Your security is The Hotel’s top priority
Security is key
At The Hotel, we take your security seriously. A team of specially trained security staff is available 24/7, working alongside a proven system of high-end security equipment, 120 HD and infrared cameras located at every entrance, floor and parking level, and a ©Milestone XProtect Smart CCTV recording array.
Your well-being and privacy are paramount, which is why a ©Kaba Safe Lock system is installed throughout the hotel, ensuring your floor and room are only accessible using your designated room key. For additional personalised security needs, armed bodyguards and extra security staff are also available upon request.
Any security or safety questions or concerns? We’re here for you - contact the security team at +32 2 504 44 37.
PRIVACY NOTICE
CCTV (Closed Circuit Television) data
Last updated on 14/03/2023
This Privacy Notice describes the video surveillance system at The Hotel.Brussels (hereinafter — the “Hotel”) and the safeguards adopted by the Elba Leasehold SRL (hereinafter — the “Data Controller”) to protect Your personal data. The processing of Your data in the context of video surveillance by the Data Controller is based on the Belgian Camera Act of 21 March 2007 (as amended) and the Regulation 2016/679 of the European Parliament and the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”).
Purposes of personal data processing
The Data Controller collects data through the CCTV system for various reasons:
To ensure the security of the building, guests and visitors, as well as property and information located or stored on the premises;
To prevent, deter, and if necessary, investigate unauthorised physical access, including unauthorised access to secure premises and protected rooms, IT infrastructure, or operational information;
To prevent, detect and investigate a theft of equipment or assets owned by the Data Controller, guests, visitors, acts of vandalism or threats to the safety of guests, visitors of the Hotel (e.g. fire, physical assault).
It’s important to note that the location and positioning of the video cameras is not intended to cover the surrounding public space. The cameras are aimed to give a general overview of what is happening in certain places relevant to the security of the premises.
The purpose of data processing is not to recognise people unless a security or data protection incident is involved. The system is not used as an investigative tool or to obtain evidence in internal investigations or disciplinary procedures unless a security or data protection incident is involved. In exceptional circumstances, the data may be transferred to internal (e.g. Data Protection Officer) and external (e.g. police forces, the Data Protection Authority) compliance, security or investigatory bodies in the framework of data protection compliance, a formal disciplinary or criminal investigation.
The CCTV cameras are placed and focused on such a way that only people who want to access or exit the site or the annexed facilities are captured. The CCTV system covers the area of entry and exit points of the building, entry points inside the building, delivery, and the outer area of the building.
Legal basis for personal data processing
The Data Controller uses video surveillance equipment for security purposes which is a legitimate interest of the Data Controller under Article 6.1.f of the GDPR.
Where cameras are used, there’s one clearly visible, on-the-spot sign with the contact information of the Data Controller, the Data Protection Officer and a url link leading to the CCTV Privacy Notice with more information on video surveillance activities.
Information the Data Controller collects from You
The Data Controller only collects images caught on camera, no sound or voice is recorded.
Special categories of personal data
The CCTV System is not used by Data Controller to collect and/or process any special categories of personal data, as defined in Art. 9 GDPR: personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data (when processed for the purpose of uniquely identifying individuals, through appropriate technology, e.g., fingerprint scanners), data concerning health or data concerning a natural person’s sex life or sexual orientation.
Contact details of the Data Controller
The Data Controller is responsible for the processing of Your personal information. Contact details of the Data Controller:
Elba Leasehold SRL, Boulevard de Waterloo 38, 1000 Brussels, Belgium
Tel.: +32 (0) 2 504 11 11
Email: privacy@thehotel.be
Recipients of the personal data
The video images and streaming can be accessed only by the security department.
Access to the hard-disk video recorder is highly limited, being protected by a password. The data cannot be accessed without the authorisation of the General Manager and/or Security Manager.
Data transfers
The Data Controller does not sell or otherwise disclose Your personal data collected for this purpose to third parties. Only government officials (police, fire department, judicial department, the Belgian data protection authority, etc.) can - only when required by law - request and receive access to the data footage.
Retention period
The Data Controller retains the personal data processed no longer than necessary for the purpose for which it was collected (including as required by applicable law or regulation). The recorded data is erased automatically after a period of maximum 30 days when it is automatically overwritten by new video footage.
Your rights under the GDPR
As a data subject, under the GDPR You have certain rights over Your personal data and data Data Controller is responsible for fulfilling these rights.
Right of access
You have a right of access to personal data held by Us as the Data Controller. This right may be exercised by emailing Us at privacy@thehotel.be. We will aim to respond to any requests for information promptly, and in any event within the legally required time limits (currently 30 days).
To update personal data submitted to Us, you may email Us at privacy@thehotel.be.
Right to rectification
Modifying the CCTV footage is not allowed. However, You can modify the report written in connection with a security incident, if applicable in Your case.
Right to erasure
You have the right to delete Your data at any time by sending an email request to privacy@thehotel.be when the processing activity is unlawful.
Right to object
You have the right to object at any time by sending an email request to privacy@thehotel.be, when You have legitimate reasons relating to your situation. The Data Controller will address Your request within 30 days from the receipt of the request.
This privacy statement is intended to provide information about what personal data We collect about You and how it is used. Along with the rights of access and amendments referred to above, individuals also have other rights in relation to the personal data We hold, such as a right to restrict processing of personal data and the right to data portability.
If You wish to exercise any of these rights, please send an email to privacy@thehotel.be.
Complaints
You have a right to complain about Our use of Your personal data. In order to do so, please send an email with the details of Your complaint to our DPO:
CRANIUM NV
Excelsiorlaan 43, 1930 Zaventem
Email: privacy@thehotel.be
You also have the right to lodge a complaint with the Belgian Data Protection Authority: www.gegevensbeschermingsautoriteit.be
Security of personal data
The Data Controller is committed to protecting the security of Your personal data. Therefore, We use several security technologies and procedures to help Us protect Your personal data from unauthorised access, use or disclosure. We keep Your data on video and computer systems that are limited in access and are in controlled facilities.
Updates of the CCTV Privacy notice
We may amend or update this Privacy notice from time to time to reflect changes in Our practices with respect to the processing of Your personal data, or changes in applicable law.