POLICY FOR PERSONAL DATA PROCESSING

Welcome to my website antonionobre.com (hereinafter referred to as “the Site”).

In accordance with Regulation (EU) 2016/679 (the "GDPR"), concerning the protection of natural persons with regard to the processing of personal data, we inform you that the personal data you provide will be processed in compliance with applicable legislation and confidentiality obligations binding the Data Controller.

By providing your personal data and continuing to use the Site, you confirm that you have read and understood the terms of this Privacy Policy. If you do not wish your information to be collected or processed as described herein, please do not use the services offered by the Site.

António Nobreis the Data Controller, i.e., the entity that decides how and why your personal data are processed (hereinafter the “Controller”). For any additional information or to exercise your rights under the GDPR, you can contact us at: hello@antonionobre.com

The personal data processed include:

a) Browsing data: Data automatically collected during your navigation on the Site (such as IP addresses, domain names of the computers used, access times, pages visited, and duration of the visit). These data are used only in aggregate form for statistical purposes and to ensure correct functioning of the Site and are not associated with identified individuals.

b) Data you voluntarily provide: Personal data you submit when making bookings, inquiries, or sending emails via the Site, including (for example) name, date of birth, tax identification number, email address, phone number, billing and residence address, and reservation details. If you provide personal data of third parties, you must have informed them and obtained their consent for such processing.

c) Cookies and tracking technologies: This Site uses cookies and similar technologies for technical and analytical purposes. Where required by law, cookies will be activated only upon obtaining your explicit consent. For more information, please consult our Cookie Policy.

The Site may contain links to social networks (e.g., Facebook, Instagram). Clicking these links may lead the social networks to collect data regarding your visit. For further details, please refer to the privacy policies of these platforms:
• Facebook Privacy Policy
• Instagram Privacy Policy

This Privacy Policy applies exclusively to this Site and not to external sites linked here.

Your personal data are processed strictly for purposes related to the requested services. In particular, under Article 6 and Article 7 of the GDPR, your data may be processed:

a) Without your explicit consent, for the following purposes:
• To confirm, manage, modify, or cancel your booking and provide related services. This processing is necessary for the execution of the contract and does not require your consent except for sensitive data.
• To comply with legal obligations related to public safety and administrative, accounting, and tax requirements.
• To maintain and manage the Site properly.
• To prevent or detect fraud or abuse affecting the Site.
• To exercise the Controller’s legal rights, including defense in court.

b) Only upon your explicit and separate consent, for:
• Facilitating quicker registration for future stays, with data retained for a maximum of 2 years, revocable at any time.
• Receiving promotional messages, event invitations, and updates on rates and offers, with data retained for a maximum of 2 years and not shared with third parties.

Providing your data for these activities is voluntary but necessary to benefit from the related services.

Your personal data will be retained only as long as necessary to fulfill the purposes described:
• Booking-related data will be kept until completion of administrative and accounting procedures or longer if legal disputes arise. Billing data will be retained for 10 years as required by law.
• Data provided for marketing or accelerated registration purposes will be retained for a maximum of 2 years or until you request their deletion.
• Final deletion or anonymization of data will occur within 30 days after the applicable retention period expires.

Your data will not be disseminated, sold, or disclosed to third parties without your explicit consent, except when required by law.

Your personal data may be shared with:
• Service providers (such as hosting, IT support, email management, booking platforms) who act under data processing agreements and only process data under the Controller’s instructions.
• Authorities or other parties when legally obliged.

We do not transfer your data outside the European Economic Area (EEA). If a transfer outside the EEA occurs, it will be based on adequate safeguards in compliance with the GDPR, such as adequacy decisions or Standard Contractual Clauses.

No automated decision-making or profiling based on your personal data is performed in connection with this Site.

The services provided by this Site are not intended for persons under 18 years of age. If we become aware that we have collected personal data from a minor without parental consent, we will delete such data promptly.

You may exercise, at any time, the rights granted by Article 15 to Article 22 of the GDPR, including:
• Request confirmation as to whether your personal data are being processed.
• Access information about the purposes of processing, categories of data, recipients, and retention periods.
• Request correction or deletion of your personal data.
• Request restriction of processing.
• Exercise your right to data portability (i.e., receive your data in a structured, commonly used, machine-readable format).
• Object to processing, including for direct marketing purposes.
• Object to automated decision-making and profiling (even if none is currently performed).
• Withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Lodge a complaint with a supervisory authority.

To exercise your rights, please contact the Data Controller at hello@antonionobre.com.

If you are located in Portugal or wish to contact the national supervisory authority, you may lodge a complaint with:

Comissão Nacional de Proteção de Dados (CNPD)
Rua de São Bento, 148-3º
1200-821 Lisboa, Portugal
📧 geral@cnpd.pt
🌐 https://www.cnpd.pt

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, misuse, or loss.

This Site may contain links to external websites not controlled by the Controller. The Controller is not responsible for the content or privacy practices of these sites. When you leave this Site, we recommend that you review the privacy policies of those external websites.

This Privacy Policy may be updated from time to time. The latest version will always be available on this page. If changes significantly affect your rights, you will be notified where appropriate. Changes will take effect upon publication on this Site or as otherwise provided by law.


Last updated: 2025/06