Privacy Policy

Privacy Policy

Effective from June 15 2024

IMPORTANT: BY USING OUR WEBSITE AND/OR BY PROVIDING US WITH ANY PERSONAL DATA, YOU GIVE YOUR EXPLICIT CONSENT THAT ALL PERSONAL DATA THAT YOU SUBMIT MAY BE PROCESSED BY US IN THE MANNER AND FOR THE PURPOSES DESCRIBED IN THE FOLLOWING PRIVACY POLICY AND IN COMPLIANCE WITH THE EFFECTIVE LAWS AND REGULATIONS ON PERSONAL DATA.

Data Controller

Personal data that Sirvoy Limited, a company registered in the Republic of Ireland (“Sirvoy”), collects from you or that you provide to Sirvoy will be governed by this policy, whenever Sirvoy is acting as the data controller.

Whenever Sirvoy is acting on behalf of a Hotel or similar entity, that entity shall be the data controller and responsible to determine the purposes and means by which any personal data is processed and this policy shall then only apply where relevant to Sirvoy’s role as data processor.

Security

Sirvoy takes data protection and your privacy very seriously. It has the relevant organizational and technical security measures in place to protect your personal information and to keep it confidential.

Use of Personal Data

Sirvoy will collect, store, and use your personal data only for the purposes for which you submitted it, and we keep the data only as long as it is necessary for those purposes or for other legitimate purposes that may apply. Such purposes may include creating and maintaining service accounts, but also related purposes such as improving the service provided, communicating relevant information, and maintaining system security.  Sirvoy relies on you to ensure that your personal data is complete, accurate and current. Please do inform Sirvoy promptly of any changes to or inaccuracies in your personal data.

Legal Basis for the Retention of Personal Data

The retention of personal data is governed by several legal bases under the General Data Protection Regulation (GDPR). The legal basis is as follows 1) Contractual Necessity (Article 6(1)(b) GDPR):Purpose: Personal data is retained as necessary to fulfill our contractual obligations to our clients. This includes managing bookings, processing payments, and maintaining service accounts. 2) Legal Obligation (Article 6(1)(c) GDPR):Purpose: Certain personal data must be retained to comply with legal and regulatory obligations. This includes financial record-keeping and reporting requirements. 3) Legitimate Interests (Article 6(1)(f) GDPR):Purpose: Personal data may be retained to protect the legitimate interests of Sirvoy, such as improving our services, ensuring security, and preventing fraud. 4) Consent (Article 6(1)(a) GDPR):Purpose: Where required, we retain personal data based on the explicit consent provided by the data subjects. This consent can be withdrawn at any time.

Data Retention Periods

Sirvoy is committed to retaining personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. 

Data Minimization and Deletion

Sirvoy adheres to the principle of data minimization, ensuring that only the necessary amount of personal data is collected and processed. Once the retention period expires, personal data will be securely deleted or anonymized to prevent unauthorized access and ensure compliance with GDPR.

Transfer of Data Abroad or to Third Parties

All sub-processors of personal data and any third parties Sirvoy engages to process your personal data are obligated to respect the confidentiality of your information (see list of sub-processors). Personal data will only be processed outside the EU/EEA if an adequate level of protection for the processing of personal data or other appropriate security measures exist. Sirvoy will only transfer personal data to recipients offering an adequate level of data protection. A list of our sub-processors can be found here https://sirvoy.com/sub-processors/ . The list provides information related to the third-party sub-processors that may have access to customer data when providing services on behalf of Sirvoy.

Your Rights

You have the right to request information about the collection and use of your personal data; request to access, block, correct, or erase your personal data and object to the processing. You have the right to request Sirvoy not to process further your personal data. Sirvoy will respect your request, unless processing is required by law or if the data may be kept for other legitimate reasons. Where Sirvoy is using your personal data including on the basis of your consent, you are entitled to withdraw that consent at any time subject to applicable law. Moreover, where Sirvoy processes your personal data based on legitimate interest or the public interest, you have the right to object at any time to that use of your personal data subject to applicable law.

Cookies and Similar Technologies

Sirvoy will use information from website cookies gathered by it and third parties to help improve the website experience and security of the product. By using the Sirvoy website, you agree to the use of cookies and similar technologies. If you wish to remove them, you can manage this through the settings on your browser; however, please note that without cookies you may not be able to take full advantage of all our website features.

Policy Changes

Because of ongoing changes to the services of Sirvoy, as well as changes in the law and the nature of technology, the data policy of Sirvoy may change from time to time. Any such changes will be posted on this page.

Data Protection Officer (DPO) Contact Information

Sirvoy Limited has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws and to handle any queries or concerns you may have regarding your personal data. You can contact our DPO at:

Email: dpo@sirvoy.com

Our DPO is responsible for ensuring that your personal data is processed in compliance with applicable data protection laws, including GDPR. Should you have any questions about this privacy policy or the way your personal data is handled, please reach out to our DPO using the contact information provided above.

By providing this contact information, we aim to facilitate transparency and allow for efficient handling of your data protection inquiries and concerns.