Climber Privacy Policy

Updated on August 07, 2020.

This Privacy Policy (“Policy”) states how your personal data is processed as a result of your use of the Services relating to the RMS and filing the forms on our website. This document is an integral part of the Climber Terms and Conditions, which contain an overview of the Services. By using our Services, you agree to our Policy and authorize us to process your personal data as described herein to provide our Services properly.

Who is Climber?

Climber is a Revenue Management Software for hotels. We are responsible for collect and process the hotel’s data related to operations and revenue management.
Climber cares about your privacy and is committed to processing your personal data in accordance with fair information practices and applicable data privacy laws.
To provide our Services, we do not process your personal data in accordance with the legitimate instructions of the website in which you purchased services or products using Climber RMS, in accordance with this Policy or in accordance with the applicable data protection legislation.

What kind of personal data does Climber collect?

Some data that we use to be able to provide our Services to you may be considered personal data – meaning information related to you that, individually or in combination, may identify you. We may use the personal data stated herein for you to use and improve our Services:

• Identity Data: includes information about your identity, such as your name, email, position, and phone number.
• Financial Data: includes information about payment details, address data, VAT number and information about the payment methods you use to purchase from our Merchants.
• Usage Data: includes information about how you use our Service, such as PMS, Channel Manager or Rate Shopper. It also may include data about the access and usage of the product itself.

We may also collect Aggregate Data, such as statistical or demographic data. They may be derived from your personal data or usage data, but they are not legally considered personal data since this data does not reveal your identity directly or indirectly.

How does Climber collect personal data?

You may provide us Identity Data and Financial Data by using our RMS. We may also collect personal data about you by contacting us through our communication and customer services channels.
When interacting with our Services, we may automatically collect Usage Data via API with third parties.
In addition, for your safety and to improve our Services, we may receive personal data about you from third parties and public sources, such as companies that introduce you to us, state agencies and service providers.

Why does Climber collect personal data?

Your personal data is used in accordance with the purposes presented below, with their respective legal bases, which authorize your processing:

We generally do not rely on consent as a legal basis for the processing of your personal data, except for sending direct marketing communications to you via email or text message. In such event, you have the right to revoke your consent on your own communications received or by contacting us.

In other cases, if you refuse to provide personal data that we need by law or regulation, or because we have a contract with you, we may not be able to provide the Services properly.

We will only use your personal data for the purposes that we collect it, unless we consider that we need to use it for another reason and that reason is compatible with its original purpose. In addition, if we need to process your personal data for a new purpose not originally related, we will notify you by providing explanations about it.

We may process your personal data without human intervention to analyze transactions and consumption profile, for behavioral analysis purposes and to prevent fraud and security threats. We can also do this to decide which marketing communications are adequate for you, analyze statistics, and assess risk. All of this is based on our legitimate interests: to protect our business and develop and improve our Services.

With whom can Climber share personal data?

Because we offer a Service that include technical integrations with third parties such as Channel Managers, we might share data with them, such as your hotel availability or hotel rates.

Your personal data may be shared with state agencies and regulatory agencies to comply with legal and regulatory obligations to which we must comply in all territories where we provide our Services.

In addition, we may share your personal data in order to protect our rights, clients’ rights or third parties’ rights, to protect their legitimate interests or of others, to enforce our terms of use or other agreements, and to pursue or exercise defense in legal claims. Finally, we can share your personal data with a third party which is Pipedrive, our CRM, where we manage our leads and clients’ accounts.

We may also share data on the hotel’s operation (such as Room Nights and Revenue) anonymously for statistics.

We may also use cookies that are set by third-party analytics providers to collect usage information that we use to improve how the Websites work. For example, we use Google Analytics to collect information about the number of visitors to the Websites, where they come from, and how they use the Websites. Information generated by Google Analytics cookies about your use of the Website is transmitted to Google. To learn more about how Google Analytics collects and processes data and the choices Google may offer to control these activities, you may visit: https://www.google.com/policies/privacy/partners/

Can Climber transfer personal data internationally?

Climber is headquartered in Portugal and your personal data is collected in accordance with the Portuguese and EU law. However, we may transfer your personal data internationally to provide our Services.

Before transferring your personal data internationally, we will ensure that such transfer will occur in accordance with the high degree of protection required in this Policy. For this purpose, your personal data will only be transferred to parties located in countries or international organizations that legally have an adequate accordance of data protection or that comply with standard contractual clauses required by us.

If you reside or are located in the European Economic Area (“EEA”), we provide the following additional information to notify you of certain rights you may have under the European Union’s General Data Protection Regulation (“GDPR”) if and to the extent it applies.

For how long will personal data be stored?

We keep your personal data only for the necessary period to fulfill the purposes for which we collect it, including for the purposes of complying with any legal, contractual, accountability or law enforcement obligations, subject to a minimum period of 5 (five) years starting from the date of the data collection.

To determinate the appropriate retention period for personal data, we consider the quantity, nature and sensibility of the personal data, the potential risk of damage arising from unauthorized use or disclosure of your personal data, the purpose of processing your personal data and if we can achieve such purposes through other means. If certain data is no longer necessary for the purpose, it will be deleted or subject to anonymization.

If you request the exclusion of your personal data, we will delete it as soon as the above-mentioned legal maintenance period has elapsed, unless your maintenance is determined based on legal obligations or at the request of a competent authority.

What are the security standards adopted by Climber about personal data?

We have established appropriate administrative and technical security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized manner, altered or disclosed. Furthermore, we authorize access to your personal data to employees, agents, contractors and other third parties within the limits necessary to perform their activities. They will process your personal data according to our instructions and will be subject to a duty of confidentiality.

We have established procedures to deal with any suspicious personal data breach and we will notify you and any applicable regulator of any breach, in the case that we are required to do so.

Although we adopt strict safety standards, the transmission of information on the internet is not completely secure, and even though we do our best to protect your personal data, we cannot guarantee the security of your data transmitted online.

What are your rights as a data subject?

We summarize all your rights as a data subject that may be exercised by contacting us:

• Right of access. You may request and receive a copy of your personal data that we hold. Also, you may request clarifications about how we obtain your personal data, what criteria we use, what are our processing purposes and with whom we share your personal data.
• Right of rectification. You may request the rectification of personal data that is incomplete, inaccurate or outdated, through validity check of the data you provide to us.
• Right to anonymize, block or eliminate. You may request anonymization, block or deletion of personal data that you believe is being processed contrarily to this Policy or in violation of the applicable personal data protection legislation.
• Right of opposition. You may oppose to the processing of your personal data that is not executed based on your consent, if you understand that such processing is violating your rights. In such cases, we can demonstrate that we have legitimate reasons to process your personal data according to this Policy and to provide our Services properly.
• Right of exclusion. You may request the deletion of your personal data stored by Climber, processed with your consent, which is no longer necessary or relevant to the provision of the Services, as long as we have no any other reason to maintain it, such as to comply with a legal or regulatory data retention obligation or to safeguard Climber rights.
• Right not to provide consent. You may refuse to personal data processing based on your consent at any time. However, if you withdraw your consent, we may not be able to provide our Services properly, whose consequences we will explain to you.
• Right of review. You may request the review of the decisions made solely based on automated processing if you believe they are affecting your interests.
• Right of portability. You may request the portability of your personal data in a structured and interoperable format.

To submit your manifestations, you must provide an express request, on your behalf or through your legal representative, to the Climber contact addresses described in the topic below. This requirement will not have any cost to you. However, we may charge you a fee if your request is clearly repetitive or excessive, or we may refuse to answer your request under these circumstances.

In order to exercise these rights, we may have to check your identity and the validity of your personal data. This is a security measure to ensure that personal data will not be disclosed to anyone who is not entitled to receive it. Climber may also contact you for more information regarding your request.

Confirmation of data processing and access to your data will be provided immediately, in simplified form, or, by through detailed statement within 15 days. For further answers to your requests, Climber will attempt to reply you within 30 days. Occasionally, we may take longer if your request is particularly complex or if you have made multiple requests. In this case Climber will notify you and keep you updated on the progress of your request.

How to talk to Climber?

If you wish to exercise any of the rights under this Policy or the applicable law, or if you have questions, comments, or suggestions regarding this Policy, you may contact us at the following contact addresses:

Email: sales@climberrms.com
Site: www.climberrms.com

What happens if this policy is changed?

Any changes we made in this Policy will be posted on Climber page and, when appropriate. Please check often to see any updates or changes.