Privacy Policy

Privacy and cookies policy

1. Introduction

This privacy policy establishes how the domains www.thezerohotels.com, and subdomains www.porto.thezerohotels.com, www.coimbra.thezerohotels.com and www.cais.thezerohotels.com, herein referred to as The Zero Hotels website, processes and protects the information provided by its visitors.

The information requested will be used to ensure the full functioning of the services offered, as well as to improve the browsing experience and use of our services, and will be used solely in accordance with the provisions of this privacy policy.

2. Who we are

The ZERO Hotels brand represents a group of accommodation, operated by several different entities, all of which have as their object the management and operation of hotel establishments, short-term accommodation and local accommodation, as well as consultancy in the aforementioned areas:

ZERO Box Lodge Porto – Hotel Cápsula Lda, NIPC 513671080, www.porto.thezerohotels.com

ZERO Box Lodge Coimbra – Diomira Lda, NIPC 507346017, www.coimbra.thezerohotels.com

CAIS Urban Lodge Lisboa – Up Down Lisbon Lda, NIPC 509449700, www.cais.thezerohotels.com

PENSÃO AMOR Madam’s Lodge – Dream Street SA, NIPC 506844277, www.pensaoamor.com

The companies mentioned here are responsible for the Processing of Personal Data in accordance with Regulation (EU) 2016/679 (GDPR) and complementary legislation on the protection of personal data in force in the countries in which it operates.
The companies mentioned here, as well as their employees, are committed to using your personal data only for the purposes communicated to you and always in a safe and responsible manner.

3. Personal Data

In this Privacy Policy, the term “Personal Data” means the set of information that relates to you and that allows us to identify you, directly or indirectly. Your personal data may include, for example, your name, your tax identification number, your telephone number or email address and your interactions with us. We collect some of your personal data, for example, when you contact us.

We may also receive your personal data from other companies, particularly when they collect, process or store it as part of the service they provide to us.
In accordance with the General Data Protection Regulation and Law 58/2019, companies providing services will only process personal data of holders aged 18 years or over. The personal data of holders under the age of 18 will only be processed after obtaining the respective consent from the person exercising parental responsibilities.

3.1. When you contact us, visit our website or use our services

What we do?

When you contact us, we will process your personal data to answer your questions or clarify our services. You can contact us via email, social media or telephone. If you do so, we will collect your name, telephone number, email address and information related to your request, so that you can be identified and so that we can provide accurate information adapted to your needs. If you become our client, we will process the necessary information (contact details, NIF, IBAN, and any information we deem relevant) that allows us to issue service invoices, manage reservations in our units, as well as guarantee adequate post-sales support.

Where do we store information and who do we share it with?

Sometimes we use service providers that allow us to create the necessary infrastructure to carry out our activity. The information we process will only be shared with our bank, our accounting service providers and government agencies such as the Tax Authority.

Lawfulness Bases

When we collect information through our contact form, we will rely on the legal basis of ‘Legitimate Interest’ to process the personal data you enter in the form, in accordance with article 6, 1 f) GDPR. When there is any collection of information resulting from pre-contractual steps (clarification of services or negotiation) or resulting from the provision of the contracted service itself, we will rely on the legal basis ‘Contractual Execution’ to process the necessary personal data, in accordance with article 6, 1, b) GDPR. When we have to comply with certain legal requirements resulting from current legislation (e.g. billing or mandatory communications to regulators or administrative authorities), we will rely on the legality basis ‘Legal Obligation’ to process the relevant information, in accordance with article 6th, 1, c) GDPR.

3.2. When applying for a job

What we do?

When you apply for one of our job vacancies or make a spontaneous application, we process your information in order to analyze whether your professional profile is suitable for the position and the organization. The information in question may include your identification data, e.g. full name; contact details, e.g. telephone number and/or email address; and professional information that makes up your CV or cover letter.

Where do we store information and who do we share it with?

We will not share your personal information with third parties unless it is necessary to obtain references or confirm your professional history. If your application is unsuccessful, we will keep your information in our systems for 12 months.

Legal bases and automated decisions

In order to analyze your application, we will base ourselves on the lawful basis ‘Contractual Execution’, so that we can process the necessary personal data, in accordance with article 6, 1, b) GDPR.

3.3. When you request a quote

What we do?

When you request a quote on our website, we will collect identification data – such as name and email address – so that you can be identified and can provide accurate information adapted to your needs.

Where do we store information and who do we share it with?

Sometimes we use service providers that allow us to create the necessary infrastructure to carry out our activity. The information we process will only be shared with our bank, our accounting service providers and government agencies such as the Tax Authority.

Legal basis

In order to process your personal data within the scope of your quote request, we will rely on the lawful basis ‘Contractual Execution’, so that we can process the necessary personal data, in accordance with article 6, 1, b) GDPR.

3.4. When you subscribe to our newsletter

What we do?

When subscribing to our newsletter, we will collect your email address, where you will receive advertising and commercial information.

Where do we store information and who do we share it with?

The information collected will be stored in our systems as long as you maintain your consent so that we can ensure the secure management of your personal data and the consequent efficient coordination of our electronic communications.

Legal basis

In order to process your personal data as part of your subscription to our newsletter, we will rely on your consent, in accordance with article 6, 1, a) GDPR.

4. Information Security

We will treat your personal information with the utmost care and respect for your rights. We implement appropriate security measures to prevent the loss, use or improper access, alteration, or disclosure of your personal data. Likewise, we limit access to your information only to employees, service providers and other third parties who have an operational need to process said information, and they will only process your personal data following the directions of the companies providing the service and will be subject, at all times, to an obligation of confidentiality. Access to your personal data is encrypted in storage and in transit.

5. Information Retention

We will keep your information whenever we collect or process your personal data and until the purposes for which it was collected have been exhausted. After the respective retention period ends, your information will be completely deleted or anonymized, e.g. it may be aggregated with other data so that it can be used for statistical purposes without any personal identifiers.

6. How to exercise your Rights

You have the right to request:
• Access to your information processed by us, free of charge;
• Correction of your personal data when they are incorrect, out of date or incomplete;
• The deletion of the data we keep about you, in specific circumstances, namely, when you withdraw your consent and we do not have any predominant legitimate interest, or when the purpose that motivated the collection of information is exhausted;
• The portability of your data to another organization;
• Limiting the processing of your personal data, in specific circumstances, namely, when we are considering an objection you have raised;
• Opposition to the processing of your personal data, in specific circumstances, namely, when you withdraw your consent, or when you object for reasons related to your particular situation;
• That we do not use your personal data for direct marketing activities

To exercise any of the rights mentioned above, please contact our services at rgpd@thezerohotels.com

7. How to contact the Regulator

If you are dissatisfied with our use of your personal data or with our response to your request to exercise your rights, you may lodge a complaint with the National Data Protection Commission (CNPD).
Address: Av. D. Carlos I, 134 – 1.º, 1200-651 Lisbon
Email address: geral@cnpd.pt
Telephone: +351 213 928 400

8. Cookies

We use essential cookies – these cookies enable core functionality such as security, identity verification, and network management. These cookies cannot be disabled.
And Analytical Cookies – these cookies help us understand how visitors interact with our website, identify errors and provide better overall analysis.

9. External services

We use the Google Analytics service to measure and evaluate traffic to public pages on our website. Google has its own privacy policy, which can be consulted on its pages.
We use the HubSpot service to store reservation data across the group’s entire hotel chain and also to manage the attribution of discounts and promotions. Hubspot has its own privacy policy, which can be consulted on its pages.

10. Questions?

If you have any questions or require additional clarification, please contact our services at: rgpd@thezerohotels.com
This Privacy Policy may be updated from time to time, which will be disclosed.

This policy was updated on 06/01/2022.