1. INFORMATION FOR USERS
GESTIHOTELS ALEGRIA S.L, hereinafter the CONTROLLER, is responsible for the processing of Users� personal data and hereby informs you that the said data will be processed in accordance with the provisions of the regulations in force governing the protection of personal data, Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and as such you are hereby informed as follows with regard to the said processing:
Purpose of the processing: to maintain a commercial relationship with the User. The operations envisaged in order to carry out the processing are as follows:
- The sending of commercial advertising communications, provided that this has been authorized in advance, by e-mail, fax, SMS, MMS, social networks, or any other electronic or physical medium, present or future, that enables the performance of commercial communications. Said communications shall be performed by the CONTROLLER and shall relate to its products and services, or those of its associates or suppliers with which it has reached a promotional agreement. In this case, the third parties will never have access to the personal data.
- The performance of statistical research.
- The processing of orders, requests, or any applications of any kind made by users through any of the contact methods made available to them.
- To send the website's newsletter.
Criteria for storing the data: the data will be stored for as long as there is mutual interest in maintaining the purpose of the processing, and once they are no longer necessary for this purpose they will be deleted in accordance with suitable security measures to ensure the pseudonymization of the data or their complete destruction.
Sharing of the data: The data will not be shared with third parties, unless there is a legal duty to do so.
- The right to withdraw consent at any time.
- The right to data portability and to access, correct, and delete their data, and to limit or object to the processing of their data.
- The right to file a claim before the supervisory authority (agpd.es) where they consider that the processing is not in accordance with the regulations in force.
Contact details to exercise your rights:
GESTIHOTELS ALEGRIA S.L
Postal address: Carretera N II, Km 672,5 - Santa Susana 08398 (BARCELONA)
.................................................. - ..................................................
2. COMPULSORY OR DISCRETIONAL NATURE OF THE INFORMATION SUPPLIED BY USERS
Users, by ticking the corresponding checkboxes and filling in their details in the various fields marked with an asterisk (*) on the contact form or presented in downloadable forms, expressly and unequivocally accept that their data are necessary in order for the service provider to process their request, and that the inclusion of data in any other fields is voluntary. Users warrant that the personal data supplied to the CONTROLLER are true, and they undertake to notify any changes to the said data.
The CONTROLLER expressly informs and warrants to users that their personal data will not be assigned to third parties under any circumstances, and that should it carry out any kind of assignment of personal data, it will seek the express, informed, and unequivocal consent of Users in advance. All data requested via the website are compulsory given that they are necessary for the provision of an optimal service to Users. We cannot guaranty that the information and services supplied will be fully adjusted to your needs if not all data are supplied.
3. SECURITY MEASURES
That in accordance with the provisions of the regulations in force governing the protection of personal data, the CONTROLLER is in compliance with all provisions of the GDPR regulations governing the processing of the personal data for which it is responsible, and specifically with the principles described at article 5 of the GDPR, and as such they are processed in a manner that is lawful, fair, and transparent in relation to the data subject, and adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER warrants that it has implemented suitable technical and organizational policies in order to apply the security measures established by the GDPR to protect the rights and freedoms of Users, and it has provided them with the information necessary in order to exercise them.