Data policy of Hotel Fazenda Brisa Itu!

1) Initial Considerations

 

Please read this Privacy and Personal Data Protection Policy carefully to understand our policies and practices regarding your Personal Data and how this data is processed.

 

Hotel Fazenda Brisa Itu is committed to protecting the privacy and personal data of our guests. By using our services, you agree to the collection and use of your information as described in this policy.

 

 

2) Terms and Definitions

 

a) Personal Data: according to article 5, item I, of the LGPD (Brazilian General Data Protection Law), personal data is defined as "information related to an identified or identifiable natural person." In other words, it is information related to an identified or identifiable natural person.

 

b) Sensitive Personal Data: Personal Data concerning religious beliefs, political opinions, genetic or biometric data, racial or ethnic origin, membership in a trade union or religious organization, health or sex life, when linked to a natural person.

 

c) Consent for data use: According to the LGPD (Brazilian General Data Protection Law), it is the free, informed, and unequivocal expression by which the data subject agrees to the processing of their personal data for a specific purpose.

 

(d) Controller: Natural or legal person, governed by public or private law, who is responsible for decisions regarding the processing of personal data.

 

(e) Data Processor: A natural or legal person, governed by public or private law, who processes personal data on behalf of the controller.

 

f) Data Subject: The natural person to whom the Personal Data being processed refers.

 

(g) Data Processing: Any activity performed with Personal Data, such as collection, reception, classification, use, access, production, reproduction, distribution, processing, alteration, storage, elimination, communication, transfer or extraction of data;

 

h) Use and Sharing: All communication, dissemination, international transfer, interconnection of Personal Data or shared processing of Databases by public bodies and entities in the performance of their legal duties, or between these and private entities, reciprocally, with specific authorization, for one or more processing modalities permitted by these public entities, or between private entities.

 

i) National Data Protection Authority or ANPD: Body responsible for ensuring, implementing and overseeing compliance with the LGPD throughout the national territory.

 

3) Purpose of this Privacy Policy

 

The main objectives of the Pontes Group regarding Personal Data Privacy are highlighted below:

 

a) Ensure that our employees and partners are fully aware of the legal, regulatory and/or contractual implications of any privacy breaches;

b) Ensure that the controlled Personal Data is adequately protected against threats;

c) Ensure that all third parties/operators that process Personal Data on behalf of the Pontes Group provide adequate protection.

d) Limit the use of Personal Data to the purposes for which it was collected;

 

By visiting, using, and/or registering on our platform, in addition to agreeing to our Consent Terms, you declare that you accept our collection and processing of your data, in accordance with the methods and for the purposes described in this Privacy Policy.

 

4) Collection of Personal Data

 

We collect personal information, such as name, address, email, phone number, and payment details, for the sole purpose of providing a personalized and efficient stay. For this purpose, we need to collect personal information, such as:

 

  • Registration details (name, surname, gender, phone number, email, date of birth, nationality);

    •  

  • Data related to companions and/or dependents (name, date of birth, age, relationship – whether companion or dependent);

    •  

  • Check-in and check-out information;

    •  

  • Preferences (single, double or triple room; additional beds or accessories;

    • Smoking or non-smoking room; floor; type of newspapers/magazines; cable TV channels; food and drinks, etc.);

     

  • Financial information (type, number and expiration date of your credit card or deposit information);

    •  

  • Information found on identification documents.

    •  

    5) How do we keep your Personal Data secure?

     

    We are committed to keeping your Personal Data secure using security techniques, systems, and measures. We do not transmit, disclose, or share Personal Data with third parties, except as described in section 7 of this Privacy Policy, for the specific purposes specified therein.

     

    It's important to understand that, despite all the care and precautions taken, the risk of browsing the internet always exists.

    Should Personal Data be compromised as a result of a Personal Data Breach, we will provide the necessary notifications in accordance with applicable law.

     

    6) We process the Personal Data of our clients and potential clients in accordance with the purposes described below:

     

    a) Accommodation requests and reservation management

    To accommodate guests at our hotels, we need to process their Personal Data to fulfill our obligations and provide services, such as allowing those interested in making a reservation to check availability and complete the booking.

     

    b) Managing your hotel stay

    For stay management, we request Personal Data that allows us to manage the entire stay, such as recording arrival and departure times at the hotel in question, granting access to the room, managing the registration form, managing and monitoring the use of additional services, managing food preferences, room preferences, among others.

     

    c) Making payments

    For payment purposes, we need to collect and process financial data, such as credit card information, financial institution details, credit limits, and others. We may also need to manage invoices and administer expenses related to additional services (food, drinks, parking, room service, laundry, telephone, bar, etc.).

     

    d) Protection against financial fraud

    We can analyze financial transactions to minimize potential fraud risks, potentially using specialists/third parties to provide accountability and in-depth analysis.

     

    e) Good relationships and service provision for the guest journey.

    With the intention of providing a good service, we populate our database with Personal Data and information on stays and behavior to personalize operations, predict future behaviors, obtain data for marketing tools, manage customer preferences, and send promotions.

     

    f) Improvement of services

    We may collect Personal Data when conducting surveys with our customers, as well as collecting and analyzing complaints, comments, and suggestions through questionnaires, which may be anonymous or named. With this information, we can also make personalized commercial offers.

     

    7) Sharing with Third Parties

     

    We may share your data with internal and external recipients under the following conditions:

     

    a) Updates/Synchronization/Unified System

    We share your personal data with a limited number of authorized people and services in order to provide you with the best possible experience across our hotel network. The teams listed below may have access to your data:

     

  • Hotel staff;

    •  

  • Reservation team that uses the booking tools of Hotel Fazenda Brisa Itu;

    •  

  • Service companies;

    •  

  • Medical services, if applicable.

    •  

    b) With service providers and partners

     

    Your personal data may be sent to third parties for the purpose of providing services and improving your stay, for example:

     

  • External service providers: IT subcontractors, call centers, banks, credit card issuers, external lawyers, customs brokers, printers.

    •  

  • Business partners: We may expand your profile by sharing certain personal information with your preferred business partners. In this case, the trusted partner may cross-reference information, analyze it, and apply certain classifications to your data.

    •  

    This processing will allow Pontes Hotéis e Resorts and its contractual partners to determine the customer profile in order to send personalized offers.

     

  • Social media identification: To enable the use of some of our services and/or campaigns, the Pontes Hotéis e Resorts network may provide identification/authentication through social media. When not available through social media, identification may be done through a form. If your identification is through social media, you explicitly authorize Pontes Hotéis e Resorts to access your public account data.

    •  

    c) Comply with legal requirements

     

    We may also be required to send your information to local authorities and public bodies if:

     

  • There must be a need for the purposes mentioned in topic 6;

    •  

  • Whether required by law or

    •  

  • if necessary for the legal protection of the legitimate interests of the controller(s) in accordance with applicable law.

    •  

    8) Storage and storage period of your Personal Data

     

    Your Personal Data is stored in our computerized environment for the time necessary to fulfill our services, respecting the deadlines established in applicable legislation in accordance with the LGPD (Brazilian General Data Protection Law). The data is also kept for the time necessary to carry out possible audits and/or to meet existing legal deadlines, allowing us to comply with possible legal requirements and regulatory bodies.

     

    9) Rights of Data Subjects

     

    All rights that data subjects possess may be exercised in accordance with the LGPD – General Data Protection Law, such as access, modification and deletion of their Personal Data, as well as asking any questions through our email comercial@hotelfazendabrisaitu.com.br

     

    10) Update of the Current Policy

     

    We periodically review and update privacy regulations to align this Policy with the most current information on the subject, aiming to provide security and credibility for our clients. Therefore, we reserve the right to modify and update the data processing model and/or the purposes for processing, in accordance with these regulations. Should we make such changes, we will update the policy with a new version.


    11) Acceptance Agreement

    By choosing our hotel, you agree to the terms of this Privacy Policy and consent to the sharing of personal data by Hotel Fazenda Brisa Itu. For questions or concerns, please contact us.