Privacy Policy

Privacy and security are priorities for our hotel in handling data that may be made available by those who access our website.  

This Privacy Policy defines how the collection, use and transfer of information from people who access or use our website is carried out.

By visiting our website, you are aware that your personal information may be collected and used in the ways described in this Policy, in accordance with the provisions of the General Law for the Protection of Personal Data (Federal Law No. 13.709/2018), in the provisions provided for in the Consumer Defense Code – CDC (Federal Law No. 8.078/1990) and in other applicable rules of the Brazilian legal system.

The terms of this Privacy Policy will be observed by Boutique Hotel Marlins Ltda.

1. Data collected and its purposes

Our website may collect and use some of your personal data, such as your name, telephone, address, e-mail, gender, date of birth and, eventually, your resume, in order to enable: the response to queries in general; booking accommodation; offering discounts; the announcement of promotions and; eventually, the offer of job vacancies. In addition to these data, when making reservations, depending on the chosen rate mode, financial data may be required, such as credit card data for processing payment for the services provided.

2. Method of data collection

Data can be collected by filling out forms provided on our website, as well as by sending messages to our email addresses.

3. Consent

In accordance with the General Data Protection Law, the aforementioned data will only be collected, processed and stored with prior and express consent, in this requested act, and the application will be renewed if necessary during the use and access to the website.  

By accessing our website and providing your personal data, you are aware of and consent to the provisions of this Privacy Policy, in addition to knowing your rights and how to exercise them. At any time and at no cost, you may revoke your consent and request the deletion of any stored data.

It is important to highlight that the revocation of consent for data processing may imply the impossibility of the proper performance of some functionality of the website that depends on the operation.

4. Rights of visitors and users

Visitors and users of the website are guaranteed the rights provided for in article 18 of the General Data Protection Law. Thus, you can, free of charge and at any time: a) confirm the existence of data processing, in a simplified manner or in a clear and complete format; b) access your data, being able to request them in a legible copy in printed form or by electronic, secure and reputable means; c) correct your data, when requesting the editing, correction or update of these; d) limit your data when unnecessary, excessive or treated in violation of the law through anonymization, blocking or deletion; e) delete your data from your request, except in cases provided for by law; f) revoke your consent, disallowing the storage of your data and; g) be informed about the possibility of not giving consent and about the consequences of denial.

5. Exercise of the rights of visitors and users

To exercise your rights as a holder, you must contact us through our communication channels, namely: telephone ( +55 84 3246-2219 ) or e-mail ( ).

In order to ensure your correct identification as the holder of the personal data object of the request, we may request documents or other proof that may prove your identity. In this case, you will be informed in advance.

6. Data storage

Your personal data that may be collected on our website will be used and stored for the time necessary to use it, or for the purposes listed in this Privacy Policy to be achieved, considering the rights of data subjects and controllers.

Once the period of storage of personal data has ended, they will be deleted from our databases or anonymized, except in the cases legally provided for in article 16 general law on data protection, namely: I – compliance with a legal or regulatory obligation by the controller; II – study by a research body, ensuring, whenever possible, the anonymization of personal data; III – transfer to a third party, provided that the data processing requirements set out in this Law are respected; or IV – exclusive use of the controller, its access by a third party being prohibited, and provided that the data is anonymized.

That is, any personal information about you that is essential for the fulfillment of legal, judicial and administrative determinations and/or for the exercise of the right of defense in judicial and administrative proceedings will be kept, despite the exclusion of other data.  

We employ technical protection measures and solutions capable of guaranteeing the confidentiality, integrity and inviolability of your data.

7. Security

To keep your personal information secure, we use physical, electronic and management tools aimed at protecting your privacy.  

We apply these tools taking into account the nature of the personal data collected, the context and purpose of the processing and the risks that any violations would generate for the rights and freedoms of the data subject collected and processed.

Among the measures we have adopted, we highlight the following: a) only authorized persons have access to your personal data; b) access to your personal data is made only after the commitment to confidentiality and; c) your personal data is stored in a safe and sound environment.

There is a commitment to adopt practices to avoid security incidents. However, it is necessary to emphasize that no virtual page is entirely safe and risk-free. It is possible that, despite all our security protocols, problems that are exclusively of third parties may occur, such as cyber attacks by hackers, or also due to the negligence or recklessness of the user/customer.

In case of security incidents that could generate relevant risk or damage for you or any visitor to the website, we will communicate to those affected and the National Data Protection Authority about what happened, in accordance with the provisions of the General Data Protection Law.

8. Data sharing

Seeking to preserve your privacy, our hotel will not share your personal data with any unauthorized third party.  

Your data, however, may be shared in the following cases: I – legal determination, application, requisition or court order, with competent judicial, administrative or governmental authorities; II – case of corporate changes, such as mergers, acquisitions and incorporations, automatically; III – protection of the hotel's rights in any type of conflict, including those of a judicial nature.

9. Cookies and navigation data

Our website makes use of Cookies - text files sent from the website to your internet browser and stored on your computer - to make your experience more individual and responsive, in addition to making your browsing faster when you revisit our pages.

By accessing our website and consenting to the use of Cookies, you acknowledge and accept the use of a navigation data collection system with the use of Cookies on your device.

You may, at any time and at no cost, change permissions, block or refuse Cookies. However, revoking the consent to certain Cookies may make it impossible for some platform features to function correctly.

To manage your browser's cookies, just do it directly in your browser settings, in the Cookies management area.

10. Change of this Privacy Policy

The current version of the Privacy Policy was formulated and last updated on December 20, 2021.

We reserve the right to modify this Privacy Policy at any time, mainly depending on the adequacy of any changes made to our website or in the legislative sphere. We recommend that you review it frequently.

Any changes will take effect as of their publication on our website and we will always notify you of any changes that have occurred.

By accessing our website and providing your personal data after such modifications, you will automatically be consenting to them.

11. Liability

We undertake to keep this Privacy Policy updated, observing its provisions and ensuring compliance with it.  

In addition, we are also committed to seeking technical and organizational conditions that are surely able to protect the entire data processing process.  

If the National Data Protection Authority requires the adoption of measures in relation to the data processing carried out, we undertake to follow them.

12. Disclaimer

As mentioned in Topic 6, although we adopt security measures in order to avoid incidents, there is no virtual page that is entirely risk-free. In this sense, we are not responsible for: I – Any consequences arising from the negligence, recklessness or malpractice of users in relation to the provision of their individual data. We guarantee and are solely responsible for the security of the data processing processes and the fulfillment of the purposes described in this instrument. We emphasize that the user is responsible for the confidentiality of access data. II – Malicious third-party actions, such as hacker attacks, unless the hotel's guilty or deliberate conduct is proven. We emphasize that in case of security incidents that may generate relevant risk or damage for you or any of our visitors, we will communicate to those affected and the National Data Protection Authority about what happened and we will take the necessary steps. III – Inaccuracy of the information entered by the visitor in the records necessary to access the website and its pages; any consequences arising from false or maliciously entered information are the sole responsibility of the visitor.