In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and the Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD) of December 5, 2018, we inform:
PERSON IN CHARGE OF THE PROCESSING
Identity: Holiday Travel Channel Spain, S.L. with CIF B16614281 hereinafter “the Owner”
Address: C/ Conquistador, 7, Local Izda; 07001; Palma de Mallorca – Baleares (España)
Phone: 971 810 176
Contact email: info@holidaytravelchannel.com
PURPOSE OF DATA PROCESSING
Personal data will be processed for the following purposes, depending on the relationship established with the User:
- To manage and respond to information requests, inquiries or communications submitted through the contact channels available on the website.
- To manage the pre-contractual or contractual relationship arising from the request for information or the contracting of services related to the residential leasing of properties in accordance with the Spanish Urban Leases Act (LAU).
- To carry out the administrative, tax and accounting procedures derived from such relationship.
- To manage subscription to our Newsletter, for the purpose of sending periodic updates about the company, its services and other information that may be of interest.
In accordance with the GDPR, a record of processing activities is maintained, specifying, according to their purposes, the processing activities carried out and the other circumstances established therein.
The personal information provided by users will not be used for purposes other than those described above. No automated decisions will be made.
LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing is as follows:
- The consent given by the user by accepting this Policy and checking the corresponding box.
- The user has provided their personal data within the framework of a contractual or pre-contractual relationship for the purpose of responding to their request and/or inquiry, making the processing necessary to maintain that relationship.
- The legal obligations applicable to the Controller that require the processing of personal data, in accordance with the services provided or in relation to tax matters.
PERSONAL DATA PROCESSED AND SOURCE
Depending on the user’s interaction with the website, the personal data we may process includes: identifying information, contact details. These data are provided by the user when contacting the Controller, filling out the relevant form(s), or using other functionalities offered on the website.
The use of contact sections, forms, and/or other website functionalities is voluntary. However, completing certain fields or providing data may be necessary to correctly manage your request. Therefore, refusal to provide the required information may prevent the Controller from properly handling and responding to it.
The user guarantees that the data provided is truthful, accurate, and complete. Data will be canceled, deleted, or blocked when inaccurate, incomplete, or no longer necessary or relevant for the purposes for which they were collected, in accordance with applicable law.
If the personal data provided belongs to a third party, the user guarantees that they have informed said third party about this Privacy Policy and obtained their authorization to provide the data for the purposes described. The user is also responsible for ensuring the data is accurate and up to date and shall be liable for any direct or indirect damages that may arise from non-compliance with this obligation.
LINK POLICY AND SOCIAL MEDIA
The website may include links to third-party websites, such as social media platforms where the Controller has a presence. These sites have not been reviewed and are not subject to control by the Controller. The Controller is not responsible for any content freely posted by the user. Users should be aware that their posts may be visible to others and, therefore, they are primarily responsible for their own privacy.
DATA RETENTION PERIOD
Personal data will be retained for as long as necessary to fulfill the purposes for which they were collected and, in particular:
- For as long as a pre-contractual or contractual relationship with the User is maintained.
- Until the User requests their erasure.
- For the periods established by applicable laws in order to comply with legal, tax and administrative obligations.
- For the time necessary for the establishment, exercise or defense of potential legal claims.
In the event that the User exercises their rights of erasure or objection, the data may be retained in a duly blocked form and made available only to Public Authorities, Courts and Tribunals, for the legally established limitation periods.
CONFIDENTIALITY AND SECURITY OF PERSONAL DATA
The Controller undertakes to adopt the necessary technical and organizational measures, appropriate to the level of risk, to ensure the security of personal data and to prevent its accidental or unlawful destruction, loss, alteration, or unauthorized access or disclosure.
Personal data will be treated as confidential, and the Controller will ensure, by legal or contractual obligation, that such confidentiality is respected by employees, collaborators, and any other individuals who may have access to the data.
DATA DISCLOSURE AND PROCESSORS
Personal data may be disclosed to third parties where expressly required by applicable law, as well as where such disclosure is necessary to comply with legal obligations applicable to the Owner or to provide services strictly necessary for the operation of the activity, such as banking institutions and payment service providers.
If the User makes a payment through the Website, the data necessary to process the transaction, including those relating to the payment method or the transaction itself, will be shared with the corresponding financial institutions or payment gateways.
Such entities act as independent data controllers with respect to such data, in accordance with their own privacy policies.
Certain service providers act as data processors. The Owner has entered into the corresponding data processing agreements with them in accordance with Article 28 of the GDPR, ensuring at all times the security and confidentiality of the information.
No international data transfers are carried out. In the event that the Owner engages service providers located outside the European Economic Area (EEA), it will ensure that such recipients provide adequate safeguards for the protection of personal data in accordance with Regulation (EU) 2016/679 (GDPR).
USER RIGHTS
What are your rights when you provide us with your data?
The user has the right to obtain confirmation as to whether their personal data is being processed.
They also have the right to access their data and request the rectification of inaccurate data, or request its deletion when it is no longer necessary for the purposes for which it was collected. In certain cases, the user may request the restriction of processing, in which case the data will only be retained for the exercise or defense of legal claims.
In specific circumstances, and for reasons related to their personal situation, the user may object to the processing of their data. In that case, the Controller will cease processing the data unless there are compelling legitimate grounds or for the exercise or defense of legal claims. Where legally applicable, the user has the right to data portability, allowing them to receive the personal data provided and transmit it to another controller.
Users may exercise their rights of access, rectification, deletion, objection, restriction of processing, data portability, and opposition to automated individual decision-making by sending a written request, including a copy of their ID for identification purposes, with the reference “GDPR Rights” to the following email address: info@holidaytravelchannel.com
Furthermore, users are informed that they may file a complaint with the Spanish Data Protection Agency (AEPD) via www.aepd.es, the competent supervisory authority in Spain.