Privacy Policy
This legal text provides you with details on how we collect and process your personal data through the use of our website http://www.hotelbalconeuropa.com, including any information you may provide to us via the site when you make a reservation, subscribe to our newsletter, or provide your data through the enabled form for that purpose.
By providing us with your data, we inform you that our services are not available to individuals who are legally prevented from giving consent. Therefore, when you submit the forms, you guarantee that you have sufficient capacity to grant consent.
Below, we inform you about the data protection policy of: Balcón de Europa, S.A
1. Data Controller
- Balcón de Europa, S.A, with Tax ID: A29005097 and registered address at: Paseo Balcón de Europa, núm. 1 29780 Nerja Málaga, and telephone: 952520800. We have a Data Protection Officer, whom you can contact via email: dpo@hotelbalconeuropa.com
- Commercial Register of Málaga, Volume 4135, Book 3046, Folio 24, Section 8, Page MA86697
- Balcón de Europa, S.A, is the controller of your data. (Hereinafter referred to as “we” or “our”).
2. What data do we collect?
The General Data Protection Regulation defines personal data as any information relating to an identified or identifiable natural person, meaning any information capable of identifying an individual. This would not include anonymous or percentage data.
Personal data that may be collected directly from the data subject will be treated confidentially and will be incorporated into the corresponding processing activities, owned by Balcón de Europa, S.A.
On our Website, we may process certain types of personal data, which may include:
- Identity data: first name and surname.
- Contact data: email and telephone.
- Profile data: password.
- Marketing and communications data: preferences for receiving marketing communications from us and preferred communication method.
We do not collect any data related to special categories of personal data (those revealing your ethnic or racial origin, political opinions, religious or philosophical beliefs, trade union membership, and information concerning your health, genetic or biometric data).
In the event that you are asked to collect personal data by law or under the terms of our contract and you refuse to provide it to us, we may not be able to enter into that contract or provide the service, and you must inform us in advance.
3. How do we collect your personal data?
The means we use to collect personal data are:
Through the form on our website, via our contact emails, by phone or postal mail, when you:
- Solicita información de nuestros servicios
- Contrata la prestación de nuestros servicios
- Solicita presupuestos
- You subscribe to one of our services or publications
- You send your comments
To ensure the quality of our portal, we reserve the right to refuse any registration request or to suspend or cancel a previously accepted registration if we understand that it does not meet these requirements or any other law or regulation. If this happens, we will try to explain the reasons for our decision, but we cannot commit to doing so in all cases.
Through technology or automated interactions:
On our site, we may automatically collect technical data about your equipment, Browse actions, and usage patterns. This data is collected through cookies or similar technologies. For more information, please consult our cookie policy
Through third parties:
Google: analytical data or search data. Outside the European Union.
Social Networks: (Facebook, Instagram, and Twitter) outside the European Union.
4. Purpose and legitimacy for the use of your data
The most common uses of your personal data are:
- For the formalisation of a reservation contract between BALCÓN DE EUROPA and you
- When you provide your consent for the processing of your data
- When we need them to comply with a legal or regulatory obligation
- When it is necessary for our legitimate interest
The User may withdraw their consent at any time by sending an email to dpo@hotelbalconeuropa.com or by consulting the section on exercising rights further below.
A continuación, adjuntamos una tabla en la que pueden consultar las formas en las que vamos a utilizar sus datos personales y la legitimidad para su uso, además de saber qué tipo de datos personales vamos a tratar. Podemos procesar algún dato personal por algún motivo legal adicional, por lo que si necesita detalles al respecto puede enviar un correo electrónico a dpo@hotelbalconeuropa.com
Form
Purpose
Type of data
Legitimacy for processing
Contact/request information for an event
The purpose is the management of contacts and information requests received via the web
Name
Email
Telephone
Consent of the data subject (Art. 6.1.a GDPR)
Pre-contractual measures (Art. 6.1.b GDPR)
Processing is necessary for the legitimate interests pursued by the data controller (Art. 6.1f GDPR)
Access/Register
The purpose is the management of data to access or register on the website
Email
Password
Consent of the data subject (Art. 6.1.a GDPR)
Pre-contractual measures (Art. 6.1.b GDPR)
Processing is necessary for the legitimate interests pursued by the data controller (Art. 6.1f GDPR)
Newsletter
The purpose is the management of the data provided for sending information about our services and promotions
Email
Consent of the data subject (Art. 6.1.a GDPR)
Pre-contractual measures (Art. 6.1.b GDPR)
Processing is necessary for the legitimate interests pursued by the data controller (Art. 6.1f GDPR)
Reservations
The purpose is the management of reservations
Name
Surname
Email
Telephone
Card Number
Consent of the data subject (Art. 6.1.a GDPR)
Processing necessary for compliance with a legal obligation applicable to the controller (Art. 6.1.c GDPR)
Processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6.1b GDPR)
Processing is necessary for the legitimate interests pursued by the data controller (Art. 6.1f GDPR)
Commercial communications: you will only receive communications if dpo@hotelbalconeuropa.com
You requested information or entered into a contract with us for a product or service.
If you provided us with your data, by ticking the relevant box on our form.
Provided you have not expressed your wish to stop receiving such communications.
We obtain your express consent before sending you any communication, and you can request at any time that we stop sending you communications to the email dpo@hotelbalconeuropa.com
When you choose to stop receiving our communications, your personal data will continue to be stored as a result of the contract you entered into with us to comply with legal requirements.
Purpose: we will only use your data for the purposes for which we collected it, unless we reasonably consider that we should use it for another reason, notifying you beforehand so that you are informed of the legal reason for its processing and provided that the purpose is compatible with the original purpose.
How long will we retain your data?
They will be kept for the time necessary to fulfil the purpose for which they were collected and to determine any possible liabilities arising from that purpose and the processing of the data. The provisions of the various regulations regarding the retention period, to the extent applicable to the present processing, will apply.
Email or form subscribers’ data: From the time the user subscribes until they unsubscribe.
Minors.
Balcón de Europa, S.A does not authorise minors under 14 years of age to provide their personal data through the means enabled on this website (completion of web forms for service requests, contact, or by sending emails). Therefore, individuals who provide personal data using these means formally declare that they are over 14 years of age, and Balcón de Europa, S.A is exempt from any liability for non-compliance with this requirement.
If your child, who is under the established age limit, has provided personal information to Balcón de Europa, S.A, please contact us to request the exercise of their applicable rights.
In cases where the services offered by Balcón de Europa, S.A are aimed at minors under 14 years of age, means will be enabled to obtain the authorisation of the minor’s parents or legal guardians.
5. Exercise of Data Protection Rights:
How to exercise these rights?
Users may send a communication to the registered office of Balcón de Europa, S.A or to the email address dpo@hotelbalconeuropa.com , including in both cases a photocopy of their D.N.I or other similar identification document, to request the exercise of the following rights:
- Access to your personal data: you may ask Balcón de Europa, S.A if it is using your personal data.
- To request their rectification, if they are incorrect, or to exercise the right to erasure (right to be forgotten) with respect to them.
- To request the restriction of processing, in this case, they will only be retained by Balcón de Europa, S.A for the exercise or defence of claims.
- To object to their processing: Balcón de Europa, S.A will cease processing the data in the manner you indicate, unless for legitimate reasons or for the exercise or defence of possible claims, they must continue to be processed.
- To data portability de los datos: en caso de que quieras que sus datos sean tratados por otra firma, Balcón de Europa, S.A, le facilitará la portabilidad de sus datos al nuevo responsable.
You can use the templates made available by the Spanish Data Protection Agency to exercise your aforementioned rights: here
Complain to the DPO AEPD: if you believe there is a problem with how Balcón de Europa, S.A is processing your data, you may address your complaints first to the Data Protection Officer, who will mediate for the correct resolution of the conflict:
If it is not possible to resolve the conflict, you can always go to the corresponding supervisory authority, which in Spain, the competent authority for this is: Spanish Data Protection Agency
We will request specific information to help us confirm your identity and guarantee your right to access your personal data (or to exercise any of the other rights mentioned above). This is a security measure to ensure that personal data is not disclosed to any person who does not have the right to receive it.
We resolve all requests within the indicated legal period of 1 month. However, it may take us longer than a month if your request is particularly complex, or if you have already made a series of previous requests. In this case, we will notify you and keep you updated.
6. Data communication: service provision.
It is possible that, in the performance of our work, we may need the help of third parties, who will only process the data to provide the contracted service, and with whom we have the corresponding measures to guarantee your rights:
- Service providers who provide system administration and information technology services.
- Professional advisers including lawyers, auditors, and insurers who provide banking, legal, insurance, and accounting consulting services.
All data processors to whom we transfer your data will respect the security of your personal data and process it in accordance with the GDPR. dpo@hotelbalconeuropa.com
We only allow such processors to process your data for specific purposes and in accordance with our instructions. However, in compliance with transparency, you can request a list of these companies that provide us with services via email:
7. Data Security
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know such data. They will only process your personal data on our instructions and are subject to a duty of confidentiality.
We have implemented procedures to deal with any suspected personal data breach and will notify you and the Supervisory Authority in the event of one occurring, as regulated in articles 33 and 34 of the GDPR, a security breach.
Actualización: Enero 2019
