1. INTRODUCTION

ADELAIDE HOTEL, owned by the company Adelaide Hotel, Lda. Has adopted the best practices in terms of privacy and will only use the Personal Data (physical and online) of its customers (actual or potential) for clearly identified purposes and with their consent for that purpose.


2. PERSONAL DATA

Personal Data is all information, of any nature and regardless of the respective support, relating to a natural person, directly or indirectly identified or identifiable.


3. DATA COLLECTION

Within the scope of its activity, ADELAIDE HOTEL may request its customers, actual or potential, in person, by telephone, e-mail or through its website with its own domain, the following Personal Data:

    Name
    Number, issuing entity and validity of the civil identification card
    Gender
    Date of birth
    Telephone
    Mobile Phone
    Address
    Email
    Tax Identification Number
    Credit Card Data (for billing purposes)

Said Personal Data can also be obtained through partners, associated companies or official entities, and it is necessary for this purpose that the respective holders have authorized their transmission.


4. DATA PROCESSING

The treatment of Personal Data collected by ADELAIDE HOTEL is carried out in accordance with the applicable legislation, in a fair and transparent manner towards the respective holders and guaranteeing their privacy.

The treatment is intended for clearly identified, objective and legitimate purposes for which the holders of Personal Data have given their consent, and are not subsequently treated in a manner contrary to those purposes.

The holders of Personal Data may withdraw their consent, however, this does not compromise the legality of the treatment carried out based on the consent previously provided.

Personal Data may be processed without the consent of the respective owners if it is necessary for the fulfillment of legal obligations to which ADELAIDE HOTEL is obliged, for the execution of a contract to which the owners are a party, for pre-contractual procedures to request of the holders or to defend other fundamental rights of the holders or third parties.

The processing of Personal Data includes your:

    Collect
    Organization
    Conservation
    Consultation
    Utilization
    Adaptation
    Alteration
    Registration
    Recovery
    Making Available

5. PURPOSE OF DATA PROCESSING

The processing of Personal Data requested from customers is intended to:

    Comply with the legal obligations to which ADELAIDE HOTEL is bound as an economic agent providing hotel services, including the provision of information to the competent entities (Foreigners and Borders Service, Tax Authority and National Statistics Institute, among others); Carry out pre-contractual and contractual procedures requested by clients;
    Provide all types of hotel services, including accommodation, catering, laundry, car parking and tourist programs, among others that are usually provided in hotel establishments;
    Bill and charge customers for services provided;
    Contact customers by telephone, postal mail, e-mail or other means of communication;
    Inform customers about new products and services, offers, campaigns, promotions, updated information or other content, including newsletters and opinion surveys, as well as for marketing actions in general at ADELAIDE HOTEL;
    Improve the experience of using the ADELAIDE HOTEL website;
    User registration on the ADELAIDE HOTEL website;
    Allow access to restricted areas of the ADELAIDE HOTEL website;

On the website with its own domain, ADELAIDE HOTEL also collects information related to the characteristics of the users' hardware device and their browser / software, as well as information about the pages visited within the website.

Users of this website will be required to consent to the creation and recording on their computers of a text file (Cookie) to allow easier and faster access to the website, as well as its customization according to the users' preferences.


6. DATA CONSERVATION TERM

The period of time during which Personal Data is stored and preserved varies according to the purpose for which the information is processed, with legal requirements that oblige the data to be kept for a period of time.

Whenever there is no specific legal obligation, Personal Data will be stored and preserved only for the period necessary for the purposes for which it was collected or further processed.


7. DATA TRANSFER

Personal Data collected by ADELAIDE HOTEL is not shared with third parties without the consent of the respective owners, unless:

    This is necessary for the fulfillment of a legal obligation to which ADELAIDE HOTEL is subject;
    The holders contract through ADELAIDE HOTEL services provided by other entities responsible for the processing of Personal Data, in which these may be consulted or accessed by those entities, insofar as this is necessary for the provision of said services;
    In the event of a transmission of Personal Data to third parties, reasonable efforts will be made to ensure that the transferee uses them in an appropriate manner with this Privacy Policy.

8. SUBCONTRACTED ENTITIES

In the context of the processing of Personal Data, ADELAIDE HOTEL uses or may use third parties, subcontracted by itself, to, on behalf of ADELAIDE HOTEL, and in accordance with the instructions provided by it, proceed with the processing of Personal Data, in accordance with current legislation and this Privacy Policy.

These subcontracted entities will not be able to transmit Personal Data to other entities unless ADELAIDE HOTEL has previously given written authorization to do so, and they are also prevented from hiring other entities without prior authorization from ADELAIDE HOTEL.

ADELAIDE HOTEL is committed to subcontracting only entities that offer maximum security in the execution of the appropriate technical and organizational measures, in order to guarantee the defense of the rights of the holders of Personal Data.


9. RIGHTS OF DATA HOLDERS

ADELAIDE HOTEL guarantees the means that allow the User to consult his Personal Data.

The User has the right to obtain from ADELAIDE HOTEL confirmation that the personal data concerning him are or are not subject to treatment and, if applicable, the right to access his personal data and the following information:

    The purposes of data processing;
    The categories of personal data in question;
    The recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients established in third countries or belonging to international organizations;
    The period of conservation of personal data;
    Right to ask Adelaide Hotel to correct, delete or limit the processing of personal data, or the right to prevent such processing;
    Right to file a complaint with the CNPD or other supervisory authority;
    If the data has not been collected from the User, the information available on the source of such data;
    The existence of automated decisions, including the definition of profiles, and information related to the underlying logic, as well as the importance and expected consequences of such treatment for the data subject;
    Right to be informed about adequate guarantees associated with the transfer of data to third countries or international organizations.

Upon request, ADELAIDE HOTEL will provide the User, free of charge, with a copy of the User Data that is being processed. The supply of other copies requested by the User may incur administrative costs.


10. TECHNICAL ORGANIZATIONAL AND SECURITY MEASURES IMPLEMENTED

In order to guarantee the security of Personal Data and its maximum confidentiality, ADELAIDE HOTEL treats information in an absolutely confidential manner and in accordance with the legally provided terms and conditions.

Depending on the nature, scope, context and purposes of the processing of Personal Data, as well as the risks arising from the treatment for the rights and freedoms of the holders, ADELAIDE HOTEL undertakes to apply, both when defining the means of treatment as at the time of the treatment itself, the technical and organizational measures necessary and appropriate for the protection of Personal Data and the fulfillment of legal requirements.

It also undertakes to ensure that, by default, only the data that is necessary for each specific purpose of treatment are processed and that this data is not made available without human intervention to an undetermined number of people.

Communication between the user's device and the ADELAIDE HOTEL website is carried out through secure and communication channels that use the HTTPS protocol and the SSL security standard. Still, in terms of general measures, ADELAIDE HOTEL adopts the following:

    Regular audits with a view to identifying the competence of the technical and organizational measures implemented;
    Sensibilização e formação do pessoal envolvido nas operações de tratamento de dados;
    Mechanisms capable of ensuring the confidentiality, availability and permanent resilience of information systems;
    Mechanisms that ensure the restoration of information systems and access to personal data quickly in the event of a physical or technical incident.

11. PERSONAL DATA BREACH

In the event of a data breach and to the extent that such breach is likely to imply a high risk to the rights and freedoms of the holder, ADELAIDE HOTEL undertakes to report the breach of Personal Data to the holder concerned within seventy-six two hours from the knowledge of the incident.

ADELAIDE HOTEL undertakes to notify the Control Authority in the shortest possible time, without undue delay and, whenever possible, up to seventy-two hours after becoming aware of the data breach.

Under legal terms, communication to the holder is not required in the following cases:

    If ADELAIDE HOTEL has applied adequate protection measures, both technical and organizational, and these measures have been applied to the Personal Data affected by the breach of Personal Data, especially measures that make the Personal Data incomprehensible to any unauthorized person to access that data , such as encryption;
    If ADELAIDE HOTEL has taken subsequent measures to ensure that the high risk to the holder's rights and freedoms is no longer likely to materialize;
    If the communication to the holder implies a disproportionate effort for ADELAIDE HOTEL, he will make a public communication or take a similar measure through which the holder will be informed.

12. RESPONSIBLE FOR DATA PROTECTION (DPO)

No DPO has been designated because ADELAIDE HOTEL is not a public authority or body, does not regularly and systematically monitor the holders of Personal Data on a large scale and does not process sensitive Personal Data on a large scale.


13. CHANGES TO THE PRIVACY POLICY

ADELAIDE HOTEL reserves the right to change this Privacy Policy at any time.

If the changes are substantial, a notice will be placed on your website.


14. APPLICABLE LAW AND JURISDICTION

The Privacy Policy and the collection, processing or transmission of Personal Data are governed by Regulation (EU) 2016/679, of the European Parliament and of the Council, of 27 April 2016 and by the laws and regulations applicable in Portugal.

Any disputes arising from the validity, interpretation or enforcement of this Privacy Policy or that are related to the collection, processing or transmission of Personal Data must be submitted exclusively to the jurisdiction of the judicial courts of the Vieira do Minho district, without prejudice to the legal rules applicable imperatives.