Your data controller is GF HOTELES.
GF HOTELES informs the user that the that the information you provide us through browsing our website, the contact form or the sending of emails will be processed by GF HOTELES and that this processing is included in the Record of Processing Activities managed by GF HOTELES under the terms of the GDPR.
Google, including all its tools, complies with the EU-US Privacy Shield Framework, in accordance with the provisions of the United States Department of Commerce regarding the collection, use and storage of personal information of member countries of the European Union.
WWW.GFHOTELES.COM will try at all times to establish adequate mechanisms to obtain the consent of the User for the installation of cookies that require it. When a user accesses our website, a pop-up appears informing them of the existence of cookies and that if you continue browsing our website, you consent to the installation of cookies. The acceptance of the installation of the cookies implies the acceptance of the storage of the IP address in the records of WWW.GFHOTELES.COM, together with the date of acceptance, for a period of one year, in order to prove consent. For more information, check our “Cookies Policy” section.
The legal basis for GF HOTELES processing your data is the following:
The data to send you information or provide the service you request through the various forms available on our website, to manage your online purchases through our platform, and your registration as a user will be stored for as long as the contractual relationship is considered valid, and until expiry of the statutory period of limitation.
The information processed when sending the newsletter, commercial communications on special offers, activities and promotions from GF HOTELES and the sector that may be of interest to you, management of the blog will be stored unless the user withdraws consent.
The IP address obtained through the cookies will be stored for one year, in order to prove the user’s consent.
Regarding the storage period of cookies, you can obtain more information on our website in the “Cookies policy” section.
GF HOTELES processes the following categories of data:
a) Data of the users that fill any of the available forms: The personal data that GF HOTELES requests includes the following:
b) Data of the users who subscribe to the newsletter/would like to receive commercial communications and information:
Identification data: Name and surname, e-mail.
c) Data of users who register on our platform:
Identification data: Name and surname, address and e-mail, phone number, billing address.
d) Data of the users who make a purchase:
e) Data of users who browse our website: Data provided by cookies and by Google Analytics.
f) Data from users who post comments on our blog.
Only those over 16 years old can provide data through our website. If you are under this age you must have consent to use your data from your parent or legal guardian.
The user guarantees the authenticity and relevance of all data submitted to GF HOTELES and declares that they are over 16 years of age, and they will be solely responsible for any false or inaccurate statements that they make.
The personal data processed by GF HOTELES can be mandatory or voluntary.
Voluntary information is that which the user is not obliged to provide to contact us.
The fields marked with an asterisk (*) or with the word (required) in our forms are mandatory, the refusal to supply them will make it impossible to provide the service or meet your request.
In the event that you provide us with data from third parties, you must have their consent and agree to transfer the information that we provide you in this clause, exempting GF HOTELES from any type of obligation. However, GF HOTELES may carry out verifications to confirm that the third party has been informed, adopting the measures of diligence established in the data protection regulations.
No data will be transferred to third parties, except for under legal obligation, to Group companies or unless it is necessary to meet your request.
The user can exercise the following rights before GF HOTELS:
a) Access their personal data.
b) Correct it when they are inaccurate or incomplete.
c) Request the deletion or cancellation of data when, among other reasons, it is no longer necessary for the purposes for which it was collected.
d) Object to processing.
e) Request the restriction of the processing of their data when any of the conditions provided in the regulations are met.
f) Request the portability of their data in the cases provided in the regulations.
g) Prevent being subject to automated decisions.
h) Withdraw consent.
In order for the user to exercise their rights, they must send a letter indicating the right they wish to exercise and accompany it with a document accrediting their identity and address or e-mail for notification purposes. This request can be made, either by post to: GF HOTELES Edificio Olympo, Candelaria, 28, 1ª Planta, 38002 – Santa Cruz De Tenerife, or by e-mail to: firstname.lastname@example.org.
GF HOTELES must answer the request for the exercise of rights within one month of receiving the request. This period may be extended for another two months if necessary, taking into account the complexity and the number of applications. We will inform you of any extension within one month of receiving the request stating the reasons for the delay.
Likewise, the interested parties have the right to file a complaint before the competent Control Authority (Spanish Data Protection Agency) if they consider that GF HOTELES has violated the rights that data protection regulations recognise at www.aepd.es.
GF HOTELES has a current contract with the company Hosting thinkin.es, which is a Canary Island company based in Las Charifas and has the appropriate technical and security means. Likewise, it has a contract with GF-TIC for the assistance and integral computer and server maintenance, the Canary Island company belonging to the Fedola Group and that has all the technical and organisational security measures.
GF HOTELES guarantees the adoption of appropriate measures to ensure the confidential handling of your data, taking into account the reserved nature thereof.
GF HOTELES undertakes to maintain data secret, processing it with the utmost reserve, and declares to have implemented the security policies in its information system corresponding to the type of data processed in accordance with the provisions of REGULATION (EU) 2016/679 OF THE PARLIAMENT EUROPE AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free circulation of such data (GDPR).
All the data provided through our platform is handled using a secure protocol. Our website has an SSL certificate that allows an encrypted connection to be established when a user visits our website and exchanges information with us.
The user can register on our website, for which the creation of an account is essential. It is the responsibility of the user to maintain the confidentiality of the account information, including the password, as well as each and every one of the activities that take place therein.
The user is obliged to inform GF HOTELES immediately in case of an illegitimate use of their account or password, or if any security-related problem occurs, by sending an email to email@example.com
If you choose to leave our website through links to other websites not belonging to our entity, GF HOTELES will not be responsible for the privacy policies of these websites or the cookies they may store on the user’s computer.
BASIC INFORMATION ON DATA PROTECTION
Party responsible for data processing:
ISABEL FAMILY HOTEL, S.L.U.
Avenida De Moscú, 2 , 38670 – Adeje (Santa Cruz De Tenerife)
You can contact the Data Protection Delegate at the following e-mail address: firstname.lastname@example.org.
Purpose: Personal data, including data relating to your health, provided on entering the establishment and during the relationship of both parties, will be used to control access to the premises of the responsible party and to monitor the health of the data subjects (customers, staff, etc.), as well as to implement the necessary safety measures in the event of detecting a positive case of Covid-19.
The owner of the data undertakes to communicate any changes to the data provided and to keep the data fully up to date.
Legitimation: We have the legal right to process the data based on:
Article 6.1 GDPR:
b) the processing is necessary for the execution of a contract in which the data subject is a party or for the application of pre-contractual measures at the request of the data subject;
c) the processing is necessary to comply with a legal obligation applicable to the party responsible for the processing (Law 7/1995 of 6 Apri1 of the Canary Islands Tourism Organisation);
d) the processing is necessary to protect the vital interests of the data subject or another natural person;
Article 9.2 GDPR:
i) the processing is necessary for reasons of public interest in the area of public health, such as protection against serious cross-border threats to health or to guarantee high levels of quality and safety of healthcare and medicines or medical devices, on the basis of European Union or Member State law that establishes adequate and specific measures to protect the rights and freedoms of the data subject, in particular with regard to professional secrecy,
Recipients: Your data will be transferred to the health authorities and the official bodies as required by law.
Rights: You may exercise you rights of access, rectification, deletion, opposition, portability and limitation, unless you are subject to individualised decisions based solely on automated processing or revoke the consent given to ISABEL FAMILY HOTEL, S.L.U. , at the above-mentioned address.
Additional information: The posters displayed in our facilities provide additional and more detailed information concerning data protection that you may consult.