“Accommodations” means the property booked by the Client by way of using the Service; “Yovivo” or “we”, “us”; “our” means Yovivo, a company incorporated in the UK, with the registry code #13499892, address Unit 3 Meadow Barn, Great Tey, Brook Road, Colchester, CO6 1JG UK, e-mail address: firstname.lastname@example.org, or other entities in the group with Yovivo providing the Services.
“Client” means any person who is using the Services of Yovivo who has made the Reservation or has concluded an Agreement with Yovivo;
“Data Subject” Natural person who uses Yovivo Services or whose Personal Data is processed by Yovivo;
“Data Processor” or “Processor” natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the controller; for example, the service providers to Yovivo;
“Extra Service” means the extra services ordered by the Client upon availability in accordance with the Terms and Conditions;
“Service” means the accommodation service and related services provided to the Client by Yovivo;
“OTA” means the online travel agency or other services provider who has listed accommodations through its services and thereby mediates the Services by Yovivo; “GDPR” is defined in the preamble;
“Guest” or “Guests” mean the person or persons being provided with the Service;
“Reservation” means a reservation for a Service made by the Client;
“Website” means https://yovivo.com, its subdomains, and/or other webpages used by Yovivo;
“Personal Data” is any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular on the basis of such a record as the name, personal identification code, place of location information or network identifier, or on the basis of one or more physical, physiological, genetic, mental, economic, cultural or social identities;
“Processing” is any operation or set of operations that are performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; “Terms and Conditions” mean the Terms and Conditions for using Yovivo Services, available at https://www.yovivo.com/terms.
You” means the same as the “Data Subject”.
WHY DO WE PROCESS PERSONAL DATA AND WHAT PERSONAL DATA DO WE PROCESS? When you have opted to use Yovivo Services and you are the Client of Yovivo or Guest, we need to process your Personal Data to enable the Services to you (data subject).
We process Personal Data that is submitted to us directly by the Client or automatically obtained by Yovivo about the Client in the course of using our Services.
If you have ordered the Service through the OTA, we process Personal Data that is submitted to us by the relevant OTA. In such a case, the privacy terms of the OTA selected by you apply in addition.
If the Reservation is submitted by the Client for a third person being the Guest or co-Guest(s), we process Personal Data about such Guest or co-Guest(s) as submitted to us by the Client. When submitting the Personal Data about a third person, the Client undertakes to ensure that he/she/it has the consent(s) of each Guest or other Data Subject to transfer his/her Personal Data to Yovivo.
We also process Personal Data that is submitted to us when you contact us with a query or question via Website or via any other channel (by sending an e-mail, for example). In such a case we process your Personal Data included in the inquiry to the extent that is necessary to respond to you.
WHAT IS THE LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA? We process Personal Data to provide the Services (please also read Yovivo Terms and Conditions). Legal basis for such data processing is GDPR Article 6 (1)(b), i.e. processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
In certain situations, we might process your Personal Data when processing is necessary for compliance with a legal obligation to which we are subject, for example for accounting purposes under applicable accounting legislation or applicable tourism legislation. Legal basis for such data processing is GDPR Article 6 (1)(c).
In certain specific situations we might also process your Personal Data where necessary for the purpose of our legitimate interests pursued by us. Legal basis for such data processing is GDPR Article 6 (1)(f). In such a case we shall ensure that processing is proportionate and that we have carried out legitimate interest impact assessment. For example, for the purpose of our legitimate interest we analyse how our Services and Website are used by our Clients so we can provide better service; when processing is necessary in connection with an investigation of suspected or actual fraudulent or other illegal activity or in connection with corporate sale, merger, reorganization, dissolution or similar event.
HOW LONG IS YOUR PERSONAL DATA RETAINED?
Yovivo does not retain Personal Data longer than it is necessary for the purposes of processing Personal Data or pursuant to applicable law.
Personal Data related to contacts can be retained during the term of the contract and based on our legitimate interest pursuant to Article 6 (1)(f) of the GDPR until the end of the statutory limitation periods under applicable law. Accordingly, as a general rule Yovivo retains your Personal Data as long as it is necessary for the provision of the Services during the term of the contract concluded between you and Yovivo and for 3 years after the term of the contract.
Pursuant to the Accounting Act, we retain accounting documents for 7 years.
Pursuant to Tourism Act, we retain registration data of the accommodation service user, which includes general personal information for 2 years.
OVERVIEW OF DATA PROCESSING
Personal data: First name, last name, e-mail address, phone number, address, and information concerning the Services and Extra Services ordered. Purpose of processing: Enabling provision of the Services in accordance with Terms and Conditions and our legitimate interest to retain the related information until the end of applicable limitation periods. Legal basis: GDPR Art. 6 (1)(b); GDPR Art. 6 (1)(f)(1).
3 years Personal data: First name, last name, date of birth, citizenship, and address; the name, date of birth and citizenship of the co-Guest(s); the period of provision of the accommodation Service; if the Client is not a citizen of a Member State of the European Economic Area or Switzerland then also a copy of the travel document and the state which issued it. Purpose of processing: Fulfilling our legal obligation arising from tourism laws to register the recipient of accommodation service. Legal basis: GDPR Art. 6 (1) (c).
2 years Personal data: Accounting-related data such as invoices. Purpose of processing: Fulfilling your legal obligation arising from accounting laws to process supporting documents of the transactions. Legal basis: GDPR Art. 6 (1)(c).
Retention period: 7 years
Personal data: Name, e-mail address. Purpose of processing: Sending marketing content. Legal basis: GDPR Art. 6 (1) (a). Retention period: Until the withdrawal of the consent. Personal data: Technical data.
Purpose of processing: Our legitimate interest to ensure security, continuity, and/or improvement of the Portal Legal basis: GDPR Art. 6 (1) (f). Retention period: Up to 2 years, please see Section “Cookies” for more specific information. Personal data: Sensor data. Purpose of processing: Our legitimate interest to improve our Services- Legal basis: GDPR Art. 6 (1) (f). Retention period: 5 years
WHEN DO WE SHARE YOUR PERSONAL DATA?
To the extent this is necessary for the provision of our Services, we may share your Personal Data with certain third parties. For example, if you order food delivery as Extra Service in accordance with the Terms and Conditions, we need to process this order for Extra Service and related data and to forward it to such Extra Service provider, to fulfill your order.
Please note that we might access your Personal Data also when you have booked through OTAs. In such a case your Personal Data will also be processed in accordance with the privacy policies adopted by the specific OTA selected by you and who shall act as a separate Data Controller of your Personal Data.
USE OF SECURITY CAMERAS
Please be noted that security cameras may be installed in public areas near the accommodations (outdoor areas, lobbies, etc). If the security cameras are installed, this is done by the security undertaking with whom Yovivo may have entered a service agreement.
The use of security cameras may be necessary in order to ensure security, prevent and process security incidents and ensure the safety of the property and people near the properties. The legal basis for the use of security cameras is a legitimate interest under Article 6(1)(f) of the GDPR.
Please be noted that security cameras are never installed inside the accommodations or in areas where complete privacy can be presumed.
When security cameras are used, there shall always be a sign informing of the use of a camera in the security camera’s surveillance area, i.e. a sign depicting a camera and/or the words “VIDEO SURVEILLANCE”. In the absence of a sign, cameras are not used.
Yovivo does not have general access to the security camera recordings. Security undertaking organizing the security near the respective accommodations shall have access to security camera recordings. The sign informing the use of the security cameras shall also include the details of the security undertaking who has installed the security cameras and who is conducting the security
Security camera recordings are stored by security undertakings. Security undertaking shall retain security camera recordings in accordance with the applicable law.
HOW DO WE PROTECT YOUR PERSONAL DATA?
To protect your Personal Data from unauthorized access, unlawful processing or disclosure, accidental loss, modification or destruction, we use appropriate technical and organizational measures that comply with applicable laws. These measures include but are not limited to the implementation of appropriate computer security systems, protection of paper and electronic format files by technical and logical means, and controlling and limiting access to documents and buildings.
GOVERNING LAW AND JURISDICTION
CONTACT US If you have any questions or concerns, please email our customer service team at email@example.com
UPDATES We may update this statement in response to changing laws or technical or business developments. You can see when this was last updated by checking the 'last updated date displayed at the top of this statement.
©2022 Yovivo. All rights reserved.