HOSPES HOTELES SL (CIF B62173604), JML SALAMANCA 22 SA (CIF A82248436) and Hotel Palacio de los Arenales Gestión SL (CIF B86902327), is aware of the importance of personal data, so it is assured to all Users and Clients that we ensure the proper treatment and privacy of them, in strict compliance with the provisions of the Legal Order, and in the terms that we explain below:
In compliance with the General Data Protection Regulation, of May 25, 2016, on the Protection of Personal Data, in relation to the Organic Law 3/2018, of December 5, of Protection of Personal Data and guarantee of digital rights, we inform that there is an automated processing of personal activities, with the sole purpose of simplifying the management of the activity of this Website, the management of the services that are offered through it and, where appropriate, the management, development and fulfillment of the contractual relationship that the Client establishes with HOSPES HOTELS SL. Likewise, HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL will process the data to manage the queries, which are made through the Website. HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL is, for the purposes of the provisions of the Law, the Person Responsible for the Treatment of Activities.
The treatment activities are registered in the Company's Data Protection Policy and have legally established security measures (technical and organizational measures that prevent the alteration, loss, treatment or unauthorized access of the data, according to proceed).
The supply of personal data requested by HOSPES HOTELES SL contains several categories:
Identification: Name, surname, ID number, postal address, date of births, nationality, preferred language to communicate with you, contact telephone and email.
On financial data that allow direct debit and / or credit card data to make reservations and payments.
And health information that will be required to assist you in our SPA, accommodation or catering.
The supply of all these data is mandatory so that you can proceed to register as a Client in certain services offered on the Website. If the Client does not provide the requested personal data or does not accept this Privacy and Data Protection Policy, they will not be able to acquire the products offered. Likewise, the supply of data requested by HOSPES HOTELES SL is mandatory in order to assess their candidacies. If the candidate does not provide personal data or does not accept this Privacy and Data Protection Policy, the same cannot be assessed.
All the personal data you provide us will be incorporated into our record of activities mentioned above "Customer Hotel Management", the purpose of the treatment for the collection of such personal data is for the purpose of commercial maintenance with the client, accommodation at the facilities of the hotels of the brand, for the realization of corporal and aesthetic treatments of the client, the restoration and invitations for promotions and events or to maintain the quality of our hotels by sending satisfaction surveys.
The Hospes Administrators have the responsibility to formulate the strategy and approve the Company's Corporate Policies, as well as to organize the internal control systems. In the exercise of these responsibilities, and in order to establish the general principles that should govern the processing of personal data.
1. Purpose the Personal Data Protection Policy establishes the common principles and guidelines for action that must govern the HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL regarding the protection of personal data, guaranteeing, in all cases, compliance with the applicable legislation. In particular, the Personal Data Protection Policy is intended to guarantee the right to the protection of your data of all natural people who are related to society, ensuring respect for the right to honor and privacy in the treatment of personal data. Different types of personal data, from different sources and with different purposes depending on your business activity.
2. Evaluation: The Security Manager will evaluate, at least once a year, the compliance and effectiveness of this Policy of protection of personal data and will report the result to the address that assumes these functions at each moment.
3. This Personal data protection policy was initially approved by the General Directorate on May 15, 2018.
4. By accepting this Privacy and Data Protection Policy, the Client guarantees the accuracy, validity and authenticity of the personal data provided, and undertakes to keep them duly updated.
The client exonerates HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión of any responsibility for any loss or damage that may occur as a result of errors, defects or omissions, in the information you have provided to HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión.
HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL undertakes to comply with its obligation of professional secrecy with respect to the personal data received through the Website and its treatment with confidentiality.
The client, expressly accepts that HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL may give personal data as, sometimes, we use other companies to provide certain of our services. For this, they need access to personal data of our clients and / or Users. HOSPES HOTELS SL may provide the information provided through the Web, to third parties related or dependent on it or to service providers, for the achievement of such services, for the purposes and application of the security measures provided in the GDPR.
In order to ease navigation through the website, HOSPES HOTELES SL, JML SALAMANCA
5. Principles of the treatment of personal data, the principles that govern the Policy of protection of personal data are the following:
a) General principles: HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL scrupulously comply with the legislation of its jurisdiction in matters of data protection, which is applicable depending on the processing of personal data that is carried out and that is determined according to standards or binding agreements adopted within the company HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL will promote that the principles contained in this Policy of protection of personal data are taken into account
(i) in the design or implementation of all procedures that involve the processing of personal data,
(ii) in the products and services offered by this,
(iii) in all contracts and obligations formalized with natural people and
(iv) in the implementation of how many systems and platforms allow access by employees or third parties to personal data and / or the collection or processing of said data.
b) Principles relating to the processing of personal data:
(i) Principles of legitimacy, legality and loyalty in the processing of personal data. The processing of personal data will be fair, legitimate and lawful according to the applicable legislation. In this regard, personal data must be collected for one or more specific and legitimate purposes in accordance with the applicable legislation. In cases where it is mandatory under the applicable legislation, the consent of the interested parties must be obtained before collecting their data. Also, when required by law, the purposes of processing personal data will be explicit and determined at the time of collection.
In particular, HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL will not collect or process personal data related to ethnic or racial origin, political ideology, beliefs, religious or philosophical beliefs, life or sexual orientation, union affiliation, health, or genetic or biometric data directed to uniquely identify a person, unless the collection of such data is necessary, legitimate and required or permitted by applicable law, in which case they will be collected and treated in accordance with the provisions of that.
(ii) Principle of minimization. Only those personal data that are strictly necessary for the purpose for which they are collected or processed and suitable for that purpose will be subject to processing.
(iii) Principle of accuracy. Personal data must be accurate and up-to-date. Otherwise, they must be deleted or rectified.
(iv) Principle of limiting the term of conservation. Personal data will not be kept beyond the period necessary to achieve the purpose for which they are treated, except in the cases provided by law.
(v) Principles of integrity and confidentiality. Personal data Protection Policy. In the processing of personal data, it must be guaranteed, through technical or organizational measures, an adequate security that protects them from unauthorized or illegal treatment and that prevents their loss, destruction and suffering accidental damage. The personal data collected and processed by HOSPES HOTELES SL, JML SALAMANCA 22 SA
and Hotel Palacio de los Arenales Gestión SL must be kept with the utmost confidentiality and secrecy, and cannot be used for purposes other than those that justified and allowed collection and cannot be communicated or assigned to third parties outside of the cases allowed by the applicable legislation.
(vi) Principle of proactive responsibility (accountability). HOSPES HOTELES SL, JML SALAMANCA 22 SA and Hotel Palacio de los Arenales Gestión SL will be responsible for complying with the principles stipulated in this Personal Data Protection Policy and those required in the applicable legislation and must be able to prove it, when required by applicable legislation. HOSPES HOTELS SL must make an evaluation of the risk of the treatments that they carry out, in order to determine the measures to be applied to guarantee that the personal data are treated according to the legal requirements. In cases where the law requires it, the risks that for the protection of personal data may involve new products, services or information systems will be evaluated in advance and the necessary measures will be adopted to eliminate or mitigate them. HOSPES HOTELS
SL must keep a record of activities describing the processing of personal data that takes place within the framework of its activities. In the event that an incident occurs that causes the accidental or unlawful destruction, loss or alteration of personal data, or communication or unauthorized access to said data, the internal protocols established for this purpose by the Security and Safety Officer must be followed. Those established by the applicable legislation. These incidents must be documented and measures taken to resolve and mitigate the possible negative effects for the interested parties. In the cases foreseen in the law, data protection delegates will be appointed in order to guarantee compliance with the data protection regulations in the company.
(vii) Principles of transparency and information. The processing of personal data will be transparent in relation to the interested party, providing them with information about the treatment of their data in a comprehensible and accessible way, when required by applicable law. In order to guarantee a loyal and transparent treatment, HOSPES HOTELS SL, responsible for the treatment, must inform those affected or interested whose data is to be gathered from the circumstances related to the treatment in accordance with the applicable legislation.
(viii) Acquisition of personal data. It is prohibited to acquire or obtain personal data from illegitimate sources, from sources that do not sufficiently guarantee their legitimate origin or from sources whose data have been collected or transferred in contravention of the law.
(ix) Hiring of treatment managers. Prior to the hiring of any service provider accessing personal data that are the responsibility of HOSPES HOTELS SL as well as during the term of the contractual relationship, they must take the necessary measures to guarantee and, when legally required, demonstrate, that the data processing by the person in charge is carried out in accordance with the applicable regulations.
(x) International data transfers. Any processing of personal data subject to European Union regulations that involve a transfer of data outside the European Economic Area must be carried out in strict compliance with the requirements established in the applicable law in the jurisdiction of origin. Likewise, business partners or subsidiaries located outside the European Union must comply with the requirements established for international transfers of personal data that are, if applicable, applicable in their jurisdiction.
(xi) Rights of the interested parties. HOSPES HOTELS SL must allow those interested to exercise the rights of access, rectification, deletion, limitation of treatment, portability
and opposition that are applicable in each jurisdiction, establishing, for this purpose, the internal procedures that are necessary to satisfy, at least, the legal requirements applicable in each case.
4. Implementation in accordance with the provisions of this Personal Data Protection Policy, the Corporate Security Department, together with the company's Legal Services, will develop and keep updated the internal global data protection management regulations, which will be implemented by the Responsible for Security and will be mandatory for all managers and employees of the Company. Likewise, the person in charge of establishing internal procedures that develops the principles contained in this.
5. Control and evaluation a) Control the Responsible for Security is in charge for monitoring compliance with the provisions of this Policy for the protection of personal data by the Company. To verify compliance with this Personal Data Protection Policy, periodic audits will be carried out with internal or external auditors.
Any Client or Candidate may exercise the rights of access, rectification, cancellation, opposition and request the removal of the data by post to HOSPES HOTELS SL located in the c/ Serrano, 40 - 4o D- 28001 - Madrid, Spain, or by sending an email to firstname.lastname@example.org with the reference in the subject: “Data Protection”, including with the application a copy of your ID or official document accrediting the identity.
© HOSPES 2019