Privacy policy

Hotel Bellavista & SPA

USER INFORMATION

Who is the controller of your personal data?

Hotel Bellavista C.B. is responsible for the processing of the user’s personal data and informs you that this data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of 27 April (GDPR), and Organic Law 3/2018, of 5 December (LOPDGDD).

What type of data do we request and process?

Depending on the form or mode of obtaining your data, we always ask for the minimum necessary to fulfil the purposes detailed in each case.

What do we process your personal data for and why?

Depending on the form from which we have obtained your personal data, we will treat them confidentially to achieve the purposes of

In the Contact form

  • To respond to queries or any type of request made by the user through any of the forms of contact made available on the website of the party responsible.
  • (for the legitimate interest of the data controller, art. 6.1.f GDPR) Conduct statistical analysis and market research (for the legitimate interest of the data controller, art. 6.1.f GDPR)

In the Newsletter form

To send newsletters, news, offers and promotions online (by consent of the data subject, 6.1.a GDPR). On the CV form To involve the data subject in recruitment processes and to analyse the applicant’s profile with the aim of selecting a candidate for the vacant position of the data controller. (by consent of the data subject, 6.1.a GDPR)

In the form Reservations

To make reservations at the establishment of the data controller (for the execution of a contract or pre-contract, 6.1.b GDPR). Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which enable commercial communications to be made regarding products or services that are similar to those initially contracted with the customer (art. 21.2 LSSI). (for the legitimate interest of the data controller, art. 6.1.f GDPR).

Social Networking

Contact through the Social Networks in order to maintain a relationship between the User and the responsible party

Which may include the following operations: – Processing your requests and queries. – To inform you about activities and events. – Inform about products and/or services. – Interacting through official profiles. The user has a profile on the same social network and has decided to join the social network of the Responsible, thus showing their interest in the information published therein, therefore at the time of requesting to follow our official page, they provide us with their consent for the processing of their data. The User may at any time access the privacy policies of the social network itself, as well as configure their profile to guarantee their privacy. Once the User is a follower or has joined the social network of the responsible party, he/she may publish comments, links, images, photographs or any other type of content supported by the same. The User, in all cases, must be the owner of the content published, hold the copyright and intellectual property rights or have the consent of the third parties concerned. – Sending commercial communications relating to the activities of the Group’s companies, as well as external companies with which commercial collaboration or intermediation agreements have been established. (with the consent of the data subject, 6.1.a GDPR).

Instant Messaging

Schedule appointments and meetings with the person in charge.

(for the legitimate interest of the data controller, art. 6.1.f GDPR) Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which enable commercial communications to be made regarding products or services that are similar to those that were initially contracted with the customer (art. 21.2 LSSI). (for the legitimate interest of the data controller, art. 6.1.f GDPR) To manage, maintain, improve or develop the services provided (for the performance of a contract or pre-contract, 6.1.b GDPR).
To manage your online purchase or order, process the payment and proceed with the shipment of the same, on the basis of the general terms and conditions. (for the performance of a contract or pre-contract, 6.1.b GDPR) Send commercial quotations about products and services (for the performance of a contract or pre-contract, 6.1.b GDPR). Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that enable commercial communications to be made. These communications will be carried out by the data controller and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data. (by consent of the data subject, 6.1.a GDPR) To respond to queries or any type of request made by the user through any of the contact methods made available on the website of the data controller. (for the legitimate interest of the data controller, art. 6.1.f GDPR).

Customers and suppliers

Commercial management with customers and suppliers

(for the legitimate interest of the data controller, Art. 6.1.f GDPR)

How long will we keep your personal data?

They shall be kept for no longer than is necessary to maintain the purpose of the processing or there are legal requirements for their safekeeping. and when it is no longer necessary for that purpose, it shall be erased with appropriate security measures to ensure the anonymisation of the data or the complete destruction of the data.

The right to lodge a complaint with the supervisory authority if you have not obtained satisfaction in the exercise of your rights, in this case with the Spanish Data Protection Agency http://www.agpd.es

To whom do we provide your personal data?

No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the data controller has signed the confidentiality and data processor contracts required by the privacy regulations in force.

Do we do international transfers?

Pursuant to the provisions of Article 44 of the GDPR, authorisation for the international transfer of data to a country that has not been declared as a country with an adequate level of protection may only be granted if sufficient guarantees are obtained. Thus, it may be granted if the controller provides a written contract, concluded between the data exporter and the data importer, containing the necessary guarantees of respect for the protection of data subjects and ensuring the exercise of their rights. It is possible that the data controller may use the services of suppliers who have servers or headquarters in other places and, therefore, these transfers are carried out. To consult the updated list of suppliers, please consult the data controller or via hotel@bellavistamallorca.com.

What are your rights?

Users, by ticking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data are necessary to meet their request by the provider, the inclusion of data in the remaining fields being voluntary. The user guarantees that the personal data provided to the data controller are truthful and is responsible for communicating any changes to them. The responsible informs that all the data requested through the website are obligatory, as they are necessary for the provision of an optimal service to the user. In the event that all the data is not provided, there is no guarantee that the information and services provided will be completely tailored to your needs. If, by any means, you provide us with personal data of other persons, the responsible party advises that you must do so with their consent and have informed us, with their consent, of their personal data. with their consent and having previously informed them of the points contained in this Privacy Policy. Likewise, the data controller undertakes to provide any third party whose data you provide us with the relevant information, in accordance with the provisions of article 14 of the General Regulations.

SECURITY MEASURES

That in accordance with the provisions of the regulations in force on personal data protection, the controller is complying with all the provisions of the GDPR and LOPDGDD for the processing of personal data under its responsibility, and manifestly with the principles described in article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. The controller guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of users and has communicated the appropriate information to them so that they can exercise them. For more information on privacy guarantees, you can contact the responsible party through Hotel Bellavista C.B.. C/Miguel Garau, 30, – 07590 Cala Ratjada (Illes Balears). E-mail: hotel@bellavistamallorca.com

VALIDITY

This privacy policy is effective as of 16/05/2022. The responsible reserves the right to modify this policy to adapt it to future legislative or jurisprudential updates that may be applicable, or for other technical, operational, commercial, corporate, etc. reasons. If, as a result of the changes, the rights of users are affected, the responsible party undertakes to inform about the reasons.