Privacy Policy
Privacy Policy
Applies To: All Ta Shebube Lodges (Rooiputs, Polentswa, Union’s End) and the website www.tashebube.co.bw
1. Introduction
Ta Shebube (Pty) Ltd (“Ta Shebube”, “we”, “our”, “us”) respects and protects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your personal data in accordance with the Botswana Data Protection Act (2025), the EU/UK GDPR, and other international privacy standards (CCPA, PIPEDA, Australian Privacy Act, POPIA, and others). By booking with us, staying at our lodges, or using our website, you agree to the practices described in this policy.
2. Data Controller and Data Protection Officer
Controller: Ta Shebube (Pty) Ltd
Registered Address: P.O. Box 694 ABG, Sebele, Gaborone, Botswana
Email: info@tashebube.co.bw
Data Protection Officer (DPO): The DPO oversees all privacy and compliance matters.
Contact: dpo@tashebube.co.bw
3. Information We Collect
A. Identity and Contact Details
- Full name, ID/passport number, nationality
- Date of birth, gender, contact details (email, phone, address)
B. Booking & Stay Information
- Dates of stay, lodge, room type, payment and billing details
- Preferences, allergies, dietary requirements
- Medical or accessibility information (only when necessary)
C. Online & Technical Data
- IP address, browser, device identifiers
- Cookies and analytics data (see Section 12)
D. Children’s Data
We collect children’s information (e.g., age) only for room allocation, safety, and park regulations. We do not market to children.
4. Purpose and Legal Basis for Processing
| Purpose | Legal Basis |
|---|---|
| Process and manage bookings | Contractual necessity |
| Provide accommodation and safari services | Contractual necessity |
| Comply with park, tax, and national laws | Legal obligation |
| Communicate with guests (pre/post stay) | Legitimate interest / Consent |
| Handle medical or dietary needs | Explicit consent |
| Process payments | Contractual necessity |
| Improve services and security | Legitimate interest |
| Marketing communications | Explicit consent |
| Record-keeping and audit | Legal obligation |
5. Processing of Sensitive / Special Category Data
Sensitive data (medical, disability, health, dietary, biometric, etc.) is collected only with your explicit consent and used solely for safety and guest care purposes. It is encrypted, restricted to authorized staff, and deleted after your stay unless required by law.
6. Data Sharing and Disclosure
We may share data with internal staff, service providers under contract, park/government authorities, and travel partners as necessary. We never sell or rent personal data. All third parties are contractually bound to protect your data and report breaches promptly.
7. International Data Transfers
Your data may be processed or stored outside Botswana. We use adequacy decisions, Standard Contractual Clauses, or explicit consent to ensure lawful protection in all transfers.
8. Data Retention
| Data Type | Retention Period |
|---|---|
| Guest booking records | 5 years from stay date |
| Financial & tax records | 7 years |
| Marketing communications | Until consent withdrawn |
| Sensitive health/accessibility data | Deleted within 30 days post-stay |
9. Data Security
We use encryption, access controls, secure backups, staff training, and regular audits to protect all personal information from unauthorized access, alteration, or disclosure.
10. Data Breach Response
In the event of a personal data breach, we will contain and assess it immediately, notify the Information and Data Protection Commission (IDPC) within 72 hours if risk is likely, and inform affected individuals without undue delay.
11. Your Rights
- Access, correct, erase, restrict, or object to processing
- Data portability where applicable
- Withdraw consent at any time
- Lodge a complaint with the relevant authority
Botswana Regulator: Information and Data Protection Commission (IDPC) – info@idpc.gov.bw
12. Cookies and Tracking Technologies
| Type | Purpose |
|---|---|
| Essential cookies | Core website functionality |
| Analytics cookies | Understand visitor usage |
| Preference cookies | Remember language and preferences |
| Marketing cookies | Used only with consent |
13. Automated Decision-Making and Profiling
We do not use automated decision-making that produces legal or significant effects. Any personalization or marketing profiling can be opted out of or reviewed manually upon request.
14. Children’s Privacy
We do not knowingly collect information from anyone under 18 without parental consent. Parents or guardians may contact info@tashebube.co.bw to review or delete a child’s data.
15. Cross-Jurisdiction Compliance
We comply with all major global privacy frameworks including Botswana DPA 2025, GDPR, CCPA/CPRA, PIPEDA, Australia Privacy Act, South Africa POPIA, and APEC standards. Where local law provides stronger rights, those rights apply.
16. Privacy Impact Assessments
We conduct Data Protection Impact Assessments (DPIAs) for any high-risk or large-scale processing involving sensitive data.
17. Accountability and Record-Keeping
We maintain logs and documentation of processing activities, lawful bases, third-party processors, and security controls. Regular audits verify compliance and continual improvement.
18. Complaints and Redress
If you believe your personal data has been mishandled, please contact our DPO at dpo@tashebube.co.bw. You may also contact the Information and Data Protection Commission or your local authority. We commit to resolving all verified complaints promptly.
19. Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be posted on our website and communicated as required by law.
20. Contact Information
Ta Shebube (Pty) Ltd
P.O. Box 694 ABG, Sebele, Gaborone, Botswana
Tel: +267 316 1696 | Mobile: +267 7827 2000
Email: info@tashebube.co.bw
Website: www.tashebube.co.bw
