Personal Data Privacy Management Policy

  1. IDENTIFICATION OF THE CONTROLLER

Name: RIVERSIDE HOTEL, S.A. (hereinafter referred to as “The Lodge Hotel”).
Registered office: Rua Serpa Pinto 60, 4400-307, Gaia.
VAT number: 514 362 529.
Telephone: (+351) 220 157 540.
Emailinfo@thelodgehotel.pt.

  1. DUTY OF INFORMATION BY THE WEBSITE

 The protection of personal data of natural persons is regulated in Portugal by Law No. 58/2019, of August 8 (“LPDP”) and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, (“General Data Protection Regulation” or “GDPR”) which ensure the protection of natural persons with regard to the processing of personal data and the free movement of such data.

Personal data is considered to be any information, of whatever nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person, whereby the protection does not cover the data of legal persons.

An identifiable person is a person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity (for example, the Users’ name associated with the telephone number or e-mail address).

By reading this Privacy Policy, the User is informed about the treatment of personal data carried out by The Lodge Hotel through the website https://thelodgeportohotel.com/ (hereinafter “Website”).

  1. PURPOSES OF PERSONAL DATA PROCESSING

The personal data collected and processed by The Lodge Hotel through the Website identified above will be used for the following purposes:

  1. Manage the contracting of services you perform through the Website, such as contact requests;
  2. To periodically send our newsletters with news related to the activity of The Lodge Hotel and to the sector to which it dedicates its activity;
  3. Anonymous and aggregate analysis of the use of the services, to identify Users’ habits and trends in order to improve the services offered and to meet Users’ specific needs;
  4. In the event of contracting, the data collected on this website, together with the other data obtained under the contractual relationship, will be used for human resource management, to ensure compliance with legal obligations and to provide employees with the means necessary for the pursuit of professional activity;
  5. Compliance with national and international legal provisions, or carrying out an order of the competent judicial authorities;
  6. Compliance with legal obligations, deriving from applicable data protection legislation, as well as for exercising the rights of the data subjects, in particular the defense of a right in legal proceedings.

The Lodge Hotel guarantees the confidentiality of all data provided through the Website.

Although The Lodge Hotel collects and processes data in a secure manner to prevent their loss or manipulation, using the most appropriate techniques for this purpose, it should be noted that the collection of data on open networks does not allow the circulation of personal data in conditions of absolute security, with the risk that they may be accessed and used by unauthorized third parties.

Failure to respond to data marked as mandatory may imply the impossibility of responding to the data subject’s request.
 

  1. LEGITIMACY FOR PROCESSING PERSONAL DATA

The Lodge Hotel processes Users’ data in the following situations:

  • when they have given their express and free consent to the processing of their personal data for certain purposes and/or,
  • when it is necessary for the execution of a contract to which the Data User is a party, or for pre-contractual steps at the request of the User;
  • for compliance with legal obligations to which The Lodge Hotel is bound;
  • for the purposes of the legitimate interests pursued by The Lodge Hotel or by third parties, unless the interests or fundamental rights and freedoms of the data subject prevail and require the protection of personal data.

The User guarantees that the information provided is true, accurate, complete and up-to-date, and is liable for any damage or loss, direct or indirect, that may be caused as a result of breach of this obligation.

In the event that the data provided belongs to a third party, the User guarantees that the User has informed the said third party of the details provided in this document and has obtained their authorization to provide their data to The Lodge Hotel for the purposes indicated.

 

  1. PERIOD OF STORAGE

The Lodge Hotel only processes and stores the Users’ personal data for the period that is necessary or mandatory for the fulfilment of the purposes described above, applying information storage criteria appropriate to each treatment and in line with applicable legal and regulatory obligations.

The Lodge Hotel keeps personal data in its systems in such a way that it is possible to identify the data subjects in accordance with the following criteria:

  • For a period of time not exceeding the pursuit of the purposes for which they were collected, provided that legal or contractual obligations do not provide otherwise;
  • To fulfil specific legal or contractual obligations;
  • Where applicable and legitimate, until such time as the Data Subject may request the opposition or deletion of the data.

 

  1. DATA COMUNICATION

Further to communications made in compliance with legal and regulatory obligations, the personal data of the Data Subject may be known, in addition to The Lodge Hotel, by:

  • Employees and collaborators of The Lodge Hotel, in their capacity as authorized data processor;
  • National and international companies belonging to the same group as The Lodge Hotel;
  • Authorities in general, administrations, public entities and bodies, both national and international;
  • External service providers;

The Data Subject’s personal data is only shared exclusively for the purposes indicated above, in accordance with the consents that were granted.

 

  1. INTERNATIONAL DATA TRANSFERS

The personal data collected will be processed within the European Economic Area. There will be no international data transfers to third countries or international organizations.

If personal data is processed outside the European Economic Area, it will be done with the adoption of adequate safeguards and the required level of protection in accordance with the legislation on personal data protection.

 

  1. INFORMATION’S SECURITY

The Lodge Hotel has implemented appropriate technical and organizational security measures to ensure the security of personal data provided by the User, in order to prevent alteration, loss, processing and/or unauthorized access, taking into account the current state of the technology, the nature of the data stored and the risks to which they are exposed.

Personal data is processed with the level of protection legally required to ensure their security and prevent alteration, loss, processing or unauthorized access, taking into account the state of technology, the User being aware and accepting that the security measures on the Internet are not fool proof.

Whenever accessing personal data, The Lodge Hotel undertakes to:

  • Store them by means of security measures, legally required, of a technical and organizational nature, which guarantee their security, thus avoiding alteration, loss, treatment or unauthorized access, in accordance with the state of technology at each moment, the nature of the data and the possible risks to which they are exposed;
  • Use the data exclusively for the purposes previously defined;
  • Implement physical security measures to protect the facilities;
  • Ensure that data is handled only by employees whose intervention is necessary to meet the request of the data subject, who are bound by the duty of secrecy and confidentiality. If there is the possibility of information being disclosed to third parties for the aforementioned purposes, they shall be required to maintain the necessary confidentiality in accordance with the provisions of this document.

In case The Lodge Hotel subcontracts to other entities the provision of services involving the transfer of personal data, such entities shall be obliged to adopt the necessary technical and organizational measures to protect personal data against destruction, loss, alteration, disclosure, unauthorized access or any other type of unlawful processing.

 

  1. EXERCISE OF RIGHTS

 In accordance with the provisions of the GDPR, the User may exercise their rights of access, rectification, erasure, limitation on processing, portability, opposition and revocation of consent by requesting it in writing by any of the following means, specifying the right or rights they wish to exercise:

 

  1. CONTROL AUTHOROTY

 The Users have the right to file a complaint with the Comissão Nacional de Proteção de Dados (CNPD) in relation to matters concerning the exercise of their rights and the protection of their personal data, through the following webpage www.cnpd.pt.

 

  1. THIRD-PARTY WEBSITES

The Website may contain advertising, links or other content that connects or redirects to pages and services of suppliers, advertisers, affiliates, sponsors of The Lodge Hotel and other third parties.

However, The Lodge Hotel does not control the content or links appearing on these pages and is not responsible for the practices used by these pages or Web sites. The Lodge Hotel advises Users to visit the privacy policy of such pages, as well as, their terms and conditions.

Searching or interacting on any other Website, including those that have an external link to the Website, are subject to the terms and conditions of that Website and The Lodge Hotel, in no event, is responsible for such access and use.

 

  1. PRIVACY POLICY CHANGES

The Lodge Hotel reserves the right to revise this Policy at any time it deems appropriate, so it is recommended that Users check the Privacy Policy regularly and/or each time they access the Website.

Updated on 3rd May 2023.