Privacy Policy

This document is urbanhotel.pt's privacy statement. In this privacy statement, we explain how we collect and use your personal data and how we endeavour to comply with the latest legislation on the matter, namely the General Data Protection Regulation (GDPR).

When does this privacy statement apply?

This privacy statement applies to any and all personal information we collect, use, share and store about you when you make a reservation with us, when you visit our website or when you contact us.

Our website contains links to third party websites. This privacy statement does not apply to the collection of data through the websites referred to nor are we responsible for such collection. Please refer to the privacy policy of the website in question (if available) for more information.

We may change this privacy statement on a regular basis and will notify you of any changes by posting the revised statement on this website and informing you by email before such changes take effect.

What is personal data?

Personal data is information of any nature, whatever its medium, including sound and image, relating to an identified or identifiable natural person. Identifiable means a person who can be identified directly and indirectly, in particular by reference to an identification number or one or more specific elements of his / her physical, physiological, psychic, economic, cultural or social identity.

Who is responsible for your data?

The urbanhotel.pt website is the property of Hotel Bemvindo - Hotel Management, Lda, headquartered at Estrada de Santa Eulália, 215 820-381 Albufeira, Portugal, registered at the Commercial Registry Office of Albufeira with registration number 513614826/2015, tax identification number PT513614826. Hotel Bemvindo Lda. Is responsible for the collection and use of your personal data as described below in this privacy statement. If you have questions, comments or complaints about Hotel Bemvindo's use of your personal data, you can email admin@urbanhotel.pt.

What data do we collect and how do we do it?

We collect five categories of personal data about you:

name and contact details;
reservation data;
data we collect when you contact our customer service;
data we collect when you visit our website or read our newsletter;
data from social networks;

Name and contact details: This is data you enter when you make a reservation, such as your first and last name, your date of birth, your address and place of residence, and your phone number and email address. If you are accompanied, we will also collect some of the data described in this section from your travel companions.

Reservation Data: The booking data is the data regarding the stay / accommodation. For example, arrival and departure date, price, number of nights, room type, supplements, rate type, etc.

To make your reservation, you will need a personal identification number, which may be related to your passport or other identification document, according to your nationality.

When you make a reservation you are directed to the payment network to complete it. To complete this payment, you must enter your payment details, such as a bank account or credit card number. Data concerning the means of payment will be the responsibility of our partners and they are also under the same regulation.

In the booking process you can indicate if you would like accommodation with special conditions such as reduced mobility. Under privacy law, this data is considered sensitive as it concerns your health. By entering this type of data, you authorize us to collect, use and share it with third parties for the purposes described in the "How we use your data" section.

Data we collect when you contact our customer service: When you contact our customer service either electronically or by phone, we define these contact moments in our systems. We may record telephone conversations for training purposes or to prevent or combat fraud.

Data we collect when you use our website or read our newsletter: When you visit our website, we record, among others, your IP address, browser type and your browsing behavior. We also collect this information through cookies, scripts and similar technologies. See our cookie statement for more information. If you receive a newsletter from us, we record when you opened that newsletter or clicked on a link.

Social Data: Depending on your social network settings, we may receive information from the service provider concerned. If you communicate with us through our social media pages (eg by posting a comment, uploading a photo or clicking the "like" button), we may receive this data. See your social media provider's privacy policy for more information about the personal data we receive and how you can change your settings.

We collect the above data in two ways, record the data you enter when booking a stay or when you contact our customer service and automatically record data when you browse our website, when you open a newsletter or when you communicate with us via social networks.

How do we use your data?

Urbanhotel.pt uses your data for four purposes:

to provide our services and to keep in touch with you;
for research aimed at improving our services;
for research aimed at improving our services;
for our administration and compliance with laws and regulations;

To provide our services and to keep in touch with you: When booking a stay we use the data for this purpose as described in the section "What data do we collect and how do we do it?". We use your name, passport number and other personal data to, for example, to book your hotel.

We only provide your medical details (eg a wheelchair request) to the accommodation so that the accommodation can provide you with the appropriate services requested. We do not use this data for other purposes.

We use your contact details to communicate with you. For example, to send you your electronic voucher or any booking changes. We also use your contact details to answer your questions when you contact our customer service.

We use your payment details to process your payment. Together with the payment service provider, our fraud department checks for the possibility of a fraudulent reservation using, for example, a stolen or blocked credit card.

For research to improve our services: We do research on trends related to how visitors and customers use our services, our website, customer services, and social networks. We do this to gather information about the behavior and preferences of our visitors and customers so that we can improve our services, the content of our website and our customer service. We also use the information referred to to develop new services.

For this search, we use automated tools with which we analyze the data described in the "Who is responsible for your data?" Section, including your booking data, any additional services you have purchased, and information about yourself (such as gender and your residence. ). Names, email addresses, or other information that may allow us to identify specific people are not reviewed, as we are only interested in general trends. We also do not use sensitive data. We may also combine the analyzed data with data we collect through cookies and similar technologies when you visit our website or information we receive from group companies or other sources.

For direct marketing based on your preferences and behavior: We use your data to send you newsletters, offers or other promotional messages. We do this by email and through other digital channels, such as apps and social networks, if you have explicitly given your consent.

We analyze and combine your data to tailor these messages to your preferences and behavior. For this purpose we use automated tools that analyze your data stored on our data management platform. For this purpose, we use your booking details, information about additional services you have purchased, and information about yourself (such as gender, residence and your accommodation preferences). We not only analyze and combine the data you enter, but also the data we collect through cookies, scripts and similar technologies (see our cookie statement for more information), from social networks and when you contact our support service. to the client.

In our emails, we may include personalized offers from urbanhotel.pt of our services and products. We tailor these offers to your interests.

We may use Facebook Custom Audiences, DoubleClick, and other networks to show you urbanhotel.com ads when the referred network or an associated website is visited. To that end, we may send your email address or other identifying information to Facebook (for example) to verify that you have a Facebook account. We may use your booking data to determine our audience. If you do not want your email address to be used for Custom Audiences, please contact our customer service. Check your social network website for more information about Custom Audiences. You may also have provided your consent to receive personalized advertisements on your Facebook timeline or on other social networks through our cookie policy. Please refer to our cookie policy to learn how you can cancel your consent.

We treat your personal data as described in this paragraph in defense of our legitimate interest and the interests of third parties to provide you with relevant updates and offers. You can unsubscribe from newsletters, offers or other promotional messages at any time by clicking on the unsubscribe link in the email or by contacting our customer service.

When you cancel your subscription, you will continue to receive our service emails (such as your booking confirmation and e-ticket). You may object to the use of your personal data for direct marketing purposes at any time.

For our administration and for compliance with laws and regulations: We use your personal data for internal administration purposes, such as records keeping, and to comply with our legal and tax obligations.

We collect and use your personal data to provide you with our services, to fulfill our legal obligations, in defense of our legitimate interests or the interests of third parties or with your consent, for example when we use your medical data.

If you withdraw your consent or do not provide the data we need to comply with your contract with you or our legal obligations, you may not be able to use our services or use them only to a limited extent.

If we treat your personal data in defense of our legitimate interests or the interests of a third party, those interests will have been weighed against your privacy interests. We will take steps to safeguard your privacy interests and to prevent unjustifiable harm to you as appropriate. Our legitimate interests may, for example, include security purposes or provide you with better services and offers. For more information about these interests, please refer to the purposes for which we handle your personal data, referred to above. More information on these weighting tests is available upon request.

Where we treat your personal data in defense of our legitimate interests or the interests of a third party, you have the right to oppose it at any time for reasons relating to your particular situation (see the section "How we protect you"). your data and how long do we keep it? ").

Which third parties have access to your data?

We may exchange data with third parties or make your data available to third parties for the following purposes:

with partners to implement their reservations;
with our suppliers who provide ancillary services;
the competent authorities, tax authorities and investigating authorities if urbanhotel.pt is required by law to do so;

Implement reservations: We provide your details to partners who are directly involved in your booking. We provide your data, for example, to service providers who are involved in your stay.

Dependency on ancillary services: For the provision of our services, we depend on third parties, p. IT providers, marketing agencies, online advertising companies, credit card companies, payment service providers, fraud prevention service providers, and online bookings. We have entered into agreements with these third parties, in which it is determined, among others, that they should treat your data confidentially and safeguard it properly.

Companies in our group, our partners and service providers may be based not only within the European Union, but also outside it. If a third party outside the European Union has access to your personal data, this constitutes an international transfer of personal data. When necessary, urbanhotel.pt takes appropriate measures to comply with the requirements imposed by the privacy regulations applicable to the international transfer of personal data.

How do we protect your data and how long do we keep it?

Urbanhotel.pt has adopted technical and organizational security measures to protect your data against loss or misuse, such as unauthorized access to data. In this context, we take into consideration state-of-the-art technology and the cost of implementation to ensure an adequate level of security from the risks involved in data handling and the nature of the data to be protected.

We keep your data for as long as necessary to fulfill the purposes as described in this privacy statement, but generally no more than 2 years after your last interaction with us, unless required to comply with our legal obligations or potential litigation. If we no longer need the data, it will be destroyed or anonymized so that you will no longer be able to make any connection to yourself.

How can I exercise my legal rights?

You may contact our customer service or DPO (Data Protection Officer) at admin@urbanhotel.com to exercise any of the rights granted to you by applicable data protection laws, including the right:

Please note that we may ask you to provide additional information to verify your identity.

Right of Access: You may ask us whether or not we treat your personal data and, if so, gain access to the data in the form of a copy. In fulfilling a request for access, we will also provide you with additional information, such as the purposes of processing, the categories of personal data concerned, and any other information necessary to enable you to exercise this right to the full.

Right of Rectification: You have the right to request rectification of your data if it is inaccurate or incomplete. Upon request, we will correct inaccurate personal data about you and, for purposes of processing, complete incomplete personal data, which may require an additional statement.

Right to Deletion: You also have the right to request the deletion of your personal data, which means that your data will be deleted by us as far as possible and by any other controller to whom we have previously made your data available. The deletion of your personal data only takes place in certain cases provided for by law and listed in Article 17 of the General Data Protection Regulation. This includes situations where your personal data is no longer needed for the initial purposes for which it was processed, as well as situations where it was illegally processed. Due to the way we maintain certain services, it may take some time for backups to be deleted.

Right to Portability: Your right to data portability lies in the fact that you may ask us to provide your personal data in a structured, commonly used and readable format and that such data be transmitted directly to another data controller when this is required. be technically feasible. Upon request and where technically feasible, we will transmit your personal data directly to another controller.

Right of Restriction to Treatment: You have the right to have the restriction on the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances that may give rise to this right include situations where the accuracy of your personal data has been challenged but it may take some time before we can verify its accuracy / inaccuracy. This right does not prevent us from continuing to store your personal data. We will let you know before the restriction is lifted.

Right of Objection: You also have the right to object to the processing of your personal data, which means that you may ask us to stop processing your personal data. This only applies in cases where the 'legitimate interests' motive (including profiling) is the legal basis for treatment.

You may oppose direct marketing purposes free of charge at any time if your personal data are processed for these purposes, including profiling insofar as it relates to their direct marketing. You may always exercise this right by canceling your previously given consent by following the instructions in the relevant marketing communication. If you exercise this right, we will no longer process your personal data for those purposes.

There may be situations where we have the right to refuse or restrict your rights described in this paragraph. In any event, we will carefully assess the applicability of such an exemption and will inform you accordingly.

We may, for example, refuse your request for access if it is necessary to protect the rights and freedoms of other individuals and refuse to delete your personal data if their processing is necessary to comply with legal obligations. The right to data portability, for example, does not apply if personal data was not provided by you or if we have processed the data not on your consent or in compliance with a contract.

You may also contact us if you have questions, comments or complaints regarding this privacy statement. If you have unresolved issues, you also have the right to file a complaint with your data protection authority.