The protection of your personal data is a priority for the accommodation provider. Below, we describe who we are, the purposes for which we may use your personal data, how we process it, with whom we share it, how long we retain it, as well as how to contact us and exercise your rights.
Who are we?
Your data will be processed by the accommodation – Registration number 172927/AL (hereinafter referred to as Sunset Guesthouse); Registration number 80951/AL (hereinafter referred to as Sunset Room). The accommodation is the data controller within the meaning of the General Data Protection Regulation (hereinafter referred to as the GDPR).
Why do we process your information?
Your personal data may be collected and processed by the accommodation provider for the following purposes: a) To comply with legal obligations to which the accommodation provider is subject, in particular communications with immigration and border control authorities and for billing purposes. b) For the purposes of performing the temporary tourist accommodation contract or the Local Accommodation Management Contract entered into with the accommodation provider, namely payment transactions, management of check-ins and check-outs, guest management, collection of deposits, provision of services complementary to the stay such as cleaning, transfers and breakfast or grocery services, management of contractual obligations or for pre-contractual procedures. c) For the purposes of mobile and email communications, including commercial information and communications, digital platforms, as part of the accommodation’s marketing strategies, commercial and contractual information and communications, as well as for requests for information. d) For the purposes of protecting property or assets held by the accommodation, as well as for statistical analysis.
Failure to provide personal data for the purposes set out in points (a) and (b) will result in the accommodation provider failing to comply with statutory obligations and, consequently, may lead to the termination of the Temporary Tourist Accommodation Contract or the Local Accommodation Management Contract entered into, without entitlement to any compensation, as well as to substandard services provided by the accommodation provider for which they cannot be held responsible.
What kind of personal data do we collect?
In the course of its business, the accommodation provider will collect and process the personal data necessary for the provision of the contracted services, requests for information or pre-contractual management, namely identification details, contact details, bank details or payment card details.
Why do we process your data?
The processing of your personal data will be carried out on the basis of the performance of the temporary tourist accommodation contract, the Local Accommodation Management Contract, and compliance with legal obligations imposed on the accommodation provider, in particular under legislation governing the entry, stay and departure of foreign nationals in Portugal and tax legislation (Article 6(1) (b) and (c) of the GDPR). Furthermore, the personal data collected for the purposes set out in point (c) of the previous paragraph is based on the consent you have given to the accommodation provider for its processing (Article 6(1)(a) of the GDPR). For the purposes set out in point (d) of the previous paragraph, the accommodation provider will process personal data on the basis of its legitimate interest (Article 6(1)(f) of the GDPR).
How long do we keep your information?
Unless otherwise required by law, regulation or court order, the personal data collected will be retained only for the minimum period necessary for the purposes for which it was collected or subsequently processed.
To whom might we disclose your personal data?
The accommodation provider may need to share some of your personal data with other recipients. These recipients include: a) Organisations and/or companies affiliated with the accommodation provider, provided they adhere to an equivalent personal data protection policy. b) Public bodies to which the accommodation provider is legally obliged to provide information, namely the Foreigners and Borders Service and the DGCI – Directorate-General for Taxation. c) Subcontractors providing certain services relating to your personal data under a subcontract and for the sole purpose of providing technical assistance to the accommodation provider. These include, in particular, website hosting providers, email marketing service providers, cleaning service companies, law firms, accountancy firms and insurance companies. d) Competent authorities to whom the hosting provider is legally obliged to disclose information during legal proceedings or to detect technical and/or security issues, such as judicial bodies or competent supervisory authorities.
Is my data transferred to countries outside the European Union?
Your personal data, collected by the accommodation provider, will not be transferred to any entity established outside the territory of the European Union. In exceptional cases and subject to certain conditions, the accommodation provider may transfer your personal data to countries outside the European Union, in accordance with applicable legislation, in particular for the purposes of hosting or storing data, outsourcing technical processing, backing up and recovering hosted data, and developing services. The hosting provider guarantees that it will not transfer your personal data to countries that do not ensure an adequate level of protection, in accordance with the provisions of the GDPR.
What are my rights?
At any time, in accordance with the GDPR, you may request access to your personal data, as well as its rectification or erasure, restriction of processing, the right to object and the right to data portability. If the requests submitted are manifestly unfounded or excessive, in particular due to their repetitive nature, the accommodation provider may charge a reasonable fee taking into account the administrative costs of providing the information or communication, or of taking the requested measures, or may refuse to comply with the request. In the case of personal data whose processing by the hosting provider is legitimised by the consent you have given, you are granted the right to withdraw your consent, without the exercise of such a right compromising the lawfulness of the processing carried out on the basis of the consent previously given, nor the subsequent processing of the same data, based on another legal basis, such as the performance of the contract or the legal obligation to which the hosting provider is subject. You also have the right to lodge a complaint with the National Data Protection Commission.
Security and confidentiality
We are committed to keeping your data secure and use appropriate security measures to ensure that your personal data is protected and to prevent unauthorised access to it. However, data transmission over the internet is not completely secure, and we cannot provide an absolute guarantee of the security of information transmitted via our website. We also respect the confidentiality of your information. Therefore, we do not sell, distribute or otherwise make your information commercially available to third parties. The hosting provider undertakes to keep your information confidential in accordance with this Privacy Policy and applicable legislation.
Do you have any questions?
If you have any questions regarding the processing of your personal data, or if you wish to exercise any of your rights, please contact us: E-mail:sunsetaljezur@gmail.com Address: Loteamento Municipal de Maria Vinagre No. 9 8670-430 Rogil, Aljezur
Please note that the accommodation occasionally updates this Privacy Policy. Therefore, please review this document from time to time to ensure you have the most up-to-date information.