Data Protection and Privacy Policy
Data Protection and Privacy Commitment
Bairro Alto Hotel is implementing the necessary technical and organisational measures to comply with the applicable EU and national laws on data protection, privacy, and information security, in particular those contained in the General Data Protection Regulation (GDPR).
Data Controller
Bairro Alto Hotel is responsible for processing all personal data provided to it for the provision of services requested by data subjects or their legal representatives.
Collection and Processing of Personal Data
Bairro Alto Hotel only processes the personal data strictly necessary to provide information, perform administrative procedures within its responsibilities, and communicate its activities through various customer support and communication channels.
Personal data collected by Bairro Alto Hotel is processed digitally whenever possible, ensuring protection, privacy, and security in accordance with applicable legislation.
Legal Principles
All data processing operations are governed by fundamental legal principles applicable to data and privacy protection, especially concerning circulation, lawfulness, loyalty, transparency, purpose, minimisation, retention, precision, integrity, and confidentiality. Bairro Alto Hotel is committed to demonstrating its responsibility to data subjects or any other third party with a legitimate interest.
Lawfulness and Purpose of Processing
Data processing by Bairro Alto Hotel falls into one or more specific purposes, for which the consent of the data subject forms the basis of legitimacy. Processing is considered necessary to:
- Execute a service provision contract in which the data subject is the contracting party;
- Fulfil a legal obligation to which the data controller is subject;
Personal data may also be processed for statistical purposes, information dissemination, marketing, and direct communication through correspondence, email, messaging, or other electronic communication services.
Citizens may at any time exercise their right to oppose the use of their personal data for other purposes, subject to prior disclosure and express authorization.
Data Retention
Personal data will be retained for the period necessary for the purposes for which it was collected or later processed to ensure compliance with all applicable archiving laws.
Use of Cookies
Our cookie policy can be consulted at www.bairroaltohotel.com.
Sharing of Data with Third Parties
Providing information through various customer support and communication channels may involve services supplied by third-party subcontractors, which may entail access by these entities to personal data.
In these circumstances, Bairro Alto Hotel only contracts entities that provide sufficient guarantees regarding appropriate technical and organisational measures, formalised in agreements with each third party.
Data Recipients
Except when legally required, personal data will not be disclosed to third parties that are not subcontractors or legitimate recipients, nor for any purposes other than those mentioned above.
Security Measures
Considering advanced techniques, implementation costs, and the nature, scope, context, and purposes of processing, all (sub)contractors implement the necessary technical and organisational measures to ensure an appropriate level of security.
Various measures may be adopted to protect personal data from disclosure, loss, misuse, alteration, processing, or unauthorized access, and any other form of unlawful processing.
Data subjects are responsible for safeguarding their access codes, not sharing them with third parties, and securely maintaining access devices, including apps, following manufacturers’ or operators’ security practices.
Subcontractors with access to personal data must adopt the necessary security protocols and technical measures to protect confidentiality and prevent unauthorized access, loss, or destruction.
Rights of Data Subjects
Data subjects may exercise their data protection rights at any time, including access, rectification, erasure, portability, restriction, or objection to processing, under applicable laws.
Requests to exercise these rights must be made in writing to Bairro Alto Hotel following the contact procedure below.
Complaints and Suggestions
Data subjects may submit complaints via the Complaints’ Book or regulatory authorities.
Suggestions can be sent via email to rgpd@bairroaltohotel.com.
Incident Reporting
Bairro Alto Hotel has appointed a Data Protection Officer responsible for data protection, privacy, and information security.
Data Protection Officer:
Priscila Vilhena Ganga
If data subjects wish to report an infringement of personal data leading to accidental or unlawful destruction, loss, alteration, disclosure, or unauthorized access, they may contact the Data Protection Officer using the details above.
Amendments to the Privacy Policy
Bairro Alto Hotel may make amendments at any time deemed appropriate to this Data Protection and Privacy Policy to ensure its updating, development, and continuous improvement. These amendments will be announced publicly on www.bairroaltohotel.com to ensure transparency and information.