Privacy Policy
GUIRAO MORILLO, S.L., informs website users about its policy regarding the processing and protection of personal data of users and customers.
And guarantees at all times the complete and full compliance with the obligations set forth by the regulations on data protection and information society services: Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (RGPD), the regulations Organic Law 3/2018, of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD) and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSIce).
RESPONSIBLE FOR THE PROCESSING
GUIRAO MORILLO, S.L.
C.I.F.: B43916113
Address: AV. COMARQUES CATALANES, 75 – 43740 – MÓRA D’EBRE (TARRAGONA)
Registration details: Tarragona Mercantile Register, Volume 2359, Page 154, Sheet T -37359, 1st Entry.
Telephone: 977400707
Email: info@hostallacreu.com
PURPOSES OF DATA PROCESSING
The data provided by the User are used for various purposes listed below:
|
Purpose of the treatment |
Legal basis for the treatment |
|
Manage queries or any type of request made through the contact forms made available on the website. |
Legitimate interest of the Company to meet information requirements through the website. Consent given expressly at the time of data collection through the web forms. |
|
Sending newsletters, commercial communications and promotions. |
Consent given expressly at the time of data collection through the web forms. |
|
Create and manage your registration as a User.
|
Consent given expressly at the time of data collection through the web forms. |
|
For the development, fulfillment and execution of the purchase contract or services that you have contracted through our website. |
Consent expressly provided at the time of data collection through web forms. |
|
Carry out accounting management./p> |
Execution of a contract. |
|
Comply with current tax obligations. |
Compliance with legal obligations that apply to us. |
|
Manage incidents and website maintenance. |
Legitimate interest of the Company.
|
DATA RETENTION PERIOD
|
Purpose of processing |
Retention period |
|
Manage queries or any type of request made through the contact forms made available on the website. |
We will process your data for the time necessary to respond to your request or request. |
|
Sending newsletters, commercial communications and promotions. |
We will process your data until you unsubscribe. |
|
Create and manage your registration as a User.
|
We will process your data for as long as you remain a registered user (that is, until you decide to unsubscribe). |
|
For the development, fulfillment and execution of the purchase contract or services that you have contracted through our website. |
We will process your data for the time necessary to manage the purchase of the products or services that you have purchased, including possible returns, complaints or claims associated with the purchase of the product or service in question. |
|
Carry out accounting management. |
We will process your data for the time necessary to comply with the legal limitation periods that apply to you. |
|
Comply with current tax obligations. |
We will process your data for the time necessary to comply with the legal limitation periods that apply to you. |
|
Manage incidents and website maintenance. |
We will process your data for the time necessary to comply with the legal limitation periods that apply to you. |
DATA RECIPIENTS
To fulfill the purposes indicated in this Privacy Policy, it is necessary for us to give access to your personal data to third parties that support us in the services we offer you (Processors), namely:
- Financial entities
- Technology service providers.
- Logistics, transport and delivery service providers and collaborators.
- Marketing and advertising service providers and collaborators.
The processors, for the execution of a contract or provision of a service to the Controller, must follow their instructions and ensure the same levels of security.
COOKIES
Regarding the use of cookies and other tracking technologies, please consult the Cookies Policy of this Website. In this case, the legal basis for the processing of your data is your consent granted by accepting the loading of cookies in your browser.
USER RIGHTS
The user has the right to:
- Request access to their personal data that is being processed and receive this information in writing by the requested means.
- Request the rectification of inaccurate personal data or, where appropriate, request its deletion when, among other reasons, the data are no longer necessary for the purpose for which they were collected.
- Request the limitation of the processing of their data.
- Oppose the processing of their personal data when appropriate, in which case their data will no longer be processed except for legitimate reasons.
- Right to data portability. The interested party has the right to receive personal data if they have been provided in a structured, commonly used and machine-readable format, and to transmit them to another controller, if the following requirements are met:
o The processing is based on consent or on a contract.
o The processing is carried out by automated means. - Right to withdraw the consent given.
- Right to complain to the Spanish Data Protection Agency.
The User may exercise the rights indicated above at the postal or electronic address of the Controller, proving their identity with a scanned copy of their ID card or equivalent document, and specifying the right they wish to exercise.
SOURCE OF THE DATA
Personal data must be provided by the interested party on an absolutely voluntary basis. The lack of some data or the failure to answer questions that may be asked of the interested party in the registration processes or through electronic forms, may result in the impossibility of accessing certain services for the provision of which it is essential to have these personal data. In this case, the Controller must inform of the mandatory or necessary nature of providing personal data for the operation of the service.
The Data Controller ensures the confidentiality of your personal data and guarantees its security, adopting the necessary measures to avoid its alteration, loss, treatment or unauthorized access.
INFORMATION PROVIDED BY THE INTERESTED PARTY
Children under 18 years of age may not transfer their personal data without the prior consent of their father/mother and/or legal guardians.
By entering their data in the contact forms or presented in download forms, the interested party expressly and freely and unequivocally accepts that their data is necessary for the Data Controller to respond to their request, and the inclusion of data in the remaining fields is voluntary.
The interested party guarantees that the personal data provided to the provider is truthful and is responsible for communicating any modification of these.
All data requested through the website is necessary for the provision of an optimal service to the interested party. In the event that not all data is provided, it is not guaranteed that the information and services that the Controller provides you with are completely adjusted to your needs.
SECURITY MEASURES
That in accordance with the provisions of the current regulations on the protection of personal data, the Controller is complying with all the provisions of the RGPD and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in article 5 of the RGPD and article 4 of the LOPDGDD, by which they are processed lawfully, fairly and transparently in relation to the interested party and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the RGPD and the LOPDGDD in order to protect the rights and freedoms of the interested party and has communicated the appropriate information so that they can exercise them.
SECURITY BREACHES
The Controller will report any security breach that affects the database used by this website, or that affects any of our third-party services, to each and every person whose data may have been affected, and to the authorities, within 72 hours of the detection of the breach.
APPLICABLE LEGISLATION AND JURISDICTION
The Controller reserves the right to file any civil or criminal actions that it deems necessary for the improper use of the Website and Contents.
The relationship between the User and the Controller will be governed by the regulations in force and applicable in Spanish territory. In the event of any dispute arising in relation to the interpretation and/or application, the parties will submit their conflicts to ordinary jurisdiction, submitting to the judges and courts that correspond in accordance with law.
