Privacy Policy

Vale do Garrão, Lda. ("Vale do Garrão", “Ria Park Hotels”, “RPH, ”we" or "us") is the operating company of Ria Park Hotels. Ria Park Hotels collects, processes and uses as data controller certain personally identifiable information of guests, companies, business partners, or other parties as set below.
Your privacy is very important to us, so we have established and implemented information-handling practices that we believe are consistent with the best standards and practices of hospitality organisations.  
Ria Park Hotels Privacy Policy provides Guests, Potential Guests and other Stakeholders with information on how we collect, process and use personally identifiable information in connection with, preceding or following the stay at the hotel, or in relation to comercial relations with a partner or client.
We have prepared this Privacy Policy so that you can make an informed decision about the extent to which you provide your personally identifiable information to Ria Park Hotels.

OUR PROCEDURES AND VALUES:
• we will not use any personally identifiable information such as your name, email, mailing address or telephone number in a manner inconsistent with our Privacy Policy;
• we will not disclose your Personal Information to third parties except as described in this Privacy Policy, or unless you have authorised us to do so in advance; 
• we will allow you to view, correct or remove your Personal Information and other information that we may have collected;
• we will support all rights you may have under applicable data protection laws; and
• we will take reasonable steps to protect the security of the Personal Information we collect from you.

PURPOSES
We collect, process and use your Personal Information for purposes of providing the services of Ria Park Hotels, or in the context of a comercial relation with Ria Park Hotels, as requested by you, and in particular in connection with:
• Registering you at check-in to Ria Park Hotels and complying with applicable laws;
• Responding to and complying with requests and legal demands from regulators or other authorities in or outside of our country; and
• Exercising Ria Park Hotels rights under applicable laws;
• Managing and communicating with you for purposes of your stay;
• Providing you with advertising and promotional materials exclusively relating to us, via postal mail, e-mail or telephone;
• Maintaining your guest profile to enhance your stay at Ria Park Hotels, namely by automatically filling in reservation forms and other information request forms or identify your preferences and interests, for tailored service and marketing;
• Use combined information to describe our client base, without reference to any specific individual; we may use aggregated information we collect about your preferences and experiences to make recommendations to you or other Guests of the hotel. 
• We may also share aggregated statistical information about our Guests with others, not linking this statistical information to any Personal Information that can identify you as an individual. 

The providing of some Personal Information to us is wholly voluntary; however, refusal to provide Personal Information for the above-mentioned purposes may affect our ability to fulfil contractual obligations or to provide you with Ria Park Hotels services, information, and or material requested by you.

LEGAL GROUNDS
We rely on the following legal grounds for the collection, processing, and use of your Personal Information:
• performance of the Ria Park Hotels contract with you;
• legitimate interest of Ria Park Hotels, Ria Park Hotels affiliates or other third parties (such as existing or potential business partners, suppliers, governmental bodies, or courts) where the legitimate interest could be in particular:
◦ implementation and operation of information sharing;
◦ Stay management and other forms of marketing;
◦ Understanding Guest preferences to improve services and conduct business development; 
◦ physical security, IT and network security;
◦ internal investigations; and
◦ intended mergers and acquisitions.
• consent, as permitted by applicable law;
• compliance with legal obligations, in particular in the area of consumer protection law, data protection law, tax law, and corporate compliance laws;
• protection of the vital interests of you or of another individual;
• performance of a task carried out in the public interest or in the exercise of official authority vested in Ria Park Hotels.

PERSONAL INFORMATION COLLECTED

Personal Information
We collect Personal Information that is necessary for us to provide you with Ria Park Hotels services, including but not limited to:
• Name;
• Address (home or business);
• Gender (Mr., Mrs., or Ms.);
• Date of birth;
• Email address;
• Phone number;
• Credit card information;
• Preferred language;
• The amount you spend on the services at Ria Park Hotels and other stay information (such as length of stay, room preferences and amenities);

Some of the Personal Information provided is non-mandatory but not providing such information may result in reduced capacity for us to provide Ria Park Hotels services
and amenities.

Marketing Opt-in and Opt-out
When providing us with your Personal Information, you may choose whether you wish to receive advertisements, updates and promotions from us, which may be communicated via email, postal mail or operator-assisted phone calls. 
We hope you will find these items interesting and informative. Nonetheless, we will only send you this information if you consent to receiving offers, promotions, newsletters and information available to you as a guest or future guest of Ria Park Hotels (“opt-in consent”). After opting in, you will have the opportunity at any time to opt out if you change your mind.

SHARING AND TRANSFER OF PERSONAL INFORMATION
For the purposes described above, we may transfer and share your information with third parties including contractors, agents or data processors, some of whom may be located outside of our jurisdiction, to enable such parties to provide services to us and to improve our service offerings to you. We will establish appropriate contract terms or other protections to appropriately safeguard such data.
The recipients identified above may be located inside or outside the European Economic Area ("EEA"). Certain recipients are located in a country outside of the EEA that is recognised as providing an adequate level of data protection from a European data protection law perspective, such as Andorra, Argentina, Canada, Faeroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland and Uruguay. Certain recipients in the U.S. are certified under the EU-U.S. Privacy Shield and thereby also recognised as providing an adequate level of data protection from a European data protection law perspective. Other recipients might be located in countries which do not adduce an adequate level of protection from a European data protection law perspective. With respect to transfers to countries not providing an adequate level of data protection, we may base the transfer on appropriate safeguards. 

Required Disclosures
In addition to the circumstances described above, Ria Park Hotels may disclose information you have provided if required to do so by law, court order, as requested by any government or law enforcement authority, or in the good faith belief that disclosure is otherwise necessary or advisable including, without limitation, to protect the rights of Ria Park Hotels when we have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

DATA SECURITY
We maintain technical, electronic, and organisational security procedures to maintain the security of Personal Information and safeguard Personal Information against unauthorised or unlawful processing and/or against accidental or unlawful loss, alteration, disclosure or access.

RETENTION OF PERSONAL INFORMATION
We will maintain Personal Information for as long as we are required to do so by applicable law(s), or for as long as necessary for the purpose(s) described above for which it is processed and until a request for deletion. 
We may only delete Personal Information when it is no longer needed to comply with legal or regulatory obligations to which Ria Park Hotels is subject and, in any case, upon expiration of the storage term set forth by applicable law.

YOUR RIGHTS
Right to withdraw your consent: If you have declared your consent regarding certain types of processing activities (in particular regarding the receipt of direct marketing communication via e-mail, postal mail, and operator-assisted phone calls), you can withdraw this consent at any time with future effect. 
Such a withdrawal may be performed in the links sent our in all newsletters or by contacting us as stated in the Contact Information section below.
Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal.

Additional data privacy rights: Pursuant to applicable data protection law, you may have the right to: (i) request access to your Personal Information; (ii) request rectification of your Personal Information; (iii) request erasure of your Personal Information; (iv) request restriction of processing of your Personal Information; (v) request data portability; and (vi) object to the processing of your Personal Information (including profiling). Please note that these aforementioned rights might be limited under the applicable national data protection law and that not all date uses may be pursued by Ria Park Hotels:

• Right of access: You may have the right to obtain from us confirmation as to whether or not Personal Information concerning you is processed, and, where that is the case, to request access to the Personal Information. The access information includes – among other things – the purposes of the processing, the categories of Personal Information concerned, and the
recipients or categories of recipient to whom the Personal Information have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access.
• Right of copy: You may have the right to obtain a copy of the Personal Information undergoing processing. For further copies requested by you, we may charge a reasonable fee based on administrative costs. 
• Right to rectification: You may have the right to obtain from us the rectification of your Personal Information . Depending on the purposes of the processing, you may have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
• Right to erasure (right to be forgotten): Under certain circumstances, you may have the right to obtain from us the erasure of Personal Information concerning you and we may be obliged to erase such Personal Information.
• Right to restriction of processing: Under certain circumstances, you may have the right to obtain from us restriction of processing your Personal Information. In this case, the respective data will be marked and may only be processed by us for certain purposes. As Ria Park Hotels processes and uses your Personal Information primarily for purposes of performing our services to you, Ria Park Hotels will in principle have a legitimate interest for the processing which will override your restriction request, unless the restriction request relates to marketing activities.
• Right to data portability: Under certain circumstances, you may have the right to receive your Personal Information, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit that data to another entity without hindrance from us.
• Right to complaint: You have the right to lodge a complaint with the competent data protection supervisory authority (in Portugal, the “CNPD - Comissão Nacional de Protecção de Dados”). 
All requests must be made the owner of the Personal Information requested or by adequate legal representation and Ria Park Hotels reserves the right to request proof of such ownership.

NOTIFICATION OF CHANGES
This RPH Privacy Policy may change from time to time. 
If we decide to change this Privacy Policy in a material way, we will post notice of the change on this Privacy Policy and notify you via email at the address you have provided to us at least thirty (30) days before putting the change into effect. We will obtain your consent to such changes where required by applicable law. 
If we decide to change our Privacy Policy in a less significant way, we will simply post notice of the change on this Privacy Policy at least thirty (30) days before putting the change into effect. If any proposed change is unacceptable to you, you may request that we remove your Personal Information from our records, within the terms stated above.

CONTACT INFORMATION
To exercise your rights of if you have any questions or concerns about (a) access to Personal Information, (b) the collection, use, management or disclosure of Personal Information, (c) this Privacy Policy or our information handling practices, or (d) with whom your Personal Information is shared, or if you need further assistance with respect to our Privacy Policy, please contact our Privacy Officer us as indicated below. We will attempt to respond to your questions or concerns promptly after we receive them.

Telephone: (+351) 289 359 800
Email: privacy@riaparkhotels.com
Mailing Address:
To the attention of: Ria Park Hotels Privacy Officer
Ria Park Hotels,
Urbanização Vale do Garrão, Lote 112
8135-951 Almancil, Portugal

Effective: February 2018
Share by: