Last updated: February 27th, 2019
We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.
“Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable.
“Process”, “Processing” or “Processed” means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Information we may collect
We may Process the following categories of Personal Information about you:
We may also collect:
Sensitive Personal Information
We do not collect or otherwise Process Personal Information about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual preference, any actual or alleged criminal offences or penalties, or any other information that may be deemed to be sensitive under GDPR (collectively, “Sensitive Personal Information”) in the ordinary course of our business except where we are explicitly given consent to support the booking process.
Children. The Services are not intended for use by children, especially those under 13. No one under the age of 13 should provide any Personal Information or use our public discussion areas, forums or chats. Minors under the age of 18 are not permitted to make purchases through the Services or obtaining coupons or codes from the Services to purchase goods or services on third party websites. If, notwithstanding these prohibitions, your children disclose information about themselves in our public discussion areas, consequences may occur that are not intended for children (for example, they may receive unsolicited messages from other parties). If it is discovered that we have collected Personal Information from someone under 13, we will delete that information immediately.
How we Collect Information
We may collect Personal Information about you from the following sources
Purposes for Which We May Process Your Information
The purposes for which we may Process Personal Information, subject to applicable law, include:
We have CCTV systems in our facilities that might record you while you are using them, the purpose to record activity only in public areas is to provide security to our customers, employees and to provide evidence to legal institutions when they require it by official means.
All the public areas that are being recorded by our CCTV Systems can be identified by a signboard, by using our facilities you agree to be recorded.
AM Resorts Europe does not use automatic decision-making process. If in the future, we start using that technology to process your information we will notify you previously and inform you about your rights.
Disclosures of your personal data
We may have to share your personal data with the parties set out below for the purposes set out above.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International Transfers of Information
Because of the international nature of our business, we may need to transfer your Personal Information within the ALG group of companies, and to third parties, in connection with the purposes set out in this Policy. For this reason, we may transfer your Personal Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
In accordance with the above, we may send your Personal Information to the following countries where Apple Leisure Group has operations and partnership with services providers:
We have implemented appropriate technical security measures in order to protect Personal Information during International transfers, in compliance with applicable laws.
Where you have made a reservation for accommodation or travel arrangements which are located or otherwise due to be fulfilled outside the EEA, we will have to transfer your personal data to the suppliers fulfilling or providing those travel arrangements outside the EEA in order to make your booking and for those suppliers to be able to provide you with the travel arrangements you have booked. Where we are unable to rely on one of the safeguards outlined below when transferring data to those suppliers outside the EEA, we will rely on the derogation under Article 49 of the GDPR in order to transfer your personal data to countries outside the EEA (as the transfer relates to the performance of a contract for your benefit), and you hereby permit us to do so. You also acknowledge that where your personal data is transferred outside the EEA, controls on data protection may not be as wide as the legal requirements within the EEA.
For all other transfers of data, whenever your personal data is transferred outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We take every reasonable step to ensure that your Personal Information that we Process is accurate and up to date. When you inform us that your Personal Information is inaccurate we will correct or erase it.
Know Your Rights
In accordance with GDPR a person living in the EU has the right to request
Keep in mind that your information is important to provide you with products and services. Deletion or restriction of certain data may prevent us from providing the services you requested. You also have the right to file a complaint with the EU Data Protection Authorities.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.
We take every reasonable step to ensure that your Personal Information is only Processed and stored for the minimum period necessary for business and legal requirements. We will only use your data for the reasons you provided it to us, and for legal reporting purposes.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By legal and tax purposes we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Cookies/Automated Collection of Information and Third-Party Policies
Company´s name currently uses “cookies” on our site. Our cookies tag each visitor’s browser with a random, unique number. The cookie simply assigns a number and does not disclose any personal information about the person using the browser. By noting where these uniquely numbered browsers go on our site, we can study traffic patterns and site usage, and improve our site to better fit our customers’ needs.
We may connect information collected automatically with information we already have about you in order to identify you as an AM Resorts Europe guest, including from third parties (for example, Google Analytics) to whom you have given permission for this purpose. This allows us to provide you with a personalized experience regardless of how you interact with us online, in store, mobile, etc.
Cookies, Tracking & Interest-Based Advertising
The help function of your browser should contain instructions on how to set your computer to accept all cookies, to notify you when a cookie is issued or to not receive cookies at any time. If you set your device to not receive at any time, certain personalized services cannot be provided to you, and accordingly, you may not be able to take full advantage of all of our features (i.e. you will be able to browse the site but will not be able to make a purchase).
Data controller: Hotelera del Tormes, SA. Dirección: Avenida Mare de Déu de Bellvitge, 3 (Barcelona). CIF.: A60512191. Contacto DPO: [email protected]
You may contact us at the addresses set out below or by emailing [email protected]
Gremi Cirurgians i Barbers, 48, 2°E, 07009, Palma de Mallorca
Phone Number: 971465611
You may also find information about how to contact each Hotel here