Please read it carefully. In it, you will find important information about the processing of your personal data and the rights recognised by current regulations on the subject.
You declare that the data you provide us with, both now and in the future, are accurate and truthful, and you undertake to notify us of any changes to them. If you provide personal data on behalf of a third party, you agree to obtain their prior consent and inform them of the content of this policy.
In general, the fields on our forms that are indicated as mandatory must be completed in order to process your requests.
1. Who is the data controller?
The controller of the personal data collected on this website is Coquimbas S.L. (Mhares Sea Club), with a registered address at Carrer de l’Oronella, s/n, 07609 (Balearic Islands), Spain, who can be contacted by calling (+34) 871 03 80 18 or emailing email@example.com.
2. Why do we process your data, and what is the legal basis for the processing?
Managing our relationship with users: We process the data that our clients and users provide us with when they contact us so that we can respond to their requests.
These processing operations are necessary for us to establish a legal relationship with our website users or apply pre-contractual measures to their requests.
Managing bookings and the sale of passes: The data provided in the forms used to book tables and sun loungers or purchase passes will be processed to handle these transactions and provide the requested services. The data categories that we process for these purposes are:
• Identification and contact details.
• Information on the requested pass or service.
• Financial and transaction information.
• Details of users’ special requests.
The processing of these data is necessary for us to be able to provide the requested services, execute the accommodation agreement or apply pre-contractual measures to their request.
The financial and transaction information collected from the bookings and purchases performed on our website will be processed in order to manage the corresponding accounting and administrative procedures and to fulfil our accounting and financial legal obligations.
Manage and control the website’s security: We process browsing data (IP addresses or logs) in order to manage and maintain the security of our website.
The basis for this processing is our legitimate interest in guaranteeing the security of our website. This interest is expressly provided for by Article 49 of the GDPR.
In terms of your rights and freedoms, this processing corresponds to a general security practice, and it does not imply a threat to data subjects.
Sending informative and commercial information: We process the identification and contact data provided by our clients and those who sign up for our email lists to send them communications about our activities, products, and services.
The basis for these processing operations is the data subjects’ consent. Users’ refusal to grant permission or the withdrawal of their consent does not impact their registration as a member, nor does it affect the fulfilment of orders or the provision of the services they have purchased.
You can request that your data no longer be processed for commercial purposes by selecting the option found in our communications or by sending an email to firstname.lastname@example.org.
Statistical and quality control purposes: In order to evaluate and manage the quality of our services and products, we create statistics using aggregate data that we obtain from data on our visitors’ transactions and browsing habits, such as their IP addresses, logs, pages visited or actions performed on the website. For more information, please consult our Cookies Policy.
The basis for these processing operations is our legitimate interest in evaluating and managing the quality and content of our services, as well as assessing the effectiveness of our information and promotional campaigns. In terms of your rights and freedoms, this processing is considered a reasonable measure that has a limited impact on the privacy of the data subjects, and it does not imply a significant threat.
Human resource management: Data related to your curriculum vitae and job applications sent via this website will be added to our talent pool and processed in order to inform you of our employee selection processes and manage your participation in these processes.
These processing operations are necessary for you to be able to participate in our employee selection processes, and they are based on the consent granted when requesting to participate. You may request to be removed from our talent pool at any moment.
3. Who can we communicate your data to?
Your data will be communicated to third parties when there is a legal obligation to do so, with your consent, or when such disclosure is necessary as a result of the nature of your request.
4. How long will we keep your data?
In general, we keep your data for the duration of the relationship you have with us and, in any case, for the periods of time stipulated in the applicable legal provisions – such as for accounting and financial purposes – and for the proper amount of time necessary to fulfil all responsibilities arising from its processing. We will delete your data when it is no longer required or relevant for the purposes for which it was collected.
Information related to browsing will be deleted once the connection to the site has ended and the statistics have been generated.
Data processed for commercial purposes will be kept until its deletion is requested.
We store curricula vitae sent by applicants to our employee selection processes for one year from the date of their last update, so applicants must send an updated curriculum vitae if they wish to continue participating in our selection processes.
5. What are your rights?
You have the right to obtain confirmation of whether or not we are processing your personal data and, if so, access it. You can also request for your data to be rectified when it is inaccurate or to complete data that is incomplete, as well as request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
Under certain circumstances, you may request the processing of your data be limited. In this case, we will only process the data affected for making, preparing or defending claims or in order to protect the rights of other persons. You may also object to your data being processed under certain conditions and for reasons related to your particular situation. In this case, we will stop processing your data except when there is a compelling legitimate reason that prevails over your interests or rights and freedoms or for making, exercising or defending claims. Likewise, and under certain conditions, you may request the portability of your data so that it may be transferred to another data controller.
You can revoke the consent you gave for certain purposes without this affecting the legality of the processing of your data based on the consent you gave prior to withdrawing it, and you may also submit a claim to the Spanish Data Protection Agency.
To exercise your rights, you must send us a request accompanied by a copy of your national ID card or another valid form of identification by mail or email to the addresses indicated in the section “Who is the data controller?”
You can get more information about your rights and how to exercise them on the Spanish Data Protection Agency’s website at http://www.agpd.es.