PERSON IN CHARGE OF THE TREATMENT

Responsible person's data: HOTEL TALAVERA HOTELS, S.L.U., (hereinafter HOTEL TALAVERA), with CIF A57259657 and with registered office located at Carretera del Arenal a Llucmajor Km. 21.5, Polígono Son Noguera Llucmajor, Balearic Islands, Spain (hereinafter HOTEL TALAVERA).

Means of contactPlease refer to the Contact section.

Contact details of the Data Protection DepartmentYou can contact us by e-mail: privacy@hoteltalavera.com. 

SCOPE OF THE POLICY

This Policy is drafted in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD).

When you access and use this website, participate in the blog or our Social Networks, contact our hotel by telephone, book our services through third parties (travel agencies or tour operators) or any other means that involves the processing of personal data by HOTEL TALAVERA, you agree to accept this Privacy Policy, as well as the provisions contained in the Legal Conditions and Cookies Policy.

At HOTEL TALAVERA we provide you with information so that, prior to filling in your personal data, you can access the Privacy Policy and any other relevant information regarding Data Protection. 

PERSONAL DATA PROCESSED

Identification and contact information

When making reservations, either as an individual or on behalf of others (whether in the case of minors or other persons, including travel agencies), the following customer/guest identification and contact information will be requested: name and surname, gender, telephone, e-mail and voice (if you contact our Customer Service telephone number).

Also, the customer's payment data will be collected, such as bank card (card number, cardholder, CVV/CVC/CID, expiration date).

Data required by the Spanish Authorities in case of lodging in the HOTEL TALAVERA.

According to Royal Decree 933/2021, which came into force on December 2, 2024, the data that HOTEL TALAVERA must collect and report to the authorities include:

• Basic Personal DataName, surname, sex, date of birth, country of nationality, identity document number, type of document and date of issue.
• Contact InformationFull address, telephone number (landline and mobile), and e-mail address.
• Estancia DataDate and time of check-in and check-out, number of rooms booked, and details of the accommodation contract.
• Payment InformationMeans of payment used, including cardholder and expiration date. In some cases, the IBAN of the bank account may also be required.
• Additional DataRelationship between the travelers if there are minors, and specific details of the transactions made during the stay.

This data must be recorded in the Authority's digital platform and retained for a period of three years.

Sensitive Data

In certain cases, in order to adapt our service to your needs, you or a third party (travel agency) may need to provide us with data considered sensitive by the regulations, which require additional protection.

Some of these occasions may occur when requiring specific assistance needs (wheelchair, oxygen), or requesting food preferences, and may indirectly provide indications on ethnic origin, religious beliefs or health status (allergies, diabetes, pregnancy, etc.), as referred to in Article 9 of the GDPR.

This data is only collected with your consent - when you request these services at the time of booking - and is only used to provide you with the requested service during your stay. You may object to the collection of this data, but this may result in the impossibility to meet your requests.

Newsletter registration data

If you sign up for our newsletter, the data requested in the form (name and email) will be collected, as well as the data associated with the language and market via the website.

Data collected during your web browsing

When you enter our websites, the HOTEL TALAVERA will collect data related to the device you are using, such as IP address, browser, operating system and behavior/use of the web/app, all of which are collected through cookies and similar technologies. The user may consent to the use of geolocation data or any other data we may request, and refusal to use such data shall not affect the provision of the service in any way.

Communications with HOTEL TALAVERA

If you communicate, by any of the enabled means (forms, emails, telephone channel, social networks), the data provided in such communications will be kept while your request is answered and up to a maximum of 2 years depending on the selected means.

This includes the recording of telephone (voice) calls in case of contact with Customer Service.

In the same way, we will store the communications that we make to notify the reservation or changes that occur in relation to the flight.

PURPOSES OF DATA PROCESSING

The HOTEL TALAVERA treats your personal data for the following purposes:

• Management of individual or group reservations (more than 20 people or more than 10 rooms).
• Management of contracted services during the stay (activities, special requests, etc.).
• Management of queries, complaints/incidents, claims and requests made by the client, as well as any other communication.
• Management of the membership program, including the sending of commercial communications.
• Newsletter management.
• Management of Price Matching requests for your stay, based on our “Best Price Online Guaranteed” policy.
• Management of analytical work and market research, through cookies, and other similar technologies and tools.
• Management of the tracking of customers using the Web, to identify ways to improve the browsing experience.
• Management of communications of personal data to suppliers and / or collaborators that you hire additionally.
• Management of emergency situations, catastrophes or force majeure in general.
• Website, app, social media and blog management.
• Fraud management and prevention, as well as compliance with legal obligations.
• Service quality management through online surveys or similar services.

LEGITIMACY OF DATA PROCESSING

The regulations of data protection (article 6 and 9 RGPD) contemplates qualifying assumptions by which the processing of personal data can be carried out. The HOTEL TALAVERA legitimizes the treatments it performs based on:

Pre-contractual measures and/or contractual performance

• To communicate, via email or SMS, all issues related to the hosting (new reservations, status updates and service or operational communications, check-in process), and, in general, the provision of the service contracted by the customer himself; Understanding that this information is essential for the proper execution of our services, but in no case be considered as advertising communication. 
• For the management of queries, complaints/incidents, claims and requests made by the client and/or passenger, as well as any other communication.
• Conducting service satisfaction surveys.
• For the management of complementary services to the lodging (activities, special requests, etc.).

Legal obligation

• The communication of data to the competent authorities (section “Recipients”).
• When the interested party exercises his or her data protection rights.
• For the exercise of legal actions promoted by or directed against HOTEL TALAVERA.
• To manage emergency situations, catastrophes or force majeure in general.

Legitimate interest of HOTEL TALAVERA

• For the investigation, prevention and detection of fraud against HOTEL TALAVERA.
• To offer and provide services that meet the customer's needs, providing a more personalized service.
• To carry out analytical and market studies.
• To send commercial communications of products or services similar to those contracted by the customer by electronic means (email, SMS, etc.) and/or telephone.

Consent

• To send commercial communications from HOTEL TALAVERA and other third parties when subscribing to our newsletter.
• To process sensitive data (health, beliefs or biometric) provided by the customer.
• To accept cookies and other similar technologies and tools on the website.
• To interact on our social networks, including subscribing to the newsletter.

Failure to provide the requested personal data or failure to accept the present document Privacy Policy This means the impossibility to subscribe and enjoy the services we offer.

HOW LONG WILL WE KEEP YOUR DATA?

The period of retention of personal data will vary depending on the service you may contract. In any case, your data will be kept for the duration of the contractual relationship. Once the contractual relationship has ended, we will keep your data blocked during the prescription periods of the obligations that may have arisen from the processing and/or the applicable legal periods, remaining at the disposal of the competent authorities, for the attention of the possible responsibilities arising from the processing, and subsequently, they will be deleted.

In the same way, your data will be kept as long as you do not object to the processing or revoke your consent (previously granted), as well as when there is no commercial need or legitimate interest, being able to (i) anonymize them, to treat them for statistical purposes allowing us to know our customers better, as well as their preferences or needs; (ii) block them, remaining at the disposal of the competent authorities, during the statute of limitations legally established to meet the possible liabilities arising from the processing of your data; or (iii) delete them.

TARGET

To whom will we disclose your information?

• Competent Public Bodies, State Security Forces and Corps, Judges and Courts, when the HOTEL TALAVERA has the legal obligation to provide them.
• Online payment service providers whose systems are connected to our website, in order to collect the contracted services and possible additional charges.
• We will communicate your data to those entities that you have used to obtain information about our hotel or service offers (for example: meta search engines or travel agencies) to manage the relationship between the HOTEL TALAVERA and these entities (for example: accrual of commissions for conversion to purchase) and always ensuring that the personal information is the minimum necessary. 
• In addition, the HOTEL TALAVERA has service providers who have access to your personal data and who process the referred data in the name and on behalf of the HOTEL TALAVERA as a consequence of its provision of services (processors and sub-processors).

Specifically, and by way of example and without limitation, the aforementioned suppliers perform their services in the following sectors: logistics services, agencies, fraud prevention, commercial communications, bid booking, legal advice, multidisciplinary professional services companies, technology services providers, physical security companies and call center services companies.

INTERNATIONAL DATA TRANSFERS

We inform you that, currently, the HOTEL TALAVERA does not carry out international data transfers but if in the future they are carried out, these will be based on a decision of adequacy or with adequate guarantees (standard contractual clauses). In the absence of adequate guarantees will be made under explicit consent of the user or under the protection of the need to execute the contract established with the user.

DATA PROTECTION RIGHTS

What rights do I have and how can I exercise them? 

The regulations grant you a series of rights over the personal data you provide to HOTEL TALAVERA. These rights are:

• Right of access. You authorize you to contact us to find out if your data is being processed and, if it is being processed, to obtain information about it.
• Right of rectification. You may request the rectification of those data that you consider to be inaccurate and we will proceed to its correction with the new data that you provide us.
• Right of opposition. Whenever the treatment is covered by a public or legitimate interest, profiling or treatment is intended for direct marketing, you may oppose it. The HOTEL TALAVERA (with the exception of direct marketing) will be able to prove reasons that prevail over this right.
• Right to suppression. You may request the deletion of the data provided whenever the causes stipulated by the regulations (see Article 17 RGPD).
• Right to request the restriction of processing. This is an auxiliary right whereby as long as you have requested the deletion, rectification or have opposed the treatment, the HOTEL TALAVERA will proceed to block the data until your claim is resolved.
• Right to data portability. You may request, when the processing is carried out by automated means, the transmission to another company of your data, provided that the processing is legitimized on the basis of consent or within the framework of the execution of a contract.
• Rights not to be subject to automated individualized decisions. This right is intended to ensure that you are not subject to a decision based solely on the processing of their data, including profiling, that produces legal effects on you or similarly significantly affects you.

You can exercise your rights quickly and easily by sending a written request to the e-mail address of our Data Protection Department, to request the exercise of their rights.

How can I complain to the Control Authority?

If a user considers that there is a problem with the way in which the HOTEL TALAVERA is handling his/her data, he/she can address his/her complaints to our Data Protection Department or to the corresponding data protection supervisory authority, being the Spanish Data Protection Agency the one indicated in the case of Spain.

SECURITY

At HOTEL TALAVERA we maintain the highest levels of security required by law to protect your personal data against accidental loss and unauthorized access, processing or disclosure, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed. When we receive your data, we use rigorous procedures and security features to prevent any unauthorized access.

The actions described in this section and aimed at ensuring an adequate level of security for the detected risk shall include, if necessary, the following measures:

• Pseudonymization and encryption of personal data.
• Measures capable of ensuring the permanent confidentiality, integrity, availability and resilience of processing systems and services.
• Measures capable of restoring availability and access to personal data quickly in the event of a physical or technical incident.
• Existence of a process of regular verification, evaluation and assessment of the effectiveness of technical and organizational measures to ensure the security of processing.
• Periodic assessment of the risk of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorized disclosure of or access to such data.
• Measures to ensure that any person acting under the authority of HOTEL TALAVERA and having access to personal data can only process such data following instructions from HOTEL TALAVERA.

CONFIDENTIALITY

The personal data that may be collected will be treated with absolute confidentiality, committing ourselves to keep them secret and guaranteeing the duty to keep them by adopting all necessary measures to prevent their alteration, loss and unauthorized access or treatment, in accordance with the provisions of the applicable legislation.

COOKIES

Our website uses «cookies» to collect information about how the Website is used. If you wish to obtain more detailed information on how the HOTEL TALAVERA uses cookies, please consult the Cookies Policy.

PRIVACY POLICY UPDATE

The HOTEL TALAVERA may modify the present privacy policy as a consequence of legislative changes, jurisprudential doctrine and rulings of the AEPD that are directly, indirectly or sectorially applicable.

Any changes, modifications or amendments we make to our Privacy Policy will be posted on this page.

Date of publication of this Policy: xx/xx/2025

RESERVATION FORM

There must be a check-box requesting consent for data processing, as well as another one for commercial communications and a third one for the booking conditions:

 I have read and accept the Booking Conditions.

 I agree to the processing of my data according to the Privacy Policy.

 I agree to receive information about special offers and promotions 

The first layer that should include a pop-up or frame when the customer clicks on “Policy of Pprivacy”. The first layer must be updated with the following:

Basic Data Protection Information

Responsible: HOTEL TALAVERA HOTELS, S.L.U. Purpose: Management of the reservation or contracting of lodging. LegitimationThe processing is necessary for the performance of the contract or in compliance with a legal obligation. Addressees: Third parties with whom we collaborate. Rights of access, rectification, suppression, portability, limitation and opposition in privacy@hoteltalavera.com as well as to file a complaint before the Spanish Data Protection Agency. To more information see our Privacy Policy.

NEWSLETTER SUBSCRIPTION

The following should be included 

 I agree to the processing of my data according to the Privacy Policy.

The first layer should include a “pop-up” or “frame” when the customer clicks on “Privacy Policy” that includes only the following:

Basic Data Protection Information

Responsible: HOTEL TALAVERA HOTELS, S.L.U. Purpose: To keep you informed about new samples and promotions by sending commercial communications. LegitimationConsent given when subscribing. Addressees: Third parties with whom we collaborate. Rights of access, rectification, suppression, portability, limitation and opposition in privacy@hoteltalavera.com as well as to file a complaint before the Spanish Data Protection Agency. To more information see our Privacy Policy.