Privacy Policy

Oásis Atlântico respects your privacy and this Privacy Policy aims to describe who we are, for what purposes we use your personal data, the legal basis for doing so, who we share it with, how long we keep it, your rights as well as how to contact us in order to exercise your rights.

Who is responsible for processing your personal data?
In the context of contacts, use of the website, social networks and direct reservations made in European Union spaces with our hotel units, through our website, those responsible for processing your personal data, during the reservation processes, are the operating entities of the various hotel units* and Oásis Atlântico Hotel Management, Lda., legal entity nº 505158930, with registered office at Rua Hermano Neves, n.º 22, 4.º C, 1600-477 Lisbon, Portugal, from now on called “we”.

What personal data do we process?
We will only collect personal data that is necessary for the respective purposes, and unnecessary and superfluous data will not be collected.
For example, in order to comply with your reservation processes and contacts that you make directly to us, we may collect your name, address, date of birth, nationality, email address, telephone number, preferences, comments, names of family members and companions, such as the number and age of minors, dietary intake and even taxpayer number for billing purposes. We may also collect information regarding the type of browser and computer used, technical information regarding the way you connect to the website, namely, the operating system and the way you access the internet.
The data you provide regarding your credit card to pay for the reservation is not directly collected or stored by us, but by a third party providing the reservation service that is bound by appropriate security and privacy measures.
You may also provide data from special categories, namely health data – allergies, diabetes, reduced mobility and food intolerances, for which we will always ask for your consent in order to process them. The objective is solely to adapt and adapt your stay in hotels managed by us.
In relation to suppliers and partners, we may also collect tax and address data for billing and logistics purposes.
Some of the identification and financial data listed above constitute a necessary requirement for us to be able to process a reservation (customers), conclude a contract (suppliers and partners) or to be able to comply with legal obligations (for example tax obligations), meaning that failure to communicate such data will result in the impossibility of executing the contract.

How do we collect your data?
We collect your personal data directly in the following ways: through direct bookings on our website, when you ask us to send you newsletters or request information from us or contact us via telephone, email or social media.
For what purposes do we process your personal data?
We collect your personal data for the following purposes:
• So that we can fulfill and manage reservations made through our website;
• To be able to fulfill requests for orders and information and manage your preferences (for example, regarding floor, smoking or non-smoking rooms, specific requests);
• So that we can issue invoices and comply with other legal obligations;
• To be able to respond to requests for information and requests, as well as complaints that you send us. In this case, the processing is based on our legitimate interests;
• So that we can manage the content of our website, social networks, advertised competitions and management of loyalty programs. In this case, the processing is based on our legitimate interests;
• So that we can carry out statistical analysis and evaluation of satisfaction/quality of the services provided to improve them. In this case, the processing is based on our legitimate interests;
• So that we can send newsletters, advertising and promotional campaigns and information about new offers of products, services and developments, for which we will ask for your consent. You can withdraw your consent at any time by simply sending an email to the following address: [email protected] or via the address: Oasis – Human Resources Department, Av. Marquês de Tomar, nº 35-35C – 2º Dto ; 1050-153, Lisboa.
• If you are a supplier or partner, we may use your personal data to manage our contractual relationship, make payments, manage complaints, issue invoicing;

What are the legal bases for treatment?
The legal bases for processing your personal data are:
a) Execution of the contract between the parties, or execution of pre-contractual measures at the request of the data subject;
b) Compliance with legal obligations to which we are subject;
c) Legitimate interests pursued by us;
d) Your consent, when none of the legal bases indicated above are applicable;

How long do we keep your information?
We will keep your data for the period necessary to achieve the purpose for which it was collected and intended, or for the period required by law, subject to its conservation and the guarantees of secrecy and confidentiality recommended by the GDPR.
After the end of the contractual relationship, the data will be kept for a period of 10 years.
After this period, your data will be irreversibly destroyed or anonymized.
Who do we share your data with?
We may share your personal data within our business group for internal administrative purposes, whenever this sharing is related to the provision of our service, and there is a legitimate interest of the group in such sharing.
We may also share personal data with third parties who provide services to us and who assist us and make it possible for us to provide the service to you, namely IT services (website hosting and content management), software services (reservation management, hotel management), satisfaction survey sending services, logistics and consultancy services. They may also be shared with third parties for the exclusive fulfillment of legal obligations required of us, such as the Public Authorities.
Such third parties will process the data solely and exclusively on our behalf, following our documented instructions and only third parties are hired who present sufficient guarantees of carrying out appropriate technical and organizational measures in such a way that the processing meets the requirements of the GDPR and in such a way that the defense of the data subject’s rights is ensured, with this processing being regulated by a written contract.
If personal data is transferred outside the European Union, we will ensure that all necessary security measures are complied with, as well as that these transfers take place under standard contractual clauses approved by the European Commission for this purpose, if the country to which the data may be transferred has not been considered by the Commission to guarantee an adequate level of protection.

What are your rights?
You have the right to request us to access your personal data, as well as its rectification or erasure, and the limitation of processing with respect to the data subject, or the right to object to processing, as well as the right to data portability;
You can also withdraw your consent to the processing of your personal data, when such processing is based exclusively on your consent, at any time, without compromising the lawfulness of the processing carried out based on the consent previously given.
Under applicable legislation, you are guaranteed the following rights:
You can exercise these rights via email to: [email protected] or via the address: Oasis – Human Resources Department, Rua Hermano Neves, n.º 22, 4.º C, 1600 – 477 Lisboa.
Your requests will be treated carefully by us so that we can comply with your rights, although proof of your identity may be requested, in order to ensure that your personal data is only shared with the interlocutor.
The exercise of your rights will not imply the payment of any fee. However, if there are unfounded, repetitive or excessive requests, we may subject them to payment of a fee.

Can you complain?
Yes. You still have the right to lodge a complaint with a supervisory authority.
In Portugal, the competent control authority is the National Data Protection Commission, located at Av. D. Carlos I, n.º 134, 1200-651, telephone: 21 3928400. More information at www.cnpd.pt.

Are there automated decisions, including profiling?
There is currently no processing for automated decision-making, including the definition of profiles, however, if they exist in the future, you may, as the holder of the personal data, oppose them, under the terms and for the purposes of the article. 22. So. of the GDPR.

Note: Please keep in mind that from time to time we may update this Privacy Policy. We ask that you periodically review this document to stay up to date.

*Oásis Atlântico Imobiliária, SA, Legal entity no. 200 100 793 with headquarters in Cidade Santa Maria – Sal Island – Cape Verde that operates the Hotel Salinas Sea; Fortaleza Atlântico Hotéis, Ld, Legal entity no. G066077-0/CPF/MF 618.119.833-40, with headquarters at Avenida Beira Mar, 2500 Meireles, Fortaleza, Ceará, Brazil, (which operates the Hotel Oasis Atlântico Imperial); Porto Grande Hotéis, S.A.R.L, Legal entity no. 55115723883, with headquarters in the City of Mindelo, Ilha de S. Vicente, Cape Verde (operates the Hotel Porto Grande); HotelMar, S.A.R.L., Legal entity nº 200 124 706, with headquarters in Cidade da Praia, Santiago Island, Cape Verde (which operates the Hotel Praia Mar) and Sal Hotéis, S.A.R.L., Legal entity nº 200 183 125, with headquarters in Santa Maria – Ilha do Sal – Cape Verde (which operates the Hotel Belorizonte).