aparthoteL Golf BEach

Privacy Policy

APARTHOTEL GOLF BEACH SA is committed to protecting the privacy of users who access this website and/or any of its services. Using the website and/or any services offered by APARTHOTEL GOLF BEACH SA implies the user’s acceptance of the provisions contained in this Privacy Policy and that their personal data will be processed as stipulated. Please note that, although there may be links on our website to other websites, this Privacy Policy does not apply to other companies or organizations to which the website may redirect. APARTHOTEL GOLF BEACH SA does not control the content of third-party websites nor accepts any responsibility for the content or privacy policies of these websites.

1) INFORMATION ABOUT THE OWNER

In compliance with Article 10 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce, the identifying details of the Owner are provided below:
  • Website: https://www.aparthotelgolfbeach.com/
  • Owner: APARTHOTEL GOLF BEACH SA
  • Address: Carretera Platja Pals km 4. 17256-Pals
  • C.I.F.: A17136482
  • Phone: 972636063
  • Email:admin@aparthotelgolfbeach.com
  • Registration data: Girona Mercantile Registry, Tom 608, Book 508 of Section 3 of Companies, Folio 50, Page No. 8732, First Entry – ATA HG-002154-49 / ATG-000063-06

2) APPLICABLE LAWS

This privacy policy is based on current Spanish and European legislation regarding the protection of personal data on the internet. Specifically, it complies with the following regulations:
  • Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
  • Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

3) PRIVACY MATTERS

In compliance with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018, we provide the following information regarding the processing of personal data you may provide: Data Controller APARTHOTEL GOLF BEACH SA. Our details are provided at the top of this legal notice. Personal Data Registry In accordance with the GDPR and LOPD-GDD, we inform you that personal data collected by APARTHOTEL GOLF BEACH SA via forms on its pages will be incorporated and processed in our files to facilitate, expedite, and fulfill the commitments established between APARTHOTEL GOLF BEACH SA and the User, maintain the relationship established through the forms completed by the User, or respond to any request or inquiry. Furthermore, except as provided in Article 30.5 of the GDPR, a record of processing activities is maintained specifying, according to its purposes, the processing activities carried out and other circumstances established in the GDPR. Legal Basis for Processing The legal basis for processing personal data is consent. APARTHOTEL GOLF BEACH SA undertakes to obtain the User’s express and verifiable consent for processing their personal data for one or more specific purposes. The User may withdraw their consent at any time. Withdrawing consent will be as easy as giving it. As a general rule, withdrawing consent will not affect the use of the website. When the User provides data via forms to make inquiries, request information, or for matters related to the website content, they will be informed if completing any form is mandatory for proper processing. Other bases for processing:
  • Compliance with legal obligations.
  • Legitimate interest: sending our own advertising.
Categories of Data The categories of data processed by APARTHOTEL GOLF BEACH SA are strictly identification data. No special categories of personal data under Article 9 of the GDPR are processed. Source of Data Data provided by clients using the services by any means. Data provided by users through the website’s services. Data included in website forms. Retention Period Personal data will be retained only as long as necessary for the purposes of processing, and, in any case, for the following periods: Data provided will be kept only as long as strictly necessary, i.e., while you are a user of our services or wish to continue receiving information, or until you request cancellation, opposition, or restriction. Certain identifying and traffic data may be kept for up to 2 years if required by courts or for internal actions due to misuse of the website. Users will be informed of retention periods when data is obtained.
  • a) General Rule: In accordance with Article 30 of the Commercial Code, unless otherwise specified, all company documents and/or information will be retained for 6 years, including accounting, tax, labor, or commercial documentation and correspondence.
  • b) Specific Periods: Minimum retention periods apply according to data type and prescription rules known to each department. Automated processing will not affect decisions on data.
Purposes of Processing Client management, invoicing, providing contracted services, budget management, sending information to prospective clients, supplier relations, event organization, training actions, and promotional mailing. Data retention will depend on the purpose and compliance with legal obligations, as detailed in the original policy. Data Recipients User personal data will not be shared with third parties. Users will be informed of any recipients or categories of recipients when data is collected. Personal Data of Minors In accordance with Articles 8 GDPR and 7 Organic Law 3/2018, only users over 14 may provide consent for lawful processing. For minors under 14, parental or guardian consent is required. Rights Related to Personal Data Processing Users may exercise their rights under the GDPR and Organic Law 3/2018: access, rectification, deletion (“right to be forgotten”), restriction, data portability, opposition, and not being subject to automated decisions including profiling, as well as filing a complaint with the competent supervisory authority (AEPD).

4) PRINCIPLES APPLICABLE TO PERSONAL DATA PROCESSING

Processing will comply with principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability as established in GDPR Article 5 and LOPDGDD.

5) SECURITY MEASURES

Security measures under Article 32 GDPR are applied, ensuring confidentiality, integrity, availability, and resilience of systems. Measures include:
  • Staff training on data processing policies.
  • Regular backups.
  • Access control to data.
  • Regular verification and evaluation processes.

6) CONFIDENTIALITY AND SECURITY OF PERSONAL DATA

APARTHOTEL GOLF BEACH SA commits to technical and organizational measures to protect personal data, including SSL encryption for secure transmission. While absolute security cannot be guaranteed, any high-risk data breaches will be promptly communicated to users.

7) THIRD-PARTY WEBSITE LINKS

The website may include links to third-party sites not operated by APARTHOTEL GOLF BEACH SA. These sites have their own privacy policies, and the third parties are responsible for their own practices.

8) ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

Users must read and accept the terms of this Privacy Policy for the Data Controller to process personal data. Use of the website implies acceptance. APARTHOTEL GOLF BEACH SA reserves the right to modify this policy at its discretion or due to legislative, jurisprudential, or doctrinal changes. Users are advised to check this page periodically. Last updated: 24/07/2024