Covid-19 update: safety and cleaning procedures

Eurotel AlturaEurotel Altura

Privacy Policy - Eurotel Altura

Privacy Policy

Gracer - Algarve Tourism Society, SA

This privacy policy describes the commitment of Gracer - Sociedade de Turismo do Algarve, SA / Eurotel Altura, to the protection of personal data and privacy, namely the way personal data are processed, how their security is guaranteed, what types of entities are transferred and what are the rights of the holders, as well as the contacts for personal data protection and privacy purposes.

1. Background, scope and general principles

Gracer - Algarve Tourism Society, SA / Eurotel Altura is a business group that operates in the tourism and hotel sector, with the operation of hotel units and tourist villages.
In order to develop its business activity Gracer - Algarve Tourism Society, SA / Eurotel Altura usually carries out operations of processing personal data of clients or potential clients, users of the site (https: // www.eurotel- , partners, service providers and suppliers. The processing of personal data is supported on the following principles:

- Transparency and communication - managing information and communication channels
holders of personal data in an accessible and simple manner.

- Legality, lawfulness and purpose of processing - to ensure the processing of personal data in accordance with applicable laws, regulations and standards and for legitimate purposes only.

- Minimization, accuracy and conservation - treat the necessary personal data, accurate and updated, by those who need to intervene in the process; store and preserve personal data for a specific purpose.

- Security, confidentiality and confidentiality - raise awareness and train employees for the proper management of personal data, information security, the duty of confidentiality and confidentiality, both in relation to personal data and information on the activity of group companies.

2. Concepts

Personal data, in accordance with the general data protection regulation in force, is information relating to an identified or identifiable natural person ('data subject'); A natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, electronic identifiers or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

3. Data controller

Gracer - Sociedade de Turismo do Algarve, SA / Eurotel Altura is the entity responsible for the processing of personal data, deciding on the types and categories of personal data and the processing and purposes for which they are used, as well as the transfers of personal data to third parties, subcontractors.

These, on your behalf, in accordance with applicable laws / regulations, this privacy policy and the specific rules and agreements established with such third parties, will process their personal data. Personal data may be transferred to providers of the following types of services: information system management, processing, payment and e-invoicing, tour operators and travel agencies, business promotion and marketing, user experience, occupational medicine, consulting, auditing, security, banking, insurance, temporary work, event planners and business partners, legal services, cleaning, transportation, general maintenance services, among others, as may be necessary for the group's business activity and development. business.

Contacts: Avenida 24 de Junho, 8950-411 Altura, Faro
Email address for privacy and data protection purposes

4. What personal data are processed

In general, Gracer - Algarve Tourism Society, SA / Eurotel Altura collects and processes personal data to enter into contracts related to the provision of hotel services and their operations, to comply with legal obligations and security requirements, to manage promotions. or special offers, manage wellness center or user experience services, provide information, advertising and content on physical and digital media, including site and social media usage, newsletter subscription, registered access, contacts telephone, manage customer relationships and preferences, customer experience and manage specific occurrences during the stay, preserve the health and vital interest of the personal data subject or to ensure the public interest.

Personal data may be provided by the owner himself, by telephone, in person or by digital means, or collected indirectly through official entities and authorities, business partners or other companies of the business group.

In response to different purposes, the following categories of personal data may be processed:

- general identification and contact details - name, gender, address, email address, telephone contact, tax and civil identification number, family information when required;

- identification and professional background - function and curriculum, administrative, tax, parafiscal, income, type of employment;

- personal data related to preferences, user experience, billing and payment information, as well as customer-specific requirements for the stay, collected and related to making reservations, contracts, business proposals, provided on information forms and media physical or digital, for later contacts, general context photographs, at events and
campaigns organized by the group's hotel units, as well as others that may prove necessary for the administrative, commercial and institutional activities of the group's hotel units;

- data collected from the use of the company's website, including those provided on the contact form (first name, last name, email, telephone, country, locality, request to place, detailed information related to the type of request and message) , subscription and (uns) subscription to the newsletter and others related to the type of use, browsing or cookies, to improve the experience of
use of the site;

- personal data contained in confidentiality and professional secrecy commitments, agreements with suppliers, partners and subcontractors, as well as data on access and use of information systems in the group's hotel units;
- Data relating to the satisfaction assessment with the services provided by the group's hotel units may also be processed.

5. Purpose, legal basis and retention period applicable to the processing of personal data

i. Purpose: Execution of employment, internship and temporary employment contracts and management of the employment or internship relationship with employees and interns
- Legal basis: Execution of the Contract; Compliance with legal obligation.

Retention period: 12 years after termination of contractual relationship; thereafter, historical archive and legitimate interest.

ii. Purpose: Managing Recruitment and Application Processes
- Lawfulness: Pre-contractual due diligence. Shelf life: 2 years; thereafter legitimate interest or opposition to treatment.

iii. Purpose: Commercial management and Relationship management with customers, suppliers and partners (examples: reservations, check in and check out, invoicing, daily operations at hotel units, activities and services offered by hotel units, purchasing, logistics, etc.) ..)

- Lawfulness: Pre-contractual Due Diligence or Contract Execution;
Fulfillment of legal obligation; Consent when applicable.
Retention period: 12 years after termination of contractual relationship; thereafter legitimate interest, legal process, withdrawal of consent or opposition to treatment.

iv. Purpose: Relationship management with service providers
- Lawfulness: Pre-contractual Due Diligence or Contract Execution;
Compliance with legal obligation. Retention period: 12 years after termination of contractual relationship; subsequently, legitimate interest, court proceedings.

v. Purpose: Marketing, advertising, newsletter, event organization, user experience
- Legal basis: Contract; Legitimate interest; consent where applicable.
Retention period: termination of contract or legitimate interest; withdrawal of consent.

saw. Purpose: Contact management using the company website
- Legal basis: pre-contractual diligence; Legitimate interest; consent where applicable.
Retention period: duration of legitimate interest; withdrawal of consent or opposition to treatment.

vii. Purpose: Satisfaction assessment by customers or other stakeholders; information security and auditing; physical security and video surveillance
- Legal basis: Legitimate interest; in the case of video surveillance, authorization of the supervisory authority.
Retention period: end of legitimate interest; opposition to treatment;
In the case of video surveillance, legal term.

6. How and with what measures personal data are processed

The processing of personal data is carried out through automatic and manual processes, with the adoption of appropriate and considered proportionate technological and organizational measures and controls to protect and preserve them. These include authentication and access management of systems and facilities, monitoring of technological infrastructure, access control,
misuse and abnormal traffic, incident management through technical support to systems, data storage with specific security rules, management of system usage profiles, restricted access to information on any media, entering into confidentiality and professional secrecy commitments with all staff, as well as interns, and their training and awareness. Depending on the specific needs and requirements of information management, more robust techniques aimed at anonymizing or further protecting information such as encryption or encryption may be used.

Within the historical archives and for statistical purposes, personal data will, where possible, be anonymised and may be preserved for longer periods, as well as used for primary or new purposes, if compatible.

Personal data may be transferred, for the same purposes, to the entities required by law or to third parties. The hotel units of the group may also transfer data to third parties in the context of investigations, investigations and judicial and / or administrative proceedings or similar nature, provided that this is properly ordered by court order. Due to the nature of the hotel activity, and for the execution of contracts with clients, data may be transferred to partners or suppliers, as well as to public or private entities operating in the health area, with a view to preserving the vital interests of customers or employees. If sharing and processing of personal data requires transfers to third parties outside the Economic Area
In the European Union, the group's hotel units undertake to act in accordance with the legislation in force and the General Data Protection Regulation as regards the transfer of personal data.

7. Rights of data subjects

The response to requests for access and information, the collection and consultation of personal data, updating or modification will be ensured, and the deletion, restriction and opposition to the processing and cessation of automatic processing of personal data for profile management may be requested. applications in accordance with current legislation. In cases where consent has been given, it may be withdrawn using the contact:

You may also contact the national data protection supervisory authority.
if it deems it necessary and relevant.

8. Privacy Policy Changes

Gracer - Algarve Tourism Company, SA / Eurotel Altura reserves the right to readjust or amend this Privacy Policy, and these will be posted on the company's website.

9. Use of cookies or information related to the use of digital devices.

It is safeguarded in this privacy policy that cookies may be used and dealt with to improve the experience of using the institutional website of Gracer - Algarve Tourism Society, SA / Eurotel Altura, as well as information related to the use of the institutional website for improved user experience.

What are cookies? Small software tags stored on the computer through the browser, retaining information related to your preferences.

What are cookies for? To determine the usefulness, interest and number of uses of websites, allowing for faster and more efficient browsing.

How can you manage cookies? All browsers allow the user to accept, decline or delete cookies by selecting the appropriate settings in their browser. You can set cookies in the "options" or "preferences" menu of your browser. By disabling cookies, you may prevent some services from functioning properly, partially or totally affecting website navigation.

We use first-party and third-party cookies for analytical purposes and to show you advertising related to your preferences, based on your browsing habits and profile. You can configure or block cookies by clicking on “Cookies settings”. You can also accept all cookies by clicking on “Accept all cookies”. For more information, please consult our Cookie Policy.

Cookies Settings:

Cookies and other similar technologies are an essential part of how our Platform works. The main goal of cookies is to make your browsing experience easier and more efficient and to improve our services and the Platform itself. Likewise, we use cookies to show you targeted advertising when you visit third-party websites and apps. Here, you will find all the information on the cookies we use. Furthermore, you will be able to activate and/or deactivate them according to your preferences, except for any cookies that are strictly necessary for the functioning of the Platform. Keep in mind that blocking certain cookies may affect your experience on the Platform, as well as its functioning. By clicking “Confirm preferences”, the cookies selection you have made will be saved. If you have not selected any options, clicking this button will be the same as blocking all cookies. For more information, please consult our Cookie Policy.

Cookies Settings
Accept all Cookies