Política de Privacidade e Cookies
PRIVACY AND COOKIES POLICY
The Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase on https://barrilario.com.
THE PERSONAL INFORMATION WE COLLECT
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device.
Additionally, as you browse the Site, we collect information about the individual pages or products you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically collected information as Device Information.
We collect Device Information using the following technologies:
- Cookies are data files that are placed on your device or computer and often include an anonymous unique identifier.
- Log files track actions occurring on the Site and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as Order Information.
When we talk about Personal Information in this Privacy Policy, we are talking both about Device Information and Order Information.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use the Order Information that we collect generally to fulfill any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and/or order confirmations).
Additionally, we use this Order Information to:
- Communicate with you;
- Screen our orders for potential risk or fraud;
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services, particularly if you have subscribed to the newsletter.
We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site.
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use your Personal Information, as described above.
We also use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: Google Privacy Policy.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant, or other lawful requests for information we receive, or to otherwise protect our rights.
YOUR RIGHTS
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us.
Additionally, if you are a European resident, we note that we are processing your information to fulfill contracts we might have with you (for example, if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above.
Please note that your information will be transferred outside of Europe, including to Canada and the United States.
DATA RETENTION
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
CHANGES
We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.
If you have any further questions and/or need more information, please do not hesitate to contact us at reservations@barrilario.com
1. GENERAL DEFINITIONS
“Personal Data”
“Personal Data” means information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier. Personal identifiers include, for example, a name, an identification number, location data, online identifiers, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
“Processing of Personal Data”
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
“Cookies”
“Cookies” are small text files with information considered relevant that the devices used for access (computers, mobile phones, or portable mobile devices) load, through the web browser, when a website is visited by the Client or User.
2. ENTITY RESPONSIBLE FOR PROCESSING
ACRÓPOLE DOS SORRISOS, S.A., hereinafter referred to as Hotel do Barrilário, with headquarters at Rua de Argila, 407 4445-027 ALFENA, under the Corporate Entity Number 513715738, is the entity responsible for the website “www.barrilario.com” and corresponding sub-sites, as well as the computerized applications, hereinafter referred to as channels or applications, through which Users, Candidates, or Clients have remote access to the services and products of Hotel do Barrilário that are presented, marketed, or provided, at any time, through them. The use of the channels or applications by any User, Candidate, or Client may involve the processing of personal data, whose protection, privacy, and security by Hotel do Barrilário as the entity responsible for the respective processing, is ensured, in accordance with the terms of this Data Protection and Privacy Policy.
3. DATA PROCESSING MANAGER - CONTACT
For the purpose of contacting the Data Protection Officer of Hotel do Barrilário, please send an email to reservations@barrilario.com describing the subject of the request and providing an email address, a telephone contact, or a mailing address. For any other purpose, the general contacts of Hotel do Barrilário can be used.
4. COLLECTION AND PROCESSING OF PERSONAL DATA
Hotel do Barrilário processes personal data strictly necessary for the provision of information and its operation, according to the uses made by Users, Candidates, or Clients, whether those provided by Users or Candidates for the purpose of registering requests or obtaining information, or those provided by Clients for the purpose of membership, or those resulting from the use of the services provided by Hotel do Barrilário through them, such as accesses, consultations, instructions, transactions, and other records related to their use.
In particular, the use or activation of certain functionalities of the channels may involve the processing of various direct or indirect personal identifiers, such as name, residence address, contacts, device addresses, or geographical location, whenever there is the express consent of the User for this purpose.
In all cases, Users, Candidates, or Clients will always be informed of the need to access such data for the use of the functionalities of the channels in question.
The personal data collected by Hotel do Barrilário is processed, in certain cases, in a computerized and/or automated manner, including file processing or profiling, and within the scope of pre-contractual, contractual, or post-contractual relationship management with Users, Candidates, or Clients, in accordance with the national and community regulations in force.
5. LEGAL PRINCIPLES
All data processing operations comply with the fundamental legal principles in the field of data protection and privacy, particularly regarding their circulation, lawfulness, fairness, transparency, purpose, minimization, retention, accuracy, integrity, and confidentiality. Hotel do Barrilário is available to demonstrate its responsibility to the data subject or any other third party with a legitimate interest in this matter.
6. LEGAL BASES
All data processing operations carried out by Hotel do Barrilário have a legal basis, namely, either because the data subject has given their consent for the processing of their personal data for one or more specific purposes, or because the processing is considered necessary for the performance of a contract to which the data subject is a party, or for pre-contractual steps at the request of the data subject, or because the processing is necessary for compliance with a legal obligation to which the data controller is subject, or because the processing is necessary for the purposes of the legitimate interests pursued by Hotel do Barrilário or by third parties.
7. PURPOSE OF PROCESSING
All personal data processed within the scope of Hotel do Barrilário is intended exclusively for providing information to Users, managing the personal information of Candidates considered necessary for selection, recruitment, or training purposes, as well as providing the services contracted by Clients and, in general, managing the pre-contractual, contractual, or post-contractual relationship with Users or Clients.
The personal data collected may also be processed for statistical purposes, for information or promotional dissemination actions, and for commercial or marketing actions, namely to promote the dissemination of new functionalities or new products and services, through direct communication, whether by correspondence, email, messages, or phone calls, or any other electronic communication service.
Always ensuring prior information and the collection of express authorization for these latter purposes, Users or Clients may, at any time, exercise their right to object to the use of their personal data for purposes beyond the management of the contractual relationship, namely for marketing purposes, for sending informative communications, or for inclusion in lists or information services, by sending a written request, according to the procedures indicated below.
8. DATA RETENTION
Personal data will be retained only for the period necessary for the purposes that motivated their collection or subsequent processing, ensuring compliance with all applicable legal norms regarding archiving.
9. COMMUNICATION OF DATA TO THIRD PARTIES
The provision of information or services by Hotel do Barrilário to its Users or Clients through the channels may eventually involve the use of subcontracted third-party services, including entities based outside the European Union, for the provision of certain services, which may imply access by these entities to the personal data of Users or Clients.
In these circumstances and whenever necessary, Hotel do Barrilário will only use subcontracted entities that provide sufficient guarantees of implementing appropriate technical and organizational measures in such a way that the processing meets the requirements of the applicable regulations. These guarantees will be formalized in a contract signed between Hotel do Barrilário and each of these third parties.
10. DATA RECIPIENTS
Except in the context of complying with legal obligations, under no circumstances will there be any communication of personal data of Users, Candidates, or Clients to third parties that are not subcontracted entities or legitimate recipients within the scope of management consulting and human resources management consulting processes. No other communication will be made for purposes other than those mentioned above.
11. INTERNATIONAL DATA TRANSFERS
Any transfer of personal data to a third country or an international organization will only be carried out in the context of complying with legal obligations or ensuring compliance with applicable community and national legal standards in this matter.
12. SECURITY MEASURES
Taking into account the most advanced techniques, the costs of implementation, and the nature, scope, context, and purposes of the processing, as well as the risks of varying probability and severity for Users or Clients, Hotel do Barrilário and all its subcontracted entities apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk.
For this purpose, various security measures are adopted to protect personal data against dissemination, loss, misuse, alteration, unauthorized processing or access, as well as against any other form of unlawful processing.
It is the sole responsibility of Users, Candidates, or Clients to keep access codes confidential, not sharing them with third parties. Additionally, in the particular case of computer applications used to access the channels, they must maintain and keep access devices secure and follow the security practices recommended by manufacturers and/or operators, particularly regarding the installation and updating of necessary security applications, including antivirus applications.
If there is a need to subcontract services to third parties that may have access to the personal data of Users or Clients, Hotel do Barrilário’s subcontractors will be required to adopt the necessary organizational and technical security measures to protect the confidentiality and security of personal data, as well as to prevent unauthorized access, loss, or destruction of personal data.
13. EXERCISING THE RIGHTS OF PERSONAL DATA SUBJECTS
Users and Clients of Hotel do Barrilário, as personal data subjects, can, at any time, exercise their data protection and privacy rights, namely the rights of access, rectification, erasure, portability, restriction, or objection to processing, under the terms and with the limitations provided by applicable regulations. Any request to exercise data protection and privacy rights must be addressed in writing by the respective data subject to the Data Protection Officer.
14. COMPLAINTS OR SUGGESTIONS AND INCIDENT REPORTING
Users and Clients of Hotel do Barrilário have the right to file a complaint with regulatory authorities. Users and Clients of Hotel do Barrilário can also make suggestions via email sent to the Data Protection Officer.
15. INCIDENT REPORTING
Hotel do Barrilário has implemented an incident management system in the field of data protection, privacy, and information security.
If any User or Client notices any situation of personal data breach that causes, accidentally or unlawfully, the destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise processed, they should immediately contact the Data Protection Officer or use the general contacts of Hotel do Barrilário described.
16. CHANGES TO THE PRIVACY POLICY
To ensure its continuous update, development, and improvement, Hotel do Barrilário may, at any time, make changes deemed appropriate or necessary to this Data Protection and Privacy Policy, ensuring its publication through the different channels to guarantee transparency and information to Users and Clients.
17. EXPRESS CONSENT AND ACCEPTANCE
The terms of the Data Protection and Privacy Policy are complementary to the terms and provisions regarding personal data provided in the General Terms of Use of Hotel do Barrilário’s channels. The free, specific, and informed provision of personal data by the respective data subject implies knowledge and acceptance of the conditions contained in this Policy. By using the channels or providing their personal data, Users, Candidates, and Clients are expressly authorizing its processing according to the rules defined in each of the applicable channels or collection instruments.
18. DATA PROTECTION OFFICER
For the exercise of any type of data protection and privacy rights or for any matter regarding data protection, privacy, and information security, Users, Candidates, and Clients of Hotel do Barrilário can contact the Data Protection Officer via email at reservations@barrilario.com, describing the subject of the request and providing an email address, a telephone contact, or a mailing address for response.
19. USE OF COOKIES
Hotel do Barrilário may use two main categories of “cookies”: “cookies” within the scope of online sites and “cookies” within the scope of direct electronic communication channels, always ensuring the respective deactivation by Users or Clients in any of the categories.
Hotel do Barrilário uses “cookies” on its online sites to improve the performance and browsing experience of Users and Clients, increasing, on the one hand, the speed and efficiency of response and, on the other, eliminating the need to repeatedly enter the same information.
The use of “cookies” helps online sites recognize the devices of Users and Clients the next time they visit, and in some cases, is essential for their operation.
The “cookies” used by Hotel do Barrilário in all its channels do not collect personal information that allows identifying Users or Clients, storing only generic information, such as the form or geographic location of access and the way they use the channels, among others. The “cookies” retain only information related to the preferences of Users and Clients, without recording personal identifiers.
Users, Candidates, and Clients can, at any time, through the software application they use to browse the internet (“browser”), decide to be notified about the receipt of “cookies” and block their entry into their system.
Regarding the intended purposes, Hotel do Barrilário may, whenever justified, use three different types of “cookies,” according to the following specifications:
(i) Essential cookies – Some “cookies” are essential to access specific areas of the online channels, allowing navigation and use of their applications, such as access to secure areas of the sites through user registration – without these “cookies,” the services that require them cannot be provided;
(ii) Functionality cookies – Functionality “cookies” allow remembering the user’s preferences regarding navigation on online sites, thus not needing to reconfigure and personalize each visit;
(iii) Analytical cookies – These “cookies” are used to analyze how users use online sites, allowing the highlighting of articles or services that may be of interest to users, monitoring the performance of the sites, as well as knowing which pages are most popular, the most effective method of linking between pages, or determining the reason for some pages receiving error messages – these “cookies” are used only for statistical creation and analysis purposes, never collecting personal information.
With these purposes, Hotel do Barrilário can provide a high-quality experience to Users or Clients, personalizing information and offers and identifying or correcting any potential problems that may arise during their use.
Regarding validity, there are two types of “cookies”:
(i) Permanent cookies – These are “cookies” that are stored on the devices used to access the channels (computers, mobile phones, etc.), at the level of the software application used to browse the internet (“browser”), being used whenever Users or Clients visit any channel again – generally, they are used to direct navigation according to the interests of the User or Client, allowing Hotel do Barrilário to provide a more personalized service;
(ii) Session cookies – These are temporary “cookies” that are generated and are only available until the session is closed, as the next time the Client/User accesses their internet browser (“browser”), the “cookies” will no longer be stored – the information obtained allows managing sessions, identifying problems, and providing a better browsing experience.
Users and Clients can disable part or all of the “cookies” at any time – they must follow the instructions available in each of the software applications used to browse the internet (“browser”), but may lose access to some site functionalities by doing so.
Users and Customers can disable part or all of the “cookies” at any time – they must follow the instructions available in each of the software applications used to browse the internet (“browser”), but with the deactivation, they may lose access to some functionalities of the sites.
Hotel do Barrilário, within the scope of direct electronic communication channels, may also use “cookies” when opening different electronic communications sent, such as “newsletters” and emails, for statistical purposes – allowing to know if these communications are opened and to check clicks through links or advertisements within those communications.
In this category of “cookies,” Users and Customers always have the option to disable the sending of electronic communications through the specific option at the footer of the same.
