WHAT ARE "PERSONAL DATA"?
According to Article 4 of the General Data Protection Regulation (GDPR), "Personal Data" is information relating to an identified or identifiable natural person ("data subject"); an identifiable person is considered to be identifiable, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, electronic identifiers (Email), or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
WHO HAS THE RESPONSIBILITY ON THE TREATMENT OF YOUR PERSONAL DATA?
When you are a guest of "Hotel da Rocha", the entity responsible for processing your Personal Data is:
NIF: 514 287 845
Address: Edifício Amarilis, Avenida Comunidade Lusíada 8500-801 Portimão
National Tourism Registry (RNET): 621 - Hotel da Rocha
Phone: +351 282 411 857
WHY ARE YOUR PERSONAL DATA COLLECTED?
Your personal details are collected to complete your reservation in our hotels. The collection of the following data is mandatory:
"Phone number" (1)
"Billing name" (2)
"Tax Identification Number" (2)
"Billing address" (2)
"Credit card information" (3)
"Identification document number" (4)
"Date of issue" (4)
"Place of issue" (4)
"Expire date" (4)
(1) - Mandatory when booking by email, telephone or via booking engine or walk-in
(2) - Mandatory for issuing an invoice in the case of Portuguese taxpayers whose amount payable is higher than € 1,000 + VAT
(3) - Mandatory in the case of reservation through the booking engine and selection of the payment method "Credit Card" to be processed by the payment gateway STRIPE
(4) - All foreign guests are required to present their personal data at the moment of check-in for later communication to the "Foreigners and Borders Service" (SEF)
HOW ARE YOUR PERSONAL DATA COLLECTED?
1. Through a form on our booking engine (Step 3. Payment)
2. Via email or telephone requested by our reservations department
3. At check-in, via paper or digital "tablet" or document scanner interface with the Property Management System software
HOW DO WE KEEP YOUR PERSONAL DATA?
1. In our software Property Management System (PMS Inovguest)
2. In an internal application that manages the booking engine and interfaces with the Property Management System software
3. In paper format stored for a limited time in a division with controlled access
IF YOU CONSIDER THE CREATION OF A PROFILE OF "FREQUENT CUSTOMER", HOW WILL YOUR PERSONAL DATA BE TREATED?
Personal Data for "Frequent Customer" purposes, namely "Name", "Address", "Taxpayer Number", "Phone Number", "Email", "Date of Birth" and "History of Stays", will be stored in our Property Management System for a period of one year (renewable only with your express consent) and will serve to expedite the process of creating a new reservation and allow preferential conditions / courtesies resulting from setting up a Frequent Customer and also to provide you with a personalized and quality service.
HOW CAN YOU ACCESS YOUR PERSONAL DATA?
At any time, you may have access to all your Personal Data in our possession by contacting our "Data Protection Officer" by email at firstname.lastname@example.org
HOW CAN YOU ASK FOR THE PORTABILITY OF YOUR PERSONAL DATA?
At any time, you may request the transfer of all your Personal Data in our possession by contacting our "Data Protection Officer" by email at email@example.com
HOW CAN YOU CHANGE OR ASK TO ELIMINATE YOUR PERSONAL DATA?
At any time, you may edit or request to delete any of your Personal Data in our possession by contacting our "Data Protection Officer" at firstname.lastname@example.org
HOW LONG WILL YOUR PERSONAL DATA BE STORED?
Your Personal Data will be stored for a period of 1 year (renewable only with your express consent). In the event that you do not obtain your consent for the prolongation of storage, your Personal Data will be immediately deleted on all media (paper or digital).
WHO SHOULD CONTACT FOR QUESTIONS OR QUESTIONS ABOUT THIS POLICY?
WHAT ENTITY REGULATES THE LAW OF PERSONAL DATA PROTECTION?
In Portugal, under the Regulation (GDPR), the National Data Protection Commission (CNPD) is the authority to monitor compliance with this law, and also has the mission of correcting and sanctioning possible irregularities and non-compliance.
Address: Rua de São Bento, nº 148-3º 1200-821 Lisboa
Phone: +351 213 928 400