- IDENTIFICATION
HOTEL STELLA, S.L.. C/ PUNTAIRES, 1 - 08397 PINEDA DE MAR (Barcelona), and HOTEL MONTEPLAYA ALSITER, S.L.. PASSEIG MARITIM, 50 - 08380 MALGRAT DE MAR (Barcelona) from no won SUMUS HOTELS GROUP, is responsable of the users’ personal data treatment, and hereby informs that those data will be treated according to the European regulations (UE) 2016/679 of April 27th (GDPR) and the Organic Law 3/2018 of December 5th (LOPDGDD), from which you can find the treatment information below:
- INFORMATION AND CONSENT
By accepting this Privacy Policy, the user agrees that has been properly informed and gives his/hers consent in a free, informed, especific and unequivocal way for thos personal data that are provided to us through our website, located at the URL www.sumushotels.com/ (from now on “Website”), to be treated by SUMUS HOTELS GROUP, as well as the data coming from his/her navigation and any other datat that can be provided in a future to SUMUS HOTELS GROUP in a clear and easy way.
- COMPULSORINESS OF DATA PROVIDING
The data we request at the forms in our Website are general, compulsory (except in specific fields that may not be), to comply with the established purposes.
In case that the data are not correctly profided your request may not be satisfied or answered, without prejudice of the free visualization of the Website contents.
FOR WHAT PURPOSE WILL SUMUS HOTELS GROUP TREAT THE USER'S PERSONAL DATA?
The personal data provided through the Website will be processed by SUMUS HOTELS GROUP in accordance with the following purposes:
Data provided for booking, both through the Website and (call center, email or chat) for individual or group bookings:
- Identification data:ID Number or Passport, first name, surname, nationality.
- Contact details: email address, telephone number.
- Transaction data of goods and services in SUMUS HOTELS GROUP : Products and services purchased or over which you show interest.
- Stay preferences.
- Economic data,Credit card: financial.
- Other data: data provided by the interested parties themselves in the open fields or through the call made.
- Navigation data, Wifi connection.
- Data provided through the booking form at the Website:
- Identification data: first name, surname, address, nationality.
- Contact details: email address, telephone number.
- Transaction data for goods and services (Credit Card)
- Other data: data provided by the interested parties themselves in the open fields of the forms provided on the Website or in the attached documents.
- Navigation data.
- Data provided for blog publications owned by SUMUS HOTELS GROUP
- Identification data: first name, surname, address, nationality.
- Contact details: country of residence, email address.
- Navigation data.
- Data prior to modification and cancellation of reservations:
- Identification data: first name, surname, address, nationality.
- Contact details: email address, not phone address.
- Transaction data for goods and services
- Economic, financial and insurance data.
- Other data: data before the interested parties themselves in the open fields of the forms on the Website or in the attached documents.
- Navigation data
- Data provided for the Newsletter:
- Identification data: first name, surname, address, nationality.
- Contact details: country of residence, email address.
- Language personal feature data.
- Data provided on contact and page forms:
- Identification data: first name, surname, address, nationality.
- Contact details: email address, telephone number.
- Transaction data for goods and services
- Other data: data provided by the interested parties themselves in the open fields of the forms provided on the Website or in the attached documents.
- Navigation data.
In the event that the user provides data of third parties, declares to have the consent of the same and undertakes to transfer the information contained in the Privacy Policy, exempting SUMUS HOTELS GROUP from any liability in this regard. However, SUMUS HOTELS GROUP may carry out periodic checks to verify this fact, adopting the appropriate due diligence measures, in accordance with data protection regulations.
- WHAT IS THE LEGITIMATION OF THE TREATMENT OF USER DATA?
The legitimacy of the processing of your personal data will be as follows:
To make reservations, both through the Website and contact center (call center, email or chat) for individual or group reservations: the execution of the contract between the parties. For the execution of analysis on the use of the website, the legitimate interest of SUMUS HOTELS GROUP
- For the management of registration as registered user: in the requested consent and, in the cases of verification compliance with the conditions by the user, as well as for the execution of analysis on the use of the website, the legitimate interest of SUMUS HOTELS GROUP . However, if you withdraw your consent, this will not affect the lawfulness of the treatments carried out previously.
- For the management and publication of comments or posts sent by users in the BLOGs owned by SUMUS HOTELS GROUP:in the consent given by the user and, in the cases of execution of analysis of the Website, check the preferences and behaviors of the users, as well as carry out a control of the content of the comments, legitimate interest of SUMUS HOTELS GROUP . If you withdraw your consent to the processing of posting the comments, it will be removed by SUMUS HOTELS GROUP from the Website.
- For the modification and/or cancellation of your reservation in the execution of the contract between the parties. For the execution of analysis on the use of the website, the legitimate interest of SUMUS HOTELS GROUP
- For the sending of Newsletter: in the consent given by the user.
- For the sending of contact forms and website: in the consent given by the user. For the execution of analysis on the use of the website, the legitimate interest of SUMUS HOTELS GROUP .
- For sending the reservation's reminder: consent given by the user. Legitimate interest of SUMUS HOTELS GROUP.Los consentimientos obtenidos para las finalidades mencionadas son independientes por lo que el usuario podrá revocar solo uno de ellos no afectando a los demás.
To revoke such consent, the User may contact SUMUS HOTELS GROUP through the following channels:
E-Mail: contact@sumushotels.com
- WHAT RECIPIENTS WILL THE USER'S DATA BE SHARED WITH?
The user's data may be communicated to:
- Data provided for booking, both through the Website and (call center, email or chat) for individual or group bookings:
Integrated or affiliated companies, all dedicated to the hotel sector, will need to have access to their data for the correct provision of the selected services. Likewise, your data will be communicated to those entities that own the hotels, in order that they know the conditions of your stay (price, dates, services included, ...), for the sole purpose of being able to provide the services correctly.
- Data provided to register as a registered user in SUMUS HOTELS GROUP :
Companies of the group to which SUMUS HOTELS GROUP belongs, only for internal administrative purposes and / or for the purposes indicated above.
- Data provided through the booking recovery form:
Companies of the group to which SUMUS HOTELS GROUP belongs, only for internal administrative purposes and / or for the purposes indicated above.
- Data provided for publications in BLOGs owned by SUMUS HOTELS GROUP:
The data provided by the user will be published on the Website, so they will be accessible by any user who accesses it.
- Data provided for the modification and cancellation of reservations :
Companies integrated or affiliated with the hotel sector, will need to have access to their data for the correct provision of the selected services. Likewise, your data will be communicated to those entities that own the hotels, in order that they know the conditions of your stay for the sole purpose of being able to provide the services correctly.
- Data provided for the sending of Newsletter, will not be communicated with third parties.
- Data provided in contact forms and website:
Companies of the group to which SUMUS HOTELS GROUP belongs, only for internal administrative purposes and / or for the purposes indicated above.
- Data provided in cart recovery form: cart recovery:
Companies of the group to which SUMUS HOTELS GROUP belongs, only for internal administrative purposes and / or for the purposes indicated above.
In addition, the data may be accessible by suppliers of SUMUS HOTELS GROUP, being said access necessary for the proper compliance with the legal obligations and / or the purposes indicated above. These providers will not process your data for their own purposes that have not been previously informed by SUMUS HOTELS GROUP .
- INTERNATIONAL DATA TRANSFERS
We inform you that your data will NOT be transferred to third countries outside the EU.
8.DATA RETENTION
Your data will be kept for the following periods:
- Data provided for the making of reservations, both through the Website and contact center (call center, email or chat) for individual or group reservations: they will be kept during the contractual relationship and, once the contract relationship has been completed, during the limitation period of the legal actions that may arise from it.
- Data provided to register as a registered user in SUMUS HOTELS GROUP : as long as the user does not revoke the consent given. However, if you withdraw your consent, this will not affect the lawfulness of the treatments carried out previously.
- Data provided for publications in blogs owned by SUMUS HOTELS GROUP The data will be kept as long as the user does not revoke the consent granted.
- Data provided for the modification and cancellation of reservations: they will be kept during the contractual relationship and, once the contract is completed, during the limitation period of the legal actions that may arise from it.
- Data provided for the sending of Newsletter: they will be kept as long as the user does not revoke the consent given for this purpose.
- Data provided in contact forms and website: they will be kept for the period necessary to process and respond to your request and, after the completion of the request, during the limitation period of the legal actions arising from the said request.
- Data provided on the booking recovery form: they will be kept 15 days after the abandonment of the reservation.
- USER RESPONSIBILITY
The User:
- You guarantee that you are over eighteen (18) years of age and that the data you provide to SUMUS HOTELS GROUP is true, accurate, complete and up-to-date. For this purpose, the user is responsible for the veracity of all the data that he/she communicates and will keep the information provided conveniently updated, in such a way that it responds to his/her real situation.
- Guarantee that you have informed the third parties of those who provide your data, if so, of the aspects contained in this document. It also guarantees that you have obtained your authorization to provide your data to SUMUS HOTELS GROUP for the purposes indicated.
- You will be responsible for false or inaccurate information you provide through the Website and for any direct or indirect damages caused by this to SUMUS HOTELS GROUP or third parties
- EXERCISE OF RIGHTS.
The user can send a letter to SUMUS HOTELS GROUP , to the address PASSEIG MARITIM 50, 08380 Malgrat de Mar, Barcelona or by means of an email to the direcciónCONTACT@SUMUSHOTELS.COM, attaching a photocopy of their identity document, at any time and free of charge, to:
- Revoke consents granted.
- Obtain confirmation as to whether or not personal data concerning the user is being processed in SUMUS HOTELS GROUP.
- Access your personal data.
- Correct incorrect or incomplete data.
- Request the deletion of your personal data when, for some reason, the data is no longer necessary for the purposes for which it was obtained.
- Obtain from SUMUS HOTELS GROUP the limitation of the processing of data when any of the conditions provided for in the data protection regulations are met.
- Request the portability of the data provided by the User in those cases provided in the regulations.
- Contact SUMUS HOTELS GROUP via the following dirección:CONTACT@SUMUSHOTELS.COM
- File a complaint regarding the protection of your personal data with the Spanish Agency for the Protection of Datoswww.aepd.es., when the data subject considers that SUMUS HOTELS GROUP has violated the rights that are recognized by the applicable regulations on data protection.
- 11. SECURITY MEASURES
SUMUS HOTELS GROUP will process the user's data at all times in an absolutely confidential manner and keeping the mandatory duty of secrecy with respect to them, in accordance with the provisions of the implementing regulations, adopting for this purpose the necessary technical and organizational measures that guarantee the security of your data and prevent its alteration, loss, treatment or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed.
