PRIVACY

1.Applicability Privacy Statement.

This privacy statement also applies to all Van der Valk hotels, and restaurants under the responsibility of Van der Valk Services Centrum BV, as well as affiliates. The privacy statement does not apply to the processing of personal data by third parties, such as companies and/or websites offering tours or travel packages. We recommend that you read the privacy statement carefully.

The Privacy Statement does not apply to the processing of personal data by parties from whom Van der Valk has received your personal data (such as booking organizations, travel agencies, employers, social media companies), nor to the processing by any other third party. We bear no (processing) responsibility for these organizations and we refer regarding such processing to the privacy statement of these organizations.

2.Acceptance of processing personal data

By registering for or using our products or services, you confirm that you have read the contents of the Privacy Statement and that you agree to the way personal data is processed by Van der Valk as described in the Privacy Statement. If you do not agree with our Privacy Policy, you should discontinue use of our website.

3.Nature, purpose and basis of processing of personal data

Van der Valk processes different types of personal data, for different purposes. The following explains what personal data and purposes they are.

a. Room and hall bookings.

For (booking or requesting) a room, meeting room, room and/or other hotel facility, we need personal data from you (such as your title, name, address, place of residence, date of birth, telephone number, e-mail address, signature, day of departure and arrival and your payment details). If you use a business booking, we will also collect the name and (address) details of your employer and/or client. Optionally, we may collect additional personal data from you that is relevant to our services and that you voluntarily provide to us. We process health data only on the basis of your consent in order to better serve you, for example providing access for disabled people. In addition, we are required by law to verify your identity. We will do this on site at the hotel on the basis of an identity document shown by you. We will not make a copy of this. This data is only used internally, and is not passed on to other organizations for commercial purposes.

Furthermore, as a hotel, we are required to register some information (name, place of residence, type of identification, day of arrival and day of departure) of our guests.

b. Restaurant Reservations

If you make a reservation at one of our restaurants, we collect personal information from you (such as title, name, email address, phone number and language preferences) in order to confirm the reservation and to process your requests for your reservation. In addition, we may ask you if we need to take allergies into account.

We process this data in order to implement our restaurant services.

c. Van der Valk account

You can create a Van der Valk account. That way, reservations and information requests are easy to make on a follow-up request, since we do not have to ask you for your details again. To create an account, we ask for your name, place of residence, address, telephone number and e-mail information. This personal data is stored in our database.

d. Security

Our hotels, restaurants parking lots and garages are equipped - to the extent necessary - with camera security to promote the safety of our guests, employees and property and to prevent theft and other irregularities.

e. License plate registration

For registration and payment of parking fees, several Van der Valk facilities use license plate registration. If you use these parking facilities, your license plate number is registered in order to implement parking services.

f. Newsletter and mailings.

If you use our services you will be signed up for our hotel newsletters. It is also possible to sign up for newsletters through the websites of the Van der Valk hotels and through Valk Verrast . Through these emails we will keep you informed about exclusive offers and service messages. You can unsubscribe from the newsletter at any time via the newsletter itself and via your Valk Account.

.

g. Contact form

You can contact us, by filling out our digital contact form. To provide you with the best possible service, we ask for the completion of name, e-mail address, phone number and your message for us.

h. Contests

Van der Valk regularly organizes contests and (win) promotions through its website(s) or through social media. If you respond or participate, we ask for your name and contact information. These are used to notify the prize winners, carry out the action and measure the response to the action.

We ask for your permission to process this data.

i. (Direct) Marketing

In order to make offers in line with our services and that interest you, we collect information about individuals if you visit our website, such as demographic information. We do this by setting cookies. We may collect information about you from third parties, including information from our partners and social media sites in accordance with your settings on such websites. We refer to the information on collection of data through cookies under section 7 in the Privacy Statement.

j. Social media

Van der Valk can be found on various social media, such as Facebook. We may use your personal data when you use features on these websites and/or apps, such as a "Facebook Like". If such a feature is used by you, we may obtain your personal data through our social media in question.

k. Black and cash list

Van der Valk maintains a blacklist policy to combat nuisance and crime in its hotels and restaurants. Also, Van der Valk maintains a cash list against fraud and non-payment. Van der Valk therefore has a legitimate interest in this data processing.

Based on this policy, Van der Valk may decide in very exceptional cases to deny a guest access to its hotels or other services, or impose conditions on payment methods. This may occur, for example, in the case of committing fraud, causing a nuisance, violating house rules, causing damage to property of other guests or employees of Van der Valk, causing injury to other guests and/or employees of Van der Valk or other improper behavior.

Van der Valk maintains strict and careful policies around data processing and data security of the blacklist and cashlist. The normal privacy rights of a data subject apply in full.

l. Application process

Van der Valk collects and processes applicant data through personal contact, by mail, by email and/or by phone calls. Among other things, we collect the applicant's name, gender, contact details, cover letters, information on educational level and employment history. This data is relevant for going through the application process and will be deleted no later than 4 weeks after the completion of the process. If you give your consent, Van der Valk may store your personal data longer in its records so that you can be contacted again in the future if necessary.

m. Employees

Van der Valk also processes personal data of employees, within the scope of the employment contract and based on legal bases. For information on the processing of employee personal data, please refer to the employee handbook of the entity of which you are employed.

n. Processing of data of minors.

Van der Valk processes personal data of minors (under the age of 16) if they are staying at one of our hotels under the supervision or with the consent of a parent/guardian, such as the name of the minors. Van der Valk does not process any other data of minors, unless the personal data about the minors is necessary for the performance of a contract and the data is provided by a parent or guardian.

4. Disclosure and sharing of your data with third parties.

4.1 Transfer of your personal data

In principle, we do not share your personal data with companies, organizations and individuals outside our own organization.

However, in order to provide certain services and meet the expected level of hospitality and service, in specific circumstances we may share your personal data within Van der Valk, with our service providers and other third parties. We ensure that data sharing only takes place if the third party processes the data based on our instructions, takes sufficient appropriate (security) measures and guarantees us to comply with applicable privacy laws and regulations. Below is an overview of (the categories of) recipients.

1.Van der Valk: Companies belonging to or affiliated with Van der Valk, all operating in the hotel sector, which need your data in order to correctly provide the selected services. The sole purpose of this transfer is the ability to correctly provide services to you.

2.Event organizers/companies: if you visit Van der Valk as part of a group event or meeting, information collected for planning the event or meeting may be shared with the organizers and, if applicable, with the guests hosting or participating in the meeting or event.

3.Service providers: we rely on third parties such as IT service providers, software maintenance parties to provide services and products on our behalf and may share your personal information with them as appropriate. We may also use service providers to communicate news and provide promotional and transactional materials to you on our behalf, including personalized online advertising in compliance with your preferences and applicable laws.

In addition, Van der Valk may share personal data with organizations outside Van der Valk in the following circumstances:

1.Performance of a contract - Provision of your personal data to third organizations is permissible When it is necessary to fulfill our contractual obligations to you, it is permissible for us to provide your personal data to third organizations.

2.With your consent - With your consent, we may disclose your personal data to other parties. The consent only applies if it is clear what you are giving your consent to and what the consequences are.

3.For legal reasons - We share your personal data if we believe that disclosure of the data is necessary to comply with applicable laws, regulations, legal process or requests by government agencies.

4.Legal obligation - If a legal obligation requires us to do so, we will provide your personal data. Van der Valk makes arrangements with the recipients of your personal data to ensure that personal data is kept confidential and secured.

4.2 Transfer of personal data outside the EU

Van der Valk may transfer your personal data from the Netherlands to foreign countries. Countries within the European Economic Area (EEA) have an equivalent level of personal data protection as the Netherlands. Subject to the general requirements of privacy laws and regulations, we may transfer your personal data to countries within the EEA. Our hotels in the Caribbean also fall within the European Economic Area. We may do this, for example, within our group for the purpose of proper business operations.

Outside the EEA, we will only transfer your personal data if there is an adequate level of protection. Van der Valk uses model contracts approved by the European Commission for this purpose.

4.3 Retention period

We do not keep your personal data longer than necessary, unless there is a legal duty on us to keep your personal data longer. Our basic principle is that we keep personal data only as long as necessary to provide you with our products and/or services. After this we will delete your personal data to the extent possible. For example, you can create a Van der Valk account, as explained above in section 3. We will delete inactive accounts after a period of 2 years. If you have provided your email address (possibly through your account) so that we can keep you informed of our services, we will still retain your data for that purpose.

5.Security and measures

We maintain a high level of guest data security. Guest data is stored encrypted. Access to data by employees of Van der Valk occurs on the basis of necessity given the function of the employees concerned (need to know principle). Van der Valk periodically tests the security of its data processing and underlying IT systems. If we outsource data-processing processes to third parties, we make agreements with these parties regarding adequate security of personal data. The measures taken are in line with applicable privacy laws and regulations. If, despite the security measures taken, a security incident occurs, we will take measures to limit the consequences for your privacy as much as possible.

6.Cookies

Van der Valk uses cookies. For our cookie statement, please see our cookies page, found in the footer of the website.

7.Liability

Van der Valk is not responsible or liable for unauthorized, unauthorized or unintended processing and/or access to personal data that cannot be attributed to Van der Valk . We are also not responsible for the acts or omissions of third party(ies) with whom we cooperate or to which we refer on our website(s) or otherwise. The third parties in question are not covered by this Privacy Statement and we therefore recommend that you read the privacy statements of these third parties on the websites carefully. In all the aforementioned cases, Van der Valk accepts no liability and there is no right to compensation, performance or any other claim against Van der Valk.

Despite the care and attention devoted to the management of this website, it is possible that it may contain inaccurate information. Van der Valk cannot be held liable for technical or editorial errors contained in this website, nor for any consequential damages resulting from the use or temporary unavailability of this website or the links to third-party websites.

8.Your rights

As a guest of Van der Valk or a visitor to any of our websites, you may request access, correction, deletion, objection, restriction or transfer of personal data. In addition, you have the right to withdraw a granted consent. Any withdrawal of your consent shall not affect any previous processing based thereon. Upon your request, we will inform you in writing whether we process personal data about you. When making your request, you must identify yourself by means of a copy of your driver's license or identity document. In our response we will explain what personal data of yours we have processed or are still processing, and provide you with a copy thereof. We will also explain the purposes for which the data have been or are being processed, with whom the data are shared, how long they are expected to be stored, and what other rights you may assert.

1.Right of inspection

You have the right to ask Van der Valk whether we process personal data about you. If we process personal data about you, you have the right to access the personal data in question, the purposes of the processing, any sources or recipients of that personal data and the retention period.

2.Right to rectification

If you have received inspection of the processing of your personal data, you may ask us to correct inaccuracies or complete omissions. We will motivate our response. If we proceed with correction, you will receive a supplementary statement from us. Any recipients of your incorrect or incomplete data will also receive this statement.

3.Right of removal

You may request that we delete personal data collected by us from you in the following cases:

the personal data are no longer needed for the purposes for which we collected or otherwise processed them;

If the consent on the basis of which the processing is done has been withdrawn by you;

you make a reasoned objection, and there are no compelling reasons not to honor your objection;

the personal data is processed unlawfully by us;

we must delete your personal data due to a legal obligation;

we have collected your data through mobile phone or Internet services.

4.Right to limitation

If you have reported an inaccuracy or incompleteness in your personal data to us, you may ask us to restrict processing while we are processing your request. You may also ask us to restrict the processing of your data if you believe that we are processing your data unlawfully or no longer need it, or if you have objected to its (further) processing. After receipt of your restriction request, we will only process the data after obtaining your consent or for compelling reasons (such as legal proceedings).

5.Right to transferability

If you have provided personal data to us in a structured, common digital file format, and we have processed your data with your consent or in the performance of a contract with you, you have the right to ask us for a copy of this data. You can also ask us in these cases to forward your data directly to another service provider.

Right to object

You may at any time object to the processing of personal data relating to you. This applies in particular to profiles that we have created on the basis of your personal data. We will stop processing your data upon receipt of your objection, unless we can provide compelling legitimate reasons that outweigh your interests, rights and freedoms.

If we process your personal data for direct marketing purposes, you may object at any time and we will stop the processing immediately.

9.Exercising rights

If you wish to exercise one or more of your rights listed above, please contact us at the e-mail address [x]. Van der Valk will decide on your request within 4 weeks, unless we inform you within that period that we need a little more time.

Is your personal data being processed pursuant to your consent? If so, you have the right to withdraw your consent. Any withdrawal of your consent shall not affect any previous processing based thereon

10.Complaints

Do you have a complaint about the use of your personal data? If so, please refer to the complaints procedure at the Personal Data Authority. This body is authorized to take cognizance of your complaint.

11.Contact and changes

For questions, comments or complaints regarding the processing of personal data, please contact the relevant hotel. You will find this contact information at the start of the Privacy Statement. Please indicate clearly in the subject that it concerns privacy and what request it is about so that we can respond within the applicable time limits.

This privacy statement is in accordance with the General Data Protection Regulation. We reserve the right to periodically update this privacy statement. The latest version will be published on this page.

Version May 2023