PRIVACY POLICY
LEGAL REGULATIONS:
This website complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the Protection of Personal Data (RGPD), Organic Law (ES) 3/2018 of 5 of December relative to Data Protection and Guarantee of Digital Rights (LOPDGDD), as well as Organic Law (ES) 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSICE or LSSI ).
RESPONSIBLE FOR THE TREATMENT OF YOUR PERSONAL DATA:
HOTEL DOΡA BLANCA S.A
CIF: A11668159
Address: C / BODEGAS NΊ11 - ZIP: 11402 JEREZ DE LA FRONTERA (CΑDIZ)
Telephone: 956 34 87 61
Email: info@hoteldonablanca.com
The purpose of this document is to establish and regulate the rules of use of the website www.hoteldonablanca.com, understanding by Site all the pages and their contents owned by HOTEL DOΡA BLANCA SA which are accessed through the domain www.hoteldonablanca .com and its subdomains.
The use of this website attributes the condition of User thereof and implies acceptance of all the conditions included in the Legal Notice and this Privacy Policy. Every time when using the platform you provide us or it is necessary for us to access any type of information that, due to its characteristics, allows us to identify you, such as your name, surname, email, address, telephone number, credit card number, debit card or payment method equivalent, etc., (Hereinafter personal data) either to navigate or make use of our services will be under the application of this Privacy and Cookies Policy, and you must review these texts to verify that you are satisfied with them.
HOTEL DOΡA BLANCA S.A reserves the right to modify or adapt the Legal Notice and this Privacy Policy at any time. We recommend that you review it, and if you have registered and access your account or profile, you will be informed of the changes.
HOTEL DOΡA BLANCA S.A undertakes to treat your data in an absolutely confidential manner and exclusively for the purposes indicated. HOTEL DOΡA BLANCA SA informs you that it has implemented the necessary technical and organizational security measures that guarantee the security of your personal data and prevent its alteration, loss, treatment and / or unauthorized access, taking into account the status of the technology, the nature of the stored data and the risks to which they are exposed, whether they come from human action or from the physical or natural environment. All in accordance with current regulations on data protection.
If you are any of the following groups, check the drop-down information:
+ CUSTOMERS AND RESERVATIONS
For what purposes are we going to process your personal data?
Manage reservations and provide accommodation services.
Billing of services and payment.
Preparation of the budget and monitoring of it through communications between both parties.
Information by electronic means, related to your request.
Commercial or event information by electronic means, provided there is express authorization.
Manage the administrative, communications and logistics services performed by the Responsible.
Carry out the corresponding transactions.
Access control and security Video surveillance.
Control and recovery procedures.
For the sending of commercial communications, the express consent of the user will be requested at the time of registration. In this regard, the user may revoke the consent given by contacting HOTEL DOΡA BLANCA S.A using the means indicated above. In any case, in each commercial communication, you will be given the possibility of unsubscribing when receiving them, either through a link and / or email address.
What is the legitimacy for the processing of your data?
Execution of the contract to provide you with our services
Compliance with legal obligations of the person in charge
Consent of the interested party
Legitimate interest of the person responsible (video surveillance)
How long are we going to keep personal data?
At least for the terms established by consumer, commercial and tax regulations.
Passenger entry reports, three years.
Video surveillance, up to one month, except for data related to incidents or crimes.
To which recipients will your data be communicated?
Guest registry: competent authorities in compliance with the provisions of Organic Law 4/2015 on the protection of citizen security, Order INT / 1922/2003.
In accordance with the private security regulations, when necessary, the video surveillance data will be made available to the Security Forces and Bodies and authorities.
+ SUPPLIERS
For what purposes are we going to process your personal data?
Billing and declaration of the appropriate taxes.
Sending information by electronic means, related to your request.
Sending commercial or event information by electronic means, provided there is express authorization.
Manage the administrative, communications and logistics services performed by the Responsible.
Carry out the corresponding transactions.
What is the legitimacy for the processing of your data?
The legal basis is the acceptance of a contractual relationship, or failing that, your consent when contacting us or offering us your products in any way.
+ WEB OR EMAIL CONTACTS
What data do we collect through the Web?
We can treat your IP, what operating system or browser you use, and even the duration of your visit, anonymously.
If you provide us with information in the contact form, you will identify yourself to be able to contact you, if necessary.
For what purposes are we going to process your personal data?
Answer your questions, requests or requests.
Manage the requested service, answer your request, or process your request.
Information by electronic means, related to your request.
Commercial or event information by electronic means, provided there is express authorization.
Carry out analysis and improvements on the Web, on our services.
Improve our commercial strategy.
What is the legitimacy for the processing of your data?
The acceptance and consent of the interested party: In those cases where to make a request it is necessary to fill in a form and click on the send button, the completion of the same will necessarily imply that you have been informed and have expressly granted your consent to the content of the clause attached to said form or acceptance of the privacy policy.
All our forms have mandatory data. If you do not provide these fields, or do not mark the checkbox of acceptance of the privacy policy, the sending of the information will not be allowed.
+ SOCIAL MEDIA CONTACTS
For what purposes are we going to process your personal data?
Answer your questions, requests or requests.
Manage the requested service, answer your request, or process your request.
Relate with you and create a community of followers.
What is the legitimacy for the processing of your data?
The acceptance of a contractual relationship in the environment of the corresponding social network, and in accordance with its Privacy policies:
Facebook http://www.facebook.com/policy.php ? ref = pf
Twitter http://twitter.com/privacy
YouTube http://www.google.com/intl/ en / policies / privacy /
How long are we going to keep personal data?
We can only consult or cancel your data in a restricted way by having a specific profile. We will treat them as long as you leave us following us, being friends or giving like, follow or similar buttons.
Any rectification of your data or restriction of information or publications must be done through the configuration of your profile or user in the social network itself.
+ VIDEO SURVEILLANCE
For what purposes are we going to process your personal data?
Video surveillance of our facilities.
Control of our employees.
Sometimes they can be transferred to the courts and tribunals for the exercise of legitimate actions.
What is the legitimacy for the processing of your data?
What is the legitimacy for the processing of your data?
The unequivocal consent of the interested party when accessing our facilities after viewing the information poster of the video-monitored area.
+ EMPLOYEES
For what purposes will your personal data be processed?
Management of the relationship with the worker / collaborator (whether labor, service provision or collaboration, internship contract, trainees, etc.) and, where appropriate, the worker's file.
Carry out all those administrative, fiscal and accounting procedures necessary to comply with contractual commitments, obligations in terms of labor regulations, Social Security, prevention of occupational, fiscal and accounting risks.
Payroll payment management through financial institution.
Collection of the worker fee and transfer it to the Union.
Where appropriate, carry out training activities for both subsidized and non-subsidized training.
Time control through the control system that is enabled.
Use of video surveillance systems to: security, both for clients and workers / collaborators, control access to the facilities as well as control compliance with the obligations of the worker / collaborator. The monitored areas will be suitably marked.
In relation to the purposes of control of compliance with the obligations of the worker / collaborator, we inform that the information obtained through the control system may be used to impose disciplinary sanctions for breaches of the employment contract or the relationship for the provision of services .
Management of group insurance / pension plan of the company.
What is the legitimacy for the processing of your data?
Contract execution: The legal basis for the processing of your data is the execution of an employment contract.
Compliance with a legal obligation:
The processing of data derived from labor relations, are legitimized by Royal Legislative Decree 2/2015, of October 23, which approves the revised text of the Law of the Workers' Statute.
Royal Decree - Law 8/2019, of March 8, on urgent measures of social protection and the fight against job insecurity during the working day.
Obligation of protection in the area of Prevention of Occupational Risks, by virtue of Law 31/1995, of November 8, on Prevention of Occupational Risks.
Provision of information to the entities that manage the economic benefits of Social Security in accordance with the General Law of Social Security.
Communication of your data when requested by the Labor Inspectorate. Law 42/1997, of November 14, regulating the Labor Inspection.
Tax obligations of the entity, according to the General Tax Law.
To which recipients will your data be communicated?
Your data will be communicated to the entities and organizations detailed below:
To the banking entities that correspond, to be up to date with payments.
To the tax administration.
Organizations of the Social Security, Mutual of Work Accidents and Occupational Diseases of the Social Security.
In the event that it is requested, your data will be transferred to the Labor Inspection.
To the entities that participate in the management of training courses that the worker wishes to attend in order to participate in the courses that are organized. In the case of receiving subsidized training, as established by Organic Law 5/2002 of June 19, on Qualifications and Vocational Training, as well as in the case of contracts for training and apprenticeship provided by the R.D. 1529/2012, all the information required for the monitoring and control of the training actions carried out must be provided to the competent public administrations.
+ JOB SEEKERS
For what purposes are we going to process your personal data?
Organization of selection processes for hiring employees.
Make an appointment for job interviews and evaluate your candidacy.
How long are we going to keep personal data?
By virtue of the conservation policy of HOTEL DOΡA BLANCA S.A, personal data will be kept for a maximum period of one year from receipt of the CV.
What is the legitimacy for the processing of your data?
The legal basis is your unequivocal consent, when you give us your CV.
To which recipients will your data be communicated?
The data will not be transferred to third parties except with the consent of the interested party.
Legal obligations that apply to us.
Do we include personal data of third parties?
No, as a general rule, we only process the data provided by the owners. If you provide us with third-party data, you must first inform and request their consent from said persons, or otherwise you exempt us from any responsibility for the breach of this requirement.
And data of minors?
We do not process data of minors under 14 years of age, therefore, please refrain from providing them if they are not that old.
Will we communicate by electronic means?
They will only be made to manage your request, if it is one of the means of contact that you have provided us.
If we carry out commercial communications, they will have been previously and expressly authorized by you.
What security measures do we apply?
You can rest assured: We have adopted an optimal level of protection of the Personal Data that we handle, and we have installed all the technical means and measures at our disposal according to the state of technology to avoid loss, misuse, alteration, unauthorized access and theft of Personal Data.
To which recipients will your data be communicated?
Your data will not be transferred to third parties, except legal obligation. Specifically, they will be communicated to the State Tax Administration Agency and to banks and financial entities for the collection of the service provided or product purchased. As well as those in charge of the treatment necessary for the execution of the agreement.
In case of purchase or payment, if you choose an application, website, platform, bank card, or any other online service, your data will be transferred to that platform or will be processed in its environment, always with maximum security.
When we order it, the web development and maintenance company, or the hosting company, will have access to our website. They will have signed a service provision contract that requires them to maintain the same level of privacy as us.
Any international transfer of data when using American applications will adhere to the Privacy Shield agreement, which guarantees that American software companies comply with European data protection policies in terms of privacy.
What Rights do you have?
To know if we are treating your data or not.
To access your personal data.
To request the rectification of your data if they are inaccurate.
To request the deletion of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw the consent granted.
To request the limitation of the processing of your data, in some cases, in which case we will only keep them in accordance with current regulations.
To carry your data, which will be provided to you in a structured, commonly used or machine-readable format. If you prefer, we can send them to the new manager that you designate. It is only valid in certain cases.
To file a claim with the Spanish Agency for Data Protection, if you think we have not treated you correctly.
To revoke consent for any treatment for which you have consented, at any time.
If you modify any information, we appreciate that you communicate it to us to keep it updated.
Do you want a form for the exercise of Rights?
We have forms for the exercise of your rights, ask us by email or if you prefer, you can use those prepared by the Spanish Agency for Data Protection or third parties.
These forms must be signed electronically or be accompanied by a photocopy of the DNI.
If someone represents you, you must attach a copy of their ID, or have them sign it with their electronic signature.
The forms can be presented in person, sent by letter or by email at the address of the Responsible at the beginning of this text.
How long does it take to answer the Exercise of Rights?
It depends on the right, but a maximum of one month from your request, and two months if the issue is very complex and we notify you that we need more time.
Do we treat cookies?
We use cookies that are small files with information about your navigation on this platform and whose purpose is to facilitate your navigation on it. You can consult the cookie policy in the corresponding link from the beginning of our website.
How long are we going to keep your personal data?
Personal data will be kept as long as you remain linked with us.
Once you disassociate yourself, the personal data processed for each purpose will be kept for the legally stipulated periods, including the period in which a judge or court may require them, taking into account the statute of limitations for legal actions.
The processed data will be kept as long as the aforementioned legal periods do not expire, if there is a legal obligation to maintain it, or if there is no legal period, until the interested party requests its deletion or revokes the consent granted.