Privacy Policy

The privacy of our customers is fundamental, which is why we thank you for the trust you place in us.

The following document sets out the treatment we give to the personal data of those who use the official Prainha website.

It is PRAINHAMAR – EXPLORAÇÃO HOTELEIRA, S.A, legal entity number 503.306.622, with headquarters at Aldeamento Turístico da Prainha, Praia dos Três Irmãos, 8500-072 Alvor, entity that processes all personal data within the scope of the General Regulation on Data Processing Protection, ensuring compliance with applicable laws and regulations, as well as technical security measures essential for the processing of personal data.

Our records include data that was obtained throughout the contractual relationship you maintained with us, which is intended to be lawful, fair and transparent.

These personal data are the subject of processing operations, considering for this purpose any operation or set of operations carried out on data relating to an identified or identifiable natural person, such as collection, registration, organization, structuring, conservation, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, broadcast or any other form of making available, comparison or interconnection, limitation or erasure or destruction.

Such data processing is based on its necessity for the execution of the contract, to which the data subject is a party, constituting an essential requirement for the execution of the same to become possible.

Your reservation is created using your personal data with all the requested requirements. Our intention is to provide a service in accordance with your expectations, from the moment of booking until the moment after your stay and for this reason your data is essential for us to proceed accordingly.

The following are the processing operations of each user’s personal data, for their respective purposes: name, address, telephone contact, e-mail, NIF, gender, nationality, date of birth, credit card details , for the purposes of providing the contracted services and issuing the respective invoice.

The processing of personal data may also be based on its need to comply with legal obligations on the part of PRAINHAMAR, namely for the purposes of accounting records with the Tax Authority and will be kept for the period necessary to provide the services and comply with the legal obligations.

PRAINHAMAR will not process any personal data of its customers for purposes not strictly necessary for the fulfillment of the respective contract or respective legal obligations, unless it has obtained the prior, express, free and informed consent of the respective holders for this purpose, or if it is based on any other situation of legality of processing, under legal terms.

Therefore, all personal data, subject to processing by PRAINHAMAR, are pertinent, adequate and limited to what is necessary, in relation to the purposes for which they are subject to processing, being processed in a way that guarantees their accuracy, updating and security, including protection against unauthorized or illicit processing, loss, destruction or accidental damage, with all technical organizational measures considered appropriate for this purpose being adopted.

The personal data transferred will be made available to PRAINHAMAR’s administrative services, which assumes a commitment to confidentiality and is subject to legal obligations, with the data being retained until the end of the existing commercial relationship, at the end of which the data will be deleted, extinguishing – any and all processing operations involving the respective data, except for the data contained in the accounting record, will be kept for the required legal period.

Customers have, under legal terms, the right to access, rectification, portability and erasure of their personal data, as well as the limitation of their processing, and for this purpose they must use the following email address:

We are committed to the protection and confidentiality of your personal data and therefore, we take the necessary technical and organizational measures to comply with the regulation, to ensure the accuracy, integrity and confidentiality of your personal data, ensuring that its processing is lawful , loyal and transparent and limited to authorized purposes.

Data Controller (us): The Hospitality Business that will provide you, the user, with the requested service. Our identification and contact details are available on the website you used to make your booking/to ask us your questions. They will also appear on our invoice that we send to you.

Data Compliance Officer: Not applicable to the activities of Data Controllers.

User: You, who completed the booking form or any other documentation related to it.

Purpose: The purpose of processing the data provided through this form is to manage the reservations made by you, the user and/or respond to the questions/requests made.

Legal Basis:
– Either the need to perform our contract with you, the user / the need to take steps at your request before entering into a contract.
– Or the consent of you, the user, by checking the acceptance box of the Terms and Conditions of which this privacy and personal data policy is an integral part.

Duration: We will store the data provided by you, the user, for as long as necessary to manage the reservation made, as well as the accommodation services requested. Once management is complete, your data will be kept for six (6) months. If you consent to receive marketing and/or commercial information, your data will be stored until you revoke your consent.

Processor: We hire our partner Guestcentric Group ( ) to run the booking engine for our business. Guestcentric operates under our authority and we have signed a contract with Guestcentric Group to provide their services. We have instructed Guestcentric Group in writing how the processing should be carried out.

Data entities other than users: When you, the user, provide us with personal data belonging to a data subject other than you, you are responsible for such acts, as well as for obtaining the respective consent of such data subjects for providing their data.

Data Transfer: We must not transfer personal data to a third country outside the EEA (European Economic Area).

Rights of data subjects: Data subjects may exercise their rights of access, rectification, cancellation and opposition by sending an email or via postal service to the contact details on our booking website and on our invoices.

Supervisory Authority: If a data subject considers his or her rights to be affected, he or she may also appeal to the competent supervisory authority of the Member State in question. More information at: law/law-topic/data-protection/data-protection-eu_en