Please read it carefully. It contains important information about the processing of your personal data and your rights under applicable data protection laws.
You declare that the data you provide us with, now or in the future, are correct and truthful and you undertake to inform us of any changes to them. In the event of providing personal data of third parties, you undertake to obtain the prior consent of those concerned and to inform them of the content of this policy.
In general, the fields marked as mandatory on our forms must be completed in order to process your requests.
- Who is responsible for the processing of your data? The person responsible for the processing of the personal data collected on this website is HOTEL BENDINAT S.L. (hereinafter, HOTEL BENDINAT), with address at calle Andrés Ferret Sobrat nº 1, 07181 Calvià (Illes Balears); Tel. +34 971 675 725; Email: firstname.lastname@example.org
- What will we process your data for and on what legal basis?
2.1 Management of the relationship with customers and users: We process the data that our customers and users provide in their queries in order to attend to their requests.
This processing is necessary for the execution of the legal relationship with the users of the website or for the implementation of pre-contractual measures at their own request.
2.2 Account management: We process the data that our users provide in the registration form on the website, as well as those registered in their profile, to create and manage their accounts and to give them access to the functionalities available to registered users.
These processing operations are necessary for the application of pre-contractual measures at your request.
2.3 Management of accommodation and service bookings: The data provided in the forms for booking accommodation or contracting services will be processed for the management of said bookings and the provision of the services requested. The categories of data we process for these purposes are as follows:
– Identification data (name, surname and ID card/passport) and contact data (address, email and telephone) of the reservation holder;
– Details of the reservation, voucher or service requested.
– Financial and transaction data.
The processing of this data is necessary for the provision of the requested services, the execution of the hosting contract or for the application of pre-contractual measures at your request.
The economic data and data on transactions of goods and services carried out on the website will be processed for accounting and administrative management purposes and the fulfilment of our legal obligations in accounting and tax matters.
2.4 Sending of commercial communications and management of distribution lists: We process the identification and contact data provided by our customers and the people who register on our distribution lists in order to send them communications relating to our products and services.
These processing operations are based on the consent you are asked to provide. Not giving your consent or withdrawing it does not condition the processing of your bookings or the provision of the contracted services.
You may request to unsubscribe from the processing for commercial purposes by sending an email to the following email address email@example.com.
2.5 Administration and management of web security: We process browsing data (IP addresses or logs) to administer and manage the security of the website and its restricted access areas.
This processing is based on our legitimate interest in ensuring the security of the website. This interest is expressly recognised by recital 49 of the GDPR. In weighing this interest against your rights and freedoms, we have taken into account that this processing corresponds to general security practices and does not pose significant threats to data subjects.
2.6 Statistical and quality management purposes: In order to evaluate and manage the quality of our services and products, we process identification data and contact details provided by our customers in their requests or suggestions. We also perform statistics based on aggregated data obtained from transaction data and web browsing data, e.g. IP address, weblogs, pages visited or actions performed on the Website (+ info in our cookies policy).
These processing operations are based on our legitimate interest in evaluating and managing the quality of our services and products. In weighing this interest against your rights and freedoms, it has been determined that the processing had a limited impact on the privacy of data subjects, corresponded to reasonable expectations of data subjects and did not pose significant threats.
- To whom may we disclose your data?
Your data will only be disclosed to third parties if we are legally obliged to do so, with your consent or if your request involves such disclosure.
- How long will we keep your data?
In general, we keep your data for the duration of your relationship with us and in any case for the periods provided for in the applicable legal provisions, e.g. in accounting and tax matters, and for as long as necessary to meet any liabilities arising from the processing. We will delete your data when they are no longer necessary or relevant for the purposes for which they were collected. Logs of access to restricted areas of the website will be deleted one month after their creation. The information related to browsing will be cancelled once the web connection has ended and the statistics have been carried out.
Data processed for commercial purposes will be kept for as long as you do not request their deletion.
- What are your rights?
You have the right to obtain confirmation as to whether or not we are processing your personal data and, if so, to access them. You may also request that your data be corrected if it is inaccurate or that incomplete data be completed, as well as request its deletion if, among other reasons, the data is no longer necessary for the purposes for which it was collected.
In certain circumstances, you may request that we restrict the processing of your data. In this case, we will only process the data concerned for the formulation, exercise or defence of claims or for the protection of the rights of other persons. Under certain conditions and for reasons relating to your particular situation, you may also object to the processing of your data. In this case, we will stop processing the data except for compelling legitimate reasons which override your interests or rights and freedoms, or for the formulation, exercise or defence of claims.
You may also, under certain conditions, request the portability of your data to be transferred to another data controller.
You may withdraw your consent for certain purposes at any time, without this affecting the lawfulness of the processing based on the consent prior to its withdrawal.
You also have the right to lodge a complaint with a data protection authority.
Please note that the European Personal Data Protection Regulation also recognises the right to data portability.
You also have the right to object to automated individual decisions that produce legal effects on you or significantly affect you in a similar way, where this right is provided for in Article 22 of Regulation (EU) 2016/679.
To exercise your rights, you must send us a request accompanied by a copy of your national identity card or other valid document identifying you by post or email to our Data Protection Officer at the addresses indicated in the section Who is the controller of your data?
You can obtain more information about your rights and how to exercise them on the website of the Spanish Data Protection Agency at www.aepd.es