About Us

Privacy Policy

About Us

NOTO Hotel (“we”, “us” and “our”) is an hotel which forms part of GRID X complex.

We promise to respect and protect your privacy rights and choices, and have created our Privacy Notice & Cookie Policy to clearly explain how we manage privacy in a way that's easy to understand.

Updates To This Privacy Statement

We may update this Privacy Notice from time to time and will notify you of any significant changes by posting those changes here or by notifying you through other appropriate communication channels we generally use with you.

Any changes to this Privacy Notice will be considered effective immediately after the changes are posted on this Website unless otherwise indicated.  Your use of our Services following these changes indicates that you accept the revised Privacy Policy.

What Personal Data do we collect?

“Personal Data” are data that identify you as an individual or relate to an identifiable individual, meaning any information or pieces of information that could identify you directly (e.g., your name) or indirectly (e.g., through your email address or telephone number).

Sometimes you give this Personal Data to us directly (for example when you check-in or check-out at the hotel, when you create an account or contact us), and sometimes we collect it (e.g., using cookies to understand how you use our website).

The Personal Data that we collect, and how we collect it, depends on how you interact with us.

Generally, we process Reservation and Guest Data.

Reservation Data means all information pertaining to a reservation made at NOTO hotel. Examples of Reservation Data include your contact details, reservation details (reservation number, hotel name, dates of your stay, rate, meal plan), personal preferences or billing/financial information.

Guest Data means all information pertaining to you as a guest who stayed or is staying with us.  Guest Data may include your contact details, biographical information (such as your gender and birth date), reservation history, personal preferences, claims and complaints you have made or marketing communication preferences.

At touchpoints throughout your guest journey on this website, we collect Personal Data such as:

  • Contact information: name, gender, postal address, telephone number, email address.
  • Payment information: credit and debit card number or other payment data.
  • Financial information in limited circumstances.
  • Language preference.
  • Date and place of birth.
  • Nationality, passport, visa or other government-issued identification data.
  • Important dates, such as birthdays, anniversaries and special occasions.
  • Employer details
  • Travel itinerary, tour group or activity data.
  • Interactions including prior guest visits, goods and services purchased, and special service and amenity requests.

In more limited circumstances, we also may collect:

  • Data about allergies, accessibility requirements and medical conditions to meet any special requirements.
  • Data about family members and companions, such as names and ages of children.
  • Guest preferences and personalised data (“Personal Preferences”), such as your interests, activities, hobbies, food and beverage choices, services and amenities of which you advise us or which we learn about during your visit.
  • If you submit any Personal Data about other people to us or our Service Providers, such as making a reservation for another individual, you represent that you have the authority to do so and you permit us to use the data to fulfil your request for our Services.

Sensitive Data

We will only ever request Sensitive Personal Data to safeguard a guest's interests. This could include, for example, accessibility requirements and/or disabilities to allow appropriate provision of care and services, allergy information that the hotel should be made aware of, or identity information required for legal purposes or to prevent fraud.

The Processing Of Children's Data

Our hotel services are not directed to individuals under the age of sixteen (16).

A Parent of Legal Guardian must provide any Personal Data or Sensitive Personal Data to us, if they wish for us to deliver tailored services to their Child; for example, remembering a birthday or catering for allergies.

How do we collect your Personal Data?

We might collect or receive Personal Data from you via our website, social media channels, customer care or when you stay at our hotel.

Online Services: we collect Personal Data when you use our online services to make a reservation or purchase goods and services, to communicate with us, to post to our social media pages, to sign up for our newsletter(s) or participate in any offers or surveys.

Visiting Our Hotel: we collect Personal Data when you visit our hotel and use our services.

Contacting Our Hotel: We collect Personal Data when you make a reservation by telephone or communicate with us by email. These communications may be recorded for purposes of quality assurance and training.

Internet-Connected Devices: We may collect Personal Data from internet-connected devices used in our hotel to fulfil our legal obligations e.g. compliance with anti-terrorism legislation.

Collection Of Other Data

“Other Data” are data that generally do not reveal your specific identity or do not directly relate to an individual.

To the extent Other Data reveal your specific identity or relate to an individual, we will treat Other Data as Personal Data. Other Data include:

  • Browser and device data
  • Data collected through cookies and other technologies
  • Demographic data and other data provided by you
  • Aggregated data

Your browser or device. We collect certain data through your browser or automatically through your device, such as your Media Access Control (MAC) address, computer type (Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the Online Services (such as the Apps) you are using. We use this data to ensure that the Online Services function proper

Your IP Address. We collect your IP address, a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). An IP address is identified and logged automatically in our server log files when a user accesses the Online Services, along with the time of the visit and the pages that were visited. We use IP addresses to calculate usage levels, diagnose server problems and administer the Online Services. We also may derive your approximate location from your IP address.

In some circumstances we may also receive Personal Data about you from third-party sources such as travel booking platforms, travel agents and/or credit card providers.

These third-party sources may also include publicly available sources of information. In particular, we may receive or collect Personal Data from social networks when you engage with our content, or from online platforms when you provide a review about your stay and/or our services (e.g., on Tripadvisor.com, Booking.com, Google, etc.).

Cookies: We collect certain data from cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. We use the data for security purposes, to facilitate navigation, to display data more effectively, to collect statistical data, to personalize your experience while using the Online Services and to recognize your computer to assist your use of the Online Services.

Cookies further allow us to select which advertisements or offers are most likely to appeal to you and display them while you are using the Online Services or to send marketing emails. We also use cookies to track responses to online advertisements and marketing emails. If you do not want data collected with cookies, you can learn more about controlling cookies at: All About Cookies

You can choose whether to accept cookies by changing the settings on your browser. If, however, you do not accept cookies, you will experience inconvenience in your use of the Online Services. We will not be able to recognize your computer, and you will need to log in every time you visit. You also will not receive advertising or other offers from us that are relevant to your interests and needs.

Pixel Tags and other similar technologies. We collect data from pixel tags (also known as web beacons and clear GIFs), which are used with some Online Services to, among other things, track the actions of users of the Online Services (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Online Services.

Google AdWords: We may use Google AdWords, a web analytics and search engine advertising campaign management service. Google AdWords uses cookies, web beacons, and other means to help us analyse how users use the site. You may find Google's Privacy Policy at: http://www.google.com/intl/en/privacypolicy.html.

Analytics. We collect data through Google Analytics, which use cookies and technologies to collect and analyse data about use of the Services. These services collect data regarding the use of other websites, apps and online resources. You can learn about Google's practices by going to www.google.com/policies/privacy and opt out by downloading the Google Analytics opt out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

How we use your Personal Data

We process your Personal Data based on the following legal grounds, as permitted by applicable law:

We will use Personal Data and Other Data to manage our contractual relationship with you, because we have a legitimate interest to do so and/or to comply with a legal obligation. We use Personal Data and Other Data for our legitimate business interests including delivering the Services you request such as hotel, restaurant, meetings and event reservations: including the associated payment processing, administration, reservation confirmations, prearrival messages and delivery of services.

Based on your consent, this includes when you opt in to subscribe to our NOTO and GRIDX marketing newsletters.

We use Personal Data and Other Data to provide you with Services and to develop new services. In some instances, we will request that you provide Personal Data to assist us in delivering our services to you or to comply with a legal obligation (e.g., when you check-in, we may need to collect your personal identification details; when you check-out, we need to keep your transaction information to comply with our tax and financial reporting).

When it is in our legitimate business interest to use your Personal Data (e.g., to operate, evaluate and improve our organisation; to prevent and protect us and others against fraud, unauthorised transactions, claims and other liabilities; to ensure compliance with company policies and industry standards).

We will only process special categories of Personal Data (e.g., race or ethnicity; health-related data) when you request us to do so (i.e., when we have your explicit consent) or in exceptional circumstances and where we have a legal basis to do so.

Sharing your Personal Data

When we share your Personal Data as described below, we will take the necessary steps to ensure that any third-party recipients have implemented reasonable security mechanisms to protect your Personal Data

We may share your Personal Data to our trusted third-party suppliers who may process it on our behalf

We rely on trusted third parties to perform a range of business operations on our behalf. We always use our best efforts to ensure that all third parties we work with will keep your Personal Data secure. We only provide them with the information they need to perform the service, and we require that they do not use your Personal Data for any other purpose.

For example, we may entrust services that require the processing of your Personal Data to suppliers that provide customer care assistance for reservations, complaint handling and/or loyalty operations. This may also include third parties that assist and help us in providing digital services (such as online check-in and check-out), identity management, or ratings, reviews and surveys, IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications.

Payment service providers and credit reference agencies for the purpose of assessing your credit score and verifying your details where this is a condition of entering into a contract with you, as well as Lawyers, auditors, financial advisors, and other third-party service providers in connection with their services.

Finally, we may disclose your Personal Data to any regulatory, statutory, governmental or other relevant authorities, agencies or bodies and industry regulators, and any other person to whom Radisson is compelled, required or permitted to do so by law, rules or regulations, legal process or litigation, or to any person pursuant to any order of a court of competent jurisdiction or comparable legal process.

Transferring your Personal Data

NOTO hotel operates in Luxembourg. By use of this website, you understand and agree that we may transfer Personal Data to other jurisdictions as necessary for the purposes described in this Privacy Notice.

As a result, we will, subject to law, transfer Personal Data and Other Data collected to other jurisdictions where data protection standards may differ from those in the country where you reside. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities will be entitled to access your Personal Data.  When required to transfer your Personal Data to other countries or jurisdictions, we will protect that data in accordance with applicable law. Where required under applicable law, we will put in place binding contractual obligations with the data recipient to safeguard your data protection rights.

How we protect your Personal Data

We protect your Personal Data and implement reasonable security measures including technical and organisational security measures appropriate to protect your Personal Data against unauthorised or unlawful processing and against any accidental loss, destruction, or damage.

In particular, we operate data networks and systems protected by industry standard security measures and we make use of secure protocols over untrusted networks to protect the transmission of your Personal Data. Access to this information will be provided only to authorised individuals for legitimate business purposes.

How long do we keep your Personal Data?

We hold on to your Personal Data for as long as necessary to achieve the processing purposes described in the above section ‘How we use your Personal Data'.

This means, for instance, that we no longer store your Personal Data when our (contractual) relationship with you comes to an end, unless further storage is permitted or required under applicable law. When we no longer need to use your Personal Data, it is removed from our systems and records, or anonymized so that you can no longer be identified from it.

  • To determine the retention period of your Personal Data, we consider several criteria, including the purpose for which we hold your Personal Data, our legal and regulatory obligations in relation to that Personal Data, for example any financial reporting obligations, managing our own rights, for example the defence of any claims.

Whether our relationship with you is ongoing, for example, you have an active account, you continue to receive marketing communications, or you regularly browse our website and any specific requests from you in relation to the deletion of your Personal Data.

Your Rights & Choices

You have choices when it comes to how we use your data and we want to ensure you have the information to make the choices that are right for you.  If you no longer want to receive marketing-related emails, you may opt out by click unsubscribe in any marketing-related email or by following the instructions in any email that you receive from us.

For your protection, we only fulfil requests for the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will comply with your request as soon as reasonably practicable.

The EU General Data Protection Regulation (GDPR) grants specific rights, summarised below, which you can in principle exercise free of charge, subject to statutory exceptions.

  • Information. You have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data, and your rights. This is why we are providing you with the information in this Privacy Notice & Cookie Policy.
  • Rectification. You have the right to require that any incomplete or inaccurate Personal Data that we process about you is amended;
  • Deletion. You have the right to request that we delete Personal Data that we process about you, subject to certain exceptions, for instance, where we need to keep your Personal Data to comply with a legal obligation;
  • Withdrawing Consent. Wherever we rely on your consent, you will be able to withdraw that consent at any time you choose The withdrawal of your consent will not affect the lawfulness of the collection and processing of your data based on your consent up until the moment when you withdraw your consent.
  • Access. Subject to certain exceptions, you have the right to access and request a copy of the Personal Data we are processing about you, which we will provide to you in electronic form and/or in writing, or verbally where allowed by applicable laws.
  • Restriction. You have the right to request that we restrict our processing of your Personal Data under specific conditions;
  • Portability. You have the right to request that we transmit the Personal Data we hold in respect of you to you or to another data controller under specific conditions;
  • Objection. Under certain circumstances described in Privacy Law, especially when we process personal data based on our legitimate interest, you may object to the processing of your Personal Data.

These rights may be limited, for example if fulfilling your request would reveal Personal Data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will respond to any of your requests to exercise these above data subject rights within the period prescribed by applicable laws.

Contacting Us

If you wish to exercise any of your rights, please contact us stating which of your rights you wish to exercise at communications@notohotel.com, or by mail at NOTO Hotel, 4 Rue des Trois Cantons, 3980 Wickrange Reckange-sur-Mess, Luxembourg.