Data Privacy Policy

To Dom Pedro Hotels & Golf Collection users and customers privacy and security regarding personal data, is a priority.
In exception to the circumstances described in this privacy policy, Dom Pedro Hotels & Golf Collection does not share personal information with third parties.
The Group adopts principles, policies and procedures consistent with the values advocated; according to the standards and strategies that it has been taking, and that meet the requirements of the General Data Protection Regulation 2016/679.
Some information provided by users and customers who visit our website are saved, so that we can provide our services and market products in an appropriate way, always according to the regulation.
All data processing is made with the previous consent of the data holder.
These principles are scrupulously followed by all Group employees, in accordance with the Group's internal Code of Conduct, which can be accessed here.
All employees of the Group who process data in the scope of their activities are individually responsible for compliance with applicable legal and regulatory provisions.

More Informations

DATA CONTROLLER

The entities responsible for collecting and processing Personal Data are:

Dom Pedro Investimentos Turísticos, SA,
Headquarters: Rua Dr. Fernão Ornelas nº67 2ºEsq
Postal Code: 9050-021 Funchal, Portugal
Tax Payer Number: 511013949

Dom Pedro Golf S.A.
Headquarters: Edifício Old Course - Vilamoura
Postal Code: 8125 – 406 Quarteira
Tax Payer Number: 502268808

Saviotti – Sociedade Gestora De Participações Sociais S.A.
Headquarters: Rua Dr. Fernão de Ornelas, Nº 67, 2º Esquerdo
Postal Code: 9000-055 Funchal
Tax Payer Number: 500774757

Imopedro – Sociedade Imobiliária S.A.
Headquarters: Rua Dr. Fernão de Ornelas, Nº 67, 2º Esquerdo
Postal Code: 9000-055 Funchal
Tax Payer Number: 502120606

Saviotti – Empreendimentos Turísticos S.A
Headquarters: Avenida Da República, 1910 Lote 22, Quinta Patino
Postal Code: 2645-143 Alcabideche
Tax Payer Number: 511007019

WHAT TYPE OF PERSONAL INFORMATION DO WE REQUEST

We may ask you to provide some personal information.

If you wish to make a reservation at our hotel, we request information such as name, address, telephone number, e-mail address, credit card and room preferences, so that we can proceed with your reservation, and for us to fulfil our legal obligations.

All data collected and processed are used for the purposes that led to their collection, and of which the data holder has been duly informed.

FOR WHAT PURPOSES DO WE USE YOUR PERSONAL INFORMATION?

The personal information that we process is requested for legal purposes, particularly in the context of reservations.

The request for the identification of guests and the storage of their personal data is based on legal obligations, namely through Law no. 23/2007, of July 4, regarding the entry, stay, departure and removal of foreigners from the national territory.

For any other activity, personal data are processed taking in consideration the previous consent of the data holder, especially when we use personal data to:

- Request your opinion about our hotels through customer satisfaction questionnaires;
- Send e-mails concerning your stay;
- Register you as a member of the Dom Pedro Club Card program;
- Answer your requests or questions;
- Inform you about special offers;
- Personalize the user experience on our website;
- To improve our website based on your experience; and
- To communicate through our interactive chat.

There are no automated decisions in the Group, nor definition of profiles and information.

WITH WHOM AND WHEN DO WE SHARE PERSONAL INFORMATION

In certain circumstances, and with your consent, we may share personal information with third parties.

Such distribution may arise from the work with representatives and service providers, hired for limited purposes, namely regarding the confirmation of reservations; offers of certain products and services associated with our website; e-mail correspondence, to provide customer service; to improve our clients’ online experience; to provide access to our partners’ websites; to provide a customized online experience and complete credit card transactions.

When there is a need to contract other services and third parties (subcontractors) that may have access to personal data of customers and employees, these companies will be obliged to adopt

all the security measures and protocols used in Dom Pedro Hotels & Golf Collection, namely regarding the protection of personal data and strict compliance with the General Data Protection Regulation.

A Data Processing Agreement is obligatory for all subcontractors, in which the company undertakes to take the necessary measures to protect the confidentiality and security of personal data, as well as to prevent unauthorized access to and use, loss or even unauthorized destruction of personal data.

Dom Pedro Hotels & Golf Collection is committed to only hire companies that present enough guarantees in order to ensure the defense of the rights of customers and employees.

In case of fulfillment of public interest obligations and exercise of the public authority of which the controller is invested, we are obliged to provide certain personal data, within the strictly necessary for the purpose in question.

We do not give information regarding personal data by telephone, to avoid the leakage of personal and confidential information.

Regarding the transfer of personal data to external entities or countries outside the Union, Dom Pedro Hotels & Golf Collection does not transfer personal data, except for complying with some legal requirement, or when there is consent of the owner himself.

In the case of transfer to third countries and international organizations, they may only be carried out in full compliance with this Regulation. Transfers may only be carried out if, subject to the other provisions of this Regulation, the conditions set out in the provisions of this Regulation concerning transfers of personal data to third countries and international organizations are fulfilled by the controller or subcontractor.

Links to other websites

Our website contains links that redirect users to other websites whose privacy policies may be different from the privacy policy of Dom Pedro Hotels.

We recommend that you check the privacy policies of those websites before disclosing any personal information.

In any case, note that those websites do not share your personal information with Dom Pedro Hotels.

We are not responsible for the privacy policy, content or use of cookies from other websites.

How we protect your personal information?

To protect the information you provide to us, we have implemented various security measures, including administrative, technical and physical measures.

One of the techniques that we use for online transactions is a technology called Secure Sockets Layer (SSL). If your browser supports SSL (most browsers support), your personal information will be automatically encrypted, or encoded, before it is sent over the Internet.

Dom Pedro Hotels booking engine vendor uses a Digital certificate from Rapid SSL, one of the leading providers of internet services. This certificate guarantees that your personal information is transmitted securely (encrypted) to a secure server and not to an unknown or unauthorized server.

Dom Pedro also adopts other security measures regarding the security of personal data:

- Anti-virus software that provides protection against malware;
- Antivirus software that provides protection for the browser and for e-mail;
- The corporate network is protected by a firewall;
- Personal data backups are automatically enhanced;
- Our corporate Wi-Fi network is password protected;
- Remote access to our corporate network is only possible through a VPN (Virtual Private Network);
- Privileged accounts are not used for daily tasks and access to them is possible only by privileged users, and from devices dedicated and limited only to authorized persons;
- Access to sensitive personal data is controlled and limited;
- Data loss prevention software is used to protect sensitive and personal data;
- The procedures for verifying, detecting, analyzing and reporting security incidents are developed and communicated within the organization, mainly through frequent contact with the DPO;
- Personal and sensitive data are all encrypted;
- E-mail communications are encrypted;
- Folders in the Cloud / Network are encrypted.

In addition to all measures taken, the Group closely monitors all procedures through audits to see if they are effective and match the needs of the GDPR.

Cookies and other information

When you visit our website, you will receive a cookie (a small data packet sent to the user's browser) to be saved on the hard drive of your computer. The purpose of using cookies is to identify the user when you visit our website, so we can improve and customize the online experience.

Cookies only identifies the device of the user and does not store any personal data or personal information.

To visit our site without cookies, you should configure your browser to reject all cookies or have a notification when a cookie is set (each browser is different, so check the "Help” menu of your browser to learn how to change your preferences about cookies).

We may also use third party cookies on our website, to help us manage online advertising. These cookies are provided by our advertising partners and will allow you to recognize a unique cookie on your browser that, in its turn, allow us to know which ads generate traffic to our site, as well as show you personalized advertisements based on your search and in hotels you viewed.

The information we collect, and share is anonymous and is not identifiable, and does not contain your name, address, telephone number or email address.

Some of our business partners (e.g. advertisers) use cookies on our site. Dom Pedro Hotels has no access to or control over these cookies. This privacy policy applies only to the use of cookies on the website Dom Pedro and does not cover the use of cookies by any advertiser or partner.

When you visit our website, it is also possible that we store some information from your computer, to improve our services and to improve the quality of the experience on our website.

Every time you make a reservation through our website, we record in our database about reservations some data such as the name of the customer, email, hotel, check-in, check-out, IP address, so that we can improve our reservation procedures.

E-mail communications

We have no intention of sending commercial communications by e-mail, without your prior consent.

If you choose to receive our periodic communications, we may occasionally send you emails with new promotions, featured hotels and special offers.

You may, at any time, choose to stop receiving these emails, through our website or in the "unsubscribe” option in every e-mail sent.

YOUR RIGHTS

Dom Pedro Hotels & Golf Collection establishes procedures to protect and enforce the rights of data holders.

Some of your rights:

- The right to access your data processed by us, obtaining a copy of the data;
- The right to rectification of any inaccurate personal data concerning you;
- The right to have your personal data deleted, unless the law provides otherwise, and, in that case, to limit processing;
- Our Guests may oppose the processing of data that concerns them, for purposes associated with their circumstances, in accordance with the law;
- Our guests can also request the limitation of data processing;
- Data portability rights;
- Right to change the consent already given, without compromising the treatment made with the consent previously given;
- The right to be notified in the case of personal data breach;
- Right to be notified when information is stored by another method other than the original;
- Right not to be contacted for advertising, direct marketing or any other form of commercial prospecting, as well as its non-communication to third parties for the same purposes, except with the prior consent of the data holder; and
- Right to complain to any supervisory authority, or through the website of the National Data Protection Commission.

DURATION

We store personal data collected for the duration established by law, in case of legal obligations.

Regarding the documents that are filled by each guest (Registration Card), the storage is made in two moments:

(i) An initial moment of 1 year from the check-in, where the Registration Card are stored in enclosed lockers with limited access at the reception, for faster access in the event of any inquiries.
(ii) In a second moment the Registration Card will be stored in an archive for a period of 5 years and then destroyed.

In cases where there is a prior consent for the processing of personal data, data are stored only for the time authorized by the customer.

Through our website it is possible to book SPA and other services by completing a form. These forms are stored for 1 month, information that is given to the customer on the form itself.

Regarding loyalty programs, such as Dom Pedro Club Card, personal data will be processed and stored for the duration of the loyalty, and the customer may leave our databases at any time. All information is available at the time of loyalty.

Personal data may be kept for longer periods, if they are processed solely for public interest archiving, for scientific or historical research or for statistical purposes.

DATA PROTECTION SUPERVISOR

Our Data Protection Officer is Margarida Araújo, and may be contacted through the e-mail address: dpo@dompedro.com

If you wish to be informed about any issue related to our Privacy Policy, please contact us at dpo@dompedro.com or send us a letter to:

Hotel Dom Pedro
Att: Privacy Department
Av. Eng. Duarte Pacheco, 24, 1070-110 Lisboa
24 1070-110 Lisboa

Changes in this privacy policy

To ensure the updating of the Data Privacy Policy, Dom Pedro Hotels may change this privacy policy.

All changes will be published in the related channels, so that all guests and employees have access to it.