Santiago de Alfama, Best Urban Hotel in Europe by Condé Nast Johansens
Scroll

Privacy and Data Policy

Data Protection and Privacy Policy

Commitment to Data Protection and Privacy
Santiago de Alfama Boutique Hotel is implementing the necessary technical and organizational measures to comply with applicable national and EU legal standards on data protection, privacy, and information security, particularly those outlined in the General Data Protection Regulation (GDPR).

Data Controller
Santiago de Alfama Boutique Hotel is the entity responsible for processing all personal data provided to it for the provision of services requested by the data subject or their legal representative.

Collection and Processing of Personal Data
Santiago de Alfama Boutique Hotel processes personal data that is strictly necessary for providing information, carrying out administrative procedures within its scope of responsibilities, and promoting its activities, in accordance with interactions through various communication and service channels.
The personal data collected by Santiago de Alfama Boutique Hotel is processed electronically whenever possible, ensuring protection, privacy, and security in accordance with current legislation.

Legal Principles
All data processing operations are guided by the fundamental legal principles applicable to data protection and privacy, including the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, storage limitation, accuracy, integrity, and confidentiality. Santiago de Alfama Boutique Hotel is committed to demonstrating its accountability to the data subject or any other third party with a legitimate interest in this matter.

Lawfulness and Purpose of Processing
The data processing operations carried out by Santiago de Alfama Boutique Hotel are carried out for one or more specific purposes, with the legitimacy based on the consent of the data subject and the necessity of the processing for:

- The execution of a service contract in which the data subject is a party;

- The fulfillment of a legal obligation to which the data controller is subject.

Personal data collected may also be processed for statistical purposes, for information dissemination or promotional actions, and for communication purposes, through direct communication (whether by mail, email, messages, or any other electronic communication service).

However, prior information and explicit consent will always be obtained for these additional purposes. Citizens have the right to object to the use of their personal data for other purposes at any time.

Data Retention Period
Personal data will be retained for the period necessary to fulfill the purposes for which it was collected or subsequently processed, with the aim of ensuring compliance with all applicable legal requirements regarding record-keeping.

Use of Cookies
The cookie usage policy is available at santiagodealfama.com.

Communication of Data to Other Entities
The provision of information through various service and communication channels may occasionally involve the use of third-party subcontracted services, which may result in these entities accessing personal data.
In such cases, and whenever necessary, Santiago de Alfama Boutique Hotel will only engage entities that provide sufficient guarantees for implementing appropriate technical and organizational measures to comply with the applicable regulations. These guarantees will be formalized in a contract signed between Santiago de Alfama Boutique Hotel and each of these third-party entities.

Recipients of Data
Except in the context of fulfilling legal obligations, personal data will not be communicated to third parties other than subcontracted entities or legitimate recipients. Additionally, no data will be communicated for purposes other than those mentioned above.

Security Measures
Considering the most advanced techniques, implementation costs, and the nature, scope, context, and purposes of processing, all entities that are (sub)contracted by us implement the necessary technical and organizational measures to ensure an appropriate level of security relative to the risk.

To this end, various security measures may be adopted to protect personal data against dissemination, loss, misuse, alteration, processing, or unauthorized access, as well as against any other form of unlawful processing.

It is the sole responsibility of the data subject to keep access codes confidential, not sharing them with third parties. Additionally, in the case of software applications used to access channels, the data subject must maintain and store access devices securely and follow the security practices recommended by manufacturers and/or operators, including the installation and updating of necessary security applications, such as antivirus software.

If it is necessary to subcontract services to third parties who may have access to the personal data of the data subject, subcontractors of Santiago de Alfama Boutique Hotel will be required to adopt security measures and protocols, as well as other technical measures to protect the confidentiality and security of personal data, to prevent unauthorized access, loss, or destruction of personal data.

Exercise of Rights of Data Subjects
As data subjects, you may, at any time, exercise your rights regarding data protection and privacy, including the rights of access, rectification, erasure, portability, restriction, or objection to processing, in accordance with the terms and limitations established in the applicable regulations.

Any request to exercise data protection and privacy rights should be directed to Santiago de Alfama Boutique Hotel, in writing, by the respective data subject, according to the procedure and contact information provided below.

Complaints and Suggestions
Data subjects have the right to file a complaint, either through registration in the Complaints Book or by submitting a complaint to the regulatory authorities.

They may also submit suggestions via email to the following address: rgpd@santiagodealfama.com.

Communication of Incidents
Santiago de Alfama Boutique Hotel has appointed a Data Protection Officer and has implemented measures in the areas of data protection, privacy, and information security.

Data Protection Officer:
Priscila Vilhena Ganga
rgpd@santiagodealfama.com

In the event that data subjects wish to report any incident involving a personal data breach that causes, accidentally or unlawfully, destruction, loss, alteration, disclosure, or unauthorized access to personal data transmitted, stored, or subject to any other form of processing, they may contact the Data Protection Officer following the instructions and contact details provided above.

Changes to the Privacy Policy
Santiago de Alfama Boutique Hotel may, at any time, make changes it deems necessary to this Data Protection and Privacy Policy in order to ensure its updating, development, and continuous improvement. These changes will be properly announced publicly on the website santiagodealfama.com to ensure transparency and information.

We use first-party and third-party cookies for analytical purposes and to show you advertising related to your preferences, based on your browsing habits and profile. You can configure or block cookies by clicking on “Cookies settings”. You can also accept all cookies by clicking on “Accept all cookies”. For more information, please consult our Cookie Policy.

Cookies Settings:

Cookies and other similar technologies are an essential part of how our Platform works. The main goal of cookies is to make your browsing experience easier and more efficient and to improve our services and the Platform itself. Likewise, we use cookies to show you targeted advertising when you visit third-party websites and apps. Here, you will find all the information on the cookies we use. Furthermore, you will be able to activate and/or deactivate them according to your preferences, except for any cookies that are strictly necessary for the functioning of the Platform. Keep in mind that blocking certain cookies may affect your experience on the Platform, as well as its functioning. By clicking “Confirm preferences”, the cookies selection you have made will be saved. If you have not selected any options, clicking this button will be the same as blocking all cookies. For more information, please consult our Cookie Policy.

These cookies are necessary for the correct functioning of the Platform, and they cannot be deactivated on our systems. Generally speaking, they are configured to respond to actions made by you when requesting services, such as adjusting your privacy preferences, logging in to your account or filling out forms. You can configure your browser to block these cookies or alert you when they are present; however, some parts of the platform will not work without them.

Cookies List:

Name Provider Purpose Expiry
PHPSESSID Guestcentric Used to manage user sessions Session

These cookies allow us to count the number of visits and sources of traffic in order to measure and improve the performance of our Platform. They help us to know which pages are the most and least popular, and how many people visit the website. If you do not allow these cookies, we will not know when you visited our Platform.

Cookies List:

Name Provider Purpose Expiry
_ga Google Used to distinguish users 2 years
_gid Google Used to distinguish users 24 hours
_gat_gcTracker Google Throttle Request Rate 1 minute

These cookies enhance the functionality and personalisation of the Platform. They can be put in place by us or by third parties whose services we have incorporated into our pages. If you do not allow these cookies, some of our services will not function properly.

Cookies List:

Name Provider Purpose Expiry
GCShoppingActivations_<GCID>_BEST_RATE_GUARANTEED Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_RESERVATION Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_RESERVATIONS Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>_LAST_WEEK_STAYS Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingActivations_<GCID>TODAY_BEST_OFFER Guestcentric Popup display control. Stores a true/false flag that indicates if the popup was already displayed. 10 minutes
GCShoppingVisits_<GCID> Guestcentric Count visits to control popup display 1 Month
GCShoppingRecovery_<GCID>_EXIT Guestcentric Display shopping recovery 1 Month
Cookies Settings
Accept all Cookies