For the purposes of the provisions of the European Data Protection Regulation EU 2016/679, of 27 April, of the Parliament and the Council and other national legislation in force, HOTELES Y TERMAS S.A., informs you that it fully complies with current legislation on the protection of personal data, and with the confidentiality commitments inherent to its activity.
HOTELES Y TERMAS S.A., informs you of the existence of an information processing system, owned by HOTELES Y TERMAS S.A., for the purposes of management, communication and information. The aforementioned system is described in the corresponding Register of Processing Activities of the RT, which can be accessed by the user to check the status of their data.
SECURITY MEASURES AND LEVELS:
HOTELES Y TERMAS S.A has adopted the necessary measures to guarantee the security of the information, as required by article 32 of the General Data Protection Regulation (GDPR), according to the nature of the personal data processed and the circumstances of the processing, with the aim of avoiding, as far as possible and always according to the state of the art, its alteration, loss, processing or unauthorised access, thereby guaranteeing the confidentiality, integrity and availability thereof.
The security measures that HOTELES Y TERMAS S.A. has described in the Register of Processing Activities shall be applied to all the information processing system assets where personal data is processed, in order to comply with current legislation on data protection.
All personnel hired by HOTELES Y TERMAS S.A. and its Data Processors are subject to compliance with the aforementioned regulations, with special attention to their functions and obligations, including the duty of secrecy, which shall be duly determined by HOTELES Y TERMAS S.A.
Acceptance of these conditions requires the user to collect certain essential data for the provision of its services, that will be requested personally through forms or the website. At the time of data collection, the user will be duly informed of their rights.
In order to ensure that the information contained in our processing system is always up to date and error-free, we ask our customers and users to inform us as soon as possible of any changes or corrections to their personal data.
EXERCISE OF RIGHTS:
To exercise the Rights of access, challenge, rectification, cancellation, suppression or opposition, portability, limitation of processing and to file a complaint with the Spanish Data Protection Agency (hereinafter AEPD for its acronym in Spanish), you should contact HOTELES Y TERMAS S.A, Paseo de la Concha, s/n – Edificio La Perla, in San Sebastián, province of Guipúzcoa, Postal Code 20007, Spain. However, other means may be used to recognise the identity of the customer exercising any of the aforementioned rights.
The user will give his/her consent so that HOTELES Y TERMAS S.A. can use his/her personal data in order to provide a correct fulfilment of the requested services.
The completion of the form included in the site or by sending e-mails or other communications to HOTELES Y TERMAS S.A., entails the explicit consent of the customer to the inclusion of their personal data in the aforementioned file, owned by HOTELES Y TERMAS S.A.
At the time of requesting this information, the customer or user will be informed of the recipient of the information, the purpose of the collection of the data, the identity and address of HOTELES Y TERMAS S.A. and the user’s right to exercise the rights of access, challenge, rectification, cancellation, deletion or opposition, portability, limitation of treatment and to file a complaint with the AEPD.
ASSIGNMENT TO THIRD PARTIES:
HOTELES Y TERMAS S.A. does not transfer personal data without the explicit consent of their owners, which must be granted on every occasion, being only assigned for the purpose specified and always with the consent of the user or customer.
CONFIDENTIALITY AND PROFESSIONAL SECRECY:
The data collected in all private communications between HOTELES Y TERMAS S.A and customers or users will be treated with absolute confidentiality, committing HOTELES Y TERMAS S.A to the obligation of secrecy of personal data, to its duty to keep them and to adopt all necessary measures to prevent their alteration, loss and unauthorised processing or access, in accordance with the provisions of current regulations.
Furthermore, the information of any type that the parties exchange between themselves, that is agreed by the parties to be confidential, or that simply concerns the content of such information, shall also be considered confidential. Visualisation of data through the Internet will not entail direct access to said data, except with the explicit consent of the owner on every occasion.
We recommend that the customer does not provide his/her identification, password or reference numbers that HOTELES Y TERMAS S.A. may provide to any third party. Likewise, in order to guarantee that the protection of professional secrecy between HOTELES Y TERMAS S.A. and the customer is preserved in all communications, the customer/user must not disclose confidential information to third parties.
CHANGES TO THE SECURITY AND DATA PROTECTION POLICY:
HOTELES Y TERMAS S.A. reserves the right to modify its security and data protection policy in order to adapt it to new legislative or legal developments, as well as those that may stem from existing standard codes on the subject, or due to strategic corporate decisions, with effect from the date of publication of said modification on the HOTELES Y TERMAS S.A. website.
The website www.la-perla.net, is managed by HOTELES Y TERMAS S.A., registered in the Mercantile Register of Gipuzkoa, Volume 1461, Ledger o, Folio 142, with Spanish Tax Identification Code A20500310.
The information processing system created is located at the registered office, which is established for the purposes of this Legal Notice, at HOTELES Y TERMAS S.A, Paseo de la Concha, s/n – Edificio La Perla, in San Sebastián, province of Guipúzcoa, Postal Code 20007, Spain; under the supervision and control of HOTELES Y TERMAS S.A., which is responsible for the adoption of technical and organisational security measures to protect the confidentiality and integrity of the information, in accordance with the provisions of the European Data Protection Regulation EU 2016/679 dated April 27 of the Parliament and Council and the rest of the national regulations in force, and other applicable legislation.
HOTELES Y TERMAS S.A. in accordance with Law 34/2002, on Information Society Services and Electronic Commerce, informs you that the broad meaning of this Law includes among these services the supply of information by this means. In any case, the European Data Protection Regulation EU 2016/679 dated April 27 of the Parliament and the Council and the rest of the national regulations in force, and its development regulations, will be applicable in this regard, especially with regard to the collection of personal data, the information to the interested parties and the creation and maintenance of personal data files.