Privacy Policy

From MAROA HOTEL we understand that it is essential to maintain a transparent relationship with you, therefore, below, we present our Privacy Policy, so that at all times you are properly informed about how we collect and securely treat any data you provide us.

Your data will be processed in accordance with current legislation and, in particular, in accordance with the provisions of Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Also with regard to Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights.

A careful reading of our Privacy Policy will provide you with the information you need to understand how we will use the data you provide to us.

1. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?

If you, or an authorised person, have provided us with your data, we inform you that MAROA HOTEL, CIF: _______________________ is responsible for the processing of the same. This data will be processed in accordance with the provisions of current legislation on the protection of personal data.

It is possible that there are other people responsible for the processing that we carry out, in which case we will always inform you who is responsible for the processing of the data, as well as their identification details.

MAROA HOTEL undertakes to comply with the obligation of secrecy of personal data and its duty to protect them. To this end, we adopt the necessary measures to prevent its alteration, loss, unauthorised processing or access in accordance with the provisions of the Regulation.

2. WHERE DO WE REPORT?

MAROA HOTEL informs through the website maroahotel.com in the section corresponding to the privacy policy. More information in “Legal Notice”.

3. WHAT PERSONAL DATA DO WE PROCESS?

The personal data we process are:

  • Those that you choose to provide us with voluntarily
  • Data derived from your communications with us.
  • The information corresponding to your own browsing in the case of Online Services, (IP address or information derived from cookies or similar devices (you can see our Cookies Policy on the website).
  • Information that is available in publicly accessible sources, to which we can legitimately have access.
  • The data arising from the contractual or pre-contractual relationship you have with us, including your image, always informing you in this case of the possibility of capturing your image.
  • Those provided to us by third parties about you, where there is a legitimate basis for doing so or where we have obtained your consent to do so.
  • The data of third parties that you provide to us, subject to the consent of the third party in question.

4. HOW DO WE PROCESS THE DATA?

At MAROA HOTEL we always treat your personal data in strict compliance with current legislation. Furthermore, we inform you that we have the appropriate technical and organisational measures in place to guarantee an optimal level of security, thereby ensuring that only authorised persons have access, that we will keep them intact, preventing any intentional or accidental loss, and that we have reinforced our data processing systems and services.

The operations, management and technical procedures that we carry out in an automated or non-automated manner and that make possible the collection, storage, modification, transfer and other actions on personal data are considered to be the processing of personal data.

5. WHAT IS THE LEGITIMACY OF THE PROCESSING?

The basis for the legitimacy of the processing of Personal Data shall be that resulting from the contractual or pre-contractual relationship, the employment relationship or any other relationship required for the processing of data, such as express consent.

6. HOW DO WE MANAGE ELECTRONIC COMMUNICATIONS?

In accordance with the provisions of Law 34/2002 of 11 July, on Information Society Services and Electronic Commerce, and Directive 2002/58/EC, we inform you that you may receive communications and information of a commercial nature through this electronic communication system (e-mails, automated response messages from forms and other communication systems) when you have given us your consent or when they are commercial communications referring to products or services similar to those previously provided by the party responsible for the processing of your data. Translated with www.DeepL.com/Translator (free version)

In the event that you do not wish to receive communications and information of this nature, you can notify us by this same means indicating in the subject line you can use the “REMOVE COMMERCIAL COMMUNICATIONS” option to have your personal data removed from our database. Your application will be acted upon within 1 month of submission. In the event that we do not receive an express reply from you, we will understand that you accept and authorise our entity to continue sending the aforementioned communications.

In the case of receiving such communications by these means, we inform you that the messages are addressed exclusively to the addressee and may contain privileged or confidential information. If you are not the intended recipient, we notify you that unauthorised use, disclosure and/or copying is prohibited under applicable law.

7. HOW LONG DO WE KEEP YOUR DATA?

The personal data relating to natural persons that MAROA HOTEL collects by any means will be kept as long as the interested party does not request its deletion. Likewise, they will be kept for as long as the relationship that originated the processing of the data is maintained, respecting in any case the legal retention periods. After this period, the personal data will be deleted from all MAROA HOTEL systems.

8. WILL YOUR DATA BE COMMUNICATED TO THIRD PARTIES?

There shall be no assignment, transmission or transfer of personal data, except for those already reported, other than as a result of a legal obligation. If your data is requested from us at the request of the Public Administration or the Autonomous Institutions within the scope of the functions expressly attributed to them by law, your data will be transmitted.

If there is an assignment, transmission or transfer of personal data outside of the aforementioned cases, you will be previously informed so that, if necessary, you can give us your consent.

However, in order to organise ourselves correctly, to have good operations and procedures that guarantee good management, MAROA HOTEL may need to hire the services of consultants, professionals or other service companies to process data under our instructions.

This processing on behalf of third parties is regulated by a contract in writing or in some other legally admissible form that allows proof of its conclusion and content, expressly specifying that the processor will process the data in accordance with our instructions and will not apply or use them for a purpose other than that stated in the contract, nor will it communicate them, not even for storage, to other persons. Translated with www.DeepL.com/Translator (free version)

9. WHAT ARE YOUR RIGHTS?

Data protection regulations give you the following rights:

  • The right to revoke any consent previously given.
  • Right of access: To know what type of data is being processed and the characteristics of the processing carried out.
  • Right of rectification: To be able to request the modification of data that are inaccurate or untrue.
  • Right of portability: To be able to obtain a copy in interoperable format of the data being processed.
  • The right to restriction of processing in cases where it is not considered necessary.
  • Right of cancellation: To request the cessation of the processing of data and their deletion when their storage is no longer necessary.

If you would like more information regarding the processing of your data, rectify any data that is inaccurate, oppose and/or limit any processing that you consider unnecessary, or request the cancellation of the processing when the data is no longer necessary, you can write to MAROA HOTEL at or send an e-mail to reservas@maroahotel.com.

  • This communication shall contain the following information: the name and surname of the user, the request, the address and supporting data.
  • The exercise of rights must be carried out by the user himself. However, they may be executed by a person authorised as the authorised person’s legal representative. In this case, documentation must be provided to prove the interested party’s representation.

We would also like to inform you that you can withdraw the consent given without this affecting the lawfulness of the processing already carried out, by sending your request to the same address indicated in the previous paragraph. In this case, you must enclose a copy of your ID card or other document proving your identity with your application.

10. WHAT IS THE PURPOSE AND BASIS OF LEGITIMACY FOR THE DATA PROCESSING AND HOW LONG WILL THE DATA BE KEPT?

The purposes of the data processing carried out by any or all of the Controllers listed above are set out below.

TREATMENT ACTIVITY

PURPOSE OF PROCESSING

BASIS OF LEGITIMACY

CONSERVATION PERIOD

Labour management

Personnel management for the formalisation of an employment contract, file control, payroll management, time control, training, pension plan and PRL.

Contractual relationship

5 years from the end of the contract

Tax and accounting management

Processing necessary for the fulfilment of tax and accounting obligations

Contractual relationship

Legal obligation for the responsible person

Overriding legitimate interests of the controller or third parties

5 years from the end of the contract

The time needed to meet legal obligations

Contact management

Processing of data in order to be able to communicate with data subjects

Contractual relationship

Overriding legitimate interests of the controller or third parties

Express consent of the data subject

5 years from the end of the contract

Until cancellation and/or objection by the holder

Until the relevant loss of use

Prevention of occupational hazards

Compliance with current legislation on occupational risk prevention and health surveillance.

Contractual relationship

Legal obligation for the responsible person

Until the end of the contractual relationship

The period of time legally established by the specific regulations

Customer management

Processing of the data necessary for the maintenance of the commercial/contractual relationship with customers, invoicing, after-sales service, sending promotions and advertising and customer loyalty.

Contractual relationship

Business relationship

5 years from the end of the contract

The period of time legally established by the specific regulations