PERSONAL DATA PROTECTION AND PRIVACY POLICY
This document holds UNU Hotels and Resorts’ Personal Data Production and Privacy Policy on its institutional site, access to which is included through its official channels on the website. Its purpose is to establish rules regarding the collecting, storage, use, handling, sharing and exclusion of data and any information that has been potentially collected through its digital platforms maintaining absolute transparency.
With this in mind, we hope that the users who access our website have the best possible experience in order to enjoy our services while we ensure that their privacy is respected. In order to so, you can enable your preferences for tailored services according to the offer or demand that you are looking for (profile).
Our goal is that all clarifications and any practical aspects necessary for answering possible queries are available in a transparent manner.
Data controller
UNU Administração Hoteleira e Comercial Ltda.
Tax ID: 34.606.733/0001-96
Av. Iraí, 280 – Conj. 406
CEP 04082-000
Moema
São Paulo – SP
Trading name
UNU Hotels & Resorts
Nature of the data to be handled
Personal data that is provided by users and/or collected automatically
Purpose of personal data handling
Improve the browsing experience on the website, institutional information, publicity campaigns, discounts, event publicity, diverse programs, payment history, preferences or research.
Legal basis
Sharing
Service providers and operators that are essential for the development of our activities.
Data protection
Preventative measures aiming to provide security and confidentiality of the collected data, in compliance with legal principles, technological capacity and administrative technical processes.
Holders’ rights
Confirmation of the existence of personal data handling, rectification/correction, deletion etc.
1 – USED DATA
The website contains all institutional information of public interest. Within its scope, the website is aimed at those who essentially seek:
The data used, or handled, stems from: (i) that which has been supplied by the users themselves; (ii) that which has been collected automatically to optimize the running of the website.
2 – DATA SHARING
The collected information, should it be of interest to UNU Hotels & Resorts, will possibly be shared: (i) with partner companies, whenever necessary in order to provide the suitable services, aiming for data minimization, safety and suitability; (ii) for complying with standards or regulations; (iii) to protect UNU Hotels & Resorts’ interests in any type of conflict; and (iv) in the case of any judicial decision or request by the governing authorities.
Over time, data sharing may occur with companies that provide technological infrastructure, processes and operationalization which are strictly necessary to the undertaking of UNU Hotels and Resorts’ activities.
Data holders may request to access, update, add or correct, as well as delete their data through their Data Protection Officer via the following email: [email protected]
In the body of the email, the data holder shall set out the details of their request, which will be answered and/or processed in due course whilst complying with the concerning legislation and further guidelines to be established by the National Authority of Data Protection.
3 – COOKIES POLICY
Users/visitors are informed that UNU Hotels & Resorts uses cookies to collect and store information regarding personal preferences for website access, such as: sending one or more cookies or anonymous identifiers that collect data related to browser preferences and the visited pages. The handling is carried out in an automatized manner with no personal contact with the obtained data.
The data handling intends to improve and personalize the browsing experience on our website. We are committed to observing the principles of data protection and ensuring that it is used in accordance with the indicated objectives, in such a way that it will not be allowed to be used for diverse and/or unconnected purposes.
We guarantee that the users have option to disable the cookies or personalize them according to their interests at any time. This can be done through tools from the browser itself to prevent the installation of cookies or the removal of those already installed, enabling the self-management of them. Potential alterations may interfere in the user interaction with our website, including the possibility of errors in some of its features. Some cookies are essential to the fluid navigation and use of the available resources and without which, some services/features will not be accessed and provided.
We store information related to the access of the users to our website on our database which may include, but is not limited to, the IP address, the accessed pages, the access times and dates and the device used, all in agreement with the current data protection legislation.
Such information, should it be necessary, shall be used for the regular exercise of rights, such as: complying with judicial orders, defense of rights against users in legal or administrative proceedings, including internal or public investigations, with the aim of investigating practices that may cause damage of any nature, as well as committing crimes in virtual environments.
We may possibly collect personal data from or about users which have been voluntarily input during the browsing experience on the website. We prioritize the users’ email as the main point of contact for communication about possible requests and queries.
We offer the users the right at any time to request the deregistration and exclusion of personal information from the database; this procedure will not be done immediately but will keep to a reasonable timeline for deletion. We stress that in some exceptional cases, we will be prevented from doing so due to legal obligations set out in the Data Protection General Law and current norms referring to data retention. In such situations, the users will be informed about the impossibility of excluding their data.
User personal data shall be used for the following purposes:
(i) consumer profile identification and registration update;
(ii) guaranteeing user security;
(iii) preparation of statistics to measure website access, ensuring the anonymity of the users, including for purposes to enhance and understand the profiles that have demonstrated interest.
The aforementioned policy, in order to remain in line with the best data protection practices, may undergo adjustments at any time without any necessity of prior warning or consent. We therefore commit to maintaining the updated version on the website.
In the case of questions, please get in touch through our communication channels, preferably: [email protected].
4 – DATA SECURITY MEASURES
UNU Hotels & Resorts uses cutting-edge technology that meets the highest standard in the market, storing collected information on its own servers or ones that it has contracted. Therefore, the best practices are always followed, such as:
We stress that although the greatest effort to ensure user’s privacy is under the responsibility of UNU Hotels & Resorts, the same applies to its users who shall take suitable self-protection measures by keeping their usernames and passwords confidential, using antivirus software and, above all, taking the due precautions to ensure their rights.
With the aim of guaranteeing the privacy and confidentiality of the collected data, we will adopt continuous precautions to meet the principles and regulations and fundamentals in compliance with the regulatory norms.
5 – DATA STORAGE PERIOD
The handled users’ personal data will be excluded when:
Without jeopardizing the aforementioned data, it will be conserved for compliance with legal or regulatory obligations and will be transferred to any third-party responsible for the contract, respecting the handling requisites whenever the anonymization is possible.
6 – DATA HOLDER RIGHTS
In observance of the ethical principles, good practices and, above all, in compliance with the governing regulations for the handling of personal data in Brazil, UNU Hotels & Resorts will keep its commitment to respecting and guaranteeing the provision of services, safeguarding the users’ interests, enabling them to exercise their rights and requests, which can be made as follows:
UNU Hotels & Resorts reserve the right to, after the request has been made by the users, take all possible means to confirm the entitlement of the requester, ensuring the quickest possible response.
7 – APPLICABLE LEGISLATION
This document was prepared based on the current legislation in the Federative Republic of Brazil, especially the Data Protection General Law.
8 – DATA PROTECTION OFFICER
Alex Moreira de Freitas (DPO)
e-mail: [email protected]
Av. Iraí, 280 conj. 406
CEP 04082-000
Moema
São Paulo – SP
fone: (55 11) 3090.9434
[email protected]