Legal notice – privacy policy

1. LEGAL NOTICE

In compliance with the duty of information provided in Law 34/2002 on Information Society Services and Electronic Commerce (LSSI-CE) of July 11, the following general information data of this website are provided:

• Corporate name: Europcat Portugal Unipessoal, lda.
• Tax Identification Number: PT514 638 427
• Registered office: Avenida Duque de Ávila, nº 141 – 1º Dto. 1050-081 Lisbon. Portugal
• Contact: porto@cataloniahotels.com

PRIVACY POLICY

1. IDENTIFICATION OF THE DATA CONTROLLER

In accordance with the provisions of the current regulations on Personal Data Protection, we inform you that the data controller of your personal data is Catalonia Hotels & Resorts.

You can contact us via email: porto@cataloniahotels.com or you can also contact our Data Protection Officer (DPO), LENER ABOGADOS.

2. OBLIGATION TO PROVIDE YOUR PERSONAL DATA

The personal data that we will request from you, in the forms accessible from the Website or App, are generally mandatory (unless otherwise specified in the required field) to fulfill the established purposes. Therefore, if they are not provided or are not provided correctly, we will not be able to attend to your service request.

The User:

• Guarantees that they are of legal age or legally emancipated, as the case may be, fully capable, and that the data they provide us are true, accurate, complete, and updated. For these purposes, the User will keep the information provided duly updated. For the requested services, the User must be over 16 years old.

3. INFORMATION AND CONSENT

By reading this Privacy Policy, the User is informed about how we request, collect, process, and protect the personal data provided through the website https://www.dourorestaurante.com (hereinafter, the “website”) and any other data that may be provided to us in the future through any request or form, or any other valid means in law.

As a User, you should read this Privacy Policy carefully, which we hope you find clear and simple, in terms of understanding, and that it facilitates and determines your free and voluntary desire to provide us with your personal data.

4. WHAT PERSONAL DATA WILL WE PROCESS?

We will process the following categories of data, depending on the request made by the User.

For example: we will request your phone number, email, and your first and last name when you request a reservation on our web service, and you will be able to accept our Privacy Policy by checking the Check Box provided in our reservation form.

• Identification data: name, surname, date of birth, if applicable, ID or document proving your identity.
• Contact data: Email address, mobile phone, postal address.
• Exceptionally, data on food intolerances or food allergies in cases related to our Catering service.

In case you provide us with data of third parties, you guarantee that you have the consent of the third party and you commit to transferring to the data owner the information contained in this Privacy Policy, exempting the data controller from any responsibility regarding the provision of third-party data. In any case, we will carry out the verifications and diligence measures that correspond according to the Data Protection regulations.

5. WHAT WILL BE THE PURPOSE OF PROCESSING YOUR DATA?

We inform you that the data we request are adequate, relevant, and strictly necessary for the purpose for which they are collected. Depending on the User’s requests, the personal data collected will be processed by us, according to the following purposes:

• Manage the reservations made and the management of your requests and inquiries.
• Manage the sending of personalized commercial communications, by electronic and/or conventional means, in cases where the User expressly consents to it, by checking the corresponding box, or shows their opposition to such processing.
• Manage your contact or information requests through the channels provided for these purposes.

6. WHAT IS THE LEGITIMACY OF DATA PROCESSING?

The main basis of legitimacy for processing is the execution of the contract subject to the request for the services requested by the User.

The basis of legitimacy for informational purposes about news of our products and services or third-party products, offers, events, or relevant news for Users related to the service provided and/or with food products, and with the hotel, tourism, and transport sector itself, will be consent.

These purposes linked to the provision of your consent will only be carried out if the User consents to the processing of their contact data, through the sending via SMS or telephone, when the User consents by checking the box provided for these treatments in the ad hoc form.

In any case, the User may revoke their consent at any time, through the procedure informed in the Exercise of Rights section, indicating their refusal to receive them through the unsubscribe option provided in each of the commercial communications sent. Likewise, if the User withdraws their consent to any of the treatments, this will not affect the lawfulness of the treatments carried out previously.

Likewise, in cases where it is necessary to process the User’s data to comply with a legal obligation, the processing would be legitimized as necessary to fulfill such purposes. Additionally, if the processing carried out is for the purpose of conducting surveys and/or evaluations related to the quality of the services provided by the data controller, it will be based on the legitimate interest of the controller.

7. TO WHICH RECIPIENTS WILL WE COMMUNICATE YOUR DATA?

The User’s data may be communicated to:

• Companies affiliated with or part of the Catalonia Hotels & Resorts business group and entities operating the hotels managed by the business group, solely for internal administrative purposes (www.cataloniahotels.com);
• Entities operating the hotels managed by CATALONIA HOTELS & RESORTS, solely for internal administrative purposes and/or for the aforementioned purposes.
• Suppliers of the data controller or hotel operators necessary for the proper fulfillment of legal obligations and/or the aforementioned purposes.
• Partners and collaborating companies for the fulfillment of the aforementioned purposes and/or, if the User authorizes it, for sending commercial communications, information, events, or subscription to loyalty programs.
• Public Administrations in cases authorized by law.

The recipients indicated in this section may be located inside or outside the European Economic Area, in which case international data transfers are duly legitimized.

8. HOW LONG WILL WE KEEP YOUR DATA?

The User’s data will be kept for the necessary period to fulfill each purpose or until the User requests its deletion, opposes the processing, or revokes their consent.

9. HOW TO EXERCISE YOUR RIGHTS?

The User can send a written request to porto@cataloniahotels.com with the Reference ‘Data Protection,’ attaching a photocopy of their valid identity document or passport, at any time and free of charge, to:

• Revoke the consents given.
• Oppose the processing.
• Receive confirmation about whether we are processing your personal data.
• Access your personal data.
• Rectify inaccurate or incomplete data.
• Request the deletion of your data when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
• Obtain the limitation of data processing when any of the conditions provided in the data protection regulations are met.
• Request the portability of your data.

Additionally, the User is informed that at any time they may file a complaint regarding the protection of their personal data with the competent Supervisory Authority or the Spanish Data Protection Agency (www.aepd.es)

Version October 2024