Política de privacidad y datos
Privacy Policy Date of Last Update: 01 January 2025
A. GENERAL PART
A.1. THE DHM GROUP
The Discovery Hotel Management Group, which includes DISCOVERY FUND HOTEL MANAGEMENT I, S.A (“Discovery FHMI”), headquartered at Largo Jean Monnet, 1 – 7º, 1269-068 Lisboa, Portugal, under the unique registration number and corporate entity 515312738, and a set of Hotel Units more specifically identified here: www.dhmportugal.com (collectively, the “DHM Group”), acts to ensure the protection of personal data of its Customers in the context of services provided through our Hotel Units and Users who visit our Websites. This includes information provided by the Customer and/or the User that allows the DHM Group to identify and/or contact them (“Personal Data”).
We have compiled the main points regarding the processing of personal data of our Customers and Users in this Privacy Policy, thereby ensuring that we provide the necessary information in a transparent, concise, and easily understandable manner to comply with the rules of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 on Data Protection (“GDPR”).
A.2. ENTITIES OF THE DHM GROUP RESPONSIBLE FOR THE PROCESSING OF PERSONAL DATA
Stays at Hotel Units
As a rule, when a Customer contacts one of our Hotel Units (for example, one of the Octant Hotels, or our Hotels & Resorts such as the Monte Real Hotel or the Dolce Campo Real), it is the Hotel Units that provide services related to the stay at these same Hotel Units and determine how your data is processed in the context of those services. Therefore, whenever you book a stay at one of our Hotel Units, the entity responsible for processing the data necessary for providing hotel services and associated services (restaurants, bars, use of health clubs or Spas), managing contacts with Customers, and billing and collection will be the Hotel Unit that provides these services.
The Personal Data collected and processed for these purposes consist of information related to name, gender, date of birth, telephone, mobile phone, email, address, tax identification number, credit card details (collected only for billing purposes), although other Personal Data that may be necessary or convenient for the provision of services by the Hotel Units may also be collected.
The Hotel Units will also be responsible for data processing carried out for the purposes of protecting people and property and security at the Hotel Units (through video surveillance systems).
In summary, whenever the Hotel Units process Personal Data, they must always have a legitimate basis to do so (as further explained in section B below), in accordance with the GDPR.
In this context, the legal bases used by the Hotel Units for the above-mentioned processing are as follows:
Purpose
Management of reservations and customer contacts
Execution of contractual relationship, consent
Fulfillment of legal obligations
Legitimate interest (protection of people and property)
Website and Marketing
On the other hand, regarding the provision of the Website hosted at www.dhmportugal.com and the services and communications made available there, Discovery FHMI is the entity responsible for processing the Personal Data of Users.
As a rule, Personal Data is requested when the User registers on the Website, requests contact and/or the sending of newsletters, subscribes to a particular Service, purchases a product, or establishes a contractual relationship with Discovery FHMI.
Discovery FHMI also collects and processes information about your hardware and software, as well as information about the pages visited by the User within the Website. This information may include: your browser type, domain name, access times, and the hyperlinks through which the User accessed the Website (“Usability Information”). This information is only used to improve the quality of the visit to the Website.
Discovery FHMI will process Users’ Personal Data and Usability Information for the following purposes:
User registration on the Website;
Informing the User, upon request, about new products and services available on the Website and/or at the hotel units, special offers and campaigns, updated information about the activities of Discovery FHMI or the DHM Group’s hotel units, and generally for marketing purposes of Discovery FHMI and the DHM Group’s hotel units, through any means of communication, including electronic support;
Allowing access to restricted areas of the Website, according to previously established terms;
Ensuring that the Website meets the User’s needs by developing and publishing content as tailored as possible to the requests and type of User, improving the Website’s search capabilities and functionalities, and obtaining aggregated or statistical information regarding the typical User profile (consumer profile analysis);
Provision of Services, and other services such as newsletters, opinion surveys, or other information or products requested or purchased by the User;
Recording telephone calls made within the scope of the contractual relationship, both during the contract formation phase and during its term.
In summary, whenever Discovery FHMI processes Personal Data, it must always have a legitimate basis to do so (as further explained in section B below), in accordance with the GDPR. In this context, the legal bases used by Discovery FHMI for the above-mentioned processing are as follows:
Purpose
User registration on the Website
Consent
Execution of contractual relationship
Legitimate interest (improvement of service provided to Website Users)
Consent
A.3. DATA COLLECTION CHANNELS
DHM may collect data directly (i.e., directly from the User) or indirectly (i.e., through partners or third parties). Data may be collected through the following channels:
Direct collection: in person, by telephone, by email or through the Site;
Indirect collection: through partners or group companies and official entities.
B. GENERAL PRINCIPLES APPLICABLE TO THE PROCESSING OF USER DATA
In terms of general principles, the DHM Group is committed to ensuring that the Personal Data it processes:
Is subject to lawful, fair, and transparent processing in relation to Customers and/or Users;
Is collected for specific, explicit, and legitimate purposes and is not further processed in a manner incompatible with those purposes;
Is adequate, relevant, and limited to what is necessary concerning the purposes for which it is processed;
Is accurate and kept up to date as necessary, with all appropriate measures taken to ensure that inaccurate data, considering the purposes for which they are processed, are erased or rectified without delay;
Is kept in a manner that allows the identification of Customers and/or Users only for as long as necessary for the purposes for which the data is processed;
Is processed in a manner that ensures its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, with appropriate technical or organisational measures adopted.
The data processing carried out by the DHM Group is lawful if at least one of the following conditions is met:
The Customer and/or the User has given explicit consent to the processing of their Personal Data for one or more specific purposes;
The processing is necessary for the performance of a contract to which the Customer and/or the User is a party, or for pre-contractual steps taken at the request of the Customer and/or the User;
The processing is necessary for compliance with a legal obligation to which the DHM Group is subject;
The processing is necessary to protect the vital interests of the Customer and/or the User or another natural person;
The processing is necessary for the purposes of the legitimate interests pursued by the DHM Group or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Customer and/or the User that require protection of personal data.
The DHM Group commits to ensuring that the processing of the Customer’s and/or the User’s Personal Data is only done under the conditions listed in this Privacy Policy and with respect for the principles mentioned above.
When the processing of the Customer’s and/or the User’s Personal Data is carried out by the DHM Group based on consent, the individual has the right to withdraw their consent at any time. However, the withdrawal of consent does not affect the lawfulness of the processing carried out by the DHM Group based on the consent previously given by the Customer and/or the User.
The period during which the data is stored and retained varies according to the purpose for which the information is processed. In fact, there are legal requirements that oblige the retention of data for a minimum period. Thus, and whenever there is no specific legal requirement, the data will be stored and retained only for the minimum period necessary for the purposes that motivated its collection or subsequent processing, after which it will be deleted.
B.1. USE OF COOKIES
This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to analyse our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.
Cookies are small text files that can be used by websites to make a user's experience more efficient.
The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission.
This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
You can at any time change or withdraw your consent from the Cookie Declaration on our website.
Learn more about who we are, how you can contact us and how we process personal data in our Privacy Policy.
Please state your consent ID and date when you contact us regarding your consent.
Your consent applies to the following domains: www.dhmportugal.com
Your consent ID: d9MaGe5hN2dEcEDYP2A5K4ZRBSFbo2x0w0jOYtGUiCk8Kxl0QK9DBw==Consent date: Wednesday, March 25, 2026 at 11:16:37 AM GMT
Cookie declaration last updated on 26/05/26 by Cookiebot:
Necessary (4)
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
| Name | Provider | Purpose | Maximum Storage Duration | Type |
|---|---|---|---|---|
| CookieConsent | Cookiebot | Stores the user's cookie consent state for the current domain | 1 year | HTTP Cookie |
| elementor | www.dhmportugal.com | Used in context with the website's WordPress theme. The cookie allows the website owner to implement or change the website's content in real-time. | Persistent | HTML Local Storage |
| test_cookie | Used to check if the user's browser supports cookies. | 1 day | HTTP Cookie | |
| wpEmojiSettingsSupports | www.dhmportugal.com | This cookie is part of a bundle of cookies which serve the purpose of content delivery and presentation. The cookies keep the correct state of font, blog/picture sliders, color themes and other website settings. | Session | HTML Local Storage |
Preferences (1)
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
| Name | Provider | Purpose | Maximum Storage Duration | Type |
|---|---|---|---|---|
| wp-wpml_current_language | www.dhmportugal.com | Designates the country code that is calculated based on the user's IP address. Used to determine what language should be used for the visitor. | Session | HTTP Cookie |
Marketing (22)
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
| Name | Provider | Purpose | Maximum Storage Duration | Type |
|---|---|---|---|---|
| __Secure-ROLLOUT_TOKEN | YouTube | Used to track user’s interaction with embedded content. | 180 days | HTTP Cookie |
| __Secure-YEC | YouTube | Stores the user's video player preferences using embedded YouTube video | Session | HTTP Cookie |
| __Secure-YNID | YouTube | Used to track user’s interaction with embedded content. | 180 days | HTTP Cookie |
| _fbp | Meta Platforms, Inc. | Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. | 3 months | HTTP Cookie |
| _ga | Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. | 2 years | HTTP Cookie | |
| _ga_# | Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. | 2 years | HTTP Cookie | |
| _gat | Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. | 1 day | HTTP Cookie | |
| _gcl_au | Used by Google AdSense for experimenting with advertisement efficiency across websites using their services. | 3 months | HTTP Cookie | |
| _gcl_ls | Tracks the conversion rate between the user and the advertisement banners on the website - This serves to optimise the relevance of the advertisements on the website. | Persistent | HTML Local Storage | |
| _gid | Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. | 1 day | HTTP Cookie | |
| LAST_RESULT_ENTRY_KEY | YouTube | Used to track user’s interaction with embedded content. | Session | HTTP Cookie |
| lastExternalReferrer | Meta Platforms, Inc. | Detects how the user reached the website by registering their last URL-address. | Persistent | HTML Local Storage |
| lastExternalReferrerTime | Meta Platforms, Inc. | Detects how the user reached the website by registering their last URL-address. | Persistent | HTML Local Storage |
| log/error | Meta Platforms, Inc. | Used to detect and log potential tracking errors. | Session | Pixel Tracker |
| LogsDatabaseV2:V#||LogsRequestsStore | YouTube | Used to track user’s interaction with embedded content. | Persistent | IndexedDB |
| pagead/1p-user-list/# | Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites. | Session | Pixel Tracker | |
| TESTCOOKIESENABLED | YouTube | Used to track user’s interaction with embedded content. | 1 day | HTTP Cookie |
| VISITOR_INFO1_LIVE | YouTube | Tries to estimate the users' bandwidth on pages with integrated YouTube videos. | 180 days | HTTP Cookie |
| YSC | YouTube | Registers a unique ID to keep statistics of what videos from YouTube the user has seen. | Session | HTTP Cookie |
| yt-icons-last-purged | YouTube | Necessary for the implementation and functionality of YouTube video-content on the website. | Persistent | HTML Local Storage |
| ytidb::LAST_RESULT_ENTRY_KEY | YouTube | Used to track user’s interaction with embedded content. | Persistent | HTML Local Storage |
| YtIdbMeta#databases | YouTube | Used to track user’s interaction with embedded content. | Persistent | IndexedDB |
C. DATA COMMUNICATION
Subcontracting Entities
In the context of processing User Data, Discovery FHMI [and/or the Hotel Units] may use third-party entities, subcontracted by themselves, to, on behalf of Discovery FHMI [and/or the Hotel Units], and in accordance with the instructions given by them, process the Customer’s and/or User’s Personal Data, strictly complying with the law and this Privacy Policy.
These subcontracted entities may not transmit the Customers’ and/or Users’ Personal Data to other entities without Discovery FHMI [and/or the Hotel Units] having previously and in writing authorised such transmission. They are also prohibited from hiring other entities without prior authorisation from Discovery FHMI [and/or the Hotel Units].
Discovery FHMI [and the Hotel Units] commit to subcontracting only entities that provide sufficient guarantees of implementing appropriate technical and organisational measures to ensure the protection of the User’s rights. All entities subcontracted by Discovery FHMI [and/or the Hotel Units] are bound to the latter through a written contract in which the object and duration of the processing, the nature and purpose of the processing, the type of personal data, the categories of data subjects, and the rights and obligations of the parties are regulated.
Other DHM Group Entities
The Personal Data collected by the Hotel Units and/or Discovery FHMI are not shared with third parties without the Customer’s and/or the User’s consent, except for the situation referred to in the following paragraph. However, if the Customer and/or User contracts services from the Hotel Units and/or Discovery FHMI that are provided by other entities responsible for processing personal data, the Personal Data may be accessed or consulted by those entities to the extent necessary for the provision of those services.
Discovery FHMI may transfer or communicate the Personal Data for which it is the data controller to other DHM Group entities, if such transfer or communication is necessary for corporate reorganisation purposes, to ensure the continuity of the services provided to Customers/Users. In the event of a transfer of Personal Data under these circumstances, we will make reasonable efforts to inform Customers and/or Users of that transfer and ensure that the recipient only uses the transferred Personal Data in accordance with this Privacy Policy.
Other Third Parties
The DHM Group may also communicate Personal Data to third parties outside its corporate group when such communications are necessary or appropriate (i) in light of applicable law for the fulfillment of legal obligations/judicial orders; and (ii) to respond to requests from public or governmental authorities.
D. RETENTION PERIODS
The DHM Group retains Personal Data only for as long as necessary to fulfil the purposes described in this Privacy Policy concerning the execution of the contractual relationship with Users and/or Customers, unless a legal provision requires a longer retention period (for the purpose of fulfilling tax or accounting obligations, Personal Data are retained for a period of 10 years).
Regarding Personal Data collected based on consent – for sending marketing communications – these will be processed until the consent is withdrawn. On the other hand, concerning data processed for conducting opinion surveys, these will be processed as long as necessary to carry out the aforementioned surveys or until the consent is withdrawn. Additionally, regarding call recordings for the purpose of evidence of commercial transactions, the data will be retained for a period of 90 days and, in the context of video surveillance, for a period of 30 days.
E. TECHNICAL, ORGANISATIONAL, AND SECURITY MEASURES IMPLEMENTED
To ensure the security of the Customer’s and/or the User’s Data and maximum confidentiality, we treat the information you have provided us in an absolutely confidential manner, in accordance with our internal security and confidentiality policies and procedures, which are periodically updated as needed, as well as in accordance with legally stipulated terms and conditions.
Due to the nature, scope, context, and purposes of data processing, as well as the risks arising from processing for the rights and freedoms of the Customer and/or the User, the Hotel Units and Discovery FHMI commit to applying, both at the stage of defining the processing means and during the actual processing, the necessary and appropriate technical and organisational measures to protect Personal Data and comply with legal requirements.
They also commit to ensuring that, by default, only the data necessary for each specific processing purpose is processed and that this data is not made available without human intervention to an indefinite number of people.
In terms of general security measures, the DHM Group adopts the following:
Regular audits to assess the effectiveness of the implemented technical and organisational measures;
Awareness and training of staff involved in data processing operations;
Pseudonymisation and encryption of personal data;
Mechanisms capable of ensuring the confidentiality, availability, and resilience of information systems;
Mechanisms that ensure the timely restoration of information systems and access to personal data in the event of a physical or technical incident.
F. INTERNATIONAL DATA TRANSFERS
The Personal Data processed by the DHM Group are not made available to third parties established outside the European Union. If, in the future, such a transfer occurs to fulfil any of the purposes described above, the DHM Group commits to ensuring that the transfer complies with applicable legal provisions, particularly regarding the determination of the adequacy of such a country in terms of data protection and the requirements applicable to such transfers.
G. FINAL PART
G.1. CHANGES TO THE PRIVACY POLICY
The DHM Group reserves the right to change this Privacy Policy at any time. In the event of a modification to the Privacy Policy, the date of the last change, available at the top of this page, is also updated. If the change is substantial, a notice will be placed on the Website, and we may also notify Customers and Users in writing through the contact details provided to the DHM Group.
G.2. APPLICABLE LAW AND JURISDICTION
Any disputes arising from the validity, interpretation, or execution of the Privacy Policy, or related to the collection, processing, or transmission of User Data, must be submitted exclusively to the jurisdiction of the judicial courts in the Lisbon district, without prejudice to the applicable mandatory legal norms.
Consulte nuestra Política de Privacidad y Datos Personales en el menú respectivo al final de la página.