Hotel Alba is committed to protecting your privacy and takes its responsibility regarding the security of your information very seriously. We will be clear and transparent about the information we are collecting and what we will do with that information.
This Policy was last updated on 07-05-2019.
By providing us with your personal data, you explicitly agree that we may use it for the purposes described later in this Data Protection Policy.
This Policy sets out the following:
All personal data is collected and processed in accordance with Portuguese and EU data protection laws.
In this policy, Hotel Alba may be referred to henceforth as “we”, “us”, “our” or “Hotel Alba”.
Hotel Alba is the entity responsible for the control of all personal information that are collected about you and used for the purposes established in the Personal Data Protection Law that transposes into the Portuguese Dir. Nº 95/46/CE. Hotel Alba has the license number 1368 and has its headquarters in Monte Gordo. The customer has the right to make a complaint to the National Data Protection Commission which is Alba’s main Data Protection Supervisor.
We may collect personal data from you when you contact us (attendance at the reception, telephone contact, e-mail, via our website or via social networks) or makes a reservation in our Hotel either directly or indirectly through our travel partners.
Specifically, we may collect the following categories of information:
Personal details about your physical or mental health, alleged commission or conviction of criminal offences are considered “sensitive” personal data under applicable data protection laws. We will process any such data only if you have given your explicit consent, or it is necessary (for instance if you request special assistance), or you have deliberately made it public.
Your data may be used for the following purposes:
We will only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.
In most cases, we will have to process your personal data so that we can enter into our accommodation agreement with you.
We may also process your personal data for one or more of the following:
The preservation of your personal data is carried out for the time considered necessary for the purposes of collection and further processing, in particular, with respect to any retention period required under applicable legislation (eg retention of accounting documentation).
We must also consider the periods during which we may need to retain personal data in order to comply with our legal obligations or to respond to complaints, requests for clarification and to protect our legal rights in the event of a claim for compensation.
We follow strict security procedures regarding the storage and disclosure of your personal data, as well as their protection against accidental damage, loss or destruction. The data that you provide us is protected on a local server through a specific reservation management program, which is updated and regularly maintained by specialized technicians who have installed the necessary software (adequate to the size, volume and complexity of the data) to protect data from improper access or computer attacks orchestrated by internal or external persons or entities outside from the Hotel.
Access to your personal data is restricted to employees who perform management, reservation and reception functions and are protected by user authentication with their password that is personal and non-transferable. Access to credit card data is granted to employees designated and authorized to execute distance charges.
The personal data provided by e-mail is kept on the e-mail service provider’s own server (Google.com) which complies with the best international security and defence practices against computer attacks. Access to company emails is restricted to employees who perform management, reservation and reception functions and is protected by the authentication of a user and the password that only those employees know about.
You are responsible for the credit card data provided by email or telephone, as the Hotel Alba does not have the means or procedures to guarantee their safe transmission and treatment. However, the Hotel Alba guarantees the elimination of all electronic mails with credit card data after the collection of information and introduction into the reservation system.
The data that you provide us through the hotel’s reservation website is protected using Secure Socket Layer technology (SSL). SSL is the industry standard method for encrypting personal information and credit card data so that it can be securely transferred over the Internet.
Hotel Alba has as a priority the selection of external contracting entities that have the appropriate technical and safety measures in force to protect personal data, either from customers or employees, in accordance with the legislation on rules of data protection (eg tour operators, accounting, legal services, etc.).
Hotel Alba’s business is carried out in a number of jurisdictions, all of which are located in the European Economic Area (EEA) and are therefore covered by the European Data Protection Regulation, thus requiring robust data protection laws. The transmission of personal data as a result of these transactions is only carried out in one way, meaning that we only receive the personal data of customers who make reservations through external entities and are the same entities that collect your personal data. Therefore, Hotel Alba never assumes the role of transmitting your personal data to other jurisdictions.
We may share your personal data with the following entities for the purposes described in this Personal Data Policy:
Under certain circumstances, by law you have the right to:
If you wish to exercise any of these rights, please send an e-mail to firstname.lastname@example.org or contact our Hotel at Alameda da India in Monte Gordo – Portugal or by phone 281 530 500.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to ask you for specific information to help us confirm your identity and to guarantee your right to access information (or to exercise any of the other rights). This is another appropriate security measure to ensure that personal information is not disclosed to anyone who does not have the right to receive it.