Data Protection and Privacy Commitment
SLICEDAYS – HOTELARIA, LDA. complies with all applicable EU and national legal regulations in the field of data protection, privacy and information security.
SLICEDAYS – HOTELARIA, LDA is in the process of implementing a Personal Data Protection System and an Information Security System, in order to ensure regulatory compliance and to demonstrate institutional responsibility in terms of data protection and information security, implementing all the necessary technical and organisational measures, both to comply with the general legal regime of the Law Implementing the General Data Protection Regulation (Law 58/2019 of 8 August) and to comply with the legal regime of the General Data Protection Regulation (EU Regulation 679/2016 of 27 April).
For any clarification or additional information, or to exercise your rights in this regard, please contact the Data Protection Officer of SLICEDAYS – HOTELARIA, LDA, by e-mail at rgpd@thelincehotels.com.
Definitions
“Personal data”
“Personal data” means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers are, for example, a name, an identification number, location data, electronic identifiers or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing of Personal Data”
“Processing” means any operation or set of operations which is performed upon personal data or on sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Cookies
“Cookies” are small text files containing information considered to be relevant that the devices used for access (computers, mobile phones or portable mobile devices) load, via the internet browser, when an online site is visited by the Client or User.
Entity Responsible for Treatment
SLICEDAYS – HOTELARIA, LDA, with registered office at Avenida D. João III, nº29, 9500-310 Ponta Delgada, Legal Person with NIPC 514690640, hereinafter referred to as SLICEDAYS – HOTELARIA, LDA, is the entity responsible for the online sites and computerised applications, hereinafter referred to as channels or applications, through which Users, Service Recipients or Customers have remote access to SLICEDAYS – HOTELARIA, LDA services that are presented or provided, at any time, through them, being the entity considered responsible for the processing of personal data.
The use of the channels or applications by any User, Service Recipient or Customer may imply the performance of personal data processing operations, the protection, privacy and security of which is ensured by SLICEDAYS – HOTELARIA, LDA, as the entity responsible for the respective processing, in accordance with the terms of this Data Protection Policy.
Data Controller contacts
To contact the Data Protection Officer of SLICEDAYS – HOTELARIA, LDA, please send an e-mail to rgpd@thelincehotels.com or to each of the specific addresses identified on the online sites, describing the subject of the request and indicating an e-mail address, a telephone contact address or a correspondence address.
For any other purpose, the following general contact details of SLICEDAYS – HOTELARIA, LDA can be used:
Collection and Processing of Personal Data
SLICEDAYS – HOTELARIA, LDA processes the personal data strictly necessary for the provision of information and the operation of its channels, in accordance with the uses made by Users, Service Recipients or Customers, either those provided for the purposes of registering requests or obtaining information, those provided for the purpose of joining those channels, or those resulting from the use of the services provided by SLICEDAYS – HOTELARIA, LDA through them, such as access, queries, instructions, transactions and other records relating to their use.
In particular, the use or activation of certain functionalities of the channels may involve the processing of various direct or indirect personal identifiers, such as name, home address, contact details, device addresses or geographical location, provided that the User, Service Recipient or Customer has expressly consented to this.
In all cases, Users, Service Recipients or Customers will always be informed of the need to access such data to use the functionalities of the channels in question.
The personal data collected by SLICEDAYS – HOTELARIA, LDA is processed by computer, in certain cases in an automated way, including the processing of files or the definition of profiles and within the scope of the management of the pre-contractual, contractual or post-contractual relationship with the Users, Recipients of the Service or Clients, under the terms of the national and community regulations in force.
Categories of Personal Data Processed and Data Subjects
The categories or types of personal data that are processed are generally as follows:
The various establishments of the Data Controller may also process biometric data, processed through the video surveillance systems that are installed.
The detailed list of categories of personal data and categories of data subjects can be found in the Data Processing Information Sheets.
Legal Principles
All data processing operations comply with the fundamental legal principles in the field of data protection and privacy, namely regarding their circulation, lawfulness, loyalty, transparency, purpose, minimisation, conservation, accuracy, integrity and confidentiality, and SLICEDAYS – HOTELARIA, LDA is available to demonstrate its responsibility to the data subject or any other third party with a legitimate interest in this matter.
Foundations of Legitimacy
All data processing operations carried out by SLICEDAYS – HOTELARIA, LDA have a legitimate basis, namely, either because the data subject has given their consent to the processing of their personal data for one or more specific purposes, or because the processing is considered necessary for the performance of a contract to which the data subject is a party or for pre-contractual steps at the request of the data subject, or because the processing is necessary for the fulfilment of a legal obligation to which the controller is subject, or in the public interest, or because the processing is considered necessary for the pursuit of the legitimate interests pursued by SLICEDAYS – HOTELARIA, LDA or by third parties.
Purpose of treatment
All personal data processed within the scope of the SLICEDAYS – HOTELARIA, LDA channels is intended exclusively for the provision of information to Users, the management of personal information of Service Recipients deemed necessary for the purposes of relationship management or communication, as well as the provision of services to Customers and, in general, the management of pre-contractual, contractual, or post-contractual relationships with Users, Service Recipients or Customers.
The personal data collected may also be processed for statistical purposes, for information dissemination or promotional actions and for communication actions, namely, to promote actions to publicise new functionalities or new services, through direct communication, whether by correspondence, e-mail, messages or telephone calls or any other electronic communications service.
While prior information and the collection of express authorisation for the latter purposes are always ensured, Users, Service Recipients or Customers may, at any time, exercise their right to withdraw consent or their right to object to the use of their personal data for other purposes that go beyond the management of the relationship with the Data Controller, namely for the pursuit of legitimate interests, for the sending of informative communications or for inclusion in lists or information services, by sending a written request to the Data Protection Officer of SLICEDAYS – HOTELARIA, LDA, in accordance with the procedures set out below.
Data Processing Information Sheets
Under the terms of the principle of loyalty and transparency and to ensure compliance with the duty to inform, SLICEDAYS – HOTELARIA, LDA delivers directly or makes publicly available to all personal data subjects, depending on how their personal data is collected, the information sheets on the data processing operations carried out, these sheets being accessible for consultation at any public service unit or at the Data Protection Officer.
Data retention periods
Personal data will only be stored for the period necessary for the purposes for which it was collected or subsequently processed, ensuring compliance with all applicable legal rules on archiving and specifying the specific storage period in each of the Data Processing Information Sheets.
Use of Cookies
SLICEDAYS – HOTELARIA, LDA may use two main categories of cookies: cookies within the scope of online sites and cookies within the scope of direct electronic communication channels, and in any of these categories, Users or Customers are always guaranteed the right to deactivate them.
SLICEDAYS – HOTELARIA, LDA uses “cookies” on its online sites to improve the performance and browsing experience of Users and Customers, increasing, on the one hand, the speed and efficiency of response and, on the other, eliminating the need to repeatedly enter the same information.
The use of cookies helps online sites to recognise users’ and customers’ devices the next time they visit, and in some cases is essential for their operation.
The cookies used by SLICEDAYS – HOTELARIA, LDA, on all its channels, do not collect personal information that allows Users or Customers to be identified, but only store generic information, namely the form or geographical location of access and the way they use the channels, among others. Cookies only retain information related to the preferences of Users and Customers, and no personal identifiers are recorded.
Users, Service Recipients and Customers may, at any time, via the computer application they use to browse the internet (“browser”), decide to be notified of the receipt of “cookies”, as well as to block their entry into their system.
With regard to the type of purposes intended, SLICEDAYS – HOTELARIA, LDA may, where appropriate, use three different types of cookies, in accordance with the following specifications:
For these purposes, SLICEDAYS – HOTELARIA, LDA can provide a high-quality experience to Users, Service Recipients or Customers, personalising the information and offers and identifying or correcting any problems that may arise in the context of their use.
Regarding the type of validity, there are two types of cookies:
(i) permanent cookies – these are cookies that are stored on the devices used to access the channels (computers, mobile phones, etc.), at the level of the computer application used to browse the internet (“browser”), and are used whenever Users or Customers visit any channel again – in general, they are used to direct browsing according to the interests of the User or Customer, allowing SLICEDAYS – HOTELARIA, LDA to provide a more personalised service;
(ii) session cookies – these are temporary cookies that are generated and are only available until the session ends, since the next time the Client/User accesses their browser, the cookies will no longer be stored – the information obtained allows sessions to be managed, problems to be identified and a better browsing experience to be provided.
Users, Recipients of the Service or Clients may deactivate part or all the cookies at any time – they must follow the instructions available in each of the computer applications used to browse the internet (“browser”), although they may lose access to some of the sites’ functionalities by deactivating them.
SLICEDAYS – HOTELARIA, LDA, within the scope of direct electronic communication channels, may also use “cookies” when opening the different electronic communications sent, such as newsletters and e-mails, for statistical purposes – allowing us to know if these communications are opened and to verify clicks through links or adverts within these communications.
Also, in this category of cookies, Users, Recipients of the Service or Customers always have the possibility to deactivate the sending of electronic communications through the specific option in the footer of the same.
Communication of Data to Other Entities
The provision of information or the provision of services by SLICEDAYS – HOTELARIA, LDA to its Users, Service Recipients or Customers through the channels may eventually imply the use of the services of third party subcontractors, including entities based outside the European Union, for the provision of certain services, which may imply access by these entities to such personal data.
In these circumstances, and whenever necessary, SLICEDAYS – HOTELARIA, LDA will only use subcontractors that provide sufficient guarantees that the appropriate technical and organisational measures will be carried out in such a way that the processing meets the requirements of the applicable rules, such guarantees being formalised in a contract signed between SLICEDAYS – HOTELARIA, LDA and each of these third parties.
Data Recipients
Except in the fulfilment of legal obligations, the execution of contracts or the pursuit of legitimate interests, under no circumstances will the personal data of Users, Recipients of the Service or Customers be communicated to third parties other than subcontractors or legitimate recipients, nor will any other communication be made for purposes other than those referred to above.
International Data Transfers
Any transfer of personal data to a third country or an international organisation will only be carried out within the framework of compliance with legal obligations or to ensure compliance with the applicable EU and national legal rules.
Security measures
Considering the most advanced techniques, the costs of application and the nature, scope, context, and purposes of the processing, as well as the risks, of varying probability and severity, for Users, Service Recipients or Customers, SLICEDAYS – HOTELARIA, LDA and all its subcontractors apply the appropriate technical and organisational measures to ensure a level of security appropriate to the risk.
To this end, various security measures are adopted to protect personal data against unauthorised disclosure, loss, misuse, alteration, processing or access, as well as against any other form of unlawful processing.
It is the sole responsibility of Users, Service Recipients or Customers to keep their access codes secret and not share them with third parties, and in the particular case of the computer applications used to access the channels, they must keep and maintain the access devices in a secure condition and follow the security practices advised by the manufacturers and/or operators, particularly with regard to installing and updating the necessary security applications, including, among others, antivirus applications.
If there is a need to subcontract services to third parties that may have access to the personal data of Users, Service Recipients or Customers, SLICEDAYS – HOTELARIA, LDA subcontractors will be obliged to adopt the security measures and protocols at organisational level and the technical measures necessary to protect the confidentiality and security of personal data, as well as to prevent unauthorised access, loss or destruction of personal data.
Exercising the Rights of Data Subjects
Users, Service Recipients or Customers of SLICEDAYS – HOTELARIA, LDA may, as holders of personal data, at any time exercise their data protection and privacy rights, namely the rights of access, rectification, erasure, portability, limitation, or opposition to processing, under the terms and with the limitations provided for in the applicable rules.
Any request to exercise data protection and privacy rights must be addressed in writing by the data subject to the Data Protection Officer, in accordance with the procedure and contact details described below.
Complaints or suggestions
Users, Service Recipients or Customers have the right to lodge a complaint, either by registering the complaint in the Complaints Book or by submitting a complaint to the regulatory authorities – in the latter case, they can submit a petition or complaint directly to the National Data Protection Commission via the contacts available at www.cnpd.pt .
Users, recipients of the Service or Customers may also make suggestions by emailing the Data Protection Officer at rgpd@thelincehotels.com.
Incident reporting
SLICEDAYS – HOTELARIA, LDA has implemented an incident management system for data protection, privacy and information security.
If any User, Service Recipient or Customer wishes to report any situation of personal data breach, which accidentally or unlawfully results in the destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or subject to any other type of processing, they may contact the Data Protection Officer or use the general contacts of SLICEDAYS – HOTELARIA, LDA.
Changes to the Data Protection Policy
To ensure its updating, development and continuous improvement, SLICEDAYS – HOTELARIA, LDA may, at any time, make any changes deemed appropriate or necessary to this Data Protection Policy, and its publication in the different channels is ensured to guarantee transparency and information to Users, Service Recipients and Customers.
Express Consent and Acceptance
The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions on personal data set out in the General Conditions of Use of the SLICEDAYS – HOTELARIA, LDA. channels.
The free, specific, and informed provision of personal data by the respective holder implies knowledge and acceptance of the conditions contained in this Policy, and it is considered that, by using the channels or by making their personal data available, Users, Service Recipients and Customers are expressly authorising their processing, in accordance with the rules defined in each of the applicable collection channels or instruments.
Special Data Protection Policies
With a commitment to transparency and information and in order to ensure that the Data Protection Policy is appropriate to the different data processing operations carried out and, above all, to the different categories of data subjects, SLICEDAYS – HOTELARIA, LDA may develop special Data Protection Policies, such as, for example:
These special policies are made available directly to the respective categories of data subjects and are available for consultation on request to the Data Protection Officer.
Data Protection Officer
To exercise any type of data protection and privacy rights or for any matter relating to data protection, privacy and information security issues, Users, Service Recipients and Customers who interact with SLICEDAYS – HOTELARIA, LDA may contact the Data Protection Officer by e-
mail at rgpd@thelincehotels.com, describing the subject of the request and indicating an e-mail address, a telephone contact or a correspondence address for reply.
Reservations Department working hours:
Working days from 9:00am to 7:00pm (GMT)
#thelincehotels