GDPR POLICIES AND PROCEDURES
GDPR Policies and Procedures
Information we may collect from you
The type of information we collect about you may include information such as:
• Your name;
• Your email address;
• Your address;
• Your phone number;
• Your payment information (e.g. your credit or debit card details);
• Information about how you use our website (e.g. which pages you have viewed, the time you viewed them and what you clicked on);
Information we obtain from third parties will generally be your name and contact details, but may include any additional information they provide to us, including (but not limited to) any of the types of information set out in the list above.
We may also obtain personal information about you from certain publicly accessible sources, including (but not limited to) the electoral register, online customer databases, business directories, media publications, social media, websites and other publicly accessible sources.
- You already have the information;
- Providing you with the information would prove impossible or would involve a disproportionate effort;
- We are under an EU or EU member state law obligation to obtain or disclose the information which provides appropriate measures to protect your legitimate interests; or
- We are obliged to keep the information confidential as a result of an obligation of professional secrecy regulated by EU or EU member state law.
When you access our website or Wi-Fi facilities, your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you.
Security and where we store your personal data
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We will continue to revise policies and implement additional security features as new technologies become available.
The transmission of information via the internet is not completely secure and may involve the transfer of data to countries outside of the European Economic Area (EEA). This occurs typically through use of cloud solutions for web hosting, email hosting or proprietary software solutions delivered to us through the Cloud. We do not however authorise any third party to use your personal data for their own purposes. Non EEA countries may not provide an adequate level of protection in relation to processing your personal data. By submitting your data, you agree to this transfer, storing and processing.
Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to us. Any transmission of data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access.
Uses made of your personal data
We use your personal data that we hold to:
- In our legitimate interest of advertising our services, provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (our list of services below);
- Carry out our obligations arising from any contracts entered into between you and us;
- In our legitimate interest of advertising our services, provide details of any promotion;
- Comply with legislation; and/or
- notify you about changes to our services.
We may use your data to send you information relating to our services, events and products which may be of interest to you. If you do not want us to use your data in this way, please notify us to that effect.
We keep your Data for varying periods according to our Retention Schedule.
Disclosure of your information
We may disclose your Data to third parties if we are under a duty to disclose or share your Data in order to comply with any legal obligation, or to protect our rights, property, or safety of staff or customers. Currently we disclose your Data to the following third parties.
- Departemento Hospederias of the Guardia Civil, part of the Ministerio del Interior of the Spanish Government
- Agencia Tributaria, part of the Ministerio de Hacienda y Administraciones Publicas of the Spanish Government
Some jurisdictions may not have adequate safeguards for the protection of personal data, and where this is the case we comply with Chapter 5 of the General Data Protection Regulation (“GDPR”) to provide an alternative method of safeguarding your personal data.
Links to other sites
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any data to those websites.
As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process data relating to you. These rights apply in certain circumstances and are set out below: -
1. The right to access data relating to you (‘access right’)
2. The right to rectify/correct data relating to you (‘right to rectification’)
3. The right to object to processing of data relating to you (‘right to object’).
4. The right to restrict the processing of data relating to you (‘right to restriction’
5. The right to erase/delete data relating to you (i.e. the ‘right to erasure’) and
6. The right to ‘port’ certain data relating to you from one organisation to another (‘right to data portability’)
The data controller in respect of our website is Rudy & Nele of Carretera Alcalá - Olvera s/n Alcalá del Valle, Spain.
You can contact the data controller by writing to Apartado de Correos 2493, 11693 Alcala del Valle Spain or sending an email to Cortijo.el.Guarda@gmail.com.
Changes to this policy
We reserve the right to change this Policy from time to time in our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree to this Policy as modified.
Questions, comments, requests and complaints regarding this Policy and the information we hold are welcome and should be addressed to us at Cortijo.el.Guarda@gmail.com
All requests will be dealt with promptly and efficiently.