Privacy and Personal Data Policy – applicable to Users of this Hospitality Business when making a reservation
Data Controller (we): The Hospitality Business which will provide to you, the user, the requested service. Our identification and contact details are available on the website you used to make your reservation / to pose your questions to us. They will also appear on our invoice which we’ll send to you.
Data Compliance Officer: Not applicable to Data Controllers’ activities.
User: You, who filled-in the reservation form or any other documentation related to it.
Purpose: The purpose of processing the data provided through this form is to manage the reservations made by you, user and/or to answer to the questions / requests you posed.
Legal basis:
– Either the need to perform our contract with you, user / the need to take steps at your request prior to entering into a contract.
– Or the consent of you, the user, by ticking in the box of acceptance of the Terms and Conditions of which this Privacy and Personal Data Policy is an integral part.
Duration: We will store the data provided by you, the user, during the time necessary for the management of the reservation you made, as well as of the accommodation services you requested. Once the management is finished, your data will be kept for six (6) months. If you consent to receive marketing and/or commercial information, your data will be stored until you revoke your consent.
Processor: We engage our partner CloudBeds (www.cloudbeds.com ) for carrying out the reservations engine of our business. Cloudbeds acts under our authority and we have signed a contract with Cloudbeds for the provision of their services.
Data subjects different from the users: Where you, user, provide us with personal data pertaining to a different data subject from yourself, you are responsible for such acts as well as for obtaining the respective consent of such data subjects for the provisioning of their data.
Transfer of Data: We shall not transfer personal data to a third country outside the EEA (European Economic Area).
Data Subject Rights: Data Subjects can exercise their rights of access, rectification, cancellation and opposition by sending an email or through the postal service to the contact details on our reservation website and on our invoices.
Supervisory Authority: If a data subject considers their rights affected, they can also appeal to the competent supervisory authority of the Member State concerned. More info at: https://ec.europa.eu/info/law/law topic/data-protection/data-protection-eu_en