Privacy policy

1. DATA OF THE DATA CONTROLLER

Company Name: HOSTALILLO SA (hereinafter the "Controller").
Tax Identification Number (NIF): A08097669
Address: C/ BELLAVISTA Nº 22 - 17212 - TAMARIU (PALAFRUGELL) - GIRONA
Phone Number: 972620228
Email for Data Protection Communications: hostalillo@hotelhostalillo.com

1.1. Applicable Legislation

Our Privacy Policy has been designed in accordance with the General Data Protection Regulation (GDPR) of the EU 2016/679 of the European Parliament and the Council of April 27, 2016, regarding the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as well as Organic Law 3/2018 of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights.

By providing us with your data, you declare that you have read and understood this Privacy Policy, giving your unequivocal and explicit consent to the processing of your personal data according to the purposes and terms outlined here.

The Hotel may modify this Privacy Policy to adapt it to legislative, jurisprudential, or interpretative changes by the Spanish Data Protection Agency. These privacy conditions may be supplemented by the Legal Notice, Cookie Policy, and the General Terms that apply to specific products or services, if such access involves any special provisions regarding the protection of personal data.

1.2. Our Data Protection Officer

LOPDMONTOLIU I SERVEIS SL, with NIF B55261804.
Contact phone number: 625459540
Email: info@lopdmontoliu.es

2. PURPOSE OF PROCESSING PERSONAL DATA

• To respond to the information requests made through the contact or inquiry sections regarding the different services offered at the Hotel, on the website.
• To send the Hotel's newsletter to inform about activities, offers, promotions, and other information that may be of interest to you.
• To enable the management of your online booking at the Hotel.
• To facilitate the booking process for future transactions.
• To ensure the provision of the contracted services at the Hotel.

2.1. Retention Period of Your Data

We will keep your personal data as long as you provide consent, until you withdraw it or request the limitation of processing. In such cases, we will keep your data blocked for the legally required periods.

3. LEGITIMATION AND DATA COLLECTED

The legal basis for processing your data is your explicit consent given by a positive and affirmative act (filling out the corresponding form and checking the acceptance box of this policy) when providing us with your personal data.

3.1. Consent to Process Your Data

By filling out the forms, checking the "I accept the Privacy Policy" box, and clicking to submit your data, or by sending emails to the hotel through the designated email addresses, the User expresses that they have read and explicitly accepted this Privacy Policy, and grants their unequivocal and explicit consent to the processing of their personal data in accordance with the stated purposes.

3.2. Categories of Data

The collected data refers to the category of identifying data, such as:

• Name and Surname
• Phone number
• Postal address
• Company
• Email
• Debit or credit card details
• IP address from which you access the data collection form

4. SECURITY MEASURES

As part of our commitment to ensuring the security and confidentiality of your personal data, we inform you that we have adopted the necessary technical and organizational measures to ensure the security of personal data and to prevent its alteration, loss, treatment, or unauthorized access, taking into account the state of the technology, the nature of the data stored, and the risks to which they are exposed, according to Article 32 of the GDPR EU 679/2016.

5. DATA TRANSFERS

No data transfers or international transfers of your data are foreseen, except those authorized by tax, commercial, and telecommunications legislation, or in cases where a judicial authority requires it.

6. EXERCISING RIGHTS

As long as the Hotel processes your personal data, you have the right to request:

• Access: The data subject has the right to obtain confirmation from the data controller as to whether or not their data is being processed, as well as detailed information regarding certain aspects of the processing being carried out.
• Rectification: The data subject has the right to request the correction of inaccurate personal data or the completion of incomplete data.
• Deletion: The data subject has the right to request the deletion of their personal data, subject to the limits established by the regulating law.
• Limitation of Processing: The data subject has the right to request the limitation of the processing of their personal data.
• Opposition to Processing: In certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. The Hotel will cease processing the data, unless for legitimate reasons, imperious reasons, or the exercise or defense of potential claims.
• Data Portability: The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller.

These rights can be exercised by written and signed request addressed to Hotel Hostalillo, by email to hostalillo@hotelhostalillo.com, or through our Data Protection Officer.

7. CONSENT FOR SENDING ELECTRONIC COMMUNICATIONS

Also, in accordance with Law 34/2002 of July 11, on Information Society Services and Electronic Commerce, by completing the data collection form and checking the corresponding "I accept" box, you give your explicit consent to send information about the Company to your email address, phone, fax, or other electronic means.