Montargil Monte Novo adopts appropriate measures to ensure the protection of your personal data, compliance with the applicable legislation, namely the Regulation (CE) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data or General Data Protection Regulation (hereafter “GDPR”).
What is personal data?
Personal data is any information that relates to an identified or identifiable individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Examples of personal data: a name and surname, an address, an email address, an identification card number, location data, an Internet Protocol (IP) address, a cookie ID.
Who is the data controller?
The controller of your personal data is Montargil Monte Novo situated at Estrada Nacional, 2, Montargil, 7425-100.
Which data is collected and for what purposes?
Montargil Monte Novo collects 2 (two) types of data: personal data and anonymous data. The anonymous data are data that generally do not reveal your specific identity or do not directly relate to an individual. To the extend other data reveal your specific identity or relate to an individual, we will treat anonymous data as personal data. Anonymous data includes: browser and device data, data collected through cookies, pixel tags and other technologies, demographic data and other data provided by you and aggregated data. We collect anonymous data in a variety of ways: your browser or device, cookies, pixel tags and other similar technologies, analytics, your IP address and aggregated data. We collect personal data in a variety of ways: voluntarily provided by the user, in particular, when you communicate with us by phone, email or fax, when you make a reservation, when you fill out a form, among others. We also collect personal data from other sources, such as public databases, joint marketing partners and other third parties.
Personal information we collect:
- Identification Data such as name, gender, age or date of birth, marital status, profession, citizen card number / passport / residence permit and its expiration date, national or foreign tax identification and photograph; - Contact details, such as address, email address, phone and mobile contacts, among others; - Bank account identification data, such as bank account information, including IBAN, credit card number, cardholder name and expiration date, among others.
Data is collected and processed for the following purposes:
- Services pertaining to hotel, restaurant, bar, leisure facilities and organization of all kinds of tourist activities and events;
- Customer contact management;
- Customer invoicing and billing;
- Customer registration on the website;
- Inform the Client, upon request, of the availability of new services, offers and special campaigns, updated information about activities in our accommodation and, in general, for the purpose of marketing of Montargil Monte Novo;
Can Montargil Monte Novo collect personal data from minors?
Montargil Monte Novo does not intentionally collect (and is unable to distinguish) personal data from children under age 16. However, if any personal data from children under age 16 is collected it will be immediately deleted.
What is the data retention period?
- The length of time we have an ongoing relationship with you;
- Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them);
- Whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).
Can personal data be disclosed to third parties?
We may disclose your personal data to third parties. When we share your personal information with third parties, they will process your information as either a data controller or as our data processor and this will depend on the purposes of our sharing your personal data with such third party.
Montargil Monte Novo may disclose your personal data to: (i) legal and regulatory authorities; (ii) our external advisors; (iii) our Processors; (iv) any party as needed in connection with legal proceedings; (v) any party necessary for investigating, detecting or preventing criminal offences; and (vi) any third party providers of advertising, plugins or content used on our site. We will only share your personal data in compliance with the applicable data protection laws and regulatory requirements. Transfers may be made outside the EU where we are satisfied that appropriate safeguards are in place over the transferring and processing of such information or data. We may share some broader statistics and user profiling information with third parties, but the information or data will be anonymized, so you will not be identifiable from that data. We will not rent or sell your data and/or information details to any other organization or individual.
What security procedures ensure data protection?
Montargil Monte Novo takes all necessary and legally required precautions to ensure the privacy of your personal data handled and transmitted through its digital platforms. These measures include physical security measures and other measures such as the use of firewalls and systems intrusion detection, the existence of a policy of access to information and logging. These precautions ensure online and offline security of the information. Whenever sensitive information is collected or used, the data will be encrypted using the Secure Socket Layer (SSL) protocol. This technology is used to improve the security of data transmission over the Internet, encrypting and protecting data and sensitive information using the HTTPS protocol. SSL guarantees the holder of personal data that the data will not be fraudulently intercepted and that all information is treated with maximum security. Montargil Monte Novo is not responsible for the content accessed through any link that causes the holder of personal data to navigate outside the digital platforms of Montargil Monte Novo. Third party websites that are accessed through links on our web site have separate privacy and data collection practices and security measures. We have no responsibility or liability for the practices, policies and security measures implemented by third parties on their web sites. We recommend that you always browse and carefully read the privacy policies, as well as the applicable terms and conditions.
What are the rights of personal data holders?
According to the GDPR, you are guaranteed the following rights:
- Right to be informed
- At the moment of its collection or processing, the holder of the personal data has the right to be informed of the following:
- Purpose of treatment;
- Responsible for data processing;
- Entities to which your data may be communicated;
- Conditions for access and rectification of your data; and
- What mandatory and optional data will be collected.
Right to Access
- The holder of the personal data has the right to access them, without restrictions or delays, as well as to know what information is available on the origin of the data, purposes of treatment and communication to third parties.
Right to Rectification
- The holder has the right to demand that the data about him/her are accurate and up to date, and may at any time request rectification from the Salgados Beach Villas data controller.
Right to Erasure
- The data subject has the right to have his / her data ceased to be processed, erased and deleted under certain conditions, in the case of:
Right to Restrict Processing
- The holder of personal data has the right to have his/her data limited only to the essential for the purpose of the data treatment.
Right to Data Portability
- The data holder has the right to receive or to request the transmission of the data to another entity. This entity will be responsible for the personal data (only if technically possible).
Right to Object
- The data subject has the right to object, at his/her request and free of charge, to the processing of his/her personal data. This is valid for the purpose of direct marketing or any other form of prospecting. Data subject also has the right to object that his/her personal data are communicated to third parties, unless otherwise provided by law.
Right to be informed about the existence of a data breach
- The owner of the personal data has the right to be informed if there is a security breach that compromises his/her data.
Right to Lodge a Complaint
- The holder of personal data has the right to complain not only to the controller of personal data of the company, but also to the control authority, the National Data Protection Commission (www.cnpd.pt). If you wish to exercise your rights, please send your request to the contacts below.
Data Protection Officer
- Contacts For any questions you may have regarding the protection of your personal data, contact the Data Protection Officer (DPO) at the following addresses: Email: firstname.lastname@example.org; Address: Estrada Nacional, 2, Montargil, 7425-100.