Casa do Sal Albufeira – Privacy Policy

Casa do Sal Albufeira values the privacy of its visitors and customers. This Privacy Policy outlines how we collect, use, store, and protect your personal data in accordance with the European Union General Data Protection Regulation (GDPR).

1. Data Controller
The data controller is Casa do Sal Albufeira. For any inquiries, please contact us at:
📧 casadosalalbufeira@gmail.com

2. Data We Collect
We may collect and process the following personal data:

• Full name

• Email address

• Phone number

• Booking information (dates, number of guests, preferences)

• Payment details (via secure third-party platforms)

• Location data (via IP)

• Technical data: device type, browser, operating system

• Website usage data: pages visited, time spent, clicks (via cookies)

3. Purposes of Data Processing
Your data is used to:

• Process bookings and communicate with guests

• Personalize your website experience

• Send confirmations, notifications, and stay-related information

• Generate statistical reports (e.g., Google Analytics)

• Send promotional campaigns (only with consent)

• Fulfill legal and tax obligations

4. Data Storage and Caching
We use caching systems to improve site performance. This may include temporary storage of your browser data or navigation preferences.

• Cache does not store sensitive data like banking details or passwords.

• Cached data is automatically cleared at regular intervals or with content updates.

5. Cookies
This site uses first- and third-party cookies to:

• Improve performance and navigation

• Save user preferences

• Perform statistical usage analysis (e.g., Google Analytics)

• Collect remarketing data (if applicable)

By continuing to browse, you consent to the use of cookies. You can disable them in your browser settings.

6. Legal Basis for Processing
Data is processed based on:

• Your consent

• Execution of a contract (e.g., booking)

• Legal obligations

• Legitimate interests (e.g., site security)

7. Data Sharing
Your data may be shared only with:

• Payment platforms

• Booking platforms (e.g., Airbnb, Booking)

• Web and email hosting services

• Legal or tax authorities when required by law

We never sell or share your data for commercial purposes.

8. Data Security
We implement technical and organizational measures to protect your data against unauthorized access, alteration, loss, or destruction.

• SSL certificate is used to encrypt communications.

• Bookings and payments are managed securely with certified providers.

9. Data Retention

• Booking and invoice data is retained for up to 10 years due to tax regulations.

• Contact and marketing data is retained until consent is withdrawn.

• Technical data (cookies, cache) is automatically deleted as per the configured cleaning cycle.

10. Data Subject Rights
Under GDPR, you have the right to:

• Access your data

• Correct or update inaccurate data

• Request data deletion (“right to be forgotten”)

• Withdraw consent at any time

• Object to processing for marketing purposes

• Request data portability

To exercise these rights, contact us at: [insert email]

11. Third-Party Links
Our site may contain links to third-party websites (e.g., Booking, social media). This policy does not apply to those sites. We recommend reviewing their privacy policies.

12. Policy Updates
We reserve the right to update this Privacy Policy. The latest version will always be available on this site with the revision date.

Last updated: April 22, 2025