Privacy Policy

Last Updated: March 31, 2026

The Rosarium Estate, operated by Rose & Thorn Studios (“we,” “us,” or “our”), respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at musiccityluxurygetaway.com or interact with our services.

1. Information We Collect

We may collect the following categories of information when you use our website or book a stay at The Rosarium Estate:

Personal Information

Full name, email address, phone number
Mailing address and billing address
Date of birth (for age verification)
Government-issued ID (for check-in verification)

Booking & Payment Data

Reservation dates, package selection, guest count
Payment card details (processed securely by Stripe)
Special requests, dietary preferences, accessibility needs
Deposit and refund transaction records

Usage & Device Data

IP address, browser type, operating system
Pages visited, time spent, referral source
Device identifiers and screen resolution
Interaction data (clicks, scrolls, form submissions)

Communications

Emails, SMS messages, and phone call records
Inquiry and support correspondence
Feedback, reviews, and survey responses

2. How We Use Your Information

We use the information we collect for the following purposes:

Bookings & Reservations: To process, confirm, and manage your stay, including payment processing, availability coordination, and guest communication.
Guest Experience: To personalize your stay, fulfill special requests, coordinate concierge services, and provide studio access.
Communication: To send booking confirmations, pre-arrival information, check-in instructions, and post-stay follow-ups.
Marketing: To send promotional offers, newsletters, and updates about The Rosarium Estate (only with your consent; you may opt out at any time).
Analytics & Improvement: To analyze website usage patterns, improve our services, and optimize the user experience.
Legal Compliance: To comply with applicable laws, regulations, and legal processes.

3. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience and gather analytical data. The following services are active on our site:

Google Analytics 4 (GA4): Tracks website traffic, user behavior, and conversion events to help us understand how visitors interact with our site.
Google Tag Manager (GTM): Manages and deploys marketing and analytics tags without modifying site code directly.
Meta Pixel (Facebook): Tracks conversions from Meta ads, builds targeted audiences, and enables remarketing campaigns.
Microsoft Clarity: Records anonymized user sessions (heatmaps and session replays) to identify UX improvements.

You can manage cookie preferences through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. Note that disabling cookies may affect certain website functionality.

4. Third-Party Services

We share information with the following trusted third-party service providers, solely to operate our business and deliver our services:

Stripe: Secure payment processing for deposits, bookings, and security holds. Stripe is PCI DSS Level 1 compliant. We never store your full credit card number on our servers.
Twilio: SMS and voice communication for booking confirmations, reminders, and guest support.
GoHighLevel: Customer relationship management (CRM) for managing guest communications, follow-ups, and marketing automation.

These providers are contractually obligated to protect your data and use it only for the purposes we specify. We do not sell your personal information to third parties.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Specifically:

Booking records: Retained for 7 years for tax and legal compliance.
Payment data: Processed and stored by Stripe per their retention policies; we retain transaction references only.
Marketing data: Retained until you unsubscribe or request deletion.
Analytics data: Aggregated and anonymized data may be retained indefinitely for trend analysis.

6. Your Rights

You have the following rights regarding your personal information:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data, subject to legal retention requirements.
Opt-Out: Unsubscribe from marketing communications at any time by clicking the unsubscribe link in any email or contacting us directly.
Data Portability: Request your data in a structured, commonly used format.

To exercise any of these rights, contact us at [CONTACT EMAIL] or call [PHONE]. We will respond to verified requests within 30 days.

7. Children's Privacy

The Rosarium Estate is an adult-oriented luxury property. Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have inadvertently collected data from a minor, we will promptly delete that information. If you believe a child under 18 has provided us with personal information, please contact us immediately at [CONTACT EMAIL].

8. Security Measures

We implement industry-standard security measures to protect your personal information, including:

SSL/TLS encryption for all data transmitted to and from our website
PCI DSS compliant payment processing through Stripe
Access controls and authentication for internal systems
Regular security assessments and vulnerability monitoring
Employee training on data protection best practices

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to maintaining robust protections.

9. California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
Right to Opt-Out of Sale:We do not sell your personal information. If this practice changes, we will provide a “Do Not Sell My Personal Information” link.
Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, email [CONTACT EMAIL] with the subject line “CCPA Request.” We will verify your identity before processing the request and respond within 45 days.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the “Last Updated” date at the top of this page and, where appropriate, notify you via email or a prominent notice on our website. We encourage you to review this policy periodically.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

The Rosarium Estate
Rose & Thorn Studios
Nashville, TN

Email: [CONTACT EMAIL]

Phone: [PHONE]

← Back to Home