Privacy Policy
Below, we describe the processing of your personal data and your rights under current data protection regulations – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, and Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of digital rights, hereinafter referred to as the “applicable data protection regulations”.
Data controller and contact details
The entity responsible is Instalaciones Turísticas Costeras S.A. (hereinafter “The Controller”), with registered office at C/ Francia 183 (pol Ind. Ciudad Transporte) 12006, Castellón, Spain.
If you wish, you can contact us by e-mail at the following address: protecciondatos@intur.com
For what purpose(s) will we process your data and on what legal basis?
Your personal data will be processed, in accordance with the provisions of the applicable data protection legislation, on the legal basis and for the purposes set out below:
Enforcement or performance of contractual obligations or application of pre-contractual measures
Your data will be processed for the purpose of managing the booking of rooms through the different channels provided by the hotel’s owner.
In this sense, in the event that you do not allow the processing of your personal data for this purpose, and given that the processing of the same is necessary to fulfil contractual obligations or the application of pre-contractual measures with the Controller, you will not be able to formalise the reservation.
Consent of the data subject
Provided you have given your consent, your personal data may be processed for the following purposes:
Web contact form. Your personal data will be processed, provided you have given us your consent, to manage and respond to requests for information, queries, complaints or suggestions made through the web form.
Commercial communications. Your data will be processed to manage the sending of commercial communications relating to products, services, promotions or any other relevant news that may be attractive to you.
Wifi network access. Your data will be processed in order to manage the guests’ connection to the Wifi network.
Newsletter management. Your personal data will be processed in order to process your subscription to newsletters.
Sweepstakes and promotions. Your personal data will be processed in order to manage your registration and participation in sweepstakes and promotions.
You may withdraw your consent at any time. It should be noted that the revocation of consent is not retroactive.
What categories of data will we process?
The possible categories of data to be processed are:
Execution or fulfilment of contractual obligations or implementation of pre-contractual measures.
Identifying data
Economic, financial and insurance data
Consent of the data subject
Identifying data: Name, surname, email and telephone number.
Social characteristics: Types of holiday trips
Potentially any type of data that the interested party includes in the contact made through the web form.
To which recipients will your data be communicated?
In order to carry out all the purposes described above, the Data Controller relies on the collaboration of third party service providers who may have access to personal data as a result of the execution of the contracted services. In any case, the Data Controller follows strict criteria for the selection of such third parties in order to comply with its data protection obligations and signs with them the corresponding data protection agreement, where these third parties undertake to comply with their data protection obligations, and specifically, to deploy those legal, technical and organisational security measures that are appropriate to ensure the security, integrity and confidentiality of data subjects’ data, in relation to their processing for the purposes reported.
Your data will be transferred to other companies in the group that own the hotels in order to formalise your reservation. This transfer of data is legitimised in the execution or fulfilment of the contractual obligations established with the Data Controller when requesting the reservation of a room. They may also transfer your data to the companies that own the hotels in the event that it is necessary to manage your request for information, said transfer will be legitimised by your consent.
In addition, the Controller may disclose personal data and any other user information when required to do so by public authorities in the exercise of their legitimate functions and in accordance with the applicable provisions in those cases in which it is necessary.
Are your data transferred to third countries or international organisations?
International transfers of data outside the European Economic Area take place under various circumstances:
To manage the availability of rooms to the company eRevMax Ltd. and its associated companies.
To manage the registration to the wifi network in case of using the “access with” functionality and for the management of registration and carrying out of draws and promotions to the companies META (Facebook Inc) or X (Twitter).
To send commercial communications and newsletters, as well as to manage subscriptions to loyalty programmes to the companies The Rocket Science Group and Pushtech.
In all transfers ensuring the adequate level of protection in accordance with the Standard Contractual Clauses approved by the EU Commission or corresponding binding corporate rules.
How long will we keep your data?
The Data Controller shall comply with the provisions of the regulations in force regarding the duty to delete personal information once the intended purpose has been achieved, or when they revoke their consent to the processing thereof, with the information being duly blocked, to be made available exclusively to Judges and Courts, the Public Prosecutor’s Office or the competent Public Administrations for the attention of possible liabilities arising from the processing, and only during the statute of limitations periods for such liabilities. Once these periods have elapsed, such information shall be definitively deleted by means of secure methods.
How did we obtain your data?
The personal data that The Data Controller processes are the personal data provided by you through the use of the web contact form, the booking of rooms through the functionality of the website or through tour operators, the information you post on websites or social networks about the hotel or any other interaction you make on our website.
What are your rights when you provide us with your data?
You may exercise the rights described above through the following channels, providing the necessary documentation that allows us to verify your identity (copy of ID card, passport, NIE, etc.):
In writing, by means of a request addressed to C/ Francia 183 (pol Ind. Ciudad Transporte) 12006, Castellón, Spain.
By e-mail to the following address: protecciondatos@intur.com
With whom can you lodge a complaint?
If you believe that your data protection rights have been infringed or if you have any complaints regarding your personal information, you may contact the data controller, whose contact details can be found in section 1.
In any case, the interested parties may always turn to the Spanish Data Protection Agency, the supervisory authority for data protection, http://www.agpd.es., C/ Jorge Juan number 6, 28001, Madrid.in