PRIVACY POLICY
Effective date: January 1st 2024
Last updated: April 2024
In accordance with applicable data protection regulations, this Privacy Policy is intended to help you understand what data is collected by HOTELOPIA, S.L.U (hereinafter, “HOTELOPIA”) and how it is processed.
3. HOW DID WE OBTAIN YOUR DATA?. 1
4. WHAT PERSONAL DATA DO WE PROCESS, FOR WHAT PURPOSE AND FOR WHAT REASON.. 2
5. WHEN AND WHY DO WE DISCLOSE YOUR PERSONAL DATA TO THIRD PARTIES?. 4
6. INTERNATIONAL DATA TRANSFERS. 5
8. FOR HOW LONG DO WE KEEP YOUR DATA?. 5
10. HOW CAN YOU EXERCISE YOUR RIGHTS?. 6
11. CHANGES, MODIFICATIONS OR UPDATES. 7
12. COUNTRY-SPECIFIC INFORMATION.. 7
The Data Controller for the processing of the personal data you have provided us is HOTELOPIA, with registered office at Camí Son Fangos, 100, Palma de Mallorca, Spain.
HOTELOPIA will process the personal data collected on this website, as well as via HOTELOPIA profiles on social network, such as Twitter and Instagram. This Privacy Policy applies to any personal data collected via these methods.
HOTELOPIA belongs to a group of companies, referred altogether as HBX Group (hereinafter, “HBX”). HBX, and therefore, HOTELOPIA has a Global Data Protection Officer to respond to any queries, requests or clarifications regarding the processing of personal data that may be made in the following email address dataprotection@hotelbeds.com or at our postal address, mentioned in the paragraph above.
The personal data processed shall be those that you provide to us through the various channels that HOTELOPIA makes available to you.
Also, when you visit the HOTELOPIA site various technologies are used to collect and store information and this may include the use of cookies or similar technologies to identify your browser or device. HOTELOPIA also uses these technologies to collect and store information when you interact with services offered by HOTELOPIA or other features. You can obtain more information about how HOTELOPIA processes personal data obtained through cookies or as a result of your browsing in the event that you accept the installation of cookies (for more information about cookies on the Website, visit our Cookies Policy, where you can also find details on how to allow or disable cookies).
These purposes are listed below depending on which category of data subject you are, indicating which data shall be processed (type of data) and for what reason or on what basis (legal basis). Likewise, we may also process any additional data that you provide us with or that is generated in the course of your relationship with HOTELOPIA for the purposes set out below.
MANAGE CLIENTS' AND POTENTIAL CLIENTS' BOOKINGS, PAYMENTS AND REQUESTS
TYPE OF DATA
- Identification data: name, surname, passport number.
- Contact data: e-mail, telephone number.
- Financial data: credit card numbers.
- Any additional information or request provided from you.
PURPOSE AND LEGAL BASIS
a)Performance of a contract between you and HOTELOPIA or application of pre-contractual measures:
- Manage the contractual relationship with you and ensure the provision of the contracted products and services, which includes both the management of services offered by HOTELOPIA, as well as the service quality, billing, collection and withdrawal of the same. This may include the processing of your bookings and the payments for our products and services through HOTELOPIA, call centres or mobile communications systems based on GSM, GPRS or UMTs technology.
- Inform you about every confirmation and/ or modification of your bookings made through HOTELOPIA or call centres, as well as to send you any other notification that you may have requested regarding products and services booked by you, whether by electronic or other means.
- Manage the commercial relationship with potential clients, attending to requests for information on products and services offered by HOTELOPIA.
- Manage and process any legal claims, out-of-court claims and insurance claims received by HOTELOPIA in relation to you.
b) Legitimate interests of HOTELOPIA:
- Carry out commercial communications related to products and services similar to those contracted by you. In this case, the legitimate interest of HOTELOPIA would be to carry out direct marketing activities aimed at its clients, in accordance with Recital 47 of the General Data Protection Regulation or applicable local laws in your jurisdiction.
- Conduct surveys and market studies to know the quality of our products or services and the preferences of our clients. The legitimate interest of HOTELOPIA is to improve the commercial offer and experience to its clients.
c) Consent given by you:
- Carry out commercial communications with you by any means, including electronic means, based on your Internet browsing and/or consumption habits. Such communications may relate to advertising or promotional material about products and services deemed to be of interest to you based on the aforementioned criteria.
GENERAL CONTACT
TYPE OF DATA
Personal data that you provide to us in your contact by email.
PURPOSE AND LEGAL BASIS
Legitimate interest on answering your question and/or claim. To deal with requests, queries or complaints through the sections and contact forms on the Website or through other channels such as email for general information about the Website or call centers.
WEB USERS
TYPE OF DATA
- Navigation data
- Technical data
- IP address
PURPOSE AND LEGAL BASIS
The processing of your personal data is legitimized by the express consent you give us through the cookie banner made available by HOTELOPIA.
You may withdraw your consent at any time in accordance with the information provided in our Cookies Policy.
However, HOTELOPIA may process information obtained through cookies or similar technologies without your consent as long as it is anonymized or aggregated information that does not contain any attribute that can identify directly or indirectly.
The purpose is:
- To personalize and segment the content of the Website through the use of cookies or similar technologies when these are consented to by the user through the corresponding banner.
SOCIAL MEDIA USERS
TYPE OF DATA
Those personal data that we are allowed to receive under the privacy policy of the social network in which you have an account / user profile, as well as the privacy settings you have selected as a user of that social network. This data depends on your own privacy settings of the social network and the privacy policy of that social network.
PURPOSE AND LEGAL BASIS
HOTELOPIA has active profiles in different social networks, and the following types of personal data processing are applicable to persons who become HOTELOPIA stakeholders by being a member, following or being part of such profiles.
Performance of the obligations arising from your status as a registered user of the social network and the conditions of use of such social network:
- Interaction of your profile in the corresponding social network with HOTELOPIA, including responding to queries, comments posted on public profiles.
APPLICABLE TO ALL DATA SUBJECTS
TYPE OF DATA
Those personal data that you provide us and that are generated in our relationship with you.
PURPOSE AND LEGAL BASIS
Fulfilment of our civil, commercial, tax, accounting and legal obligations related to compliance with personal data protection regulations, among others that may be applicable.
Personal data may be communicated to the following recipients, for the reasons explained below:
RECIPIENT
Public administrations;
Courts and tribunals;
Law enforcement agencies
PURPOSE
For the fulfilment of the legal obligations to which HOTELOPIA is subject for the development of its activity, and in the cases provided by law, including the obtaining of subsidies and public aid.
LEGAL BASIS
Fulfil a legal obligation.
RECIPIENT
Accounting audit firms
PURPOSE
To comply with the legal obligations of account auditing to which HOTELOPIA is subject due to its activity.
LEGAL BASIS
Fulfil a legal obligation.
RECIPIENT
Companies that are part of HBX Group
PURPOSE
We may communicate the data to the other Group companies with the purpose of being able to offer the best service for you taking into consideration your allergies and/or special needs and other administrative purposes. These personal data are considered sensitive and are subject to special protection in accordance with applicable regulations.
LEGAL BASIS
The legitimate interest of HBX Group recognized by the applicable regulations on data protection.
RECIPIENT
Third parties interested in acquiring all or part of the capital stock of HOTELOPIA.
PURPOSE
Analysis and execution of commercial operations in which HOTELOPIA may be involved due to structural modifications or transfer of business.
LEGAL BASIS
The legitimate interest of HOTELOPIA to analyse and execute commercial operations in the course of structural modifications or transfers of business.
In addition to suppliers who need access to your data for the provision of services that HOTELOPIA has contracted to these suppliers, and with which HOTELOPIA has signed confidentiality agreements and processing of personal data necessary and required by law to protect your privacy.
From HOTELOPIA we shall not share your data with other third parties without first obtaining your consent, except in those cases where it is necessary for compliance with legal or contractual obligations to which HOTELOPIA is subject at all times by its nature and activity.
If in the future HOTELOPIA shall make other communications of personal data, it shall inform you in a timely manner.
HOTELOPIA may hire the services of suppliers located in countries outside the European Economic Area, based on decisions of adequacy of the European Commission. In this case, it is considered that the country has equivalent regulations to the European one. In the event that HOTELOPIA needs to hire services from suppliers located in countries that do not have regulations equivalent to the European, the contracting shall include all the guarantees and safeguards required by the regulations to preserve your privacy, after verification of the legislation of the destination country.
Such safeguards may consist of the application of contractual clauses and additional guarantees to them, in accordance with the regulations of each destination country, or of binding corporate rules approved by the data protection authorities. We also inform you that the regulations allow us to send your data to such countries, if it is necessary to comply with our obligations arising from the service you request from us.
Likewise, we inform you that HBX, group to which HOTELOPIA belongs, may have companies outside the European Union. In those cases, HOTELOPIA requires that these companies comply with the appropriate measures to protect your personal data following the European regulations.
For more information about the guarantees to your privacy, or the destination countries to which we need to transfer your data to fulfil our contractual obligations to you, you can contact HOTELOPIA, through the addresses indicated in the "How can you exercise your rights?" section of this Privacy Policy.
HOTELOPIA has its registered office in Spain. By visiting HOTELOPIA websites, using any platform that HOTELOPIA may make available to you, interacting with HOTELOPIA profiles on social networks, or otherwise providing your personal information to HOTELOPIA, you acknowledge that your personal information will be transferred to, stored in, and accessed by / disclosed to recipients in countries outside of Australia, including Spain and other European Union countries.
HOTELOPIA does not make decisions that may affect you based solely on the automated processing of your personal data. All decision-making processes related to the above-described processing purposes are carried out with human intervention.
The profiling indicated in the purposes of candidate management, in no case shall be used in making decisions by our entity that may have legal effects for you or that may affect you significantly.
We shall only keep your personal data for as long as we need it for the purposes for which we collect it and to comply with legal, financial, business or reporting requirements or until your consent withdrawal. In some circumstances, we may anonymize personal data so that it is no longer identifiable, and we can continue to use it. When we no longer need the personal data, we shall securely delete or destroy it.
HOTELOPIA shall retain the data collected to carry out the above purposes for the duration of your relationship with HOTELOPIA and, even thereafter, until the statute of limitations on any legal liability arising there.
HOTELOPIA holds personal information as either secure physical record, electronically on its IT systems, in cloud storage, and in some cases, records on third party servers, which may be located outside of Australia. HOTELOPIA uses a range of security measures to protect the personal information we hold, including by implementing IT security tools to protect our electronic databases.
You may exercise, with respect to the data collected, the rights of access, rectification, opposition, deletion, limitation, portability of data and to make a complaint about how their personal information has been handled, in accordance with the regulations on data protection and withdraw your consent.
These rights may be exercised by sending a communication:
- To the e-mail dataprotection@hotelbeds.com with the subject "Data protection"; or
- By any postal means with which there is evidence of receipt by HOTELOPIA, addressed to the following address: to Camí Son Fangos, 100, Palma de Mallorca, Spain indicating on the envelope the reference "Data Protection".
Also, if you consider that the processing of your personal data violates the regulations or your privacy rights, you can file a complaint:
- via the postal and e-mail addresses indicated above, or
- before the Spanish Data Protection Authority, by accessing www.aepd.es or at the address Calle Jorge Juan, 6, 28001, Madrid, Spain, which is the competent authority for HOTELOPIA, or
- with a data protection authority, for example at the data protection competent for your habitual residence, place of work or place of the alleged infringement. The contact details of the data protection authorities can be found here.
HOTELOPIA will handle all such requests, complaints, and queries in accordance with any applicable requirements under Australian privacy laws. Where applicable, HOTELOPIA may rely on exemptions under those laws (including, but not limited to, exemptions relating to related bodies, corporate and employee records).
HOTELOPIA takes all complaints seriously and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.
HOTELOPIA reserves the right to revise this Privacy Policy at any time it deems appropriate, in order to reflect regulatory changes, best practices or update the processing activities of personal data. You shall be informed of such updates in accordance with regulatory requirements, in the event that your rights are significantly affected as a result of such modification or update.