SAJO – Empreendimentos Turísticos e Hoteleiros, Lda. (ahead, SAJO), with headquarters at Praça dos Restauradores, n.º65 – 2.º, 1250-168 Lisbon, Portugal, and Tax registration number 508 578 930 is a company that provides lodging to tourist, being the owner of the domain name goodmorninghostel.com, where its WEBSITE is hosted.
SAJO IS FOCUSED ON PROTECTING THE PRIVACY AND PERSONAL DATA OF ITS CUSTOMERS AND USERS OF THE WEBSITE, WHEREFORE, IT HAS PREPARED AND ADOPTED THE PRESENT POLICY AND THE PRACTICES DESCRIBED HEREIN. THIS PRIVACY POLICY EXPLAINS HOW WE USE YOUR PERSONAL DATA, BY WHICH WE ADVISE YOUR READING SO AS TO KNOW THE CONDITIONS UNDER WHICH YOUR PERSONAL DATA ARE COLLECTED AND FURTHER PROCESSED.
1. WHAT IS THIS POLICY ABOUT?
1.1. This Privacy Policy explains how we collect and process the personal data needed for the provision of services that are available trough the WEBSITE, describing the practices adopted for this purpose.
2. WHAT ARE PERSONAL DATA?
2.1. Personal data means any information relating to a person that identifies that person or makes it identifiable, irrespective of the nature and support of the information and including the sound and image of the person.
2.2. Examples of personal data we collect are “Email” when you contact us, and, “IP address” when you visit our WEBSITE.
2.3. Identifiable means a person who can be identified, directly or indirectly, in particular by reference to an identification number or other specific elements of his or her physical, physiological, psychic, economic, cultural or social identity.
3. HOW DO WE USE YOUR PERSONAL DATA?
3.1. SAJO will use the personal data you provide us for the following purposes:
(a) To analyse and respond to your messages, customer support and inquiries;
(b) To keep a record of your contact details;
(c) Make a reservation;
(d) For the management of the WEBSITE;
(e) For commercial purposes, such as data analysis, audits;
(f) For fraud prevention;
(g) For the adaptation, improvement and modification of services, in particular by identifying trends in use, or determining the effectiveness of promotional campaigns;
(h) For the expansion of SAJO´s commercial activities.
3.2. These operations of personal data processing are an essential tool for your satisfaction and for the activity of SAJO and are carried out according to the applicable legislation and the rules of best practices.
3.3. Your personal data will not be reused for other purposes that are previously identified or that have nothing to do with those purposes for which they were initially collected.
4. WHAT ARE THE PURPOSES FOR OUR PROCESSING OF PERSONAL DATA?
4.1. The personal data that SAJO processes have specific lawfulness requirements according to the purposes for which they are intended.
4.2. In the following table you can see the grounds for processing taking into account the above mentioned purposes:
PURPOSES | LAWFULNESS REQUIREMENTS |
To analyse and respond to your messages, customer support and inquiries | Consent for this specific purpose; |
To keep a record of your contact details | Consent for this specific purpose; |
Make a reservation | Make a reservation To enter into a contract, at the request of the data subject; |
For the management of the WEBSITE | Consent for this specific purpose; Legitimate interests pursued by SAJO (cookies); |
For commercial purposes, such as data analysis, audits | Consent for this specific purpose (cookies); Legitimate interests pursued by SAJO; |
For fraud prevention | Legitimate interests pursued by SAJO; |
For the adaptation, improvement and modification of services, in particular by identifying trends in use, or determining the effectiveness of promotional campaigns |
Consent for this specific purpose (cookies); Legitimate interests pursued by SAJO; |
For the expansion of SAJO´s commercial activities | Legitimate interests pursued by SAJO. |
5. WHAT PERSONAL DATA WE COLLECT?
5.1. The personal data that SAJO collects and processes are only those that are necessary and suitable for the purposes abovementioned.
5.2. SAJO will collect and process the following personal data:
PURPOSE | DATA |
To analyse and respond to your messages, customer support and inquiries | Name; Email; Message; |
To keep a record of your contact details | Name; Email; Message; |
Make a reservation | Name; Email; Message; |
For the management of the WEBSITE | Data gathered from Cookies; |
For commercial purposes, such as data analysis, audits | Data gathered from Cookies; Email; IP Address; |
For fraud prevention | Data gathered from Cookies; Email; IP Address; |
For the adaptation, improvement and modification of services, in particular by identifying trends in use, or determining the effectiveness of promotional campaigns |
Data gathered from Cookies; Email; IP Address; |
For the expansion of SAJO´s commercial activities | Name; Email. |
6. HOW DO WE COLLECT YOUR PERSONAL DATA?
6.1. We will collect your personal data through the forms on the WEBSITE, but also through the WEBSITE and the communication that it makes with your device and Email messages that you send us.
6.2. Your personal data is collected through your equipment as follows:
(a) Through your browser;
(b) Through cookies;
(c) Through pixel tags and other similar technologies;
(d) IP Address.
6.3. SAJO is committed to processing your data lawfully and legally.
6.4. SAJO will not sell, rent or share your personal data with third parties, except in cases clearly identified in this Privacy Policy (see Paragraph 11 to understand how).
6.5. SAJO services are not intended for minors and no intentional personal details of minors are being processed.
7. WHAT ARE COOKIES?
7.1. Cookies are small information files that help you identify your browser and can store information, for example, user settings and preferences.
7.2. SAJO will store cookies on your device to personalize and facilitate browsing as well as troubleshooting, statistics,quality assurance, and to monitor system security.
7.3. With the exception of cookies specifically required for the performance of the website, the storage of other cookies will always depend on the acceptance and consent of the User, and this consent may be withdrawn at any time through specific browser tools.
7.4. To know more about the cookies we use please refer to our Cookies Policy.
8. WHAT ARE PIXEL TAGS AND OTHER SIMILAR TECHNOLOGIES?
8.1. Pixel Tags (also known as web beacons and clear GIF´s) can be used in connection with some services to, for example, track the actions of service users (including email recipients), measure the success of our marketing campaigns, and compile statistics on the use of the Services and response rates.
8.2. To know more about the pixel tags and other similar technologies that we use please refer to our Cookies Policy.
9. HOW DO WE PROTECT YOUR PERSONAL DATA?
9.1. Your personal data are kept secure through security measures, both technical and organizational, which assure that only qualified workers have access to your personal data and the procedures to access them, in accordance with the established measures for this purpose.
9.2. In order to protect your personal data, we only use data center providers who provide us with adequate and documented security measures, namely that your personal data is stored in servers that are kept in controlled environments with limited access.
9.3. Your personal data are kept safe by the adoption of various security measures, of technical nature (data are kept on secure servers next to [DENOMINAÇÃO SOCIAL] (ahead, “[EMPRESA 2]”) with Tax registration number [NNN.NNN.NNN] with headquarters at [MORADA] which offers us all necessary security safeguards) and organizational (only employees have access to the data and the processes that must access them according to rules created for that purpose) that allow to protect the personal data against its diffusion, loss, misuse, alteration, processing or unauthorized access as well as against any other form of illicit processing.
9.4. Similarly, when browsing the WEBSITE, we protect your data through the use of encryption, such as Transport Layer Security (TLS).
9.5. While we take the precautions that we deem appropriate to protect the personal data you provide and collect, you must be aware that no security system is impenetrable.
10. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
10.1. Your personal data will be kept for the required time for the purposes for which they are intended, as set forth in this Privacy Policy, as follows:
PURPOSE | PERIOD |
To analyse and respond to your messages, customer support and inquiries | 2 years |
To keep a record of your contact details | 2 years |
Make a reservation | [INDICAR] |
For the management of the WEBSITE | 2 years |
For commercial purposes, such as data analysis, audits | 2 years |
For fraud prevention | 2 years |
For the adaptation, improvement and modification of services, in particular by identifying trends in use, or determining the effectiveness of promotional campaigns |
2 years |
For the expansion of SAJO´s commercial activities | 2 years |
10.2. If any specific or mandatory period of time is required by law, the data’s retention period will be same. In all other cases, the personal data will be kept at the maximum during the time indicated above, which SAJO deems as sufficient to fulfill the purposes.
10.3. At the end of the storage period, all collected personal data will be deleted.
11. HOW YOU CAN YOU EXERCISE YOUR RIGHTS:
11.1. You the right to request us the exercise of the following rights:
(a) Right to access: the right to obtain confirmation that personal data concerning the data subject are being processed or not, and, if they are, the right to access such personal data;
(b) Right to rectification: the right to rectify inaccurate personal data concerning the data subject and complete personal data that is incomplete;
(c) Right to erasure: the right to erase personal data, when a ground for this request, listed in the legislation, applies;
(d) Right to restriction of processing: the right to restrict the processing of personal data, when allowed by the legislation;
(e) Right to objection: the right to object, at any time, to the processing of personal data concerning the data subject;
(f) Right to data portability: the right to receive personal data concerning the data subject in a structured, updated and automatic reading format.
11.2. You also have the right to submit a complaint to a supervisory authority (National Data Protection Commission at www.cnpd.pt).
11.3. For the purpose of exercising the rights abovementioned, you should contact SAJO via this email.
11.4. If you ask us to delete some or all of your personal data, some of the requested services may not be provided to you and SAJO will keep the necessary personal data to fulfill its legal obligations.
12. WHEN DO WE COMMUNICATE DATA TO THIRD PARTIES?
12.1. SAJO may use third parties to provide specific services, such as maintenance, technical support, marketing, billing or payment management, which may have access to some of the personal data, in particular, the data required for contractual purposes.
12.2. SAJO ensures that the entities that have access to the data are reliable and offer high security guarantees, and that data will never be transmitted beyond what is necessary to provide the contracted service, nevertheless SAJO remains responsible for the personal data made available.
12.3. For example, for the purposes of data center management, SAJO uses the services provided by [EMPRESA 2].
12.4. SAJO may also communicate your data to companies in its business group with whom SAJO has commercial partnerships to create and offer benefits; or other partners outside its business group, with your prior authorization.
12.5. SAJO may also transmit data to third parties in the context of investigations, inquiries and judical and / or administrative proceedings or of a similar nature, provided that it is duly ordered by a court order accordingly.
13. THIRD PARTY WEBSITES.
13.1. The WEBSITE may contain links to other websites which may collect and process your personal data, and this processing is the sole responsibility of the owners of these websites, and SAJO does not take any responsibility for its policies and / or practices.
13.2. These third parties are, p.e., Facebook, Instagram, TripAdvisor or YouTube through the buttons you can find on the WEBSITE, or, Google through the Maps available on the WEBSITE.
14. TRANSFERS OF DATA OUTSIDE THE EUROPEAN UNION.
14.1. If data transfers to non-EU countries occur, SAJO will comply with the law, in particular regarding the suitability of the country of destination for personal data the protection and the requirements applicable to such transfers, and personal data will not be transferred to jurisdictions that do not offer security and protection guarantees.
15. MINORS.
15.1. The WEBSITE is not intended for minors under the age of 16, therefor, we request that these minors do not provide us with personal information through the WEBSITE, application, social media and emails.
16. SENSITIVE PERSONAL DATA.
16.1. SAJO asks you not to send us any sensitive personal data, in other words, information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union association, genetic information, biometric information, health or data relating to a natural person´s sexual life or sexual orientation.
16.2. This personal data will be deleted immediately.
17. CHANGES TO PRIVACY POLICY.
17.1. SAJO reserves the right to readjust or change this Privacy Policy at any time, as these changes are advertised.
18. OUR CONTACT DETAILS.
18.1. If you have any questions or concerns regarding this Privacy Policy, please contact us by writing to us via email.
19. LAST VERSION.
19.1. [05] [04], 2019. Lisbon (PORTUGAL)