Privacy Policy
This privacy policy applies to the present website. (Hereinafter “The Site”)
Please, read this privacy policy thoroughly. In it you will find important information about the processing
of your personal details and your rights in accordance with the relevant legislation currently in force.
We reserve the right to update our privacy policy at any time in line with business decisions, as well as to
comply with any possible changes in legislation or jurisprudence. Should you have any doubts or queries,
or you require any clarification with respect to our Privacy Policy or your rights, you may contact us using
any of the channels indicated below.
You declare that the data you provide us with, now or in the future, is correct and true, and you
undertake to inform us of any changes in this data. Should you be providing us with the data of third
parties, you undertake to obtain the full prior consent of those concerned, and to inform them of the
contents of this policy.
In general, the fields of our forms marked as mandatory must of necessity be completed for us to be able
to deal with your requests.
1.Who controls the processing of your personal data? The data controller for the processing of data
obtained from this website is:
Data controller: Hotel Bendinat S.L. (hereinafter the HOTEL)
Postal address: Andres Ferret Sobral 1, Calvia, Islas Baleares
Email address: info@hotelbendinat.com
Tel no.: (+34) 971 675 725
2.What do we process your data for and what is the legal basis for this?
2.1The management of our relationship with guests and users: we process the data that our
guests,
customers and users provide in the course of their enquiries for us to deal with their requests.
This processing is required to ensure the implementation of our legal relationship with users of The
Site and for the application of any precontractual measures requested.
2.2Management of accounts: we process the data that our users provide us with in the registration
form on The Site, as well as those they register in their profile, to create and administer their
accounts and to give them access to the functionalities available to registered users.
2.3Management of reservations of accommodation and service: Data provided in booking forms
for accommodation, or to contract services, will be processed for the management of these bookings
and the provision of the requested services. The categories of data that we process for these
purposes are as follows:
∙Identification data (first names, surnames, and ID card, or passport number) and contact details
(address, email address, and telephone number) of the booking holder.
∙Details of the booking itself, the voucher, or the requested service.
∙Financial and transaction details.
The processing of this data is necessary to ensure the provision of the services requested, the
implementation of the accommodation contract, and for the application of any precontractual
measures requested.
Financial data and those concerning transactions of goods and services shall be processed for
purposes of accounting and administrative management, and to enable compliance with our legal
obligations in accounting and fiscal areas.
2.4Sending out commercial communications and management of distribution lists: We process
identification and contact data provided by our customers and by those people who register on our
distribution lists so they can be sent communications about our products and services.
WEBSITE PRIVACY POLICY
This processing has its legal basis in the consent requested. Not giving your consent to this or
withdrawing it does not affect your reservation or the provision of the services contracted.
You may request that your data ceases to be processed for commercial purposes by sending an email to
the following email address: info@hotelbendinat.com
2.5Administration and management of website security: we process browsing data (IP addresses
or log files) to administer and manage the security of The Site and its areas of restricted access.
This processing has its legal basis in our legitimate interest in guaranteeing the security of The Site. This
interest is expressly recognised in Recital no. 49 of the General Data Protection Regulation (GDPR). To
assess this interest with respect to your rights and freedoms, we have taken into account that this
processing corresponds to generalised security practices and fails to pose significant threats to interested
parties.
2.6Statistical purposes and quality management: with the aim of evaluating and managing the
quality of our services and products, we process identification data and contact details provided by our
customers in their requests and suggestions. We also compile statistics based on aggregate data
obtained from transaction data and from browsing data, e.g. IP addresses, weblogs, websites visited, and
actions carried out on The Site. For more information, see our cookies policy.
This processing has its legal basis in our legitimate interest in evaluating and managing the quality of our
services and products. To assess this interest with respect to your rights and freedoms, it was decided
that this processing had a limited impact on the privacy of the interested parties, matched their
reasonable expectations, and did not pose a significant threat.
1.Who do we pass your data on to?
Your data shall only be passed on to third parties under legal obligation, with your consent, or when your
request involves such disclosure.
2.How long will we keep your data?
Generally speaking, your data will be kept for the life of the relationship you have with us and, in all
cases, for the times laid down in the relevant statutory requirements, for example in accounting and
fiscal issues, and for the time required to respond to any possible liability claims arising from this
processing. We shall erase your data when it is no longer necessary or relevant for the purposes for
which it was collected.
Logs of access to restricted areas of The Site shall be deleted a month after their creation.
Information concerning browsing shall be erased when the connection with The Site is over and the
statistics have been compiled.
Data processed for commercial ends shall be kept until its erasure is requested.
3.What are your rights?
You have the right to seek confirmation as to whether we are processing your personal data or not, and
if so, access it. Likewise, you may request that the data be rectified if it is inaccurate or be completed if it
is incomplete. You may also ask for the data to be erased, if, among other reasons, the data is no longer
required for the purposes it was originally collected for.
Under certain circumstances, you may request the restriction of the processing of your data. In this case,
we will only process the data in question for the establishment, exercise, or defence of legal claims, or
for the protection of the rights of other people.
Under certain circumstances, and on grounds relating to your particular situation, you may also object to
the processing of your personal data. In this case, we shall cease to process the data, unless there are
compelling legitimate grounds that prevail over your interests, rights, and liberties, or for the
establishment, exercise, or defence of legal claims.
Furthermore, and under certain conditions, you may request portability of your data so that it is passed
WEBSITE PRIVACY POLICY
on to another data controller.
You may withdraw the consent you had given for certain purposes, at any time, without this affecting the
legality of the processing based on the consent given prior to its withdrawal.
Likewise, you have the right to file a claim with a data protection authority.
We would like to inform you that the European Regulation of the Protection of Personal (GDPR) similarly
recognises the right to the portability of your data.
You also have the right to oppose the adoption of decisions based solely on automated processing that
produce legal effects concerning you, or which similarly affect you, when this right coincides with the
provisions laid down in Article 22 of Regulation (EU) 2016/679.
To exercise your rights, you have to send us a request to this effect, by post or by email, together with a
copy of your official, national identity card, passport, or other valid document that identifies you. This
request should be sent to the addresses given in the section “Who controls the processing of your
personal data?”
You can obtain more information about your rights and how to exercise them on the website of the
Spanish Data Protection Agency at www.aepd.es.