Skip to main content

Sesimbra Hotel & Spa Privacy Statement

Our Core Beliefs Regarding User Privacy And Data Protection

  • User privacy and data protection are a necessity and our duty
  • We have the duty of protecting personal data
  • Data is a liability, it should only be collected and processed when absolutely necessary
  • We loathe spam as much as you do!
  • We will never sell, rent or distribute your personal data
  • We will not make your personal information public without your consent. Your personal information (name) will be made public only if you wish to make a comment or review on the website.

Relevant Legislation

Along with our business and internal computer systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

What Personal Information We Collect and Why

Here we describe what information is collected and reasons for collecting it. The categories of information collected are as follows:
  • Site Visit Trackers

    Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to track their journey through the website.
    Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer's IP address, which could be used to personally identify you, but Google does not grant us access to this. We consider Google to be a third-party data processor (see section below).
    GA makes use of cookies, details of which can be found on Google's developer guides. Our website uses the analytics.js implementation of GA. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
    In addition to Google Analytics, this website may collect information (held in the public domain) attributed to the IP address of the computer or device that is being used to access it.
  • Reviews and Comments

    Should you choose to add a comment or review on our site, the name and email address you enter with your comment will be saved to this website's database, along with your computer's IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective blog post and is not passed on to any of the third-party data processors detailed below. Only your name and email address that you supplied will be shown on the public-facing website.
    Your comments and the associated personal data will remain on this site until we see fit to either
    • Remove the comment or
    • Remove the blog post.
    NOTE: You should avoid entering personally identifiable information to the actual comment field of any blog post comments that you submit on this website.
  • Forms and Email Newsletter Submissions on The Website

    If you choose to subscribe to our email newsletter or submit a form on our website, the email address that you submit to us will be forwarded to a third-party marketing platform service company. Your email address will remain within their database for as long as we continue to use the third-party marketing company's services for the sole purpose of email marketing or until you specifically request removal from the list.
    You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
    Listed below are the pieces of information that we may collect as part of servicing requests on our website:
    • Name
    • Gender
    • Email ID
    • Phone
    • Mobile
    • Address
    • City
    • State
    • Postal Code
    • Country
    • IP Address
    We do not sell your personal information to third parties. We may share limited amount of data with listed Third-Party data processors only towards servicing your requests or improving our offering.
  • Email Links

    We only receive an email when a user mails us using an email link. There are no third-party data processors or intermediaries involved.
    The data is collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted before being sent across the internet. The email content is then decrypted by our local computers and devices.
  • Revenue Recovery Emails

    As part of Revenue Recovery model, we work with re-marketing service companies to send notification messages if you have abandoned your cart without making a purchase. This is for the sole purpose of reminding customers to complete the purchase if they'd wish to. The re-marketing service companies do a real-time capture of your email ID and cookies to send an email invite to complete the transaction if the customer abandons the cart. However, the email ID of the customer is deleted from their database as soon as the purchase is complete.
  • "Do Not Sell My Data" - Why we don't have it

    We do not sell personal information of our customers or of minors below the age of 16 years to third-party data collectors and hence the "Do not sell my data" opt-out button is optional on our website. Reiterating, we may collect your data for the sole purpose of completing a service request or for marketing communications. If you wish to access or erase your personal information, you can do so by submitting your details here.
  • Important Notice for Minors Sharing Personal Information

    If you are under 16 years of age you MUST obtain parental consent before:
    • Submitting a form
    • Posting a comment on our blog
    • Subscribing to our offer
    • Subscribing to our email newsletter
    • Making a Transaction
  • Accessing/Deleting Personal Information

    Should you wish to view or delete your personal information, please email us here with the email address used, your name and deletion request. Alternatively, you can fill out the form at the bottom of this page to view and/or delete your data stored with us

Third Party Data Processors

We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section above. If you request for your Personal information to be deleted with us, the request will also be forwarded to the parties below:

Cookie Policy

This policy covers the use of cookies and other technologies. The types of cookies we use fall into 3 categories:
  • Essential Cookies and Similar Technologies

    These are vital for the running of our services on our websites and apps. Without the use of these cookies parts of our websites would not function. For example, session cookies allows a navigation experience that is consistent and optimal to user's network speed and choice of device.
  • Analytics Cookies and Similar Technologies

    These collect information about your use of our websites and apps and enable us to improve the way it works. For example, analytics cookies show us which are the most frequently visited pages. They also help identify any difficulties you have accessing our services, so we can fix any problems. Additionally, these cookies allow us to see overall patterns of usage at an aggregated level.
  • Tracking, Advertising Cookies and Similar Technologies

    We use these types of technologies to provide advertisements that are more relevant to your interests. This can be done by delivering online adverts based on your previous web browsing activity. Cookies are placed on your browser which will store details of websites you have visited. Advertising based on what you have been looking at is then displayed to you when you visit websites that use the same advertising networks.
    We may also use cookies and similar technologies to provide you with adverts based on your location, offers you click on, and other similar interactions with our websites and apps.

Data Breaches

We will report any unlawful data breach of this website's database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

Changes to Our Privacy Policy

This privacy policy may change from time to time to conform with legislation and/or industry developments. We will not explicitly inform our clients or website users of these changes. Instead, we recommend that you check this page occasionally for any policy changes.
By entering a valid email address that you have access to, we will inform you any personal information we collect that is associated with that email address and how to manage it.

Customer Privacy Policy

  • Commitment of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa)

The protection of privacy and personal data constitutes a fundamental commitment of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) to its customers ("Customers") of its services and products.

The information provided to us, as well as that sent to us through our website, electronic mail or any other means, will be treated with the utmost confidentiality and in accordance with the applicable European or national legislation.

All personal data collected will be only those necessary for the purposes for which they are intended, namely for the processing of reservations and technical and commercial contacts related to them, as well as other legitimate objectives to the relationship established between both parties. In addition, the client may actively indicate whether he / she authorizes the use of the personal data previously provided or others that he may add or modify for other properly identified purposes, such as the sending of newsletters or other types of business contacts.

Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) advises reading this Privacy Policy and its updates.

  • Responsible for data processing

The responsible for the collection and processing of your personal data will be who provides you the service or product and decides what data is collected, means of treatment and purposes for which the data is used.

  • Personal data, holders of personal data and categories of personal data

What is personal data?

Personal Data is any information of any nature and in any support, relating to an identified or identifiable person. Any person who can be identified directly or indirectly, for example by name, identification number, location data, electronic identifier or other elements that allow identification of that individual is identified as identifiable.

Who are the holders of personal data?

The Client, an individual person, to whom the data relate and who has used the services or products of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa). For example, a Client of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) is someone who has made a contract in order to get a good or service provided. It will be a potential Client who is the target of publicity campaigns or promotional offers of Mar da Califórnia - Atividades Hoteleiras, SA (Sesimbra Hotel & Spa), as well as those who request information about products and services marketed by Mar da Califórnia - Atividades Hoteleiras, SA (Sesimbra Hotel & Spa).

In this regard, Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) informs that it also protects personal data and respects the rights of Customers.

What categories of personal data do we treat?

Categories of personal data

Examples of personal data
Identification Name
ID number
Tax Identification Number
Date of birth
Customer Number
Room number

Phone contact
E-mail address

Profile Nationality
Country of residence
Date of birth
Marital status
Number of children
Electronic interactions IP address
Device identifiers


  • Basis, Purposes and Duration of the Treatment of Personal Data

Upon what grounds may Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) treat your personal data?

Consent:When we have your express consent - in writing, orally or through the validation of an option - and prior and if such consent is free, informed, specific and unambiguous. Examples are your consent to send direct marketing messages, profile definition, sharing of data with other entities; or

Contract execution and pre-contractual procedures:when the processing of personal data is necessary for the conclusion, execution and management of the contract signed with Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa), as for example requests for information, service proposal preparation, service provision, contact / complaint / billing / collection / payments management; or

Compliance with legal obligation:when the processing of personal data is necessary to comply with a legal obligation to which Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) is subject, such as the communication of data to police, judicial, fiscal or regulatory entities; or

Legitimate interest:when the processing of personal data corresponds to a legitimate interest of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) or third party, such as improvement of quality of service, detection of fraud or when the reasons for their use should prevail over their rights of data holders).

(The communication of data as a legal or contractual obligation, or requirement necessary to conclude a contract, must be mentioned here, including the obligation of the Customer to provide the personal data and any consequences that may arise from not supplying).

For what purposes and for how long does Mar da Califórnia - Atividades Hoteleiras, S.A.  (Sesimbra Hotel & Spa) treat your personal data?

Your personal data are processed by Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) only for the period of time necessary to achieve the defined purpose or, depending on what is applicable, until you exercise your right of objection, right to be forgotten or withdraw consent. After the respective period of conservation has expired, Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) will eliminate or anonymize the data whenever they are not to be kept for a different purpose that may subsist

Categories of purposes Examples of purposes
Marketing Marketing or selling of new services or products
Customer Management and Service Delivery Management of contacts, information or requests
Complaint management
Billing, collection and payment management
Accounting, Tax and Administrative Management Accounting, billing
Management of commissions
Tax information, including sending information to the tax authority
Litigation Management Judicial and extrajudicial collection
Management of other conflicts
Physical security control Video surveillance of premises                        

What are the deadlines for processing and keeping personal data?

Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) treats and keeps your personal data according to the purposes for which they are treated. There are cases in which the law requires the processing and storage of data for a minimum period of time, namely for 10 years, the data necessary for informing the Tax Authorities for accounting or tax purposes or the data relating to commercial bookkeeping, as well as for 7 years for the purpose of combating money laundering and terrorist financing.

But, where there is no specific legal obligation, then the data will be processed only for the   necessary period to fulfill the purposes that led to their collection and preservation and always in accordance with the law, guidelines and decisions of the CNPD. Therefore:

Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) will treat and maintain your personal data for the period in which we have a contractual relationship with you.

Regarding the video surveillance of its facilities, Mar da Califórnia - Atividades Hoteleiras, S.A. will only keep the recordings of images and their personal data for a maximum period of 30 days.

Mar da Califórnia - Atividades Hoteleiras, SA (Sesimbra Hotel & Spa) may keep other personal data for periods longer than the duration of the contractual relationship, whether based on your consent, or to ensure rights or duties related to the contract, or even because we have legitimate interests that justify it, but always for the period strictly necessary for the fulfillment of the respective purposes and in accordance with the guidelines and decisions of the CNPD.

Examples are contact for marketing and sales purposes, preservation of data in the context of invoice claims procedures, exercise of guarantee rights or pending of legal litigation.

  • Form and timing of the collection of personal data

When and how do we collect your personal data?

We collect personal data with your consent or when you purchase services or products of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa).

The collection can be done orally, in writing or through the website of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa).

But your personal information may also be collected from publicly available sources or other sources, such as travel agents, whose responsibility for ensuring data protection and information security applies equally.

  • Rights of the holder of personal data

What are your rights?

Right of Access- right to obtain confirmation of what are your personal data that are treated and information about them, for example, what are the purposes of the treatment, what are the conservation periods, among others.

Right to see or obtain copy, for example of invoices or written agreements.

Right of Rectification- right to request rectification of your personal data that is inaccurate or request to complete incomplete personal data, such as the address, Tax Identification Number, email, telephone contacts, or others.

Right to erase data or "right to be forgotten"- right to erase your personal data, provided that there are no valid grounds for its conservation, such as the cases in which Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) must keep the data to fulfill a legal obligation or because a legal process is in progress. 

Right to Portability- right to receive the data you have provided us in a digital format of current use and automatic reading or to request the direct transmission of your data to another entity that becomes the new responsible for your personal data, but in this case only if technically possible.

Right to Withdraw Consent or Right of Opposition- right to object or withdraw consent at any time to data processing, for example in the case of data processing for marketing purposes, provided that no legitimate interests exist which prevail over your interests, rights and freedoms, such as defending a right in a judicial process.

Right of Limitation- right to request the limitation of the treatment of your personal data, in the form of: (i) suspension of treatment or (ii) limitation of the scope of treatment to certain categories of data or purposes of treatment.

Right to complain- right to complain to the supervisory authority, CNPD, in addition to the company or the DPO.

How can you exercise your rights?

The exercise of rights is free of charge, except in the case of a manifestly unfounded or excessive request, in which case a reasonable fee may be charged taking into account the existing costs.

In order to exercise your rights, you should approach our unit. The exception is the right to withdraw your consent / opposition, which, if the consent in question may have been provided via digital format, may be exercised through the following address:

The response to requests should be provided within a maximum of 30 days, unless it is a particularly complex request.

  • Transmission of Personal Data

Under what circumstances is your personal data communicated to other entities, subcontractors or third parties?

Your data can be transmitted to subcontractors for them to handle in the name and on behalf of Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa). In this case, Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) will take the necessary contractual measures to ensure that the subcontractors respect and protect the personal data of the Client.

Data may also be transmitted to third parties - entities other than Mar da Califórnia - Atividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) or subcontractors - in case the holder has consented or to entities to whom the data must be communicated by virtue of law.


We commit to keep your data secure, and we apply appropriate security measures to ensure the protection of your personal data and prevent access to unauthorized persons. We submit our security systems and policies to periodic analyzes to ensure that data is secure and protected. However, the transmission of information over the Internet is not completely secure, and we cannot absolutely guarantee the security of the information transmitted through our site.

We also respect the confidentiality of your information. Therefore, we do not sell, distribute, or otherwise make your information commercially available to any third party. Mar da Califórnia -   Actividades Hoteleiras, S.A. (Sesimbra Hotel & Spa) is committed to keeping your information confidential in accordance with this Privacy Policy and applicable law.