Privacy Policy
TheHotelAlhambra.com (“we,” “us,” or “our”) is committed to upholding your right to privacy and the protection of your personal information in compliance with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws. This Privacy Policy outlines how we collect, use, process, and safeguard your personal data when you visit or interact with our website, thehotelalhambra.com.
1. Commitment to Privacy and Data Protection
Your privacy is important to us. We have implemented rigorous measures to ensure that your personal data is handled with care, transparency, and in accordance with applicable legal standards. We are dedicated to collecting only what is necessary, limiting access to authorized personnel, and protecting your data through strict controls and safeguards.
2. Scope of the Policy and Data Controller Role
This Privacy Policy applies to all users of thehotelalhambra.com and covers all forms of personal data collected through our website, email communications, reservations, and direct interactions. For the purposes of data protection laws, TheHotelAlhambra.com is the Data Controller in respect of all personal data collected on or through our website. If you have questions or requests related to your data, you may contact our Data Protection Officer at [email protected].
3. Categories of Personal Data We Process
We process the following categories of personal data, depending on your interactions with us:
a) Usage Data: Includes details about your visit to our website such as your browser type and version, IP address, country location, time zone setting, referring URLs, duration of visit, and clicks or navigation patterns.
b) Account Data: Collected when you create or manage an account with us. This may include your full name, home or billing address, email address, phone number, and passwords or login credentials.
c) Profile Data: Includes your booking history, guest preferences, stay behavior, loyalty program data, and interests (such as room types or service preferences).
d) Communication Data: Records of correspondence and interactions with us, including support requests, inquiries submitted through contact forms, and feedback.
e) Technical Data: Information about the device you use to access our site, including type, operating system, browser settings and plugins, screen resolution, and other device identifiers.
f) Transaction Data: Details of payments made, including partial payment data (e.g., masked credit card numbers), billing confirmations, and delivery or check-in information related to your reservations.
g) Preference Data: Information regarding your opt-in consents for marketing communications, newsletter subscriptions, and stated interests or preferences about our offerings.
4. Legal Bases for Processing
We process personal data under the following legal bases as prescribed by GDPR and, where applicable, CCPA:
– Consent: Where you have explicitly consented to receive marketing communications or supply personal data for specific purposes.
– Contractual Necessity: When data processing is necessary in order to enter into or fulfill a contract with you, such as completing a hotel reservation.
– Legal Obligation: Where processing is necessary to comply with applicable laws or regulatory requirements.
– Legitimate Interests: To operate, secure, and improve thehotelalhambra.com, to manage customer relationships, and to prevent fraud, provided such interests are not overridden by fundamental rights and freedoms.
5. Your Rights
Under applicable data protection laws, you are entitled to:
– Access: Request a copy of the personal data we hold about you.
– Rectification: Request correction of inaccurate or incomplete data.
– Erasure: Request deletion of your personal data where no legal or business reason exists to retain it.
– Restriction: Temporarily suspend data processing under certain conditions.
– Portability: Request your data in a structured, commonly used format for transfer to another controller.
– Objection: Object to data processing based on our legitimate interests or for direct marketing purposes.
– Non-Discrimination (CCPA): You have the right not to receive discriminatory treatment for exercising your privacy rights.
You may exercise these rights by contacting [email protected].
6. Security Measures
We adopt appropriate technical and organizational safeguards to ensure the confidentiality, integrity, and availability of your data. These include:
– Encryption of personal data in transit and at rest.
– Multi-level access controls and authentication.
– Regular system updates and vulnerability assessments.
– Staff privacy and security training.
– Secure backup protocols and disaster recovery policies.
7. International Transfers
Where your personal data is transferred outside the European Economic Area (EEA) or California, we ensure such transfers are protected with appropriate legal mechanisms, including the use of Standard Contractual Clauses and verification of third-party adherence to equivalent privacy protections under local laws.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it. Typical retention periods include:
– Usage and Technical Data: Retained for up to 12 months for analytics and service improvements.
– Account and Transaction Data: Retained for up to 7 years in compliance with financial and legal obligations.
– Communication Data: Stored for up to 2 years for follow-up and record-keeping purposes.
– Marketing and Preference Data: Retained until you withdraw consent or opt out of marketing communications.
9. Cookie Policy
Our website uses cookies to enhance functionality, measure performance, and deliver tailored experiences. Categories include:
– Essential Cookies: Required for core site functionality such as page navigation and secure reservation processing.
– Functional Cookies: Enable enhanced features such as remembering language preferences or room selections.
– Analytics Cookies: Collect information about how visitors use our site, including pages visited and navigation paths.
– Performance Cookies: Used to monitor system performance and site speed.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you are given the option to manage your cookie preferences when you first visit our site via a consent banner. You may modify your cookie preferences at any time using our Cookie Settings panel or by adjusting your browser settings. We honor Do Not Track signals and provide opt-out options where applicable.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from individuals under the age of 13. If we become aware that we have inadvertently collected information from someone in this age group, we will immediately delete such data from our records. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].
12. Policy Updates and Notifications
We reserve the right to amend this Privacy Policy to reflect legal requirements, operational changes, or improvements in privacy practices. Users are encouraged to review this policy periodically for updates. Material changes to this policy will be communicated through the website or via direct communication as appropriate.
13. Contact Information
If you have any questions, concerns, complaints, or wish to exercise your data rights, please contact us at:
Email: [email protected]
Website: https://www.thehotelalhambra.com
—
We value your trust and are committed to safeguarding your data in compliance with global privacy laws. If you have any concerns about how we handle your personal information, we encourage you to get in touch.