top of page

Privacy & Cookie Policy

At Otto Hospitality, we respect your privacy and are committed to protecting your personal data. This Privacy and Cookie Policy explains how we collect, use, store, and safeguard your information when you interact with us — whether through our website, booking platforms, or during your stay.

This policy is designed to be clear, transparent, and aligned with the requirements of the General Data Protection Regulation (GDPR) and applicable Maltese data protection laws.

 

1. Who We Are

DL Property Management, operating as Otto Hospitality, is the data controller responsible for your personal data.

Address: 57, Casa Vilhena, Triq San Gwann, Bormla (Cospicua), Malta
Email: admin@ottohospitality.com.mt

 

2. When This Policy Applies

This policy applies when you:

  • make a reservation (directly or via a third party) 

  • stay at our property 

  • visit our website 

  • contact us by email or otherwise 

  • interact with us on booking platforms 

 

3. Personal Data We Collect

We may collect and process the following categories of personal data:

Information you provide directly

  • Full name, email address, and phone number 

  • Postal or billing address (where required) 

  • Booking details and guest information 

  • Payment details (processed securely via third-party providers — we do not store full card details) 

  • Dietary requirements, allergies, or accessibility needs 

  • Pet-related information where relevant 

  • Any communications you send to us Information collected automatically

  • IP address and device/browser information 

  • Website usage data (pages visited, time spent, navigation patterns) 

  • Booking and transaction records via our systems 

  • CCTV footage in public areas of the property (see Section 7) 

 

4. How We Use Your Data

We use your personal data to:

  • manage and administer your reservation 

  • communicate with you before, during, and after your stay 

  • process payments and security deposits 

  • accommodate any preferences or requirements you provide 

  • comply with legal and regulatory obligations 

  • maintain the safety and security of guests and property 

  • detect, prevent, and investigate fraud or misuse of our services 

  • improve our services and website experience 

Where you have given consent, we may also send occasional updates, offers, or news about Otto Hospitality.

 

5. Legal Basis for Processing

We process your data under the following legal bases:

  • Contractual necessity – to fulfil your booking 

  • Legal obligations – including tourism and tax requirements 

  • Legitimate interests – to operate and improve our business and ensure security 

  • Consent – for marketing communications and non-essential cookies 

 

6. Sharing Your Data

We only share your data where necessary and in accordance with applicable data protection laws.

Service providers

  • Payment processors (e.g. Stripe) 

  • Property management systems (e.g. Beds24) 

  • IT, hosting, and analytics providers 
     

Booking platforms

Where your reservation is made through platforms such as Booking.com, Airbnb, or similar, your data is also subject to their privacy policies.

Legal and regulatory authorities

We may disclose personal data where required to comply with legal obligations, respond to lawful requests, or establish, exercise, or defend legal claims.

Business transfers

In the event of a sale, merger, or restructuring of our business, personal data may be transferred as part of that transaction in accordance with applicable data protection laws.

We do not sell your personal data to third parties.

 

7. CCTV

CCTV operates in public areas of the property for safety and security purposes.

  • No cameras are installed in guest rooms or private areas 

  • Footage is typically retained for up to 30 days 

  • Data may be retained longer if required for legal or security reasons 

CCTV is used on the basis of our legitimate interest in protecting guests, staff, and property. Appropriate signage is displayed throughout monitored areas.

 

8. Marketing Communications

We will only send you marketing communications where you have actively opted in.

You may unsubscribe at any time by:

  • clicking the unsubscribe link in emails 

  • contacting us directly 

Please note that we may still contact you regarding your booking or stay even if you opt out of marketing communications.

We will never share your details with third parties for their own marketing purposes.

 

9. Data Retention

We retain personal data only for as long as necessary:

  • Booking and guest records: typically up to 5 years 

  • Payment data: managed securely by payment providers 

  • CCTV footage: up to 30 days 

  • Marketing preferences: until withdrawn 

After this, data is securely deleted or anonymised.

 

10. Cookies & Website Tracking

Our website uses cookies and similar technologies to ensure functionality and improve your experience.

What are cookies?

Cookies are small text files placed on your device when you visit a website.

Types of cookies we use

Essential cookies
Required for the website to function properly (e.g. booking functionality and security).

Functional cookies
Allow the website to remember your preferences (such as language or region).

Analytics cookies
Help us understand how visitors use our website so we can improve it.

Marketing cookies (if applicable)
Used only with your consent to deliver relevant content or promotions.

We may use trusted third-party analytics tools to better understand website usage.

 

Managing cookies

When you first visit our website, you will be presented with a cookie banner allowing you to:

  • accept all cookies 

  • reject non-essential cookies 

  • customise your preferences 

You can also control cookies through your browser settings at any time.

Please note that disabling certain cookies may affect website functionality.

 

11. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission 

  • Transfers to countries with recognised adequacy decisions 

 

12. Data Security

We take appropriate technical and organisational measures to protect your data, including:

  • secure systems and access controls 

  • encryption where appropriate 

  • use of trusted, compliant service providers 

While we take all reasonable steps, no system can be completely secure.

 

13. Children’s Data

We may process personal data relating to children where this is provided as part of a booking (for example, where a parent or guardian includes children in a reservation).

We do not knowingly collect personal data directly from children without parental involvement.

 

14. Your Rights

Under GDPR, you have the right to:

  • access your personal data 

  • correct inaccurate data 

  • request deletion of your data 

  • restrict or object to processing 

  • request data portability 

  • withdraw consent at any time 

To exercise your rights, contact us at:
admin@ottohospitality.com.mt

You also have the right to lodge a complaint with the Office of the Information and Data Protection Commissioner in Malta.

 

15. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices, and we encourage you to review their policies separately.

 

16. Changes to This Policy

We may update this Privacy and Cookie Policy from time to time. The latest version will always be available on our website.

 

17. Contact

DL Property Management
Otto Hospitality
57, Casa Vilhena, Triq San Gwann
Bormla (Cospicua), Malta

Email: admin@ottohospitality.com.mt

bottom of page