PRIVACY POLICY

Herdade das Barradas da Serra

Last updated: 9 June 2026

A. GENERAL PART

1. Collection and Processing of User Data

Name: Herdade das Barradas da Serra
Address: Km 16 N261-1, Grândola, Setúbal, 7570-351, Portugal
Telephone: +351961776610 (Custo de chamada para a rede móvel nacional)

Within the scope of the website hosted at www.barradasdaserra.pt ("Site"), the conclusion of any contract (i.e. hotel services, vouchers, services or agricultural products), the provision of information, content, including the newsletter, or any telephone contact to its users ("User") and other entities related to it, Herdade das Barradas da Serra, a limited liability company based at Rua Dr. Manuel Reis, n.° 4, 7570-284 Grândola, registered at the Conservatório de Registro Civil/Predial/Comercial de Grândola under the unique registry and legal entity n.° 507724909 (hereinafter "HBS") may request the User to provide personal data, that is, information provided by the User that will allow HBS to identify and/or contact him/her (hereinafter "Personal Data").

As a general rule, Personal Data are requested when the User makes a reservation on the Site, requests a contact and/or sends newsletters, provides or requests information, acquires a product or establishes a contractual relationship with HBS.

The Personal Data collected and processed consists essentially of information relating to name, gender, date of birth, telephone, mobile phone, e-mail, address, tax identification number, credit card details (collected for billing purposes only), although other Personal Data may be collected that may be necessary or convenient for the provision or billing of services by HBS.

After the collection of the Personal Data, HBS provides the User with detailed information on the nature of the data collected and on the purpose and treatment that will be given to such data.

HBS also collects and handles information about the device characteristics of its hardware and browser/software features, as well as information about the pages visited by the User within the Site. This information may include the type of browser, domain name, access times and links through which you have accessed the Site ("Usage Information"). We use this information only to improve the quality of your visit to our site.

Usage information and personal data are collectively referred to in this privacy policy as "User Data".

2. Subcontracted Entities

In connection with the processing of User Data, HBS uses or may use third parties, subcontracted by HBS, to process User Data on behalf of HBS and in accordance with the instructions given by HBS, in accordance with the law and this Privacy Policy.

These subcontractors may not transmit User Data to other entities without the prior written permission of HBS. HBS undertakes to subcontract only to those entities that offer maximum security in the execution of the technical and organizational measures appropriate to guarantee the defense of the User's rights.

3. Data Collection Channels

HBS may collect data directly (i.e., directly from the user) or indirectly (i.e., through partner entities or third parties). The collection can be done through the following channels:

• Direct Collection: In person, by telephone, by e-mail and through the Site;

• Indirect collection: through partners or group companies and official entities.

4. General Principles Applicable to the Processing of User Data

With regard to the general principles relating to the processing of personal data, HBS undertakes to ensure that the user data it processes are:

• Processed in accordance with the law, fair and transparent to the User;

• Collected for specific, objective and legitimate purposes, and not further processed in a manner contrary to those purposes;

• Adequate, justified and limited to what is necessary in relation to the purposes for which they are treated;

• Accurate and up-to-date where necessary;

• Kept in a form which permits identification of the user for no longer than is necessary for the purposes for which the data are processed;

• Processed in a way that ensures its security, including protection against unauthorised or unlawful processing and against loss, destruction or unexpected damage.

5. Use and Purposes of User Data Processing

In general terms, HBS uses user data for the following purposes:

• Provision of hotel services, associated services (restaurants, bars, etc.) and agro-forestry services;

• Management of user contacts;

• Invoicing and charging the user;

• To inform the User, who has requested it and given consent, of new products and services, special offers and campaigns, for marketing purposes;

• To ensure that the Site meets the needs of the user and to improve its search capabilities and functionality.

6. Technical, Organizational and Security Measures

To ensure the security of user data and maximum confidentiality, HBS treats the information you provide in absolute confidence, in accordance with its internal security and confidentiality policies and procedures, which are updated periodically as required.

7. Transfer of Data Outside the European Union

Some of the third-party tools used on this Site — specifically Google Analytics and YouTube (both operated by Google LLC, based in the United States) — may involve the transfer of personal data to the United States of America. These transfers are carried out under the Standard Contractual Clauses approved by the European Commission and/or the EU-US Data Privacy Framework, ensuring an adequate level of protection for personal data.

For all other data collected directly by HBS, personal data is not made available to third parties outside the European Union, unless required by applicable law.

8. Use of Cookies

This Site uses cookies and similar tracking technologies to improve the user experience, analyse traffic and serve relevant content. Cookies are small text files stored on your device when you visit our website.

When you first visit our Site, you will be presented with a cookie consent banner allowing you to accept, reject, or customise your cookie preferences by category (Necessary, Preferences, Statistics, and Marketing). Only cookies that you have consented to will be activated, with the exception of strictly necessary cookies which are required for the Site to function.

You may change or withdraw your consent at any time by clicking the "Cookie Policy" link in the footer of our website. For detailed information on the cookies we use, their purpose, duration and providers, please refer to our Cookie Policy, available at: www.barradasdaserra.pt/cookie-policy.html

Cookie consent is managed through Cookiebot (by Usercentrics), a Google-certified Consent Management Platform (CMP), integrated via Google Tag Manager.

B. USER RIGHTS (DATA OWNERS)

9. Right to Information

HBS provides users with information on: the identity and contact details of HBS; the purposes and legal grounds for processing; the recipients or categories of recipients of personal data; data retention periods; and all applicable user rights.

10. Right of Access to Personal Data

The user has the right to obtain confirmation from HBS whether or not personal data concerning him/her are being processed and, if so, to access such data and information regarding: purposes of processing; categories of data; recipients; retention periods; and applicable rights.

11. Right to Correct Personal Data

The user has the right to request, at any time, the rectification of his/her personal data, as well as the right to have incomplete personal data completed.

12. Right to Deletion of Personal Data ("Right to be Forgotten")

The user has the right to have his/her data deleted by HBS when: the data is no longer required for the purpose for which it was collected; consent is withdrawn and there is no other legal basis; the data has been processed unlawfully; or deletion is required to comply with a legal obligation.

13. Right to Limit the Processing of Personal Data

The user has the right to obtain from HBS the limitation of the processing of user data in specific circumstances, including where the accuracy of the data is contested or where processing is unlawful but the user objects to deletion.

14. Right to the Transfer of Personal Data

The user has the right to receive personal data concerning him/her in a structured, commonly used and machine-readable format, and the right to transmit such data to another controller where technically possible.

15. Right to Object to Processing

The user has the right to object at any time to the processing of personal data concerning him/her, including for direct marketing purposes. Where the user objects to processing for direct marketing, HBS shall cease processing the data for this purpose.

16. Procedures for the Exercise of User Rights

The rights of access, rectification, deletion, limitation, portability and opposition may be exercised by contacting HBS at: geral@barradasdaserra.pt

HBS shall respond in writing within a maximum period of one month from receipt of the request, extendable to two months in cases of particular complexity.

The user also has the right to file a complaint with the Portuguese supervisory authority: Comissão Nacional de Proteção de Dados (CNPD) — www.cnpd.pt

17. Personal Data Breaches

In the event of a data breach that may pose a high risk to the rights and freedoms of the user, HBS undertakes to notify the affected user within 72 hours of becoming aware of the incident, unless appropriate protective measures had been applied that render the data incomprehensible to unauthorised persons.

C. FINAL PART

18. Changes to the Privacy Policy

HBS reserves the right to change this Privacy Policy at any time. If the privacy policy is changed, the date of the last change will be updated at the top of this page. If the change is material, a notice will be posted on the site.

19. Applicable Law and Jurisdiction

This Privacy Policy, as well as the collection, processing or transmission of user data, is governed by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the laws and regulations applicable in Portugal.

Any dispute arising out of the validity, interpretation or application of this Privacy Policy shall be submitted exclusively to the jurisdiction of the courts of the district of Setúbal, without prejudice to the applicable mandatory legal rules.

For any questions regarding this Privacy Policy, please contact us at geral@barradasdaserra.pt | Herdade das Barradas da Serra, Km 16 N261-1, Grândola, Setúbal, 7570-351, Portugal | NIF: 507724909

Privacy policy