Key points to note about our Policies
Although we are a small business, we recognise the importance of protecting both ours and your rights under current legislation and data protection laws, which includes the Data Protection Act 2018, General Data Protection Regulation ((EU) 2016/679) (“GDPR”), UK GDPR and Privacy and Electronic Communications Regulations 2003, and any other applicable or equivalent data protection or privacy legislation, regulations or guidance from time to time relating to the processing of personal data.
To the extent that either party processes personal data on behalf of the other party, such party warrants that it has obtained all necessary consents and a lawful basis to enable it and the receiving party to process such personal data as necessary to fulfil its obligations under this Agreement, and the recipient party agrees to take all appropriate technical and organisational measures necessary to preserve the security of such personal data.
By entering data into the forms on our website, you are providing your consent to us to use this information only in connection with providing you with the services needed to ensure you have an excellent holiday, and to allow us to comply with legal requirements.
What information do we collect?
We collect information about you when you enter it into contact forms on our site such as your name, email address and phone number.
How do we use your information?
We use information about you to fulfil our obligations to comply with legal or regulatory obligations. For example, we are required to provide the Portuguese government with details of every foreign individual staying at our Villa.
Data use
To make a booking, you must provide your contact details. You need to enter the specific contact data requested such as contact name and details, email address, details of additional guests as well as the data concerning the booking (eg stay period).
We also save your booking date and time. Additional information fields are not mandatory.
The information you provide on our website, including notes, are personally identifiable information and are processed and used by us to ensure the processing of the booking and the provision of the requested service. We also use your data to provide you with information relevant for the booking or during the stay. The personal data collected when the booking is made will be forwarded to the following third parties: Smoobu GmbH – Smoobu.com is a Software for rental owners Pappelallee 78/79, 10437 Berlin 10437 Berlin Germany Link to Smoobu privacy policy: https://www.smoobu.com/en/privacy-policy/
We will only contact you as we have a legitimate interest in doing so because of our services provided to you. For example, you may receive emails from us answering booking queries, payment queries, or asking for a review of your stay. We will only contact you if we believe we have legitimate interest in doing so.
If you have any problems with us contacting you please e-mail a request to stop communication or change the methods of our communication.
Do we share your data with third parties?
We only share data with our third parties when it is required as part of fulfilling our service to you.
For example, we share your contact information with our accountant who submits the visitor data to the Portuguese government on our behalf.
Your Data, Your Rights and Opting out
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
You have the right to:
If you wish to exercise any of the rights set out above, please contact us.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.
Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).
This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information, in relation to your request to speed up our response.
Time limit to respond
We try to respond to all legitimate GDPR requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.
In this case, we will notify you and keep you updated.
Credit Card Security
When you make a booking, deposits or payments are taken through Stripe, a payment services provider (PSP). Stripe are a fully approved PSP and are audited annually against the strict Payment Card Industry Data Security Standards (PCI DSS). We do not see or store any credit card details on our site or in other records, and your credit card details are not held in clear text on any web site or database.
To view Stripe’s security policy click here