PRIVACY POLICY for customers and guests
Finca Gomera
Finca Gomera
PRIVACY POLICY for customers and guests
Latest Version: January 2025
This privacy policy applies to the processing of data carried out by GOMERA PROPERTIES S.L., (FINCA GOMERA). Please read it carefully, in it you will find important information about the processing of your personal data and the rights granted to you by the regulations in force on the matter.
In general, the fields of our forms that are indicated as mandatory must necessarily be completed in order to process your requests.
- Who is responsible for the processing of your data?
The data controller is GOMERA PROPERTIES, S.L., with registered office at Camino Blanco, Polígono 52, Parcela 26, 07620 – Llucmajor, Illes Balears, Spain.
- Why will we process or disclose your data and on what legal basis?
Processing and management of reservations: We process the data provided in the reservation or service requests for the management of said reservations and the provision of the requested services. The categories of data processed for these purposes are as follows:
- Identification and contact details of the holder of the reservation or of the person requesting or contracting the service;
- Data of the reservation or request for services (dates of stay, number and age of guests and services requested);
This data is obtained either directly from you or from third parties who have processed the booking or requested the service on your behalf, for example, the travel agency or tour operator where you have booked your stay or service.
This data processing is necessary for the performance of the hosting contract, the provision of the requested services or for the application of pre-contractual measures at your own request.
Traveller registration: In compliance with current laws on traveller control and protection of public safety, we are obliged to collect and register, among others, identification, contact and booking details from our guests, including minors who appear on the booking. All data collected during the check-in process will be integrated into a passenger entry report, which will be used to communicate this data to the competent authorities. Likewise, we must verify that the data provided coincide with those contained in the corresponding identity document. This verification will be carried out through the following operation:
Face-to-face check-in: Upon arrival at the hotel, the presentation of the Identity Document will be required at the reception, in order to complete the entry report. In order to speed up the registration process, you can provide us with your Identity Document to keep a copy. This copy will be kept for the period necessary to carry out the registration and in any case, no more than 24 hours. Subsequently, it will be deleted. The processing of this data is based on our legitimate interest in validating the identity of our guests and facilitating their check-in procedures at the hotel. In order to weigh this interest against your rights and freedoms, it has been determined that the processing had a limited impact on your privacy, since:
-
- This measure benefits the customers themselves by speeding up the check-in process at the hotel, without them having to wait at reception while their registration is carried out, thus being able to start their stay earlier, while the staff can verify the data, complying with the hotel's legal obligation to confirm that the data contained in the report is true.
- The image of the identity document is kept for a limited period, in any case until the registration has been carried out and no more than 24 hours.
- Additional security measures have been implemented to preserve the image of your identity document, among others, access to the devices where the image is stored has been limited to reception staff who are working at the time of your arrival at the hotel. The image is stored on the device itself locally, in no case will it be stored in an online folder.
- In any case, you can object to this processing by indicating it to the reception staff and providing your identification document only to identify yourself.
Management of the stay in our establishment: We process the identification data and the data relating to your stay, requests and consumption made in our establishment to attend to you, based on the services contracted.
Invoicing of services: We process the identification data of the holder of the reservation and data of transactions of goods and services, to invoice the services and charges that may have been generated during their stay, based on the contractual relationship established and our obligations in accounting and tax matters.
Sending commercial communications: We process your contact details and your email address to send you commercial communications relating to our tourist establishments and the services we offer in them. The legal basis for this processing is your consent. Failure to give such consent or withdraw it does not affect in any way your stay or provision of the contracted services or the lawfulness of the processing carried out on the basis of consent given prior to its withdrawal.
At any time, you may revoke your consent and request your cancellation of processing for commercial purposes by activating the link provided for this purpose in the commercial communications themselves or by sending an email indicating "unsubscribe" in the subject to: info@fincagomera.com
- How long will we keep your data?
In general, we keep your data for the duration of the relationship you have with us and in any case for the periods provided for in the applicable legal provisions and for the time necessary to deal with possible liabilities arising from the processing. We will delete your data when it is no longer necessary or relevant for the purposes for which it was collected.
The economic data and transactions of goods and services generated by your stay will be kept for the time required by the accounting and tax regulations in force.
The guest data included in the traveller record books will be kept for three years, counting from the date of the last of the record sheets that make them up.
Data processed for commercial purposes will be kept in force as long as their deletion is not requested. The media in which the existence of your consent for the processing of your data for these purposes is recorded, such as signed forms, logs of electronic forms submission, check-in sheets, will be kept throughout the duration of the processing and the applicable limitation periods.
- What are your rights?
You have the right to obtain confirmation as to whether or not we are processing your personal data and, if so, to access it. You can also request that your data be rectified when they are inaccurate or that data that are incomplete be completed, as well as request their deletion when, among other reasons, the data is no longer necessary for the purposes for which they were collected.
In certain circumstances, you may request the restriction of the processing of your data. In such a case, we will only process the data concerned for the establishment, exercise or defence of legal claims or for the protection of the rights of other persons. Under certain conditions and for reasons related to your particular situation, you may also object to the processing of your data. In this case, we will no longer process the data except for compelling legitimate grounds that override your interests or rights and freedoms, or for the establishment, exercise or defence of legal claims.
Likewise, and under certain conditions, you may request the portability of your data so that they can be transmitted to another data controller.
You may revoke the consent you have given for certain purposes, without affecting the lawfulness of the processing based on the consent prior to its withdrawal.
You may revoke your consent or object to the processing of your data for direct marketing purposes, including commercial profiling, at any time. In such a case, we will no longer process your personal information for such purposes. You also have the right to object to the adoption of automated individual decisions that produce legal effects on you or similarly significantly affect you, where this right is met in accordance with the provisions of Article 22 of Regulation (EU) 2016/679.
You also have the right to lodge a complaint with a data protection authority. You can consult the list and contact details of the European data protection agencies on the website of the European Commission in http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
To exercise your rights, you must send us a request by post or email to the addresses indicated in the section Who is responsible for the processing of your data?
You can obtain more information about your rights and how to exercise them on the website of the Spanish Data Protection Agency (https://www.aepd.es).