reservation central: +351 22 012 95 00/01
menu

Privacy policy

a. Our Commitment to the Privacy of Users

 

The companies Porto Palácio Hotel – Exploração Hoteleira S.A., Aqualuz Troia – Exploração Hoteleira e Imobiliária, S.A., Troiaresort – Investimentos Turísticos, S.A., The Artist Porto Hotel & Bistro - Actividades Hoteleiras, S.A., and The House Ribeira Hotel – Exploração Hoteleira, S.A. operate on the basis of trust and transparency. This commitment is transposed into our daily relationship with our customers, staff and suppliers. The privacy and safety of data which you entrusted us with are our priority.

 

We undertake to only collect, store, process, convey or eliminate with transparency your personal data, which are essential for providing the best services. Let us tell you how we use your personal data and for what purposes, guaranteeing that we gather, share and keep your personal data according to the best practices in the field of personal data security and protection.

 

When your personal data are gathered, stored, processed, conveyed or deleted by other entities, we demand the same level of privacy and security.

 

We want you to rely that our personal data are safe with us, since we will always be committed to protecting your privacy. We assume with honesty and engagement our responsibility as regards the protection of your personal data.

 

If you have any question about how we use your personal data, send us your message to dataprotection@shotelscollection.com so that we may help you.  

 

 

b. Who is Responsible for your Personal Data

 

The companies Porto Palácio Hotel – Exploração Hoteleira S.A., Aqualuz Troia – Exploração Hoteleira e Imobiliária, S.A., Troiaresort – Investimentos Turísticos, S.A., The Artist Porto Hotel & Bistro - Actividades Hoteleiras, S.A., and The House Ribeira Hotel – Exploração Hoteleira, S.A. (referred to hereinafter as S Hotels) are jointly responsible for processing your personal data as laid down in the General Regulation on Data Protection and additional legislation on personal data protection in force in the countries in which the company operates.

 

c. Personal Data we may Gather

 

"Private Data" in this Privacy Policy Statement means the set of information that relates to you and that allows us to identify you directly or indirectly. Your personal data may include, for example your name and contact details (physical or electronic) and your reservations.

 

We may also receive your personal data from other companies, namely when they have gathered, processed or stored such information in connection with a contract for the provision of services.

 

S Hotels may gather the following sets of personal data:

 

  1. Customer data – full or abbreviated name, address, telephone, email, details of reservation – whenever they book with one of S Hotels;
  2. Credit card details – card holder name, card type, number, expiration date and security code – when payment is made using a credit card;
  3. Customer data for signing up of newsletters – name, email and country;
  4. Contact details of user – name, email, telephone, type of question and message - whenever asked to be contacted.  
  5.  

d. How and for what purpose do we use your Personal Data?

 

We use your personal data for the following purposes:

 

  1. Management of bookings, claims and payments – for making and processing reservations at the chosen hotel;
  2. Marketing and direct marketing – to inform about highlights and offers that may interest you;
  3. Customer management – to reply to your contact request.

 

e. How long do we keep your data?

 

Your personal data is kept for managing reservations, claims and payments up to 2 years after your last reservation, except for data concerning payments, which are kept up to 10 years in conformity with the VAT Code (CIVA).

 

For marketing and direct marketing purposes, we keep your personal data for as long as you consent to our processing thereof.

 

Your personal data is kept up to 2 years after the last contact for customer management (contact).

 

All personal data will be irreversibly anonymised or destroyed/deleted in a secure manner at the end of the maximum retention period or if you withdraw your consent.

 

f. Who can we share your personal data with?

 

In some cases we can disclose your personal data to other entities, in connection with the services provided by those entities. In such cases, we require that they have the suitable measures in place for protecting your personal data.

 

We may disclose your personal data where required by law to authorities or third parties, and in such cases we have limited control over how your personal data is protected.

 

If your personal data is transferred or accessed by suppliers or service providers from outside the European Union, we ensure that such information is processed following the appropriate security and protection measures, in accordance with the measures taken by us.

 

g. How can you exercise your Personal Data Protection Rights?

 

In some situations, you are entitled to access it or request from us:

 

  1. Additional information on how we use your personal data;
  2. Your personal data;
  3. The provision to another entity of your personal data that you gave us;
  4. The update of your personal data;
  5. The deletion of your personal data;
  6. The withdrawal of your consent to process personal data;
  7. Limited use of your personal data while we correct or clarify possible doubts about its content or how we use it;
  8. The availability of a channel for challenging decisions concerning your personal data.

 

You also have the right to delete or modify, at any time, the consent statements you have given to use your personal data.

 

The exercise of your rights is subject to some exceptions aimed at safeguarding the public interest, namely for crime prevention or detection, or when the personal data is subject to professional secrecy.

 

To exercise your data protection rights, or if you have any questions about how we use your personal data, send us your message to dataprotection@shotelscollection.com.  

 

You may also contact our Data Protection Officer by the following means:

E-mail: dpo@sonaecapital.pt

Tel: + 351 22 956 15 38

 

If you are not satisfied with our use of your personal data or our reply after you have exercised any of your rights, you have the right to submit a complaint to the Portuguese Data Protection Committee (CNPD). Address Rua de São Bento, 148 – 3º, 1200-821 Lisboa – Telephone: +351213928400 – Fax: +351213976832 – Email: geral@cnpd.pt.

 

h. Cookies

S Hotels uses cookies on its Websites to improve the performance and user navigation experience. On the one hand, they provide quicker and more efficient response and, on the other hand, they eliminate the need for entering the same information repeatedly.  

 

Cookies are used by Websites to identify the user's device the following time you visit us, but they are also essential for the functioning of the Websites. Cookies used by S Hotels on its Website do not gather personally identifiable information, as they only keep general information, such as user form/place of access and the way the user uses Websites. Cookies retain information relating only to the User's preferences.  

 

Cookies and Purposes:

  • CM, ServerPool, TACds, TASSK, TASession, TATravelInfo, TAUnique - Allow users to receive reviews/opinions from Tripadvisor's GoOpti service
  • PHPSESSID - Retains user's session variables
  • _cfduid - Identifies reliable web traffic
  • _utma, _utmz, _ga - Gather statistical information on use
  • _gid - Distinguishes users

 

i. How do we protect your Personal Data?

 

We have several information security measures in place, in line with best national and international practices, to protect your personal data, including technological control, administrative, technical, physical measures and procedures that guarantee data security, preventing possible misuse, unauthorised access and dissemination, loss, undue or inadverted altering, or unauthorised destruction of such information. In terms of information security we have assumed the same commitment of ongoing improvement as we adhere to in our daily operations.

 

We have implemented the following, without limitation:

 

  1. Restricted access to your personal data by entities requiring such data and for the aforementioned purposes;
  2. Storage and transfer of personal data in a secure manner;
  3. Protection of information systems using devices that prevent unauthorised access to your personal data;
  4. Mechanisms guaranteeing the preservation of the integrity and quality of your personal data;
  5. Ongoing monitoring of information systems to prevent, detect and deter the inappropriate use of personal data;
  6. Personal data storage, processing and communication equipment redundancy.

 

We may disclose your personal data where required by law to authorities or third parties, and in such cases we have limited control over how your personal data is protected.

 

j. Updates to this Privacy Policy Statement

 

This Privacy Policy Statement may be updated from time to time, as advertised on the Website.   

VeriSign Secured, McAfee Secure, W3C CSS compliant
GuestCentric - Hotel website & booking technology
best available rate