This is the data protection policy of the Iniciativas y Servicios Tavascan, SL group, which is composed of the following establishments:
Hotel Estanys Blaus.
Hotel Lagos del Cardós.
Who is responsible for the processing of personal data?
The person responsible for the processing of personal data is Iniciativas y Servicios Tavascan, SL (hereinafter Tavascan), with CIF B25392788 and address at Calle Único, s / n, of Tavascan (CP 25577), tel. 973 62 31 78, electronic address email@example.com, http://www.llacscardos.com/. Figure registered in the Mercantile Registry of Lleida, volume …….
For what purpose do we treat the data?
In Tavascan we treat personal data for the following purposes.
Address inquiries of people who contact us through contact forms on our website by phone. We use them only for this purpose.
Services to customers.
Register new customers and additional data that may be generated as a result of the commercial relationship with customers. In the contracting process, the essential data are requested, among which must appear bank details (current account number or credit card number) that will be communicated to banking entities that manage the collection (they can only be used for this purpose). The service provision relationship entails other treatments, such as incorporating the data to the accounting, billing or information to the tax administration.
Information about our products and services.
With the explicit authorization of the clients, once the contractual relationship is finished, the contact data is conserved to send advertising related to our services or products, information of a general or specific nature due to the characteristics of the client. This information is sent to those who, despite not being a client, ask us or accept it by filling out our forms.
Management of the data of our suppliers.
We record and process the data of the providers from whom we obtain services or goods. They can be the data of people who act as freelancers and also data of representatives of legal entities. We obtain the essential data to maintain the commercial relationship, we use them only for this purpose and we make the proper use of this kind of relationship.
In the access to our facilities, it informs, when it is the case, of the existence of cameras of videovigilancia by means of the homologated labels. The cameras record images only of the points where it is justified to ensure the safety of the goods and people and the images are used only for this purpose.
What is the legal legitimacy for the treatment of the data?
The data treatments we carry out have different legal bases, according to the nature of each treatment.
In compliance with a pre-contractual relationship. Case of the data of possible clients or suppliers with whom we have relations prior to the formalization of a contractual relationship, such as the preparation or the study of budgets).
In compliance with a contractual relationship. Case of the relations with our customers and suppliers and all the actions and uses that these relations entail.
In compliance with legal obligations. The data communications to the tax administration is established by regulations regulating commercial relations. It may be the case of having to communicate data to judicial bodies or in security forces and bodies, also in compliance with legal norms that require collaboration with these public bodies.
Based on consent. When we send information about our products or services, we treat the contact details of the recipients with their authorization or explicit consent.
For legitimate interest. The images that we obtain with the video surveillance cameras are treated by the legitimate interest of our company to preserve its assets and facilities. Our legitimate interest also justifies the processing of data we obtain from contact forms.
To whom is the data communicated?
As a general criterion we only communicate data to administrations or public authorities and always in compliance with legal obligations. In the issuance of invoices to customers, the data can be communicated to banking entities. In justified cases we will communicate the data to the security forces or bodies or the competent judicial bodies. Data transfers are not made outside the scope of the European Union (international transfer).
How long do we keep the data?
We comply with the legal obligation to limit the period of preservation of the data to the maximum. For this reason only the necessary and justified time is conserved for the purpose that motivated the obtaining. In certain cases, such as the information contained in the accounting documentation and the billing, the fiscal regulations obliges them to keep them until they prescribe the responsibilities in this matter. In the case of the data that is dealt with based on the consent of the person interested, they are kept until such person does not revoke this consent. The images obtained by video surveillance cameras are kept for a maximum of one month, although in the case of incidents that justify it, the time necessary to facilitate the actions of the security forces or judicial organs will be maintained.
What rights do people have in relation to the data we are dealing with?
As provided in the General Regulation on Data Protection, the persons to whom we treat data have the following rights:
Let’s know if they are treated. Anyone has, in the first place, the right to know if we treat their data, regardless of whether there has been a prior relationship.
To be informed in the collection. When personal data are obtained from the interested party, at the time of providing them, they must have clear information about the purposes for which they will be assigned, who will be responsible for the treatment and the other aspects derived from it treatment.
To access it. A very broad law that includes knowing precisely which personal information is being treated, what is the purpose for which they are treated, communications to other people who will be (if applicable) or the right to obtain it. copy or know the expected period of conservation.
To ask for the rectification. It is the right to rectify the inaccurate data that are subject to treatment by us.
To ask for its deletion. In certain circumstances there is the right to request the deletion of the data when, among other reasons, they are no longer necessary for the purposes for which they were collected and justified the treatment.
Request limitation of treatment. In certain circumstances, the right to request the limitation of the processing of the data is also recognized. In this case they will no longer be dealt with and will only be retained for the exercise or defense of claims, in accordance with the General Regulation for Data Protection.
To portability In the cases provided for in the regulations, the right to obtain personal data is recognized in a structured format that is commonly used readable by machine, and to be transmitted to another person responsible for the treatment if the interested party so decides.
To oppose treatment. A person can adduce reasons related to his or her particular situation, reasons that will imply that they stop processing their data to the extent or extent that can be detrimental to him, except for legitimate reasons or the exercise or defense against claims.
Not receiving commercial information. We will respond promptly to the requests not to continue sending commercial information to people who previously had authorized us.
How can you exercise or defend the rights?
The rights that we have just enumerated can be exercised by sending a written request to Tavascan to the postal address: Calle Únic, s / n, Tavascan (CP 25577) or by means of the electronic form available on the Hotel website where the request is addressed or by sending an email to firstname.lastname@example.org indicating in all cases “Personal data protection”.
If a satisfactory answer has not been obtained in the exercise of rights, it is possible to file a claim with the Spanish Data Protection Agency, through the forms or other channels accessible from its website www.agpd.es.