Icon close
Gifts Book now

Privacy policy Hotel Astoria

1. Introduction

The management of Hotel Astoria De Haan places great importance on your personal data. It is of utmost importance to us that any processing of personal data takes place with respect for the privacy of the individual. For this reason, we do our utmost to ensure that any processing of personal data takes place in accordance with the General Data Protection Regulation (the "GDPR") and other applicable legislation.

This privacy statement (the "Statement") applies to personal data of guests, customers and suppliers, and all other individuals who may be registered through our IT systems (such as reservation systems), website, apps, loyalty programs or whom we receive through travel agencies, booking sites, and the like.

Who is the data controller?

Hotel Astoria De Haan
Leopoldlaan 7
8420 De Haan
VAT: BE 0738 544 241

2. How do we collect personal data?

Depending on the situation, we collect information directly from you or through other sources.

From you
When you contact us regarding a reservation or to make a hotel reservation, if you have special requests related to your visit, or if you use the social media we offer, we collect and process the information you provide to us. This information may include sensitive personal data, such as information about allergies.

From other sources
When someone makes a reservation for you, we process that personal data about you.

Sometimes we also receive personal data from third parties (including other companies in our group) with whom we do business or who are suppliers to us.

In addition, we or a third party, to the extent permitted by law, may use tracking tools (such as cookies) in certain circumstances to collect information about you. More information about the use of cookies on our website can be found in our cookie policy.

3. What are Cookies?

There are various types of cookies, including:

  • Session cookies or temporary cookies, which are automatically deleted shortly after your visit;
  • Technical cookies, which can keep track of your language preferences;
  • Tracking cookies, which follow and track your behavior on the website;
  • Social cookies, which are linked to social media.
  • The cookies are placed by the website server or by a partner of the website.

The website server can only read its own cookies that have been placed and does not have access to the rest of the information stored on your PC, laptop, tablet, or phone.

A cookie allows the server to identify the PC on a subsequent visit and to automatically display, for example, the preference settings stored on it.

The use of cookies is mainly intended to improve the user experience on a subsequent visit to the website.

More information about cookies can be found on the following website: https://www.aboutcookies.org

4. Your rights regarding cookies

Article 129 of the Law of 13.06.2005 concerning electronic communications (B.S. 20.06.2005) regulates the use of cookies.

In accordance with Belgian legislation, cookies can only be installed on your computer after you have been clearly informed and have given your consent.

This rule does not apply to cookies that are essential for establishing communication (technical storage of information) or to provide services specifically requested by the user and where the use of cookies is strictly necessary for this purpose.


We would like to inform you that most web browsers automatically install the majority of cookies on your computer or mobile device by default.

You can configure your browser to receive a notification when a cookie is placed or to refuse the installation of cookies.

You can also delete previously installed cookies.

Deleting or refusing cookies may affect the user experience and may potentially result in certain pages of the website not functioning properly.


Clicking through to other areas of the website is considered an undisputed approval of the use of cookies and the cookie policy.

Previous consent can also always be withdrawn.
This website only uses cookies from reliable partners.

If you notice anything suspicious for any reason, please contact us.

5. Which cookies are used on this website?

Session/ essential cookies
These cookies are essential to be able to visit the website or certain parts of it.

Technical/functional cookies
These cookies provide a more personalized browsing experience and will make it more enjoyable to visit our website.

Technical/functional cookies
These cookies provide a more personalized browsing experience and will make it more enjoyable to visit our website.

Users who do not want their data to be reported by Google Analytics can use the Google Analytics Opt-out Browser Add-On.

See also Google's privacy policy at: https://privacy.google.com

Under certain circumstances, we process personal data about you that comes from public sources, such as social media. This is the case, for example, when you post a review about our hotel on a website.

When we receive personal data about you from other sources, we will inform you about this in accordance with the GDPR.

Different types of processing activities

Guest information
Type of personal data

  • contact information (such as your name, email address, phone number, and address),
  • demographic information (such as age, gender, and language),
  • stay information that may contain sensitive personal data, such as allergy information,
  • payment information (such as credit card number),
  • business information,
  • information about your (previous) reservations (such as past visits, arrival date, departure date),
  • information (such as feedback about our hotels and services) that you have sent us (for example, by participating in a satisfaction survey).

Legal basis for processing:

  • your consent (when we have asked for it and you have given it),
  • the performance of a contract to which you are a party or the measures taken at your request to enter into a contract (for example, in the context of a reservation),
  • a legal obligation (for example, the legal obligation for hotel providers to register hotel guests),
  • our legitimate interest. For example, we have a legitimate interest in asking our guests about their stay so that we can continually improve our services. When we process your personal data based on our legitimate interest, we ensure that there is a balance between our interests and your rights and freedoms.


To provide you with the services and products you have requested (for example, in connection with a reservation), to evaluate and improve our services, and to comply with our legal obligations (for example, to register hotel guests).

Information about contacts
Type of personal data: contact details such as name, email address, and telephone number.

Legal basis for processing
Our contractual relationship or our legitimate interests - we use your data in a way that you can reasonably expect and that has a minimal impact on your privacy (or if there is a compelling necessity for processing) and only in accordance with the purpose. When we process your personal data on the basis of our legitimate interests, we ensure that there is a balance between our interests and your rights and freedoms.

We process personal data for the management of the supplier relationship, for contacts in various matters, billing and marketing (if applicable), or to communicate with you and your business in other ways.

6. Social media

The social media buttons on this website are included to enable sharing of pages via social media networks Twitter, LinkedIn, Facebook, and Google+. If you click on these buttons, your personal data will be processed by the respective social media network. Please read the privacy policies of Twitter, LinkedIn, Facebook, and Google+ to see how these networks handle your personal data.


Type of personal data
Name, email address, phone number, and any other personal data that you transmit to us via email.

Legal basis for processing
Consent (where we have asked for it and you have given it) or that the processing is necessary for the performance of a contract in which you are a party or to take steps at your request to enter into a contract (for example, in connection with a reservation) or on the basis of our legitimate interests. When processing on the basis of legitimate interest, we ensure a balance between our legitimate interests and your rights and freedoms.

To provide you with the services and products you want and to market our services and products and communicate with you.

7. Personal data of children

To the best of our knowledge, we do not have contact with children under the age of 18, nor do we collect personal data from them without relevant consent from a parent or guardian. If you believe that we have inadvertently collected such information, please contact us so that we can immediately request parental consent or remove the information.

8. Direct marketing

Type of personal data
Name and email address

Legal basis for processing
Hotel Astoria has a legitimate interest in sending marketing information to its customers regarding similar products and services (for example, invitations to events, promotions and special offers, ...). If you do not wish to receive our messages, you can express your preference at the time we collect your information (for example, on the form you fill out at check-in). If you are not a guest or customer, we may use your personal data to send you marketing information about similar products and services (for example, invitations to events, promotions and special offers, ...) if you have given us permission to do so.

If you have given consent to receive marketing, you can withdraw your consent at any time. If we process your data for marketing purposes, you also have the right to object at any time (see below for more information about your options and rights in this regard). For example, you can object by using the unsubscribe links in the relevant communication.

We use your data to keep you informed about our services, events, and promotions.

9. Camera surveillance

Hotel Astoria uses camera surveillance. Camera surveillance is considered particularly sensitive from a privacy point of view, and it is of great importance that any camera surveillance takes place in accordance with relevant legislation. The camera images are processed on the basis of our legitimate interest in securing and protecting our hotel and our guests. Entering a place where a pictogram indicates that camera surveillance is taking place is considered prior consent under Belgian camera legislation.

The camera images are processed in accordance with camera legislation. Hotel Astoria has indicated the camera surveillance by means of a pictogram, has notified the competent authority of the cameras and has recorded information in a specific register.

Please contact us if you require more information about our camera surveillance (see contact details below).

10. Profiling

In order to provide you with premium service every time you visit our hotel, we may keep a profile about you, which may contain information about your previous stays (such as how often you visit our hotel, when you last visited our hotel, as well as financial information about your previous stays).

The processing of your personal data is based on our legitimate interest in being able to offer personalized customer service.

11. Jobs

Type of personal data
The data you provide to us, such as your name, phone number, email address, CV, and your motivation. In some cases, Hotel Astoria also receives data from third parties, such as social networks through which you apply, e.g. LinkedIn, selection and recruitment agencies that carry out tests as part of the application process, your former employer, but only if you have given us permission to do so.

Legal basis of personal data
Depending on the individual case, the processing of your personal data for recruitment and selection purposes is based on:

  • your consent, e.g. to contact your former employer or to share your data;
  • your request to take steps prior to entering into a contract, for example if you send us your (spontaneous) application; or
  • our legitimate interest, including identifying, screening, and evaluating applicants for potential employment and maintaining a recruitment reserve.

After the recruitment and selection process is completed, Hotel Astoria keeps your data in its recruitment reserve for future vacancies. In the communication in which we inform you of the decision on your vacancy, we offer you the opportunity to object to this.

Hotel Astoria collects and uses your personal data solely for recruitment and selection purposes as set out above.

12. Who are the recipients or categories of recipients receiving the personal data?

To serve you, we may share your personal and anonymous data with:

  • Other companies, such as service providers, contractors, and companies we work with. Their use of information is limited to these purposes and subject to agreements that bind them to confidentiality. Our service providers assure us that all reasonable measures are taken to protect the data they keep on our behalf, even though no guarantees can be offered regarding data security.
  • Third parties providing data processing services to us (e.g. marketing service providers or IT service providers).
  • Other companies (e.g. to facilitate reservations).
  • Lawyers or advisors.
  • Relevant authorities (e.g. in the context of our obligation to register guests).
  • Analysis companies may access anonymous data to help us understand how our services are used. They use this data solely on our behalf. They do not share it, except in aggregated form; no data of individual...

Potential Subsequent Transferees of the Business: In the event of plans for a third party to acquire all or part of our business, your information may be transferred to the transferee.

13. Are data transferred to third countries?

In principle, we do not transfer personal data to a third country (i.e. a country outside the EU/EEA). However, it is possible that service providers working for Hotel Astoria may process your personal data outside the EEA. When this happens, Hotel Astoria aims to ensure an adequate and sufficiently high level of protection for your personal data (e.g. by concluding the standard clauses of the European Commission between the parties processing data outside the EEA - Article 46 GDPR) or that another appropriate legal instrument is available. If you have any questions about the transfer of your personal data to countries outside the EEA, or if you wish to obtain a copy of the documents, you can send a dated and signed request to Hotel Astoria, attn. the director (the contact details are provided below).

14. How long are personal data stored?

We do not keep personal data for longer than necessary, taking into account the purpose of the relevant processing. Data may be kept for longer in the event of complaints or impending or pending disputes. Our managers will ensure that procedures for the deletion of personal data are followed. Please note that some laws require certain types of information to be kept for a specific longer period. For example, we are required to keep data about hotel guests for a period of at least 7 years after their stay. In principle, we keep camera images for one month.

15. What rights do you have as a data subject?

You have the right to access your data, to have your personal data corrected, in certain cases to object to processing, and to request that your personal data be erased, that its processing be restricted (a marking that the processing of personal data must be restricted to a specific purpose), and that the data be transferred to an IT carrier (data portability).

However, please note that some data is necessary to perform certain obligations, such as payment information, and therefore may not be restricted or erased.

You also have the right to withdraw your consent if processing is based on consent. Where this is the case, this will be indicated as the legal basis in the relevant sections above.

To exercise your rights under the GDPR, you must send your request, including a copy of a document proving your identity, to Hotel Astoria (see contact details below). We cannot process your request without proof of your identity.

A more detailed description of your rights as a data subject can be found below. Note that there are exceptions or conditions for the exercise of some rights.

16. The right of access

You have the right to obtain access to the personal data we process about you. If you wish to exercise this right, please send us a request as described below.

17. The right of rectification

As a data subject, you have the right to request that we correct any inaccurate personal data about you. This also means that you have the right to complete incomplete personal data, including by providing an additional statement. Such a supplement relates to personal data that is missing and which is relevant in view of the purpose of the data processing.

18. The right to erasure

You have the right to contact us and request that your personal data be erased. We have the right to refuse erasure in certain cases, including to comply with a legal obligation.

19. The right to restrict processing

In certain cases, you have the right to request that we restrict the processing of your personal data. A restriction means that the data will be marked so that it is processed only for certain limited purposes in the future. The right to restriction applies when you believe that your data is inaccurate and requires adjustment. In these cases, you can request a restriction of the processing during the period which we investigate the accuracy of the data.

20. The right to data portability

In certain cases, you have the right to receive personal data about you as a data subject that you have provided to us and the right to transfer this data to another controller. This right applies to automated processing based on your consent or on a contractual relationship with you. This right only applies to data that you have provided yourself.

21. The right to object

You have the right to object at any time to our processing of your personal data if it concerns personal data processed on the basis of a legitimate interest. In that case, we can no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which outweigh the interests, rights and freedoms of the data subject or unless the processing is related to the establishment, exercise or defense of a legal claim. legal action.

When the personal data is processed for direct marketing, you as a data subject have the right to object at any time to the processing of your personal data, including profiling insofar as it is related to that direct marketing.

Have we asked for your permission? Then you can always revoke your consent!

In certain circumstances, we need to obtain your consent to provide you with services or process your personal data. After we have obtained your consent, we will only process your personal data for the purposes related to similar services, products or the like.

In the following cases, among others, we may ask for your consent:

  • Marketing activities;
  • In relation to the processing of children's data (where we obtain parental consent);
  • If we process sensitive personal data (such as allergies).

Where the processing of your personal data is based on consent, you have the right to withdraw your consent at any time (without affecting the lawfulness of the processing carried out on the basis of the consent before the consent was withdrawn ). If you would like to withdraw your consent, please contact us using the contact details below.

22. Complaints

You always have the right to submit a complaint to the Belgian supervisory authority, the Data Protection Authority. You can reach the data protection authority at contact@apd-gba.be or via its website: www.dataprotectionauthority.be

However, if you have any questions or concerns, please contact us first to allow us to resolve the issue.

23. Security measures

We have put in place appropriate technical and organizational measures to ensure a level of protection appropriate to the risk associated with relevant processing activity (including reasonable steps to protect your personally identifiable information from unauthorized access or disclosure). We encrypt the data transfer on pages where you provide payment information. However, no security or encryption method can guarantee the protection of information from hackers or human error. Always be careful when you are active on the internet.

24. Miscellaneous

You are not obliged to provide us with information and personal data about you. However, in some cases we will not be able to offer you certain services or products if we do not obtain permission to process your personal data.

Contact details

Do you have questions or are you concerned about our privacy statement or our processing of your personal data? Then you can contact us via:

Hotel Astoria De Haan
T.a.v. Dhr Dearman - Director
Leopoldlaan 7
8420 De Haan
VAT: BE 0738 544 241


Book your stay at Hotel Astoria now

Check availability