• Remember your language and other preferences;
• Remember your username and password for future visits so that log-in is easier and faster;
• Ensure you obtain all requested information;
• Provide a safe and secure service for online transactions;
• Track your response to advertisements and website or app content for analysis and the number of times we send you the same advertisement;
• Measure how many people use the Site, and how they use it, so that we may keep it running quickly and efficiently;
• Help us and others deliver communications and content to you that are relevant, customized and responsive to your interests and location.
We may use various types of Cookies:
Essential Cookies –
These Cookies are necessary for the site to work, and enable you to move around it and use its services and features. We do inform you about our usage in such Essential Cookies, but we don’t ask for your consent to place these on your computer.
Functional Cookies –
we use Functional Cookies to save your settings on the site – settings such as your language preference, or booking information you have previously used when booking a hotel with us. We also use Functional Cookies to store such things as the last hotel you searched for, so that you can easily find it the next time you visit. Some Functional Cookies are essential to viewing maps or videos on our site. We also may use “Flash Cookies” for some of our animated content.
Session Cookies –
These Cookies are stored only temporarily during a browsing session and are deleted from your device when you close the browser. We use Session Cookies to support the functionality of the Site and to understand your use of the site, e.g. which pages you visit, which links you use and how long you stay on each page.
Persistent Cookies –
These Cookies are not deleted when you close your browser but are saved on your device for a fixed period or until you delete them. Each time you visit the site, the server that set the Cookie will recognize the persistent Cookie saved on your device. We and others use persistent Cookies to store your preferences, so that they are available for your next visit, to keep a more accurate account of how often you visit the Site, how often you return, how your use of the site may vary over time and the effectiveness of advertising efforts.
Targeting and advertising Cookies –
These cookies are used to collect information from you to help us to improve our products and services as well as serve you with targeted advertisements that we believe will be relevant to you. We use targeting cookies on our websites for various marketing initiatives and campaigns. We also may use some Analytics Cookies and Other Technologies to facilitate advertising.
Advertising Cookies also include Social Plug-In Cookies –
Social Plug-In Cookies are used to share content from the site with members and non-members of social media networks such as Facebook, Twitter, YouTube and Pinterest. These Cookies are usually set by the social networking provider, enabling such sharing to be smooth and seamless.
Analytics Cookies collect information about your use of the site, and enable us to improve the way it works. These Cookies give us aggregated information that we use to monitor site performance, count page visits, spot technical errors, see how users reach the Site, and measure the effectiveness of advertising (including emails we send to you).
Other Technologies may be used for the same purposes as our Cookies, to allow us and third parties to know when you visit the Site, and to understand how you interact with emails or advertisements. Through Other Technologies, non-personal data (e.g., your operating system, your browser version, and the URL you came from) or aggregate information may be obtained and used to enhance your experience and understand traffic patterns.
Managing cookies and opting out: aside from the Essential Cookies described above, you can choose to visit and use our website without cookies, but in some cases certain services, features, and functionality may not be available. To visit without cookies, you can always configure your browser to reject all cookies or notify you when a cookie is set. You can always delete your browser history in order to delete any cookies from your computer.
This privacy statement (“Statement”) applies to Fattal Hotel Chain and all of its hotels and subsidiaries (collectively, “Fattal” “we,” or “us”).
The security and privacy of your information are very important to us. Whether you are booking a room or are a member of one of our loyalty programs, we want you to trust us with managing and protecting the information that you have provided to us. We have prepared this statement to explain more about who we are and how we collect and manage your information.
By using any of our products or services and/or by agreeing to this Statement, e.g., in the context of registering for any of our products or services or by any other means, you understand and acknowledge that we will collect and use personal data as described in this Statement.
Who we are and how can you contact us
Fattal Hotel Chain is the “Controller” for the purposes of EU General Data Protection Regulation (“GDPR”).
Questions, comments, requests and complaints regarding this Statement and the information we hold are welcome and should be addressed to us at firstname.lastname@example.org . All requests will be dealt with promptly and efficiently.
Information we may collect from you
We collect personal data from you voluntarily when you provide such personal data to us, or via our services with which you interact. We may also be given other personal data relating to you by other persons, or we may obtain such other personal data about you as may be provided to us in the course of our legitimate business activities.
You do not have to provide us with your information although in some cases, if you do not, it may mean that you are unable to use our services. For example, we may be unable to complete any booking you may wish to make, or you may be unable to participate in our loyalty programs.
In the course of providing services to you, we may collect and process data, including the following, which might contain your personal data (collectively “Personal Data”):
your full name; your address; your email address; your phone number including mobile phone numbers; your nationality; details of your car registration number; details of your driving license; details of your passport; financial information about you, including your bank account details, credit card details, or other payment methods details; details of contracts you have entered with third parties for us to provide services to you; details of your relationship to other parties; details of your membership of professional or other organizations; your date of birth and/or anniversary; details of your children and other relations; medical details, including details of allergies and all other data which you ask us to process on your behalf, or which is necessary for us to process in order for us to fulfil our role as providing accommodation, gym, spa, leisure, retail or food-related services to you; any disabilities or other medical conditions disclosed to us in order to allow us to provide with aproperiate service; media content you have watched or subscribed during your stay in our hotels.
We may also use CCTV on our premises, to help us ensure the safety and security of both our staff and visitors.
When you access our website or wi-fi facilities, your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you.
How we secure your information
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access and use. However, the collection, transmission and storage of information can never be guaranteed to be completely secure. Yet, we take steps to ensure that appropriate security safeguards are in place to protect your information, and we will continue to revise policies and implement additional security features as new technologies become available.
The lawful basis for processing of your personal data
We will only collect, use and share your information after ensuring that we have an appropriate lawful basis to do this. Such lawful and legal basis can be any of the following:
• Carry out our obligations arising from any contracts entered into between you and us. For example, making and managing your booking and operating and providing services in connection with any of our loyalty programs in accordance with the terms of our agreement with you;
• Your consent for the process of your personal data;
• our use of your information is necessary to meet responsibilities we have to our regulators, tax officials, law enforcement, or otherwise meet our legal responsibilities;
• our use of your information is in our legitimate interest as a commercial organization. For example, to operate and improve our services and to keep people informed about our products and services (including for profiling and targeted advertising). In these cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights.
In any case in which you have provided your consent to our processing of your information, you can withdraw this consent at any time by contacting us through the contact details provided above.
Transfer and disclosure of Personal Data
We may disclose your personal data to third party service providers for the purpose of providing services to you, for example the processing and fulfillment of your booking. We may also disclose your personal data in other occasions in accordance with applicable law, e.g. when we have a legal obligation to do so, or when where are allowed to do so under our legitimate interests. In any such transfer we will take steps to make sure such transfer is carefully managed to protect your privacy rights:
– transfers within our Group and affiliates will be subject to an agreement which contractually obliges each party to ensure that your data receives an adequate and consistent level of protection;
– transfers to any subcontractor or processor will be subject to contractual terms ensuring the security and protection of any personal data, in accordance with applicable law provisions;
– any transfer of data which originates in the European Union (“EU”) to a country outside of the European Economic Area (EEA), shall be made in compliance with the provisions of chapter 5 of the GDPR, and the legal safeguards included there. Such transfer can be made to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights, as like the EU-US Privacy Shield;
any requests for information we receive from law enforcement or regulators will be carefully validated before the disclosure of any Personal Data.
Links to other sites
Our website may contain links to and from other websites. If you follow such a link to any of those websites, please note that those websites have their privacy statements and that we do not accept any responsibility or liability for those statements. We encourage you to review the privacy statements of these third-party websites as their privacy practices may differ from ours.
Retaining your information in our systems
We generally only keep your information for as long as is reasonably required for the reasons explained in this privacy statement. We maintain a data retention policy which we apply to all the records we hold, ensuring minimization of retention periods. In some cases, we keep transactional records (which may include your personal data) for long periods if it is necessary to meet legal, regulatory, tax or accounting needs. We will also retain information if we reasonably believe there is a prospect of litigation.
Your rights under EU data protection laws – GDPR
As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process data relating to you. These rights apply in certain circumstances and are set out below:
– right to access your personal data – you can ask us to confirm whether or not we have and use your personal data, and if so, you can ask for a copy of your data;
– right to correct your personal data – you can ask us to correct any of your personal data which is incorrect, after verifying the accuracy of the data first;
– right to erase your personal data – you can ask us to erase your personal data if you think we no longer need to use it for the purpose we collected it from you. you can also ask for such erasure in any case in which the process of your data was based on your consent, or where we have used it unlawfully or where we are subjsect to a legal obligation to erase your personal data. any request for such erasure will be subject to our obligations under the law (e.g. our obligation to keep some records for tax or customs purposes);
– right to restrict our use in your personal data – you can ask us to restrict our use of your personal data in certain circumstances;
– right to object to how we use your personal data – you can object to any use of your personal data which we have justified by our legitimate interest if you believe your fundamental rights and freedoms to data protection outweigh our legitimate interest in using the information;
– you can require us to refrain from using your data for direct marketing purposes;
– you can ask us to transfer your information to another organization and/or provide you with a copy of your personal data.
We may not always be able to do what you have asked, for example, if it would impact the duty of confidentiality we owe to others, or if we are otherwise legally entitled to deal with the request in a different way. However, we encourage you to contact us with any such request, and we will be happy to assist you.
Changes to this Privacy Statement
We reserve the right to change this statement from time to time at our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree to this statements as modified.
Fattal’s Data Protection Representative in the EU under Article 27 of the GDPR:
Sunflower Management GmbH & Co. KG
Landsberger Allee 117a | D-10407 Berlin