PALLADIUM GESTION S.L is particularly conscious of protecting the personal data of website service users and their customers. This Privacy Policy (or Data Protection Policy) advises website USERS of the purposes their personal data will be collected for, so that they can freely and voluntarily decide whether they want to provide the information requested.
The website owner reserves the right to modify this Policy in order to adapt it to new legislation, jurisprudence, sector practices, and/or in the interests of the company. Any modifications to the same will be announced with due warning in order to ensure your adequate knowledge of the content.
The data controller is PALLADIUM GESTIÓN S.L., with address for these purposes at: Avenida Bartolomé Roselló, 18, 07800 Ibiza (Balearic Islands).
The contact details of the DPD appointed by the data controllers are as follows: dpo@palladiumhotelgroup.com
The purposes of collecting and processing personal data, through the various forms that are owned by the data controller and made available to Users, is as follows, depending on the specific case:
The personal data provided will be stored for the appropriate period to comply with legal obligations to during the period that may be required by a judge or magistrate's court. Data based on consent will be stored as long as consent is not withdrawn or handling opposed. Additionally, with the aim of improving your experience for future stays in our hotels, we will maintain the data related with your past stays during a period of seven years, unless you would communicate the contrary. In that case it will be maintained the period according to legal obligations and during the period that may be required by a judge or magistrate's court. CV data received as part of recruitment processes will be stored for a period of four years.
In accordance with article 32 of Organic Act 3/2018 on Personal Data Protection and the Guarantee of Digital Rights, data controllers will proceed to block data when it is corrected or deleted.
The data lock consists of identifying and reserving the data in question, adopting technical and organisational measures to prevent it from being processed, except for to make the data available to the competent judges and courts, Public Prosecutor's Office or Public Administrations, and data protection authorities in particular, based on the requirements of potential obligations arising from the processing of the data and only for the limitation period required in these cases
The data controller is legitimately entitled to process personal data, on the basis of the following:
The personal data is obtained from the booking made by the data subject or from the forms they fill in which have been made available by the data controller.
If the data does not come directly from the data subject, it will have come from the booking made by the data subject through a third party (such as a travel agency or a travel booking website)
On the other hand, in order for the data present in our files, whether in electronic or paper format, to always correspond to reality, they will need to be kept up to date. To this end, the User should make any necessary changes, either directly when this option is enabled or by informing the data controller's corresponding division or department by a reliable and traceable means.
The personal data you provide to the data controller, may be passed on to the following types of addressees:
Palladium Gestión S.L. does not market, sell or perform any other similar activity using your personal data. Your personal data will only be processed for the purposes indicated above and will only be used by the data controller.
The data controller uses service providers with access to the personal data (data processors). Among these service providers are companies located outside the European Economic Area, and as such there is the possibility of international transfers of data being made. This will, in all cases, be done in compliance with the relevant guarantees as per Articles 44 onwards of the GDPR. Suppliers of data controllers located in the USA are members of the Privacy Shield agreement
However, the person to whom the personal data belongs may in any case exercise the rights granted to them by the General Regulations for Data Protection, namely:
The interested party may exercise these rights by issuing a written request accompanied by a copy of their national identity document, specifying which of the above rights they wish to exercise and sent to the following address: PALLADIUM GESTION S.L. Dirección: Avenida Bartolomé Roselló, 18, 07800 Ibiza (Baleares) or by sending an e-mail to rgpd@palladiumhotelgroup.com
In the event the interested party considers their right to personal data protection to have been breached, they may send a complaint to the Spanish Data Protection Agency (www.agpd.es).