The use of the website www.pandilla-ibiza.com (hereinafter the “Site”) may, where appropriate, involve the collection and processing of personal data within the meaning of the General Regulation of the European Parliament and of the Council on the Protection of Personal Data No. 2016/679 of 27 April 2016 (hereinafter the “GDPR”) and any relevant national legislation adopted in its application.
- Who is responsible for the data processing implemented?
The controller of the processing of personal data implemented in accordance with this Policy is the company PANDILLA SL (hereinafter “We” or “Our”).
- When is personal data collected and processed?
The purpose of the Site is to present “La Pandilla Ibiza” and to allow You to both obtain information about the house and, if You want, to send us a booking request. Personal data about You is therefore collected each time You send Us an e-mail and/or a message through the form available under the tab “Book”.
- What personal data is collected and processed?
Depending on Your use of the Site, the personal data about You that may be collected and processed is: Your first name, Your surname, Your e-mail address, Your phone number, Your preferred method of contact (phone or e-mail), the dates You wish to stay, and any data You may choose to share with Us via an e-mail or the contact form on the Site.
- On what legal basis is the personal data collected and processed?
All data collected and processed through the Site is done so on the basis of your consent to share it with Us.
- What do We do with the data We collect?
All personal data that You choose to share with Us is used to provide You with information about “La Pandilla Ibiza”, in particular booking availability, prices and any other information You may need.
We use Your e-mail address to keep in touch with you by sending a newsletter. You can unsubscribe very easily at any time by clicking the link at the bottom of each e-mail.
- With whom do we share the data we collect?
- For how long do we keep Your personal data?
Your data is kept to fulfil the purpose of the processing :
- in the event of a booking : Your data is kept until You leave and is then stored in order to keep a record of your visit and to welcome You back again in the best conditions. If You do not return, Your data will be automatically deleted 10 (ten) years after Your last stay.
- in the event of a simple request for information : Your data is only kept for a period of 2 (two) years from the date You first get in touch with Us.
- if You subscribe to the newsletter : Your data is kept as long as You choose not to unsubscribe from the newsletter.
- What are Your rights in relation to Your personal data?
You have the right to request access to the personal data about You that We keep. You can ask for it to be corrected or deleted, request that the processing of the personal data concerning You be limited, and You also have the right to object to it being processed at all.
However, if you request that the processing of Your data be limited or you object to it being processed, We may not be able to proceed with Your booking. Moreover, if You do exercise your right to object or the right to be forgotten, certain information may still be retained for purposes of compliance with Our legal obligations.
You can also give instructions as to the storing, deleting and disclosure of Your personal data after your death. In the absence of such instructions, Your personal data will be kept in accordance with the paragraphs above, unless Your heirs request that Your data be deleted sooner.
To exercise Your rights, simply send Us an e-mail to firstname.lastname@example.org, together with some proof of your identity.
Lastly, You have the right to lodge a complaint at any time with the supervisory authority responsible for data protection. To do this, You can contact the data protection supervisory authority for the region in which you live.
- How is Your personal data protected?
In Our capacity as Data Controller, We undertake to implement and maintain, at Our expense, appropriate technical and organisational measures for the processing and security of personal data, in accordance with Articles 32 to 34 of the GDPR.
We thus ensure that these technical and organisational measures are tailored to the specific risks presented by Our processing activities, in view of the nature of the information that may be collected by Us, in particular to protect Your personal data against accidental or unlawful deletion, loss, alteration or unauthorised disclosure.
Thus, all personal data is stored on servers located within the European Union and only certain people within Our team have access to it.
- Do international transfers of data take place?