The person responsible for the processing of your personal data is EXCEL HOTELS & RESORTS, SA (hereinafter, “EXCEL”), with NIF: A - 38083101 and registered office at Calle Santa Rosa 5 (Royal Palm apartments, Oasis del Sur urbanization), Arona , 38650, Tenerife. 1. INFORMATION TO THE INTERESTED PARTY
The EXCEL HOTELS & RESORTS
brand is made up of each of the companies indicated below, which are responsible for the processing of the personal data of the interested parties. It is reported that your data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of April 27, 2016 (GDPR) regarding the protection of natural persons with regard to the processing of personal data and the free circulation of this data, for which the following treatment information is provided:
a) Purpose of processing:
- maintenance of the commercial relationship with the Interested Parties. The operations planned to carry out the treatment are the remission of commercial and/or advertising communications by any means of communication, whether electronic or physical, present or future, that makes it possible to carry out commercial communications. These communications will be made by the data controller and related to their products and services related to the EXCEL HOTELS & RESORTS brand, or their collaborators or suppliers with whom they have reached a promotional agreement. In this case, third parties will never have access to personal data.
- Carrying out statistical studies.
- Processing of requests or any type of request made by the interested parties through any of the contact forms that are made available to them.
- Remission of the newsletter related to the activity of the "EXCEL HOTELS & RESORTS" brand, qualifying and understanding as the EXCEL HOTELS & RESORTS brand all those activities carried out by the companies directly or indirectly related to said brand.
b) Data retention criteria:
The personal data provided by the interested parties will be kept for the legally established time and/or as long as there is a mutual interest in maintaining the treatment. When it is no longer necessary for this purpose, they will be deleted with the appropriate security measures to guarantee the pseudonymization of the data or their total destruction.
c) Communication of data:
The personal data provided by the Interested Parties will not be transferred to third parties, unless a Law so provides or that said transfer is necessary for the provision of a service to the Data Controller. In any case, the treatment by third parties will comply with the provisions of article 28 et seq. of the GDPR.
d) Rights of the interested parties:
- Right to withdraw consent at any time.
- Right of access, rectification, portability and deletion of your data and the limitation or opposition to its treatment.
- Right to file a claim with the control authority ( agpd.es ) if you consider that the treatment does not comply with current regulations.
e) Contact details to exercise your rights:
. 2. MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE INTERESTED PARTIES.
The Interested Party, by checking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data is necessary to meet your request, by the person in charge, the inclusion of data in the remaining fields being voluntary. The Interested Party guarantees that the personal data provided to the person in charge is true and is responsible for communicating any modification thereof.
The person in charge expressly informs and guarantees the interested parties that their personal data will not be transferred in any case to third parties, and that whenever any type of transfer of personal data is to be carried out, prior express, informed and unequivocal consent will be requested. to those interested. All the data requested through the website is mandatory, since it is necessary for the provision of an optimal service to the Interested Parties. In the event that all the data is not provided, it is not guaranteed that the information and services provided are fully adjusted to your needs. 3. SECURITY MEASURES
In accordance with the provisions of current regulations on the protection of personal data, the person in charge informs the interested parties that he complies with all the provisions of the RGPD and LOPDGDD regulations for the processing of personal data under his responsibility, and manifestly with the principles described in article 5 of the GDPR, by which they are treated in a lawful, loyal and transparent manner in relation to the interested party and adequate, pertinent and limited to what is necessary in relation to the purposes for which they are treated.
The Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the Interested Parties and has communicated the appropriate information so that they can exercise them.