Privacy policy

VILLA MARÍA CB informs you about its Privacy Policy regarding the processing and protection of the personal data of users and clients that may be collected through browsing or contracting services via the Website https://hotelruralvillamaria.com/

In this regard, the Data Controller guarantees compliance with the current regulations on personal data protection, as reflected in Organic Law 3/2018, of December 5, on Personal Data Protection and the Guarantee of Digital Rights (LOPD GDD). It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, regarding the protection of natural persons (GDPR).

The use of the Website implies acceptance of this Privacy Policy as well as the conditions included in the Legal Notice.

Identity of the Data Controller

• Owner: VILLA MARÍA CB
• NIF/CIF: E37434065
• Address: Calle El Chorro, 14. Fuentes de Béjar 37790 Salamanca.
• Email: info@hotelruralvillamaria.com
• Website: https://hotelruralvillamaria.com/

Principles Applied in Data Processing
In the processing of your personal data, the Data Controller will apply the following principles that comply with the requirements of the new European data protection regulation:

• Principle of Lawfulness, Fairness, and Transparency: The Data Controller will always require your consent for the processing of your personal data, which may be for one or more specific purposes, which will be fully informed to you in advance.
• Principle of Data Minimization: The Data Controller will only request the data strictly necessary for the purpose(s) for which they are requested.
• Principle of Limitation of Storage Period: The data will be kept for the strictly necessary time for the purpose(s) of processing.
  The Data Controller will inform you of the retention period according to the purpose. In the case of subscriptions, the Data Controller will periodically review the lists and remove inactive records after a significant period.
• Principle of Integrity and Confidentiality: Your data will be processed in such a way that its security, confidentiality, and integrity are guaranteed. You should know that the Data Controller takes the necessary precautions to prevent unauthorized access or misuse of users’ data by third parties.

Collection of Personal Data
To navigate through https://hotelruralvillamaria.com/, it is not necessary to provide any personal data. The cases where you do provide your personal data are the following:

• When contacting through contact forms or sending an email.

Your Rights
The Data Controller informs you that you have the following rights regarding your personal data:

• Request access to the stored data.
• Request rectification or cancellation.
• Request the limitation of its processing.
• Object to the processing.
• Request the portability of your data.

Exercising these rights is personal and must be done directly by the interested party, by requesting it directly from the Data Controller. This means that any customer, subscriber, or collaborator who has provided their data at any time can contact the Data Controller and request information about the data stored and how it was obtained, request the rectification of it, request the portability of their personal data, object to processing, limit its use, or request the deletion of such data from the Data Controller’s files.

To exercise your rights of access, rectification, cancellation, portability, and objection, you must send an email to info@hotelruralvillamaria.com along with valid proof in law, such as a photocopy of your ID card or equivalent.
You have the right to effective judicial protection and to file a complaint with the supervisory authority, in this case, the Spanish Data Protection Agency, if you believe that the processing of personal data concerning you infringes the Regulation.

Purpose of Personal Data Processing
When you connect to the Website to send an email to the Data Controller or make a contract, you are providing personal information for which the Data Controller is responsible. This information may include personal data such as your IP address, first and last name, physical address, email address, phone number, and other information. By providing this information, you consent to it being collected, used, managed, and stored by the Data Controller, solely as described in the Legal Notice and this Privacy Policy.

Personal data and the purpose of processing by the Data Controller vary depending on the system for collecting information:

• Contact forms, reservation forms, or inquiries through email or WhatsApp: The Data Controller requests personal data, which may include: First and last name, email address, phone number, and email address to respond to your inquiries.

For example, the Data Controller uses this data to respond to your messages, doubts, complaints, comments, or concerns regarding the information included on the Website, the services offered through the Website, the processing of your personal data, issues related to the legal texts on the Website, as well as any other queries you may have that are not subject to the conditions of the Website or the contract.

Other purposes for which the Data Controller processes your personal data include:

• To ensure compliance with the conditions outlined in the Legal Notice and applicable law. This may include the development of tools and algorithms to help this Website ensure the confidentiality of the personal data it collects.
• To support and improve the services offered by this Website.
• To analyze navigation. The Data Controller collects other non-identifying data obtained through the use of cookies that are downloaded to your computer when browsing the Website. Their characteristics and purpose are detailed in the Cookie Policy.
• To manage social media. The Data Controller has a presence on social media. If you follow the Data Controller on social media, the processing of personal data will be governed by this section, as well as by the terms of use, privacy policies, and access regulations of the corresponding social network, which you have previously accepted.

You can consult the privacy policies of the major social networks here:

• Facebook
• Instagram

The Data Controller will process your personal data for the purpose of correctly managing its presence on the social network, informing you about its activities, products, or services, as well as for any other purpose allowed by the social network regulations.

Under no circumstances will the Data Controller use followers’ social media profiles to send individual advertising.

Security of Personal Data
To protect your personal data, the Data Controller takes all reasonable precautions and follows industry best practices to prevent its loss, misuse, unauthorized access, disclosure, alteration, or destruction.
The Website is hosted on WordPress. Your data’s security is guaranteed as they take all necessary security measures for this. You can consult their privacy policy for more information.

Content from Other Websites
Pages on this Website may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if you visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking code, and monitor your interaction using this code.

Cookie Policy
For this Website to function correctly, it needs to use cookies, which is information stored in your web browser.
On the Cookie Policy page, you can find all the information regarding the collection, purpose, and processing of cookies.

Legitimacy for Data Processing
The legal basis for the processing of your data is consent.
To contact the Data Controller, subscribe to a newsletter, or make comments on this Website, you must accept this Privacy Policy.

Categories of Personal Data
The categories of personal data processed by the Data Controller are:

• Identifying data.

Retention of Personal Data
The personal data you provide to the Data Controller will be kept until you request its deletion.

Recipients of Personal Data
REMOVE THE ONES YOU DON’T USE:

• Google Analytics is a web analytics service provided by Google, Inc., a Delaware corporation whose headquarters is at 1600 Amphitheatre Parkway, Mountain View (California), CA 94043, United States (“Google”). For more information, visit: https://analytics.google.com
  Google Analytics uses “cookies,” which are text files placed on your computer to help the Data Controller analyze how users use the Website. The information generated by the cookie about the use of the Website (including your IP address) will be directly transmitted and stored by Google on servers in the United States.

You can also see a list of the types of cookies used by Google and its partners, along with all the information related to the use of advertising cookies.

Web Browsing
When browsing https://hotelruralvillamaria.com/, non-identifiable data may be collected, which may include IP address, geolocation, a record of how services and sites are used, browsing habits, and other data that cannot be used to identify you.
The Website uses the following third-party analysis services:

• Google Analytics
  The Data Controller uses the obtained information to gather statistical data, analyze trends, manage the site, study browsing patterns, and collect demographic information.

Accuracy and Truthfulness of Personal Data
You commit to ensuring that the data provided to the Data Controller is correct, complete, accurate, and up-to-date, and to keep it duly updated.
As a user of the Website, you are solely responsible for the veracity and accuracy of the data you provide to the site, releasing the Data Controller from any liability in this regard.

Acceptance and Consent
As a user of the Website, you declare that you have been informed of the conditions regarding personal data protection, accept and consent to the processing of your data by the Data Controller in the manner and for the purposes indicated in this Privacy Policy.

Revocability
To exercise your rights of access, rectification, cancellation, portability, and opposition, you must send an email to info@hotelruralvillamaria.com along with valid proof in law, such as a photocopy of your ID card or equivalent.
The exercise of your rights does not include any data that the Data Controller is required to retain for administrative, legal, or security purposes.

Changes to the Privacy Policy
The Data Controller reserves the right to modify this Privacy Policy to adapt it to legislative or jurisprudential developments, as well as industry practices.
These policies will be in effect until they are modified by duly published new policies.