Mission Farm RV Park Privacy Policy
MISSION FARM RV PARK, INC.
Privacy Policy Effective Date: April 13, 2026 | Last Updated: April 20, 2026
1. Introduction
Mission Farm RV Park ("Mission Farm," "we," "us," or "our") is committed to protecting your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information about you when you visit our website, make a reservation, stay at our park, or communicate with us by phone, SMS/text message, email, or postal mail.
This Policy is designed to comply with the following frameworks:
California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA)
California Invasion of Privacy Act (CIPA) and related state communications laws
U.S. federal law, including the Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, and applicable FTC regulations
EU/UK General Data Protection Regulation (GDPR) for guests or visitors located in the European Economic Area (EEA) or United Kingdom
Please read this Policy carefully. By using our website or services, you acknowledge that you have read and understood this Policy.
2. Information We Collect
We collect information you provide directly to us and information generated through your interactions with us.
2.1 Information You Provide
Contact information: name, mailing address, email address, and phone number
Reservation details: arrival/departure dates, number of guests, vehicle information (make, model, license plate), and site preferences
Payment information: credit/debit card details or other payment method information (processed securely through our payment processor; we do not store full card numbers)
Communications content: messages, requests, and other information you include when contacting us by phone, SMS, email, or letter
Emergency contact information
2.2 Information Collected Automatically
Website usage data: IP address, browser type and version, pages viewed, referring URLs, and timestamps
Cookies and similar tracking technologies (see Section 8 for details)
2.3 Information from Third Parties
Reservation platform data if you book through a third-party service (e.g., Campspot, RV Park Reservations)
Review platform data if you submit a review on a third-party site that is associated with a stay at our park
3. How We Use Your Information
We use personal information for the following purposes:
Reservation and guest services: processing reservations, confirming bookings, managing check-in/check-out, and providing on-site services
Communications: responding to inquiries, sending booking confirmations, reminders, and operational notices by phone, SMS, email, or mail
Marketing communications: sending promotional offers, newsletters, and park updates — only with your prior consent where required by law
Payments: processing and recording transactions
Safety and security: maintaining a safe environment on our property
Legal compliance: fulfilling legal obligations and responding to lawful requests from authorities
Service improvement: analyzing usage data to improve our website and guest experience
4. Legal Basis for Processing (GDPR)
For guests located in the EEA or UK, we process personal data under one or more of the following legal bases:
Contract performance: processing necessary to fulfill a reservation or service agreement with you
Legitimate interests: operating and improving our business, communicating with guests about their stay, and maintaining the security of our property, where these interests are not overridden by your rights
Legal obligation: complying with applicable law
Consent: sending marketing communications or using non-essential cookies, where we have obtained your prior consent. You may withdraw consent at any time without affecting the lawfulness of processing before withdrawal
5. Our Communication Practices
We communicate with guests through the following channels and in accordance with applicable law:
5.1 Phone Calls
We may call you to confirm reservations, provide operational information, or respond to inquiries. We do not make unsolicited telemarketing calls. All calls comply with applicable TCPA and California law requirements.
5.2 SMS / Text Messages
We may send text messages only after obtaining your prior express written consent as required by the TCPA. Each SMS program will clearly identify Mission Farm RV Park as the sender. Message and data rates may apply. You may opt out at any time by replying STOP to any text message. For help, reply HELP. We do not use autodialed or prerecorded text messages for marketing without your explicit consent.
5.3 Email
Our transactional emails (reservation confirmations, receipts, operational notices) do not require a separate opt-in. Marketing emails comply with the federal CAN-SPAM Act and California law: each message identifies us clearly, includes our physical mailing address, and contains an easy unsubscribe mechanism. We will honor unsubscribe requests within 10 business days. To unsubscribe, click the link in any marketing email or contact us at the address below.
5.4 Postal Mail
We may correspond with you by postal mail for reservation-related or operational purposes. You may request that we stop sending postal communications by contacting us as described in Section 10.
6. Sharing of Personal Information
We do not sell your personal information. We may share information in the following limited circumstances:
Service providers: third parties who assist with reservation management, payment processing, email delivery, SMS platforms, and website hosting, under confidentiality and data-use restrictions
Legal requirements: when required by law, court order, or governmental authority
Protection of rights: to enforce our policies, or to protect the rights, property, or safety of Mission Farm, our guests, or others
Business transfers: in connection with a merger, acquisition, or sale of assets, with advance notice to you where required
We do not sell or share your personal information for cross-context behavioral advertising.
6.1 Named Third-Party Service Providers
The following third-party providers currently process personal data on our behalf:
Squarespace, Inc. — Website hosting, content delivery, and contact form processing — squarespace.com/privacy
Square, Inc. (Block, Inc.) — Payment card processing (PCI-DSS Level 1 certified) — squareup.com/us/en/legal/general/privacy
We do not store full payment card numbers. Card data entered during checkout is transmitted directly to Square and is subject to their security controls and privacy practices. Square is certified as a PCI-DSS Level 1 service provider, the highest level of payment security compliance.
For guests in the EEA or UK, we have executed or are in the process of executing Data Processing Agreements (DPAs) with each of the above providers as required under GDPR Article 28.
7. Your California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have the following rights:
7.1 Right to Know
You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, our business or commercial purposes for collecting it, and the categories of third parties with whom we share it.
7.2 Right to Delete
You have the right to request deletion of your personal information, subject to certain exceptions (e.g., completing a transaction, legal obligations, security).
7.3 Right to Correct
You have the right to request correction of inaccurate personal information we hold about you.
7.4 Right to Opt Out of Sale or Sharing
We do not sell or share personal information for cross-context behavioral advertising. If this practice changes, we will update this Policy and provide a "Do Not Sell or Share My Personal Information" link on our website.
7.5 Right to Limit Use of Sensitive Personal Information
To the extent we collect sensitive personal information as defined under CPRA, you have the right to limit its use to the purposes specified in the CPRA.
7.6 Right to Non-Discrimination
We will not discriminate against you for exercising any of your California privacy rights.
7.7 How to Submit a Request
You may submit a CCPA/CPRA request by contacting us using the information in Section 10. We will verify your identity before processing your request. You may designate an authorized agent to make a request on your behalf; we will require written proof of authorization.
We will respond within 45 days; we may extend this period by an additional 45 days with notice.
8. Your GDPR Rights (EEA / UK Residents)
If you are located in the EEA or UK, you have the following rights under the GDPR:
Right of access: obtain a copy of your personal data
Right to rectification: correct inaccurate or incomplete data
Right to erasure ("right to be forgotten"): request deletion in certain circumstances
Right to restrict processing: limit how we use your data in certain circumstances
Right to data portability: receive your data in a structured, machine-readable format
Right to object: object to processing based on legitimate interests or for direct marketing
Rights related to automated decision-making: we do not make solely automated decisions that produce legal or similarly significant effects about you
Right to withdraw consent: withdraw consent for consent-based processing at any time without affecting prior lawfulness
To exercise these rights, contact us as described in Section 10. You also have the right to lodge a complaint with your local supervisory authority (in the EU) or the Information Commissioner's Office (in the UK).
As Mission Farm RV Park is based in the United States, transfers of personal data from the EEA or UK to the US are conducted in compliance with applicable transfer mechanisms under the GDPR.
9. Cookies and Tracking Technologies
Our website may use cookies and similar technologies to improve functionality and analyze usage. We use the following types:
Strictly necessary cookies: required for the website to function (e.g., session management)
Analytics cookies: help us understand how visitors use the site (e.g., Google Analytics). These may be subject to your opt-out rights
Marketing/preference cookies: used to remember your preferences or deliver relevant content
For EEA/UK visitors, we obtain your consent before setting non-essential cookies. You may withdraw consent or manage cookie preferences through our cookie consent tool or your browser settings. Note that disabling certain cookies may affect website functionality.
10. Social Media Platforms
Mission Farm RV Park maintains business pages on Facebook and Instagram, both operated by Meta Platforms, Inc. This section describes how data may be collected through our use of those platforms and any Meta tracking technologies embedded on our website.
10.1 Facebook and Instagram Business Pages
When you visit, follow, like, comment on, or otherwise interact with our Facebook or Instagram pages, Meta Platforms, Inc. collects and processes data about you in accordance with Meta's own Privacy Policy (available at facebook.com/privacy/policy). We do not control Meta's data collection practices on those platforms.
As the operator of a Facebook Business Page, Mission Farm RV Park and Meta are joint controllers of certain page insights data (aggregated statistics about page visitors and engagement) under the GDPR, pursuant to Meta's Page Controller Addendum. This means that both we and Meta bear responsibility for that data. You may exercise your GDPR rights with respect to Meta's processing by contacting Meta directly or through your Facebook account settings.
10.2 Meta Pixel and Tracking Technologies
Our website may use the Meta Pixel (also known as the Facebook Pixel), a tracking technology provided by Meta Platforms, Inc. If active, the Meta Pixel transmits data about your website visits — including pages viewed and actions taken — to Meta, which may use that information to measure ad effectiveness and serve targeted advertising on Facebook and Instagram.
Under the CCPA/CPRA, transmission of data to Meta via the Pixel may constitute "sharing" personal information for cross-context behavioral advertising, even if no money changes hands. California residents have the right to opt out of this sharing. If the Meta Pixel is active on our website, we will provide a "Do Not Sell or Share My Personal Information" link on the site and honor opt-out requests.
For EEA and UK visitors, the Meta Pixel is a non-essential cookie and we will obtain your consent before it is activated. You may also manage your Meta ad preferences at facebook.com/ads/preferences.
10.3 Information You Post on Our Social Pages
If you post reviews, comments, photos, or other content on our Facebook or Instagram pages, that information is publicly visible and governed by Meta's terms and privacy policies. Please do not include sensitive personal information (such as payment details, medical information, or government ID numbers) in public posts or messages sent through social media platforms.
If you contact us via Facebook Messenger or Instagram Direct Message, we will use the content of your message solely to respond to your inquiry. We do not transfer direct message content to our other systems except as needed to handle your request.
11. Artificial Intelligence and Productivity Tools
Mission Farm RV Park uses certain cloud-based productivity and artificial intelligence (AI) tools to assist with internal business operations, including guest communications and reservation management. When these tools are used in connection with guest data, that use is strictly limited to guest names and site/reservation numbers. We do not input payment card data, contact information, government IDs, or other sensitive personal information into any AI or third-party productivity tool.
This data minimization practice is intentional and reflects our commitment to limiting exposure of guest information to only what is necessary for a specific operational task. The tools and providers currently used are described below.
11.1 Google Workspace (Google LLC)
We use Google Workspace (including Gmail, Google Drive, and related services) for email, document management, and internal communications. Google processes data as a data processor under a Google Workspace Data Processing Amendment. Google does not use Google Workspace customer data to serve advertisements. Google's privacy policy is available at policies.google.com/privacy.
11.2 Google Gemini AI (Google LLC)
We occasionally use Google Gemini AI to assist with drafting internal communications and operational tasks. When used within Google Workspace (Gemini for Workspace), inputs are governed by the Google Workspace Data Processing Amendment and Google does not use that data to train its AI models by default. Any guest data used as input is limited to names and site numbers only. Users of Google Gemini outside of the Workspace environment should be aware that data handling terms may differ; we do not use the standalone Gemini consumer product with guest data.
11.3 Claris FileMaker AI (Claris International Inc. / Apple Inc.)
We use Claris FileMaker for internal reservation and operations management. FileMaker's AI features may route queries to third-party AI model providers (which may include OpenAI) depending on configuration. When AI-assisted features are used in connection with guest data, that data is limited to names and site numbers only. Claris is a subsidiary of Apple Inc.; Apple's privacy policy is available at apple.com/legal/privacy.
11.4 OpenAI (OpenAI, LLC)
We may use OpenAI tools (including ChatGPT and the OpenAI API) to assist with drafting, summarization, and other operational writing tasks. OpenAI's API does not use submitted data to train its models by default. When we use OpenAI's consumer-facing products (such as ChatGPT), we ensure that any guest-related input is limited to names and site numbers only and that conversation history features are managed to minimize data retention. OpenAI's privacy policy is available at openai.com/policies/privacy-policy.
11.5 Anthropic (Anthropic, PBC)
We may use Anthropic's Claude AI assistant to assist with drafting communications, summarizing information, and similar operational tasks. Any guest data included in prompts is limited to names and site numbers only. Anthropic's privacy policy is available at anthropic.com/privacy.
11.6 Slack (Slack Technologies, LLC / Salesforce, Inc.)
We use Slack as an internal business communications platform. Certain guest-related information may be shared within Slack channels as part of operational workflows — for example, reservation work orders and voicemail notifications routed from our phone system. Any guest data shared via Slack is limited to names and site/reservation numbers, consistent with the data minimization practice described at the start of this section.
Slack is operated by Slack Technologies, LLC, a subsidiary of Salesforce, Inc. Slack processes data as a data processor under its Customer Data Processing Addendum, which is incorporated into Slack's Terms of Service. Slack does not use customer data to train AI models or serve advertising. Slack's privacy policy is available at slack.com/trust/privacy/privacy-policy.
For GDPR purposes, Slack's Customer Data Processing Addendum includes Standard Contractual Clauses (SCCs) for transfers of personal data from the EEA or UK to the United States, satisfying the GDPR Article 46 transfer mechanism requirement.
11.7 General Notice Regarding AI Tools
AI tools are not used to make automated decisions that produce legal or similarly significant effects about any guest. Their use is limited to internal operational assistance only. We do not use AI tools to evaluate, score, profile, or otherwise make determinations about guests based on their personal information.
We periodically review the AI and productivity tools we use to ensure continued compliance with this Policy and applicable law. If we add new tools that process guest personal information beyond names and site numbers, we will update this Policy accordingly.
12. Telecommunications Service Providers
Mission Farm RV Park uses third-party telecommunications and internet service providers to operate its phone, messaging, voicemail, and internet systems. These providers collect and retain certain data as part of delivering their services, including data that constitutes Customer Proprietary Network Information (CPNI) under federal law (47 U.S.C. § 222). CPNI includes information about the quantity, technical configuration, type, destination, location, and amount of use of telecommunications services.
Each provider listed below is an independent data controller or processor with respect to the data it collects through its own infrastructure. Mission Farm RV Park does not control how these providers collect, retain, or use telecommunications data beyond what is disclosed in their respective privacy policies and required by law.
12.1 AT&T Inc.
We use AT&T as a telecommunications carrier, including for our AT&T Office@Hand business phone service. AT&T may collect and retain call records, call detail records (CDRs), SMS/MMS metadata, and account information as part of providing these services. This data constitutes CPNI and is subject to federal protections under 47 U.S.C. § 222 as well as California Public Utilities Commission (CPUC) regulations governing telecommunications privacy.
AT&T's privacy policy is available at att.com/privacy. AT&T is subject to its own CPNI obligations and may not use your call records to market additional services without your consent.
12.2 RingCentral, Inc.
AT&T Office@Hand is a cloud communications platform powered by RingCentral. As the underlying technology provider, RingCentral independently processes certain telecommunications data including call logs, voicemail recordings, voicemail transcriptions, SMS/MMS message records, and fax records generated through our business phone system. Voicemail transcriptions delivered to us by email may contain the names and contact details of callers who leave messages.
RingCentral is subject to federal CPNI obligations and maintains its own data security and privacy program. RingCentral's privacy policy is available at ringcentral.com/legal/privacy-notice.html. RingCentral retains call and message records in accordance with its data retention schedules; we do not independently control the duration of that retention.
If you leave a voicemail or send a text message to our business phone number, the content of that communication may be stored by RingCentral and delivered to us as a transcription or recording. We use voicemail and message content solely to respond to your inquiry and do not share it with third parties except as required by law or described elsewhere in this Policy.
12.3 Spectrum / Charter Communications
We use Spectrum (a brand of Charter Communications) as our internet service provider. As our ISP, Spectrum has visibility into network-level data associated with our business account, including IP address assignment records, bandwidth usage data, and traffic metadata. Spectrum does not have access to the content of encrypted communications transmitted over our network.
Spectrum is subject to the FTC's jurisdiction over ISP data practices as well as California's broadband privacy protections. Spectrum's privacy policy is available at spectrum.com/policies/your-privacy-rights. Guest internet usage at the RV park passes through our network infrastructure; we do not log or monitor individual guest internet activity, and Spectrum's data collection relates to our business account rather than individual park guests.
12.4 Your Rights Regarding Telecommunications Data
Under federal law, telecommunications carriers are prohibited from disclosing your CPNI to third parties without your approval, except in limited circumstances. If you are a direct subscriber to AT&T, RingCentral, or Spectrum services, you may have additional rights to restrict the use of your CPNI for marketing purposes by contacting those providers directly.
California residents also have rights under CPUC General Order 107-C, which imposes additional privacy obligations on telephone corporations operating in California, including restrictions on the use and disclosure of call records and other customer information.
13. Data Retention
We retain personal information for as long as necessary to fulfill the purposes described in this Policy, comply with legal obligations (including tax and accounting requirements), resolve disputes, and enforce agreements. Typical retention periods:
Guest reservation records: 7 years (for tax and accounting compliance)
Communication records (email, SMS logs): up to 3 years
Website analytics data: up to 26 months
Payment transaction records: as required by law and our payment processor
When data is no longer needed, we securely delete or anonymize it.
14. Data Security
We implement reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, alteration, or disclosure. However, no method of transmission over the internet or electronic storage is 100% secure. We encourage you to take steps to protect your own information, such as using strong passwords and being cautious about unsolicited communications claiming to be from us.
In the event of a data breach affecting your rights, we will notify you as required by applicable law, including California's breach notification law (Cal. Civ. Code § 1798.82) and GDPR Article 33/34 where applicable.
15. Children's Privacy
Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.
16. How to Contact Us
For privacy requests, questions, or complaints, please contact us by any of the following methods:
Mail: Mission Farm RV Park, Attn: Privacy, 400 San Juan Hollister Rd., San Juan Bautista, CA 95045
Phone: +1 (831) 623-4456
For GDPR purposes, Mission Farm RV Park is the data controller.
17. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will indicate the revised date at the top of the Policy. If changes are material, we will provide more prominent notice (such as by email or a notice on our website) prior to the changes taking effect.
Your continued use of our website or services after any changes indicates your acceptance of the updated Policy.