Rua Jardim do Regedor, 24 Lisbon

+351 21 340 42 40

info@rossiogardenhotel.com

BOOK NOW!
RESERVE NOW!
BOOK NOW!

Privacy Policy

A. General Section
1.1. Collection and Processing of User Data

This Privacy Policy aims to provide users of the website hosted at www.rossiogardenhotel.com (hereinafter referred to as the “Site”) with detailed information on how Rossio Garden Hotel / Plataforma Investimentos Imobiliários, Lda., headquartered at Rua Luciano Cordeiro, nº123 R/C Esq, 1300 – 314 Lisbon, registered with the Lisbon Commercial Registry under the unique registration and corporate number 503144797 (hereinafter “Rossio Garden”), as data controllers or processors, handle their personal data.

As a rule, Personal Data is requested when the User registers or browses the Site, requests contact and/or newsletter delivery, subscribes to a specific product or service, provides or requests information, purchases a product, or establishes a contractual relationship with Rossio Garden through a reservation at one of our establishments.

The Personal Data collected and processed mainly includes information such as name, gender, date of birth, telephone, mobile phone, email, address, tax identification number, credit card details (collected solely for payment purposes), although other Personal Data may be collected if necessary or appropriate for the provision or billing of services by Rossio Garden.

Rossio Garden may also collect and process information about the pages visited by the User within the Site. This information may include browser type, domain name, access times, and hyperlinks through which the User accessed the Site (“Usability Information”). This information is collected anonymously and used in aggregate form for statistical purposes. We use this statistical data to improve the quality of visits by potential customers to our Site, analyze browsing habits, and measure advertising conversion.

The Rossio Garden Hotel website does not use any type of cookies.
Usability Information and Personal Data are referred to in this Privacy Policy as “User Data”.

For the purposes of this Privacy Policy, a contractual relationship is understood to mean any contract established between Rossio Garden and entities interacting with it, regardless of the subject matter.

1.2. Data Recipients

User Data collected by Rossio Garden is not shared with third parties without the User’s consent, except in the situations described below. However, if the User contracts services from Rossio Garden that are provided by other entities responsible for processing personal data, the User Data may be transmitted to and/or accessed by those entities to the extent necessary for the provision of said services.

Under applicable legal provisions, Rossio Garden may transmit or disclose User Data to other entities if such transmission or disclosure is necessary for the execution of a contract between the User and Rossio Garden, for pre-contractual procedures at the User’s request, to comply with a legal obligation to which Rossio Garden is subject, or to pursue legitimate interests of Rossio Garden or third parties. In the event of transmission of User Data to third parties, reasonable efforts will be made to ensure that the recipient uses the transmitted

User Data appropriately and in accordance with this Privacy Policy.

I) Subcontracted Entities

In the context of User Data processing, Rossio Garden may engage third-party entities, subcontracted by it, to process User Data on its behalf and according to its instructions, in compliance with applicable legislation and this Privacy Policy.
These subcontracted entities may not transmit User Data to other entities without prior written authorization from Rossio Garden.

Rossio Garden undertakes to subcontract only entities that offer maximum security in implementing appropriate technical and organizational measures to safeguard User rights.

In compliance with its duty to inform, Rossio Garden presents below the categories of subcontractors to whom personal data of website users and Rossio Garden clients may be disclosed:

a) Categories of subcontracted entities: Licensing, maintenance, support, and technical assistance companies for software and systems

Purpose: Management / maintenance / support of systems and software supporting Rossio Garden’s operations

b) Categories of subcontracted entities: Payment processing companies, EDI and electronic invoicing services, accounting, tax and administrative management, and business support software

Purpose: Economic and accounting management of client, supplier, and service provider invoicing

c) Categories of subcontracted entities: Digital marketing partners
Purpose: Performance and user profiling analysis, advertising impact and dissemination

d) Categories of subcontracted entities: Security/surveillance companies and preventive/corrective maintenance companies for security systems

Purpose: Video surveillance and security of people and property

II) Third-Party Entities
Rossio Garden may also disclose data to other third-party entities not classified as subcontractors under Article 4(8) of the GDPR. These entities are subject to confidentiality and have all committed to processing personal data in accordance with the GDPR.

Rossio Garden discloses data to other recipients, as detailed below:

a) Category of recipients: Temporary employment agencies (this applies only to personal data of our employees; all others are excluded)

Purpose: Temporary assignment of workers

b) Categories of recipients: Consultants and Lawyers

Purpose: Provision of consulting and legal services

c) Categories of recipients: Various companies providing additional services requested by clients

Purpose: Taxi/Transfer services, parking, car rental, restaurant reservations, and other activities requested by the client

 

1.3. Data Collection Channels

Rossio Garden may collect data either directly (i.e., from the User) or indirectly (i.e., through partner entities or third parties). Data may be collected through the following channels:

  • Direct collection: in person, by telephone, by email, and through the Site;
  • Indirect collection: through partners, group companies, and official entities.

 

2. General Principles Applicable to the Processing of User Data

Regarding general principles for the processing of personal data, Rossio Garden undertakes to ensure that the User Data it processes is:

  • Processed lawfully, fairly, and transparently in relation to the User;
  • Collected for specific, objective, and legitimate purposes, and not further processed in a manner incompatible with those purposes;
  • Adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;
  • Accurate and updated whenever necessary, with all reasonable measures taken to ensure that inaccurate data, considering the purposes for which it is processed, is erased or rectified without delay;
  • Stored in a manner that allows identification of the User only for the period necessary for the purposes for which the data is processed;
  • Processed in a way that ensures its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, with appropriate technical or organizational measures in place.

Data processing carried out by Rossio Garden is permitted and lawful when at least one of the following conditions is met:

  • The User has given free, affirmative, explicit, and unequivocal consent for the processing of their data for one or more specific purposes;
  • Processing is necessary for the performance of a contract to which the User is a party, or for pre-contractual procedures at the User’s request;
  • Processing is necessary for compliance with a legal obligation to which Rossio Garden is subject;
  • Processing is necessary to protect the vital interests of the User or another individual;
  • Processing is necessary for the purposes of legitimate interests pursued by Rossio Garden or by third parties (except where such interests are overridden by the User’s fundamental rights and freedoms requiring personal data protection).

 

Rossio Garden undertakes to ensure that User Data is processed only under the conditions listed above and in accordance with the principles mentioned.

Where the processing of User Data is based on the User’s consent, the User has the right to withdraw their consent at any time. However, withdrawal of consent does not affect the lawfulness of processing carried out by Rossio Garden based on previously given consent.

The period during which data is stored and retained varies depending on the purpose for which the information is processed, and data is archived only for the time necessary to fulfill those purposes.

There are legal requirements that mandate data retention for a minimum period. Therefore, whenever no specific legal obligation exists, data will be stored and retained only for the minimum period necessary for the purposes that justified its collection or subsequent processing, after which it will be deleted.

3. Use and Purposes of User Data Processing

In general, Rossio Garden uses User Data for the following purposes:

  • Provision of hotel services and related services;
  • Purchase and management of vouchers;
  • Management of contact with the User and response to budget requests;
  • Billing and collection from the User;
  • Ensuring the Site meets the User’s needs by developing and publishing content as tailored as possible to the User’s requests and profile, improving the Site’s search capabilities and functionalities, and obtaining associated or statistical information regarding the typical User profile (analysis of consumption and browsing behavior);

Rossio Garden may combine Usability Information with anonymous demographic data for research purposes and may use the result of this combination to provide more relevant content on the Site. With the User’s consent, in certain restricted areas of the Site, Rossio Garden may combine

Personal Data with Usability Information to provide more personalized content.

4. Legal Basis for Data Processing

The processing of your personal data serves the following purposes:

Processing Activity: Management of the Contractual Relationship

  • Processing Purposes:
    • Reservation and provision of hotel services and related services
    • Requests for quotes, information, and reservation confirmations
    • Recording of preferences (mobility, bed type, preferred room, etc.)
    • Recording of electronic communications within the scope of the contractual relationship
    • Purchase of vouchers

  • Legal Bases:
    • Pre-contractual procedures or performance of a contract (for reservation and provision of hotel services)

    • Legitimate interest if the data subject is not a party to the contract (for reservation and provision of hotel services)

    • Performance of a contract (for voucher purchase)

Processing Activity: Compliance with Legal Obligations

  • Processing Purposes:
    •  Billing
    • Complaint management
    • Communications

  • Legal Bases:
    • Legal or regulatory obligation

 

Processing Activity: User Profiling and Site Navigation Analysis

  • Processing Purposes:
    • User profile analysis
    • Conversion analysis
    • Implementation of improvements and site development

  • Legal Bases:
    • Legitimate interest (for improvements and development)

 

5. Technical, Organizational, and Security Measures Implemented

To ensure the security and maximum confidentiality of User Data, Rossio Garden processes the information you provide in strict confidence, in accordance with its internal security and confidentiality policies and procedures, which are periodically updated as needed and in accordance with applicable legal terms and conditions.

Considering the nature, scope, context, and purposes of data processing, as well as the risks posed to the rights and freedoms of the User, Rossio Garden undertakes to apply, both at the time of defining the processing methods and during the processing itself, the necessary and appropriate technical and organizational measures to protect User Data and comply with legal requirements.

Rossio Garden also undertakes to ensure that, by default, only data necessary for each specific processing purpose is processed, and that such data is not made available to an indefinite number of people without human intervention.

B. User Rights (Data Subjects)

Under the Personal Data Protection Law, you are guaranteed the right to access, update, rectify, delete, transfer, and erase your personal data. You may also file complaints with the Portuguese Data Protection Authority (Comissão Nacional de Proteção de Dados).

To exercise these rights, please contact us via email at ask@rossiogardenhotel.com or by mail at Rossio Garden Hotel, Rua do Jardim do Regedor, nº 24, 1150-193 Lisbon, Portugal.

If any client or citizen wishes to report a personal data breach that results, accidentally or unlawfully, in the destruction, loss, alteration, disclosure, or unauthorized access to personal data transmitted, stored, or otherwise processed, they may contact us via email at ask@rossiogardenhotel.com or by mail at Rossio Garden Hotel, Rua do Jardim do Regedor, nº 24, 1150-193 Lisbon, Portugal.

C. FINAL SECTION
6. Changes to the Privacy Policy

Rossio Garden reserves the right to amend this Privacy Policy at any time. We recommend regular reading of this document.

7. Right to Lodge a Complaint with a Supervisory Authority

You may always file a complaint with the competent Supervisory Authority for personal data protection. In Portugal, the Supervisory Authority is the Comissão Nacional de Proteção de Dados, located at Av. D. Carlos I, 134 – 1.º, 1200-651 Lisbon, with telephone (+351) 213928400 and email: geral@cnpd.pt.

Last updated: October 2, 2025

20% discount on all bookings with the code garden123