1. The Controller
The Controller for the collection, processing, and use of personal data on www.thedukehotelgozo.com (“Website” or “our Website”) is:
The Duke Boutique Hotel is registered at firstname.lastname@example.org
The Hotel address is The Duke Boutique Hotel, Republic Street, Victoria, Gozo, VCT1017, Malta
Telephone: +356 27799100
Fax: +356 27799150
Please contact us if you have any questions about how we process your personal data
2. Information we collect
When using this website’s career, booking or inquiry section, you may be required to provide your personal data in order to make use of one of our online services, such as making a reservation, applying for a job vacancy or enquiring about any corporate services. We will only process data and information that you voluntarily have submitted and in accordance with our group policies. If you do not agree with the terms of this policy, please refrain from providing us with your personal information.
The data we may collect about you may include the following:
When you access our website, the following information is collected:
The requested web page or download;
Whether the request was successful or not;
The date and time when you accessed the site;
The IP address or the domain name of the computer from which you accessed our website;
The operating system of the machine running your web browser and the type and version of your web browser.
If you choose to make a reservation through this website, the following information will be collected:
Name and surname;
Home address; and
Basis for Processing
The legal bases for our processing activities include processing such information as necessary to comply with our contractual obligations or for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract, compliance with our legal obligations, protecting the safety of our employees, guests, and others, for our legitimate business interests, and pursuant to your consent.
3. Your rights as the data subject
Right of Access
You have the right to access all the personal data held and processed by us. To exercise this right, you can contact us at the email or postal address at the top of this page.
In order to process this request, we will require proof of your identity. We will do our best to process the request as soon as possible, and in no event not longer than sixty days from hearing from you.
Right to Rectification
You have the right to request modification of all the personal data held and processed by us. If you think we may hold details about you that are inaccurate or out of date, please contact us at the email or postal address at the top of this page.
Right to Erasure (‘right to be forgotten)
You have the right to request that we delete the personal data held and processed by us by contacting us at the email or postal address at the top of this page.
This right is not absolute, and we may be justified in keeping certain personal data, for instance when we are legally obliged to do so or if such data may be necessary for us to defend a legal claim.
Right to Object
You have the right to object to the processing of your personal data, including where such processing takes place for our legitimate interests, and you may request to withdraw from all future activities and the removal of all personal data held and processed by us by contacting us at the email or postal address at the top of this page.
Right to Data Portability
You have the right to move, copy or transfer your personal data from one organization to another, and you have the right to request from us a copy of your personal data in a structured, commonly used, and machine-readable format, which we may provide to you or another organization at your request. If you would like us to assist you with this, please contact us at the email or postal address at the top of this page.
Right to Lodge a Complaint
All Data Protection enquiries/complaints should be sent to email@example.com
You also have the right to lodge a complaint with the Information and Data Protection Commissioner in Malta as the data protection supervisory authority:
Information and Data Protection Commissioner
Floor 2, Airways House, Triq Il-Kbira, Tas-Sliema SLM 1549
+356 2328 7100
If you are a guest, from time to time, we may wish to contact you about products and/or services that you have purchased or shown interest in. We may also contact you if you are not yet a guest, but you have given us your consent to send you marketing material to keep you up to date on our products and services.
You have the right to ask us to stop sending you marketing material at any time.
You can stop receiving marketing messages from us at any time through any of the following methods:
By clicking on the ‘unsubscribe’ link in any email we send you
By contacting us at the postal or email addresses at the top of this page
This will not affect any processing that took place prior to the withdrawal of consent. Please note that it may take a few days for all our systems to be updated, so you might get messages from us while we process your request.
Please also be aware that if you ask us to stop sending you marketing material, we will still continue to contact you in relation to the service we have been engaged by you to provide (for example, to send you a confirmation email, payment receipt, etc), if this is necessary for us to provide the service.
4. Retention Period
The information received is stored and retained only for the time that is strictly necessary to answer your query or fulfill your online request and will not be retained for a longer period than is necessary or to satisfy the recruitment process. We may also need to keep some of your personal data where we are obliged to do so in terms of legal or regulatory requirements, or in order to protect ourselves against legal claims, or to enforce our company terms and conditions.
For more information about our retention policy, please contact us at the postal or email addresses at the top of this page.
5. Sharing your Information
We will not share any of your personal data with third parties without your permission, except where this is strictly required for us to provide you with the service you have engaged us to provide.
We may share your personal data with the following categories of entities as necessary:
If we ever need to share your personal data with an entity outside the EU, we will do so in accordance with the requirements of the GDPR and any other applicable law.
6. Links to other Web Sites
8. Law and Jurisdiction
This Policy shall be governed by Maltese Law. Any dispute arising from, or related to, such Policy shall be subject to the non-exclusive jurisdiction of the courts of Malta.
The Duke Boutique Hotel has no access to the personal information you might provide to any third-party service providers operating from our premises.