Hotel Citadel processes information about people on a daily basis. Hotel Citadel thereby adheres to the law. Hotel Citadel respects the privacy of the persons about whom it receives information and handles the information strictly confidentially. In this privacy statement we explain which personal data is processed by Hotel Citadel and for what purposes.The privacy statement does not apply to the processing of personal data by third parties, such as companies and/or websites that offer trips or travel packages. We recommend that you read this privacy statement carefully.
2. Personal data
Hotel Citadel processes different types of personal data for different purposes. Below, it will be explained which personal data and purposes these relate to.
For (booking) an overnight stay in one of our accommodations, the hotel needs your name, address, place of residence, telephone number, day of departure and arrival and your payment details. We may receive this information from third parties, with whom you have completed the booking process. If necessary, we may ask you for additional personal details for the execution of our services, such as your nationality or guest preferences. We only process health data on the basis of your consent in order to provide you with a better service, for example by offering access to the disabled. In addition, we are legally obliged to check your identity. We will do this on site at the hotel on the basis of an identity document that you have shown. We do not make a copy thereof. These data are only used internally and are not passed on to other organisations for commercial purposes.
Hotel Citadel makes use of camera surveillance to the extent necessary to secure her property and protect her guests. By means of the camera imagesHotel Citadel gains insight into the activities of persons.
Commercial and (Direct) Marketing
To make offers that may interest you, we collect commercially interesting information about individuals, such as demographic information, and we may collect information about you from third parties, including information from our partners and social media sites in accordance with your settings on such websites. We also collect information about (potential) suppliers. This information is carefully organised and stored in a database that is only accessible to authorised employees. We do this on the basis of our legitimate business interests.
Hotel Citadel can be found on social media, such as on LinkedIn and Facebook. We may use your personal data when you use functions on these websites and/or apps, such as a "Linkedin-like". If such a function is used by you, we may obtain your personal data through our social media in question, such as your IP number, browser data and LinkedIn login data.
Hotel Citadel collects and processes data from applicants by means of personal contacts, by mail, by e-mail and/or telephone conversations. We collect, among other things, the name, gender, contact details, motivation letters, information about the level of education and the job history of the applicant. These data are relevant to the completion of the application procedure and will be removed no later than 4 weeks after the end of the procedure. If you give permission thereto, Hotel Citadel may store your personal data longer in its administration, so that you may be contacted again in the future.
Hotel Citadel also processes personal data of employees, in the framework of the labour contract and on legal bases. For information on the processing of personal data of employees, reference is made to the personnel policy.
We do not share your personal data with companies, organisations and individuals outside Hotel Citadel except in one of the following circumstances.
Execution of an agreement
Provision of your personal data to third parties is permissible when this is necessary to fulfill our contractual obligations towards you. Part thereof is processing your reservation. If it is necessary for the payment of bookings, we use a third party for the handling of the payments.
With your authorisation
With your authorisation we may pass on your personal data to other parties. Such authorisation is only valid if it is clear what you authorise and what the consequences are.
For external processing
For legal reasons
We share personal data if we believe that disclosure of the data is necessary to comply with applicable laws and regulations, legal procedures or requests from government authorities.
If a legal obligation so requires, we will disclose your personal data. For example, it is possible that the police requests information from us in the scope of fraud investigations. Another example is that under Article 47 of the General Law on State Taxes, the tax inspector may claim all information necessary to levy taxes. The local authority as well may request the disclosure of data to check the tourist tax. Hotel Citadel makes arrangements with the recipients of your personal data to ensure that the personal data are handled confidentially and are protected.
We do not store your personal data longer than necessary, unless we are legally obliged to keep your personal data longer. Our basic principle is that we only retain personal data for as long as is necessary to provide you with our products and/or services. We will then remove your personal data to the extent possible. For example, if you have provided your e-mail address so that we can keep you informed of our services, we will still keep your data for that purpose.
4. Transmission of personal data outside the EU
Hotel Citadel may transmit your personal data from the Netherlands to other countries. Countries within the European Economic Area (EEA) have the same level of protection of personal data as the Netherlands. With due observance of the general requirements from privacy laws and regulations, we may pass on your personal data. We may do this, for example, within our group for the benefit of good business operations.
Outside the EEA, we will only pass on your personal data if there is an appropriate level of protection. For that purpose, Hotel Citadel makes use of model contracts approved by the European Commission. We will in particular pass on your personal data to branches within our concern for our internal operations.
5. Your rights
You have a number of legal rights towards us: inspection, rectification or supplementation, data removal, limitation of processing, transmission of digital data and the right of objection. Below, we explain those rights. We also explain how you may exercise these rights towards us.
Right of access
At your request we will inform you in writing whether we are processing your personal data. With your request you must identify yourself by means of a copy of your driving license or identity document. In our response we explain which of your personal data we have processed or are processing. We also explain for what purposes the data are or are being processed, with whom the data are shared, how long these data are expected to be stored, and what other rights you can enforce.
Improvement or addition
If you have received access to the processing of your personal data, you may ask us to correct inaccuracies or to fill in incomplete information. We motivate our reaction.
If we proceed to rectification, you will receive an additional statement from us. Any recipients of your incorrect or incomplete data will also receive such statement.
You may request that we delete your personal data in our systems in one or more of the following cases:
the personal data are no longer necessary for the purposes for which we have processed them;
you withdraw your permission for (further) processing; and there is no other basis for processing;
you make a reasoned objection, and there are no compelling reasons not to honour your objection;
the personal data have been processed unlawfully by us;
we must delete your personal data on the basis of a legal obligation.
Limitation of processing
If you have reported an inaccuracy or incompleteness in your personal data to us, you may request us to limit the processing as long as we are handling your request. You may also ask us to limit the processing of your data if you believe that we are processing your data unlawfully or no longer need these, or if you have objected to (further) processing thereof. After receiving your request for restriction, we will only process the data after obtaining permission or for serious reasons (such as legal proceedings).
Transmission of digital data
If you have provided personal information to us in a structured, traditional digital file format, and we have processed your data with your authorisation in the execution of an agreement with you, you have the right to ask us for a copy of these data. In those cases, you may also ask us to forward your data directly to another service provider.
You may at all times object to the processing of personal data relating to you. This applies in particular to profiles that we have created based on your personal data. We will cease processing your data after receiving your objection, unless we can provide compelling legitimate reasons that outweigh your interests, rights and freedoms.
If we process your personal data for direct marketing purposes, you may at any time
object to this and we will immediately cease processing.
Are your personal data processed pursuant to your consent? You then have the right to withdraw your consent. Any withdrawal of your consent does not affect previous processing on the basis thereof.
Do you have any complaint about the use of your personal data? Then we refer you to the complaints procedure with the Dutch Data Protection Authority. This authority is authorised to take note of your complaint.
Hotel Citadel ensures optimal functionalities of its website. In order to ensure that the website functions properly, Hotel Citadel uses techniques processing personal data, such as cookies. A cookie is a small text file that is stored on the device (electronic device) of the visitor on the first visit to a website. Cookies aim to collect information about someone, the website or statistics. Some cookies also aim to improve the user experiences of the website.
2. Types of cookies
We make a distinction between functional and non-functional cookies. We always place functional cookies. These are necessary for the website to work properly and do not process personal data other than for the purpose for which these personal data are entered.
Non-functional cookies process personal data outside your field of view. That is why we always ask for your consent before we place these cookies.
Non-functional cookies are, for example, analytical cookies. These cookies are not necessary for the functioning of the website. Through analytical cookies we know which parts of the website we can improve and the popularity of certain pages is measured, for example. Non-functional cookies have many different purposes, but above all enable us to improve our services. For example, we can measure how often our website is used and what information visitors are looking for.
We use the following non-functional cookies:
- Analytical cookies
- Tracking cookies
- Advertising cookies
With analytical cookies we collect statistics about the use of the website by the users. By measuring website usage, the website can be improved in favour of the users.
Among other things, the following data is stored:
- the IP address, which is made anonymous; and
- technical features, such as the browser you use.
These are cookies that are placed to identify an internet user on a website. By placing tracking cookies we can keep track of which internet pages you visit. From the information about your website visits, we can deduce what your preferences and interests are. On the basis thereof we are able to issue personal offers to you.
We use advertising cookies to display personalised advertisements and to measure the effectiveness of an advertising campaign. The advertising cookies are necessary to actually show the advertisements.
3. Blocking and deleting cookies
If you do not want our website to store cookies on your computer, you can indicate this in the cookie notification that you will see on the first visit to our website. Have you previously accepted our cookies? Then you will no longer see this message and you will have to delete the cookies yourself (if desired).
You can also choose to block the placing of cookies via your browser. Do you block all cookies? Then our website will function less properly. We recommend that you selectively disable unwanted cookies. You can do this in your browser settings.
Even in processing your personal data with cookies, you may already exercise your rights as listed above in article 5 of our privacy statement.