Privacy Statement Xcentric Hotels B.V.
This regulation defines the following:
Authority: The supervising authority as mentioned in Article 51 of the General Data Protection Regulation (GDPR) and Article 6 of the GDPR Implementation Act of the Netherlands: the Dutch Data Protection Authority;
Personal data: All data regarding an identified or identifiable natural individual;
Specific personal details: Personal data regarding the health, religion, race, political preference, past criminal record(s), or sexual orientation of a natural person;
Processing of personal data: Every action or group of actions related to personal data; including, but not limited to, the collecting, acquiring, organizing, saving, updating, changing, requesting, consulting, using, providing of through forwarding, sharing or other forms of making personal data available, assembling and interrelating, as well as the shielding, erasing or destroying of personal data;
Files: Each structured entity of personal data, regardless of this entity of data being centralized or distributed in a functional or geographically determined manner, that is accessible according to certain criteria and regarding several individuals;
Controller: The controller responsible for the processing of personal data in the sense of this regulation is Xcentric Hotels B.V. (hereafter: Xcentric);
Processor: The person who, on the basis of an agreement, processes personal data on behalf of the controller, without being directly supervised to the controller’s authority;
Party involved: The natural person to whom the personal data is related to;
Third party: Any other person other than the party involved, the controller, the processor, or any person authorized to process personal data under the direct authority of the controller or the processor;
GDPR: General Data Protection Regulation, the EU regulations 2016/697 of the European Parliament and the Senate.
Contact information of the controller
Xcentric Hotels B.V. | Willemstraat 2 | 2514 HM The Hague
We respect the privacy of all our partners, guests and website visitors. We ensure that the personal data we process is treated confidentially in accordance with the provisions in the GDPR. On this website you can consult this privacy statement at any time.
Processing of personal data
We may process your personal data for the following purposes:
- To offer our services and to carry out the request(s) that you have asked of us;
- To contact you;
- To charge costs;
- To comply with a legal obligation;
- To inform you about new services and / or offers that are related to previously purchased services;
- To execute marketing research, whether or not based on information obtained via Google Analytics.
Categories of people
Personal data may be processed from the following categories of people:
- Hotel guests;
- Contacts of customers and suppliers;
- Website visitors.
Types of personal data
The following personal data may be processed by us:
- Surname, first name, initials, gender, date of birth;
- Address, e-mail address, telephone number and similar data required for communication;
- IP-address, location data, browser fingerprint, information about your activities on our website;
- An administrative number;
- Other data than described above, of which the processing is required or necessary in relation to complying with legislations other than the GDPR.
Management and accessibility of personal data
With the exception of statutory provisions in legislation and regulations, access to personal data is only handled by those who are in charge of the management of the customer base and / or those who are connected with the processing of personal data or those who are necessarily involved, including our employees and hired processors. We use the following online tools:
- Google Tag Manager: Adwords, Analytics, DoubleClick, Facebook Pixel;
- Mailchimp API.
These online tools are used, among other things, to analyze the browsing behavior of website visitors and to collect website statistics. Above mentioned parties, such as Facebook, comprise their own privacy statements and bear their own responsibility for the handling of personal data.
Our website utilizes cookies. Cookies are small text files that are sent to the browser by a website, after which the browser stores this data. On a subsequent visit to our website, the stored data is resent to the website by the browser. In general, there are many different types of cookies. We use technical cookies, analytical cookies and marketing cookies.
- Technical cookies
Technical cookies are necessary in order for our website to function properly. These cookies are needed to ensure optimal user experience. No personal data is processed with the use of technical cookies.
- Analytical cookies
Analytical cookies are used to collect information about how website visitors experience and use our website. This information enables us to optimize our website, to check the efficiency of our website and to improve the user experience. Analytical cookies do not process personal data. No personal data is processed with the use of analytical cookies.
- Marketing cookies
Marketing cookies, also known as tracking cookies, are used to follow the browsing behavior of website visitors. Once permission has been granted by the party involved, tracking cookies are placed to enable the presentation of personalized offers and discount campaigns via various online channels.
Security of personal data
We take appropriate technical and organizational security measures to protect personal data against loss or any form of unlawful processing. These measures aim to reach an appropriate level of protection, taking into account the risks inherent in the processing and the nature of the data to be protected.
We store your personal data no longer than is necessary to accomplish the end goal(s) for which the data is gathered.
Rights of the party involved
As the party involved, you have the right to receive the personal data you have provided to us in a structured and machine-readable form, and to transfer it to another organization.
If the processing of your personal data is based on your consent, as referred to in article 6 paragraph 1 sub a or article 9 paragraph 2 sub a of the GDPR, then you as the party involved have the right to revoke this permission at any time without it affecting the lawfulness of the processing of your personal data that was based on your consent before its withdrawal.
Each party involved has the right to peruse their own files. Upon receipt of a request for perusal, we will inform you in writing within four weeks what personal data of yours is being processed.
Should you encounter inaccuracies in your files, you can request an improvement, addition, removal or shielding of information. This request must include the changes to be made. We will notify you in writing within four weeks of receiving the request as to what extent we can comply with the request. If the request is denied, an explanation will be provided.
In case the processing of your personal data takes place on the basis that such processing is necessary for our legitimate interest, then you withhold the right to object at all times. We will assess whether the objection is justified within four weeks of receiving the objection. If it is justified, we will terminate the processing of your personal data.
If you feel that the provisions of these regulations have not been adhered to in an acceptable manner, you may contact us. The respective parties will then cooperatively decide on a joint solution. Nonetheless, you have the right to bring your complaint to the Authority or before the applicable court of law.
Applicable Law and Jurisdiction
Unless mandatory rules of the country in which the customer is domiciled specify otherwise:
This privacy statement and the contracts to which these Privacy Statement apply will be interpreted in light of the laws of The Netherlands;
All possible disputes arising from this Privacy Statement or from the contracts to which this Privacy Statement applies will be resolved in the courts of The Netherlands; and,
in case of differences in meaning between the various translations of this Privacy Statement, the text originally written in Dutch language shall prevail.
Changes in the Privacy Statement
We reserve the right to make changes to this Privacy Statement.
Xcentric Hotels B.V. | 31 – 10 – 2018