The Privacy Policy is part of the General Conditions that govern the website www.hiddenawayhotels.com along with the Cookie Policy and the Legal Notice. HIDDEN AWAY HOTELS SL reserves the right to modify or adapt this Privacy Policy at any time. Therefore, we recommend that you review it each time you access the website. In the event that a user has registered on the website and accesses their account or profile, upon accessing it, they will be informed in the event that there have been substantial modifications regarding the processing of their personal data.
Who is responsible for processing your data?
The data collected or provided voluntarily through the Website, whether by browsing it, as well as all those that you may provide us in the contact forms, via email or by phone, will be collected and processed by the Data Controller, whose details are indicated below:
DANDA PATRIMONIO E INVERSIONES SL, VAT: B57900029
C/ Echegaray, 8, 28014, Madrid
GRAN HOTEL INGLÉS, C/ Echegaray, 8, 28014, Madrid.
Registered in the Commercial Register of Madrid, Volume 40134, Folio 138, Sheet M-713215.
URIBEN SERVICES SL, VAT: B95817318
C/ Gravina 51, 41001, Seville.
HOTEL GRAVINA 51 C/ Gravina, 51, 41001, Seville.
Registered in the Commercial Register of Seville, Volume 5566, Folio 199, Sheet BI-66816.
WANA INVERSIONES SA, VAT: A83057174
C/ Echegaray, 8,28014, Madrid.
SEDA CLUB HOTEL Plza. De la Trinidad, 1801, Granada.
Registered in the Commercial Register of Madrid volume 16743, folio 43, sheet M-285986
Contact at HIDDEN AWAY HOTELS S.L for the protection of your personal data
Phone: 910 56 93 54
Data Protection Delegate Contact: [email protected]
If, for any reason, you want to contact us regarding any issue related to the processing of your personal data or privacy (with our Data Protection Delegate), you can do so through any of the means indicated above.
What data do we collect through the website?
Simply by browsing the Website, HIDDEN AWAY HOTELS S.L will collect information regarding:
This information is stored using Google Analytics, so we refer to Google’s Privacy Policy, as it collects and processes such information. http://www.google.com/intl/en/policies/privacy/
Similarly, the Website provides the use of Google Maps, which may have access to your location, if you allow it, in order to provide you with greater specificity about the distance and/or routes to our premises. In this regard, we refer to the Privacy Policy used by Google Maps, in order to know the use and processing of such data http://www.google.com/intl/en/policies/privacy/
The information we handle will not be related to a specific user and will be stored in our databases for the purpose of conducting statistical analysis, improving the Website, our products and/or services, and will help us improve our commercial strategy. The data will not be communicated to third parties.
User registration on the website / Form submission
To access certain services, such as booking, it is necessary for the user to fill out a form. For this, personal data is requested in the registration form. The data is necessary and mandatory to carry out such registration. If such fields are not provided, the registration will not be carried out.
In this case, the browsing data will be associated with the user’s registration data, identifying the same user who browses the Website. In this way, the offer of products and/or services that, in our opinion, best suits the user can be personalized.
The registration data of each user will be incorporated into the databases of HIDDEN AWAY HOTELS S.L, together with the history of operations carried out by the same, and will be stored in them until the registered user account is deleted. Once such an account is deleted, this information will be removed from our databases, keeping data related to transactions made for 10 years, without being accessed or altered, in order to comply with the legally effective deadlines. Data that are not linked to transactions made will be kept unless consent is withdrawn, in which case they will be immediately deleted (always taking into account legal deadlines).
The legal basis for the processing of your personal data is the execution of a contract between the parties. Regarding the sending of electronic communications and promotions and responding to requests for information, the legitimacy of the processing is the user’s consent.
The purposes of the data processing will be as follows:
a) Manage your access to the Website.
b) Manage the purchase of services available to you through the Website.
c) Keep you informed about the processing and status of your requests, purchases, and/or reservations.
d) Respond to your information request.
e) Manage all the utilities and/or services offered by the platform to the user.
Thus, we inform you that you may receive communications via email and/or on your phone, in order to inform you of possible incidents, errors, problems, and/or the status of your requests.
For the sending of commercial communications, the express consent of the user will be requested at the time of registration. In this regard, the user may revoke the consent given, by contacting HIDDEN AWAY HOTELS SL, using the means indicated above. In any case, in each commercial communication, you will be given the possibility to unsubscribe from receiving them, either through a link and/or email address.
Newsletter Sending
On the Website, the option to subscribe to the Newsletter of HIDDEN AWAY HOTELS SL is allowed. To do this, it is necessary to provide us with an email address to which it will be sent.
This information will be stored in a database of HIDDEN AWAY HOTELS SL, in which it will be registered until the interested party requests its removal or, where appropriate, it ceases to be sent by HIDDEN AWAY HOTELS SL.
The legal basis for the processing of this personal data is the express consent given by all those interested who subscribe to this service by checking the box provided for this purpose.
The email data will only be processed and stored for the purpose of managing the sending of the Newsletter by users who request it.
For the sending of the Newsletter, the express consent of the user will be requested at the time of registration by checking the box provided for this purpose. In this regard, the user may revoke the consent given, by contacting HIDDEN AWAY HOTELS SL, using the means indicated above. In any case, in each communication, you will be given the possibility to unsubscribe from receiving them, either through a link and/or email address.
If you are any of the following groups, please consult the information below:
+ WEB OR EMAIL CONTACTS
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The acceptance and consent of the interested party: In those cases where to make a request it is necessary to fill out a form and click on the send button, the completion of it will necessarily imply that you have been informed and have expressly given your consent to the content of the attached clause of said form or acceptance of the privacy policy.
All our forms have a verification checkbox with the following formula, in order to send the information: “□ I have read and accept the Privacy Policy.”
+ CUSTOMERS
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The legal basis is your consent and the execution of a contract.
+ SUPPLIERS.
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The legal basis is the acceptance of a contractual relationship, or failing that your consent to contact us or offer us your products by any means.
+ SOCIAL MEDIA CONTACTS
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
Acceptance of a contractual relationship in the environment of the corresponding social network, and in accordance with its Privacy policies:
Facebook http://www.facebook.com/policy.php?ref=pf
Instagram https://help.instagram.com/155833707900388
Twitter http://twitter.com/privacy
Linkedin http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Whatsapp: https://www.whatsapp.com/legal/#privacy-policy
How long will we keep personal data?
We can only consult or unsubscribe your data in a restricted way by having a specific profile. We will treat them for as long as you let us follow you, be friends, or click “like,” “follow,” or similar buttons. Any rectification of your data or restriction of information or publications must be made through the configuration of your profile or user in the social network itself.
+ VIDEO SURVEILLANCE
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The unequivocal consent of the interested party when accessing our facilities after viewing the informative sign of the video-monitored area.
+ JOB APPLICANTS
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The legal basis is your unequivocal consent, by delivering your CV to us and receiving and signing information regarding the treatments we are going to carry out.
How long will we keep personal data?
The resume will be stored for a period of one year, after which, if we have not contacted you, it will be deleted.
+ HR
What purposes will we process your personal data for?
What is the legitimacy for the processing of your data?
The legal basis for the processing of your data is the execution of your employment contract. Compliance with the relevant legal obligations. The consent of the interested party.
Do we include personal data of third parties?
No, as a general rule, we only process the data provided by the owners. If you provide us with third-party data, you must inform and request their consent from those individuals beforehand, or otherwise exempt us from any responsibility for failing to comply with this requirement.
And what about data from minors?
We do not process data from minors under 14 years of age, so please refrain from providing them if you are under that age.
Will we make communications via electronic means?
Communications will only be made to manage your request if it is one of the contact methods you have provided to us. If we carry out commercial communications, they will have been previously and expressly authorized by you.
What security measures do we apply?
You can rest assured: We have adopted an optimal level of protection for the personal data we handle, and we have implemented all technical means and measures at our disposal, according to the state of the technology, to prevent the loss, misuse, alteration, unauthorized access, and theft of personal data.
To what extent will decision-making be automated?
HIDDEN AWAY HOTELS SL does not use fully automated decision-making processes to establish, develop, or terminate a contractual relationship with the user. In the event that we use such processes in a particular case, we will keep you informed and communicate your rights in this regard if required by law.
Will profiling take place?
In order to offer you products and/or services according to your interests and improve your user experience, we may create a “commercial profile” based on the information provided. However, automated decisions will not be made based on this profile.
Who will your data be communicated to?
Your data will not be transferred to third parties, except for legal obligations. Specifically, they will be communicated to the State Tax Administration Agency and to banks and financial entities for the collection of the provided service or acquired product, as well as to data processors necessary for the execution of the agreement.
In the event of a purchase or payment, if you choose any application, website, platform, bank card, or any other online service, your data will be transferred to that platform or processed in its environment, always with maximum security.
In the event that you have given us your consent for the processing of your name and images and other information related to the activities of HIDDEN AWAY HOTELS SL, they will be disclosed on the different social networks and website of HIDDEN AWAY HOTELS SL.
International transfers
If it is necessary to carry out international data transfers by HIDDEN AWAY HOTELS SL, it will ensure that such transfers are possible in accordance with the General Data Protection Regulation or any other requirement established by applicable regulations. For this purpose, the company will adopt the necessary agreements to ensure a level of data protection equivalent to that provided for in European regulations.
In the event of working in a system of shared folders in applications such as Dropbox, Google Drive, Microsoft OneDrive, Amazon, Apple, HubSpot, etc., an international transfer to the United States will be made under the provisions of Article 49.c) of the General Data Protection Regulation or any other mechanism that guarantees a level of data protection equivalent to that provided for in European regulations.
What Rights do you have?
Would you like a form to exercise your Rights?
You have the right to file a complaint with the Spanish Data Protection Agency if you believe that your rights have not been properly addressed.
The maximum period for resolution by HIDDEN AWAY HOTELS S.L is one month, from the effective receipt of your request by us.
You have the right to revoke the consent for any processing for which you have consented at any time.
Do we use cookies?
If we use any other type of cookies than those necessary, you can consult the cookie policy in the corresponding link from the beginning of our website.
How long will we keep your personal data?
• In each treatment or type of data, we provide you with a specific period, which you can consult in the following table:
File | Document | Storage |
Customers
| Invoices | 10 years |
Forms and Coupons | 15 years | |
Contracts | 5 years | |
Human Resources
| Payrolls, TC1, TC2, etc. | 10 years |
CV | Until the end of the selection process, and 1 more year with your consent | |
Dismissal indemnity documents Contracts Data of temporary workers | 4 years | |
Employee file | Up to 5 years after termination | |
Márketing | Database or website visitors | For the duration of the treatment |
Suppliers
| Invoices | 10 years |
Contracts | 5 years | |
Access control and video surveillance
| Visitor list | 30 days |
Videos | 30 days lockdown 3 years destruction | |
Accounting | Accounting books and documents Partnership agreements and board meetings, company bylaws, minutes, board regulations, and delegated committees Financial statements, audit reports Records and documents related to subsidies | 6 years |
Fiscal
| Tax Ledger of the entity’s administration, rights and obligations related to tax payments Payment administration of dividends and tax withholdings | 10 years |
Information on intra-group pricing | 18 years 8 years for intra-group transactions for pricing agreements | |
Safety and Health | Medical records | 5 years |
Environment
| Information on chemical substances or substantially hazardous substances | 10 years |
Documents related to environmental permits As long as the activity is carried out | 3 years after closing the activity 10 years (crime prescription) | |
Records on recycling or waste disposal | 3 years | |
Grants for cleaning operations must retain documents of rights and obligations, receipts, and payments | 4 years | |
Accident reports
| 5 years | |
Insurance | Insurance policies | 6 years (general rule) 2 years (damages) 5 years (personal) 10 years (life) |
Purchases | Record of all delivered goods or services, intra-community acquisitions, imports, and exports for VAT purposes. | 5 years |
Legal
| Intellectual and Industrial Property Documents Contracts and agreements | 5 years |
Permits, licenses, certificates | 6 years from the expiration date of the permit, license, or certificate 10 years (criminal prescription) | |
Confidentiality and non-competition agreements | For the duration of the obligation or confidentiality | |
Personal Data Protection
| Personal data processing, if different from the processing notified to the AEPD | 3 years |
What purposes will we process your personal data for?
What is the legal basis for processing your data?
The acceptance and consent of the interested party: In cases where it is necessary to complete a form and click the “send” button to make a request, doing so will necessarily imply that the individual has been informed and has expressly given consent to the content of the clause attached to that form or acceptance of the privacy policy.
All our forms include a verification checkbox with the following formula to submit the information: “□ I have read and accept the Privacy Policy.”
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The legal basis is your consent and the execution of a contract.
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The legal basis is the acceptance of a contractual relationship, or alternatively, your consent when contacting us or offering your products through any means.
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The acceptance of a contractual relationship within the corresponding social media environment, and in accordance with their Privacy Policies:
Facebook http://www.facebook.com/policy.php?ref=pf
Instagram https://help.instagram.com/155833707900388
Twitter http://twitter.com/privacy
Linkedin http://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv
Whatsapp: https://www.whatsapp.com/legal/#privacy-policy
How long will we keep the personal data?
We can only access or delete your data in a restricted way due to having a specific profile. We will process your data for as long as you allow us to by following us, being friends, or clicking “like,” “follow,” or similar buttons.
Any rectification of your data or restriction of information or publications must be done through the configuration of your profile or user on the respective social media platform.
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The unequivocal consent of the interested party upon accessing our facilities after viewing the informative sign in the video surveillance area.
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The legal basis is your unequivocal consent, by providing us with your CV and receiving and signing information regarding the treatments we will carry out.
How long will we keep the personal data?
The curriculum vitae will be stored for a period of one year, after which, if we have not contacted you, it will be deleted.
For what purposes will we process your personal data?
What is the legal basis for processing your data?
The legal basis for processing your data is the execution of your employment contract, compliance with relevant legal obligations, and the consent of the data subject.
Do we include personal data from third parties?
No, as a general rule, we only process the data provided by the owners. If you provide us with data from third parties, you must inform and obtain their consent beforehand, or otherwise, you release us from any responsibility for non-compliance with this requirement.
And data from minors?
We do not process data from children under 14 years old; therefore, refrain from providing such data if you are not of that age.
Will we carry out communications through electronic means?
What security measures do we apply?
You can rest assured: We have adopted an optimal level of protection for the personal data we handle, and we have implemented all technical means and measures at our disposal, according to the state of the technology, to prevent the loss, misuse, alteration, unauthorized access, and theft of personal data.
To what extent will decision-making be automated?
HIDDEN AWAY HOTELS S.L does not use fully automated decision-making processes to establish, develop, or terminate a contractual relationship with the user. In case we use such processes in a specific case, we will keep you informed and communicate your rights in this regard as prescribed by law.
Will there be profiling?
In order to offer you products and/or services according to your interests and improve your user experience, we may create a “commercial profile” based on the provided information. However, no automated decisions will be made based on this profile.
To whom will your data be communicated?
Your data will not be transferred to third parties, except for legal obligations. Specifically, they will be communicated to the State Tax Administration Agency and to banks and financial entities for the collection of the provided service or purchased product, as well as to the data processors necessary for the execution of the agreement.
In the event that you have given us your consent for the processing of your name, images, and other information related to the activity of HIDDEN AWAY HOTELS S.L, they will be disclosed on different social networks and the website of HIDDEN AWAY HOTELS S.L.
International Transfers.
In the event that it is necessary to carry out international data transfers by HIDDEN AWAY HOTELS S.L, it will ensure that such transfers are possible in accordance with the General Data Protection Regulation or any other requirement established by applicable regulations. For this purpose, the company will adopt the necessary agreements to ensure a level of data protection equivalent to that provided by European regulations.
If working in a system of shared folders in applications such as Dropbox, Google Drive, Microsoft OneDrive, Amazon, Apple, HubSpot, etc., an international transfer to the United States will be carried out under the authorization of Article 49.c) of the General Data Protection Regulation or any other mechanism that ensures a level of data protection equivalent to that provided by European regulations.
What rights do you have?
Do you want a form to exercise your rights?
You have the right to file a complaint with the Spanish Data Protection Agency if you consider that your rights request has not been properly addressed.
The maximum period for HIDDEN AWAY HOTELS S.L to resolve it is one month, counting from the effective receipt of your request by us.
You have the right to revoke your consent at any time for any of the treatments for which you have granted it.
Do we process cookies?
If we use types of cookies other than necessary ones, you can check the cookie policy at the corresponding link from the beginning of our website.
How long will we keep your personal data?
