we use appropriate safeguards such as Standard Contractual Clauses and additional measures as needed. Contact us for copies or more details.
9) Security
We implement reasonable technical and organizational measures to protect personal information (e.g., encryption in transit, access controls). No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
10) Children’s Privacy
Our Site and Services are not directed to children under 13 (or under 16 in certain jurisdictions). We do not knowingly collect personal information from children without appropriate consent. If you believe a child has provided us information, contact us and we will take appropriate steps to delete it.
11) Venue Photos, Video & Testimonials
We may capture or receive photos/videos of events held at our venue. We will not publish identifiable images of you or your guests for marketing without appropriate consent from you (and, where required, from identifiable individuals). You can withdraw consent at any time by contacting [privacy@yourdomain.com]; removal will occur where feasible and lawful (note: existing print materials or third-party reposts may be outside our control).
12) Third-Party Links & Social Media
Our Site may link to third-party websites or services (e.g., Instagram, Facebook, Pinterest). We are not responsible for their privacy practices. Review their privacy policies before providing personal information.
13) Planning Portals & Accounts (if applicable)
If we provide a client portal or planning account:
-
Keep your login credentials confidential.
-
We may log access, changes, and uploads for security and collaboration.
-
You can request account deletion by contacting us; we will retain records as required for legal or accounting purposes.
14) Do Not Track
Some browsers offer “Do Not Track” signals. Our Site does not currently respond to such signals. We adhere to the practices described in this Policy and provide opt-out mechanisms where required.
15) Changes to This Policy
We may update this Policy from time to time. The “Effective Date” above indicates when it was last updated. Material changes will be posted on the Site, and we will obtain consent where required by law.
16) Contact Us
[Venue Name / Legal Entity]
Address: [Street, City, State/Province, Zip/Postal, Country]
Email: [privacy@yourdomain.com]
Phone: [###-###-####]
Notice at Collection (California)
This notice applies to California residents and explains our practices under the California Privacy Rights Act (CPRA).
Categories We Collect & Purposes
| Category | Examples | Purpose of Use | Disclosed to | Sold/Shared for Targeted Ads |
|---|---|---|---|---|
| Identifiers | Name, email, phone, IP address | Provide Services, respond to inquiries, marketing (with consent), security | Service providers; vendors you select; analytics/ad partners (if enabled) | [No / Yes—Shared for ads] |
| Customer Records | Billing address, transaction data | Bookings, billing, contract performance | Payment processors; accounting | [No] |
| Commercial Information | Bookings, packages, preferences | Service delivery, improvements, offers | Service providers; CRM | [No / Yes] |
| Internet/Network Activity | Pages viewed, device data, cookies | Site operation, analytics, security, ads (if enabled) | Analytics/ad partners; hosting | [No / Yes—Shared for ads] |
| Geolocation (approx.) | City/country from IP | Site analytics, fraud prevention | Analytics/hosting | [No / Yes] |
| Audio/Visual (if provided) | Testimonials, photos | Showcasing events (with consent) | Website host, marketing vendors | [No] |
| Inferences (limited) | Likely interests (e.g., venue style) | Personalization, marketing (with consent) | CRM/analytics | [No / Yes] |
| Sensitive PI (typically not collected) | Government IDs; precise geolocation; financial logins | Not collected for routine operations | N/A | No |
Sources: you; your devices; service providers (e.g., payment, analytics); vendors you authorize.
Retention: see Retention above.
Sensitive Personal Information: We do not use or disclose Sensitive PI for inferring characteristics or for purposes not permitted by law.
California Rights
You may have the right to know, access, correct, delete, opt out of sale/sharing, and limit use/disclosure of Sensitive PI. We will not discriminate against you for exercising rights. To submit a request or an opt-out, contact [privacy@yourdomain.com] or use [link to web form]. For opt-out of targeted ads, adjust cookies settings via our Cookie Preferences tool (where available) and your browser/ad settings.
If you authorize an agent, we may require verification and proof of authorization.
EEA/UK Addendum
-
Controller: [Controller Name & Address]
-
DPO/Contact (if applicable): [DPO Name / dpo@yourdomain.com]
-
Legal Bases: consent; contract; legitimate interests; legal obligation.
-
Your Rights: access, rectification, erasure, restriction, portability, objection, and withdrawal of consent.
-
Complaints: You may lodge a complaint with your local Data Protection Authority (e.g., ICO in the UK).
-
International Transfers: safeguarded by Standard Contractual Clauses and supplementary measures as needed.
Optional: On-Premises Visitors & CCTV (if applicable)
If you visit our physical venue, we may operate CCTV for safety and security. Footage is retained for [30–90 days] unless needed for an investigation or legal matter, then securely deleted.
Version Control
-
v[1.0] — [Month Day, Year] — Initial publication.
