Privacy Policy

We, at The Norman Hotel Ltd. (hereinafter collectively: “the Hotel” or “we”), deeply respect the privacy of our guests and clients, and place great value in protecting their privacy and the security of their information.

We are committed to upholding the policy set out below (hereinafter: “the Privacy Policy”). The purpose of this policy is to explain how we handle matters relating to your privacy, and how we use the personal information (as defined by law, hereinafter: “Personal Information”) provided to us by you or collected by us in the course of our dealings with you and your stay at the Hotel.

This Privacy Policy constitutes an addendum to the General Terms and Conditions to which you commit upon making a reservation and/or staying at the Hotel, supplementing rather than detracting from those terms, and forming an integral part thereof.

In order to complete a reservation or receive services from the Hotel, you will be asked to explicitly consent to this Privacy Policy. Your explicit consent constitutes the legal basis for the collection and processing of your Personal Information as detailed herein.

1. Who We Are and How to Contact Us

The Norman Hotel through King Albert Ltd, 23-25 Nachmani Street, Tel Aviv-Jaffa, Israel, holds and operates the databases in which your details will be stored. The Hotel is the “data controller” of those databases, as defined under the Privacy Protection Law and Amendment No. 13.

You are welcome to contact us with any question, access request, rectification, removal, or any matter relating to your Personal Information:

• Email: Reservations@thenorman.com
• Phone: +972-3-5435555
• Address: 23-25 Nachmani Street, Tel Aviv-Jaffa 6579441, Israel

The Hotel will endeavor to respond to all data subject inquiries within 30 days.

2. Notice of Data Processing – Disclosure Obligation

In accordance with Section 11 of the Privacy Protection Law, as updated by Amendment No. 13, we hereby disclose the following to you:

• Mandatory vs. voluntary disclosure: most of the information we request is provided voluntarily. However, certain basic details (full name, contact information, stay dates) are required in order to process your reservation.
• Consequences of refusal: failure to provide the required information may prevent us from processing your reservation or delivering the requested service. You will not be able to complete a reservation without providing the details required during the booking process.
• Purpose of collection: detailed in Section 4 below.
• Identity of the data controller and contact details: King Albert Ltd. – see Section 1 above.
• Data transfers to third parties: detailed in Section 6 below.
• Rights of access and rectification: detailed in Section 8 below.

3. Information We Collect and Store About You

We collect and store information about you when we provide services at your request, in the ordinary course of managing the Hotel. Among other things, we collect and store information provided by you while browsing our websites, during the reservation process, at check-in, throughout your stay, and at check-out.

Information may also be collected when you call our phone center, make a purchase or reservation on our website, visit the Hotel as a guest or visitor, or through travel agents, consumer clubs, survey companies, and various service providers with whom we work.

We may collect the following information about you:

3.1 Information You Provide Directly

• Identifying details: your full name, nationality, identity card / driver’s license / passport details, date of birth.
• Contact details: residential address, email address, phone number, and other contact information.
• Financial details: credit card details and other financial information for the purpose of reservations and payments – transmitted via encrypted, secure channels and not stored in full after the transaction is completed.
• Reservation and stay history: data on previous reservations and activities purchased during prior stays.
• Family details: information about your family members, including children, and persons who stayed with you at the Hotel.
• Special requests: room preferences and special requirements associated with your stay.
• Sensitive information (as defined under Amendment No. 13): medical information, food allergies, disabilities – collected only with your explicit consent and for a specific purpose disclosed at the time of collection.

3.2 Information Collected Automatically

• Surveillance footage (CCTV): public areas and facilities of the Hotel are recorded by closed-circuit cameras for the purpose of ensuring your safety and the safety of Hotel staff. Footage is retained for a period not exceeding 30 days, in accordance with applicable law.
• Browsing and network data: when you connect to the Hotel’s Wi-Fi or website, our systems may collect information regarding your IP address, browser type, access time, pages viewed, and referring URL.
• Cookies: by type – see Section 5 for details.

4. How We Use Your Information

We may use your Personal Information solely for the following purposes:

• Contacting you to provide services and coordinate your stay at the Hotel, including changes or updates relating to your reservation.
• Providing better service to you and your family members during your current stay and any future stays.
• Responding to your inquiries and inquiries relating to your information.
• Maintaining the safety of you, other guests, and Hotel staff.
• Complying with legal obligations and disclosing information to authorities in accordance with applicable law.
• Notifying you of changes to our Privacy Policy.
• Statistical and aggregate use, combined with information from other guests, to improve our service and streamline operations – while minimizing the use of personal details wherever possible.
• Sending marketing offers, promotions, special events, and newsletters – subject to your explicit consent only, and revocable at any time.

The Hotel will not use your Personal Information for any purpose not listed above without first obtaining your explicit consent.

The legal basis for the collection and processing of your information may be one or more of the following: the existence of a contract between us and the provision of services at your request; the need for the proper administration of the Hotel’s operations in accordance with applicable law; compliance with a legal obligation; or your explicit consent.

5. Use of Cookies

Our websites use “cookies” and other similar technologies for the purpose of their proper day-to-day operation and to improve the services provided through them. Cookies are small files embedded in a user’s browser or device, used to identify the user and collect information about their activity on the website.

We use the following types of cookies:

• Essential (technical) cookies: required for the secure and proper functioning of the website (e.g., session management, security). These operate without requiring your consent.
• Functional cookies: save your website settings – such as preferred language, previous booking details, and the last hotel you searched for. These operate subject to your approval.
• Session cookies: stored temporarily only and deleted when you close your browser. Used to understand your browsing patterns on the website.
• Marketing, tracking, and advertising cookies (e.g., Google Analytics, Social Plug-ins, advertising pixels): collect information for targeted advertising and content tailored to your preferences. These operate only upon your explicit consent.

You may manage your cookie preferences through your browser settings or via the Cookie Consent Banner on our website. Please note that blocking essential cookies may impair the proper functioning of the website. Additionally, third parties advertising on the website may use cookies that are not under our direct control, subject to their own privacy policies.

6. Disclosure of Information to Third Parties

The Hotel will not sell, rent, or transfer your Personal Information to third parties, except in the following circumstances:

• Service providers acting as “holders” on our behalf (as defined under Amendment No. 13), such as credit card companies, hotel management software providers, mailing services, and reservation systems – subject to data processing agreements and their commitment to confidentiality and data security.
• Government authorities – where disclosure is required by law (e.g., the Israel Tax Authority, the Israel Police, the Privacy Protection Authority).
• With your explicit consent.

In all cases of transfer to a third party, we take care to verify that the recipient implements adequate security measures and receives only the information necessary to carry out the requested actions.

7. Security and Retention of Your Information

We are committed to protecting your information and employ appropriate technological and organizational security measures in accordance with the Privacy Protection Regulations (Data Security), 5777-2017, to safeguard the integrity and confidentiality of the information stored in our systems.

The Hotel operates at the level of data security required by the Regulations, in accordance with the classification of its database. That said, as with any system, we cannot guarantee absolute protection against unauthorized access or intrusion.

In the event of a security incident (such as a data breach) affecting your information, the Hotel will report the incident to the Privacy Protection Authority in accordance with applicable law, and will act to notify you as promptly as possible.

7.1 Data Retention Periods

Your Personal Information will be retained only for as long as necessary, in accordance with the following categories:

• Financial records and reservation logs: at least 7 years, pursuant to tax and accounting legislation.
• CCTV footage: up to 30 days, unless otherwise required by law.
• Marketing data and mailing lists: until you withdraw your consent.
• Reservation and stay history: for the purpose of providing better service during future stays – in accordance with the need for the proper administration of the Hotel’s operations and applicable law.

Information that is no longer required will be deleted securely and irreversibly.

8. Access, Rectification, and Additional Rights

In accordance with the Privacy Protection Law, 5741-1981, and Amendment No. 13, you have the following rights:

• Right of access (Section 13 of the Law): to review the Personal Information stored about you in the Hotel’s databases. The Hotel will respond to your request within 30 days of receipt.
• Right of rectification (Section 14 of the Law): if upon reviewing the information you find that it is incorrect, incomplete, unclear, or outdated, you are entitled to contact us and request that it be corrected. If the Hotel declines to make the correction, it will notify you in writing and allow you to attach a statement on your behalf to the record.
• Withdrawal of consent to marketing communications: at any time, without conditions, by contacting us or clicking the “Unsubscribe” link in any marketing message.
• Right to lodge a complaint: you may contact the Privacy Protection Authority (www.gov.il/privacy) if you believe that the processing of your information does not comply with the requirements of the law. You also have the right to apply to the Magistrates’ Court in accordance with applicable law.

Such requests may be submitted to us by email at Reservations@thenorman.com. We will respond to your inquiry as promptly as possible and no later than 30 days.

9. Personal Data Database

The Personal Information you provide is stored in the Hotel’s database in accordance with the Privacy Protection Law. The Hotel is the “data controller” as defined under Amendment No. 13.

Under Amendment No. 13, the obligation to register a database applies only to public bodies and to entities that trade in the personal data of more than 10,000 individuals. The Hotel operates in accordance with all applicable legal requirements.

10. Updates and Changes to This Privacy Policy

We reserve the right to amend and update this Privacy Policy from time to time in response to changes in law, technology, or business operations. Material changes will be published on the Hotel’s website at least 30 days prior to taking effect. Guests whose data is already in our possession will be notified personally of any material changes.