In compliance with Article 10.1 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI), the identifying information of the owner is provided:
• Responsible: ALGALIAHOSTELERIA SL
• Tax ID (NIF): B70318506
• Registered office: Porta da Pena 4, Santiago de Compostela (A Coruña)
• Contact email: firstname.lastname@example.org
• Website: https://www.atalaiahoteles.com
2.1 DETAILED INFORMATION ON DATA PROTECTION
2.1.1 Who is responsible for data processing?
Identity: ALGALIAHOSTELERIA SL
Address: Porta da Pena 4, Santiago de Compostela (A Coruña)
2.1.2 What information do we collect and process from the user through the website?
• Through the Contact form
On our website, users have the option to contact us to clarify any doubts they may have regarding the operation of our project, services, or any other information they may need. To respond, we will contact the user via email or phone, if provided.
• Through our corporate email
Through our email address email@example.com, users can contact us and/or request information they consider necessary to clarify doubts related to our services.
If the user provides us with third-party data, they assume the responsibility of having informed them in advance and obtaining their consent, in accordance with Article 14 of the GDPR.
2.1.3 For what purpose do we process the user’s personal data?
ALGALIAHOSTELERIA SL processes personal data for the following purposes, based on the reason for which they have been provided:
a) To provide the services offered by ALGALIAHOSTELERIA SL, invoicing, conducting commercial activities, and offering and/or contracting products and services.
b) To contact, process, manage, and respond to the user’s requests, inquiries, incidents, or questions (whether through email, contact form, or phone).
c) To manage, where applicable, the sending of information about activities, services, and news related to ALGALIAHOSTELERIA SL via electronic and/or conventional means.
d) We process information for the purpose of managing registration as a web user. In addition to enabling the proper provision of the contracted service, invoicing, conducting commercial activities, and offering and/or contracting products and services.
e) We process information to manage the relationship with candidates applying for a vacancy in the company.
2.1.4 What is the legal basis for processing the user’s data?
• The legal basis for the processing of personal data for the purposes outlined in the previous section is the performance of the corresponding service and is a mandatory requirement for it, as established in Article 6.1(b) of the GDPR.
• Regarding the sending of information about activities, services, and news related to ALGALIAHOSTELERIA SL, the legal basis for processing the personal data provided is the user’s express consent, as stipulated in Article 6.1(a) of the GDPR.
2.1.5 How long will the user’s personal data be processed?
• Data for managing the relationship with the services managed by ALGALIAHOSTELERIA SL, which require payment, will be retained for the duration of the contract. Data may be retained for the time required by applicable law and until any tax-related responsibilities have expired.
• Data for managing inquiries and requests will be retained for the time necessary to respond to them, and until the data subject requests the withdrawal of their consent to receive information related to their inquiry.
• Data for sending information about ALGALIAHOSTELERIA SL activities or services will be retained until the user withdraws their consent.
2.1.6 To whom will the user’s personal data be disclosed?
As a general rule, user data will not be transferred to third parties unless there is a legal obligation or it is necessary to provide the service. With this in mind:
• The user’s personal data may be disclosed to financial institutions through which payment management is carried out.
• They may also be disclosed to the competent Public Authorities in cases provided for by law.
• They will also be disclosed to ALGALIAHOSTELERIA SL’s Data Processors for the proper provision of the service.
• Advisory services for the provision of tax and accounting management services.
◦ IT companies for the maintenance of computer applications and systems.
◦ Transport and logistics companies.
◦ Consulting, certification, and/or legal advisory companies.
2.1.7 What are the user’s rights?
Any person has the right to obtain confirmation as to whether or not we are processing personal data concerning them.
They have the right to request access to personal data concerning the data subject, rectification, deletion, restriction of processing, objection to processing, and data portability.
We inform you that you have the right to withdraw the consent given for a specific purpose and to file a complaint with any supervisory authority.
You can exercise your data protection rights in writing at Porta da Pena 4, Santiago de Compostela (A Coruña).
2.1.8 What security measures have we implemented?
At ALGALIAHOSTELERIA SL, we are committed to protecting your personal information.
We use reasonably reliable and effective physical, organizational, and technological measures, controls, and procedures aimed at preserving the integrity and security of your data and ensuring your privacy.
In addition, all personnel with access to personal data have been trained and are aware of their obligations regarding the processing of personal data.
In the contracts we enter into with our suppliers, we include clauses that require them to maintain the duty of confidentiality regarding personal data to which they have had access as part of the assignment, as well as to implement the necessary technical and organizational security measures to guarantee the permanent confidentiality, integrity, availability, and resilience of the systems and services used for processing personal data.
The data collected refers to the category of identifying data, such as: Name and Surname, Phone, Email, as well as the IP address from which the data collection form is accessed. Identifying data necessary for registrations of activities and other initiatives that require filling out a form will also be requested. Users will always be informed with basic information about the specific purposes for which their personal data will be collected.
All these security measures are reviewed periodically to ensure their adequacy and effectiveness.
However, absolute security cannot be guaranteed, and there is no security system that is impenetrable. In the event that any information subject to processing