Privacy policy

1.DATA OF THE DATA PROCESSING CONTROLLER

Entity name: SANTO TOME PARISH – GRECO ROOMS

Address: Calle Santo Tomé 16. 45002, Toledo

Telephone: 925 252 072

Email: grecorooms@grecorooms.es.

2.PROCESSING OF DATA COLLECTED THROUGH THE WEBSITE

The data that GRECO ROOMS may collect through the use, navigation of the website, through our forms, via email or due to the contractual relationship that unites you with GRECO ROOMS strong>they are personal data. When completing each of the forms present on our website, there will be a series of mandatory data, whose fields are marked with the symbol

*. If such fields are not filled out, the purposes described in each of the forms cannot be carried out. On some occasions, we inform you that by simply using and browsing our Website, GRECO ROOMS will store data related to:

  • IP address
  • Browser version
  • Operating system
  • Duration of the visit or navigation through the Website

Such information may be stored through Google Analytics, so we refer to Google’s Privacy Policy, since it collects and processes such information.

Likewise, the Website provides the utility of Google Maps, which may have access to your location, assuming you allow it, in order to provide you with greater specificity about the distance and/or routes of our headquarters. In this regard, we refer to the Privacy Policy used by Google Maps, in order to know the use and processing of such data.

GRECO ROOMS reserves the right to modify or adapt this Privacy Policy at any time. Therefore, we recommend that you review it each time you access the Website. In the event that the user has registered on the website and accesses their account or profile, upon accessing it, they will be informed if there have been substantial changes in relation to the processing of their personal data.

1.Contact forms.

  1. Purpose. The purpose of this form is to respond to your request for information made through the contact form.
  2. Legitimation. The consent of the

 

  1. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

2.Communications via WhatsApp

  1. Purpose. The purpose of the communication is to deliver the room key.

 

  1. Legitimation.

 

  1. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

 

d.Spontaneous candidatures.

  1. Purpose. Involve you in the personnel selection processes carried out by GRECO ROOMS.
  1. Legitimation. Execution of a contract in which the interested person is a party or for the application at his request of pre-contractual measures.
  2. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

e.User registration form

  1. Purpose.

 

− Manage your user registration on our website

− Manage purchases made on our website

− Provide you with information about the processing and status of your purchases.

− Thus, we inform you that you may receive communications via email and/or on your telephone, in order to inform you of possible incidents, errors, problems and/or status of your orders.

− Your personal data may be provided to third parties, in order to carry out certain procedures and/or services requested by the user:

− Payment platform

− Possible intermediaries

− Web maintenance company

− International transfers

 

  1. Legitimation. The execution of a contract and the consent of the

 

  1. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

f.Web reservation form.

  1. Purpose. Manage your reservation request through our form

 

  1. Legitimation. The consent given by the interested party that is given to us by filling out the form for this purpose.
  2. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

3.OTHER DATA PROCESSING

1.Exclusively for professional contacts.

  1. Purpose. At GRECO ROOMS we process your personal data in order to maintain the professional relationship that we have between us.

 

  1. Legitimation. Legitimate interest.

 

  1. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

 

 

2.Exclusive for clients.

 

  1. Purpose.

 

Invoices, delivery notes. At GRECO ROOMS we process your personal data for the purpose of managing the services derived from the contractual relationship, as well as the commitments derived from the contract.

Advertising. At GRECO ROOMS we process your data in order to offer you our products and services/courses, activities and workshops/our activity.

  1. Legitimation.

Invoices, delivery notes. The legitimacy for the processing of your data is the consent of the interested party, the execution of a contract and compliance with the following legal obligations that apply to us:

 

  • The retention periods for your data once the contractual relationship has ended are based on compliance with the provisions of the Code of
  • Communication of your data when requested by the Treasury Inspection is protected by Law 58/2003, of December 17, General Tax.

 

Advertising The legitimacy for the processing of your data is the express consent of the interested party.

  1. Recipients.

Invoices, delivery notes. In general, the recipients of your data will be the different areas of our entity, as well as the third parties to whom we transfer your data, when it is lawful in accordance with the provisions of current regulations on data protection. In those cases where it is necessary, customer data may be transferred to the following organizations, in compliance with a legal obligation:

  • Data necessary for compliance with the legal obligation may be transferred to the Spanish Tax Agency.
  • To the corresponding banking entities, to be aware of
  • In the event that it is requested of us, your data will be transferred to the Labor Inspection.

Advertising. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection.

 

 

3.Exclusive processing of images from video surveillance cameras.

  1. Purpose. Our facilities are equipped with permanent video surveillance systems for security reasons.

 

  1. Legitimation. Public interest mission in line with the provisions of article 22 LOPDgdd and the legitimate interest of the person responsible.

 

  1. Recipients. Your data will not be transferred to third parties, unless the transfer is lawful in accordance with the provisions of current regulations on data protection. Likewise, your data may be communicated to the State Security Forces and Corps. , Judicial bodies and Public Prosecutor’s Office. In any case, the data will not be transferred to third parties unless the transfer is lawful in accordance with the provisions of the European Data Protection Regulation and current Spanish regulations.

 

 

 

4.Exercise of RGPD rights

  1. Purpose: Respond to requests from interested parties regarding data protection

 

  1. Legitimation: 6.1.c) Treatment necessary for compliance with a legal obligation applicable to the General Data Protection Regulation.

 

  1. Recipients: The recipients of your data will be the IT department, the Data Protection Officer, management and/or administration depending on the request, as well as the third parties to whom they are transferred. your data as long as the applicable data protection requirements are met.

 

5.Security gap

  1. Purpose: Manage and resolve the security breach in terms of data protection, as well as possible communication to those affected.

 

  1. Legitimation: 6.1.c) Treatment necessary for compliance with a legal obligation applicable to the General Data Protection Regulation.

 

  1. Recipients: The recipients of your data will be the IT department, the Data Protection Officer, management and/or administration depending on the request, as well as the third parties to whom they are transferred. your data as long as the applicable data protection requirements are met.

 

 

4. CONSERVATION PERIODS

PROCESSING OF DATA COLLECTED THROUGH THE WEBSITE

Contact forms

Your personal data will be processed for the time strictly necessary to respond to your request.

Spontaneous candidatures

Under the conservation policy of GRECO ROOMS , your personal data will be kept for a maximum period of ONE YEAR from receipt of the curriculum vitae.

User registration

Your personal data will be kept until you cancel your user account.

After cancellation of the user account, the data will remain

blocked in our bases but preserved until the prescription of possible legal responsibilities.

Web reservation Your personal data will be kept for the duration of your

relationship with GRECO ROOMS

OTHER TREATMENTS OF DATA
Exclusively for professional contacts Until our professional relations end or you decide to cancel or oppose the processing of your contact data.

 

Exclusive for clients

Invoices, delivery notes

Your personal data will be processed until the contractual relationship ends. Once it is completed, and for commercial purposes, your data will be kept for a period of 6 years in compliance with what is indicated in the Commercial Code. For tax purposes, your data will be kept for a period of 4 years in compliance with the

indicated in the General Tax Law.

Advertising

Your personal data will be processed

until the consent given for this purpose is revoked.

Exclusive Video Surveillance Systems

The recordings will be kept for a maximum period of ONE MONTH from their capture in accordance with article 22 of LO 3/2018, of 5 December, on Protection of Personal Data and guarantees of digital rights.

Exercise of RPGD rights

During the time necessary to resolve the claim and, subsequently, duly minimized and blocked until legal obligations regarding data protection are met.

Gap management

During the time necessary to manage and resolve the breach and, subsequently, duly minimized and blocked until legal obligations regarding data protection are met.

  1. Transfers

GRECO ROOMS does not plan to carry out international data transfers, if necessary, they will only be carried out to entities under the authorization of the US-EU Data Privacy Framework agreement (Adequacy decision EU-US Data Privacy Framework_en.pdf (Europe .eu), (more information: www.dataprivacyframework.gov), to entities that have demonstrated that they comply with the level of protection and guarantees in accordance with the parameters and requirements provided for in the current regulations on data protection, such as the European Regulation, or when there is a legal authorization to carry out the international transfer such as the consent of the interested party. In any case, the corresponding information will be provided to the interested party.

 

 

6.What are your rights in relation to data processing?

You as the data owner have the right to obtain confirmation about the existence of processing of your data, to access your personal data, request the rectification of data that is inaccurate or, where appropriate, request its deletion, when among other reasons , the data are no longer necessary for the purposes for which they were collected or you, as the interested party, withdraw the consent granted. GRECO ROOMS will process and retain your data in accordance with current regulations, without prejudice to the fact that as an interested party you may request, in any case, the limitation of the processing of your data. In certain cases you may exercise your right to data portability, which will be delivered in a structured, commonly used or machine-readable format to you or to the new data controller that you designate. You will have the right to revoke consent at any time for any of the processing for which you have granted it. To exercise your rights, contact us at the email address grecorooms@grecorooms.es. We have forms for the exercise of all the rights indicated above, however, you can also use those prepared by the Spanish Data Protection Agency. You will have the right to file a claim with the Spanish Data Protection Agency in the event that you consider that the exercise of your rights has not been adequately addressed. The maximum period to resolve will be one month from

 

from receipt of your request. In the event of any modification to your data, please inform us in writing in order to keep your data updated.

Latest version October 2023

Open chat
Hello! We are GrecoRooms, how can we help you?