Book now

HOTEL CHARIOT 4 ****

Privacy & Cookies

For questions and reservations

Privacy statement

What are personal data?

The General Data Protection Regulation (GDPR) states that personal data is any information relating to an identified or identifiable natural person. This means that information is either directly about someone or can be traced back to this person. Data concerning organizations are not considered personal data.

About us

Hotel Chariot, located at Oosteinderweg 243 (1432 AT) in Aalsmeer, and Restaurant Centennial, located at Oosteinderweg 243 (1432 AT) in Aalsmeer, are jointly responsible within the meaning of the GDPR for the data we receive from you.

Restaurant Centennial falls under the responsibility of Hotel Chariot (this is where our joint staff departments that process your data are located).

What do we use personal data for?

We process your personal data only for carefully established purposes. We receive personal data from you because you purchase or wish to purchase one or more products/services from us. The law refers to this as data processing necessary for the preparation or execution of an agreement. Essentially, we cannot assist you as a customer if we do not process this data. Your personal data are also used because we perform marketing activities. In legal terms, this is called processing for legitimate interests. Below you will find more information about the various purposes.

We may process the following personal data, among others: name, address details, date of birth (for a birthday greeting), email address (used to send you relevant and up-to-date information and targeted promotions), name and address details, company name (used for business overnight stays), VAT number (tax legislation), or other data that you disclose to us as a user. Furthermore, our servers automatically record certain data, such as the date and time of check-in and check-out. We retain your personal data for as long as necessary for the purposes listed below, or to comply with our legal (retention) obligations.

If you wish to pay on account, we also collect your IBAN account number and/or credit card details (direct debit actions for invoicing purposes).

  • To comply with a legal obligation, this refers to the regulations regarding collection (SEPA) and tax legislation. This purpose is necessary for concluding or executing an agreement (Article 6(1)(b) GDPR) or to comply with a legal obligation (Article 6(1)(c)).
  • For marketing activities to be able to contact you via email or push notifications. The legal basis is our legitimate interest (Article 6(1)(f) GDPR). For this purpose, we only use your email address.

We also process data that you provide to us indirectly. Our website uses cookies for functional, analytical, and marketing purposes. Functional cookies are necessary for the use of the website.

This concerns the following data:

  • Location data
  • IP address or app IDs
  • Internet browser and device type
  • Website language

The data from analytical and marketing cookies are not linked to other data provided during the process. We refer to the cookie statement for more information about cookies.

If we process your data based on consent, you always have the right to withdraw your consent. You can easily do this by sending us an email with your details and specifying which data you no longer wish us to process. If we have no other legal basis for the data we process based on consent, we will no longer use and will delete this data.

With whom do we share personal data?

In a number of cases, we provide your data to third parties. For example, government agencies or external service providers who assist us in processing your personal data. However, we will never sell your data to other parties.

Processors who assist us with processing your personal data may only use your data according to our instructions and for performing the relevant services they provide to us. They may not use or pass on your data independently.

How do we handle personal data?

Pursuant to Article 32 of the GDPR, we are obliged to take appropriate technical and organizational measures to prevent the loss of personal data or unlawful processing.

Security

We pay great attention to the proper security of personal data. For instance, the (personal) data you enter on the website is encrypted during transmission, and the transmission of (personal) data takes place via a secure connection.

CCTV Security

To protect our employees, customers, and property, our buildings are secured with cameras. These cameras are placed in clearly visible locations, and you will be alerted to the presence of camera surveillance upon entering one of our buildings. We do not store video footage recorded by our security cameras for longer than 14 days, unless there are valid reasons to keep the footage longer (for example, when it is relevant to a police investigation). After that, we delete these images.

Confidentiality

All our employees and external service providers have signed a confidentiality agreement. We handle the data you entrust to us with care. Therefore, only specific employees are granted access to your data.

Where do we store your data?

We work with various applications to obtain and store certain data. To guarantee your privacy, we select our suppliers carefully, and these applications are bound by strict rules. Most data is stored within the European Union. For data sent outside the EU, we only work with parties that offer sufficient protection according to European rules. If we process your data outside the EU (possibly via our external service providers), we ensure adequate protection of your personal data, for example, by using special contracts that guarantee this.

How long do we keep your data?

We keep this data for as long as necessary for the purpose for which we use your data, and for as long as the law obliges us to retain your data. The exact duration varies, ranging from a few months to many years.

Your rights

You have the right to be well-informed about what we do with your data and why we need it. We do this through this privacy statement. In addition to the right to be transparently informed, you have the following rights:

  • Right of access (if you want to know what data we collect from you);
  • Right to rectification (we are happy to adjust any data that is no longer correct);
  • Right to be forgotten (in some cases, you can ask us to delete your data);
  • Right on restriction of processing (in some cases, you may ask us to limit the processing of your data);
  • Right to data portability (if you wish, we can transfer your data to another party or provide you with a copy of your data);
  • Right to object (in some cases, you may object to the use of your data).

If you wish to exercise one of your rights, you can contact us (see contact). We will respond to your request within 14 days.

Complaints

In case of complaints, for example, about the way we use your data or how we respond to your privacy-related questions, you can file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Contact

Should you have any questions about this privacy statement or wish to exercise your rights as a data subject, you can contact us in writing at:

Hotel Chariot

Oosteinderweg 243
1432 AT Aalsmeer
info@hotelchariot.nl

 

Hotel Chariot

Oosteinderweg 243
1432 AT Aalsmeer
T +31 (0) 297 388 100
F +31 (0) 297 388 188
info@hotelchariot.nl