HOTEL ES PORT

Privacy Policy

1. Data Controller

In accordance with the provisions of Regulation (EU) 2016/679 of the General Data Protection Regulation (GDPR), Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights, as well as Law 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSI-CE), we hereby inform you that the personal data collected through this website will be processed under the responsibility of:

MONTIMAR S.A.
Tax ID No. (CIF): A07008410
Address: Carrer d’Antoni Montis 10, 07108 Port de Sóller (Balearic Islands), Spain
E-mail: info@hotelesport.com

2. Types of Data Processed

Depending on the service, form or communication channel used, MONTIMAR S.A. may process the following categories of personal data:

  • Identification data: first name, last name, identity document or passport, nationality.
  • Contact data: postal address, e-mail address, telephone number.
  • Reservation and contractual relationship data: stay dates, preferences, number of accompanying persons, special requests.
  • Financial and billing data: bank details, payment card number and cardholder name.
  • Professional and academic data: education, work experience, languages and other information included in the curriculum vitae (for job applicants).
  • Browsing and connection data: IP address, device identifiers, cookies, browsing data.
  • Internal whistleblowing channel data: identification and contact details of the reporting person (when not anonymous), affected persons and reported facts.
  • Health data (only if voluntarily provided by the user): allergies or conditions necessary to ensure the safety or suitability of the service.

Under no circumstances will special categories of personal data be requested or processed, except where strictly necessary and with the explicit consent of the data subject in accordance with Article 9(2)(a) and (b) of the GDPR.

All data requested are adequate, relevant and limited to what is necessary for the purposes for which they are collected.

3. Purposes of Processing

Personal data are collected through the different forms available on the website and will be processed for the following purposes:

  1. Management of information and contact requests: to respond to inquiries and requests submitted via forms or e-mail.

  2. Management of reservations and contractual relationship: to process, confirm and manage reservations, as well as to handle payments, invoicing and communications related to the stay.

  3. Sending commercial information and promotions: to send informational or promotional communications related to the services of MONTIMAR S.A., provided that the user has given explicit consent.

  4. Website security and maintenance: to ensure the availability, integrity and security of the website and hosted information.

  5. Management of recruitment processes in the “Work with us” section: receipt and evaluation of spontaneous applications or applications submitted in response to job offers published by MONTIMAR S.A.

  6. Management of the internal whistleblowing channel: identification and contact details of the reporting person (when not anonymous); data of the persons concerned by the reported facts; and any additional information included in the report.

4. Legal Basis for Processing

The processing of personal data is based on the following legal grounds:

  • Consent of the data subject (Art. 6(1)(a) GDPR): for the submission of forms, newsletter subscription, participation in recruitment processes and commercial communications.

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR): for the management of reservations, stays and/or the contracting of services.

  • Compliance with legal obligations (Art. 6(1)(c) GDPR): tax, accounting, labour, tourism-related or public safety obligations.

  • Legitimate interest of the controller (Art. 6(1)(f) GDPR): to ensure website security, prevent fraud and maintain service quality.

The user may withdraw consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.

5. Data Retention

Personal data will be retained by MONTIMAR S.A. for the time strictly necessary to fulfil the purposes for which they were collected, as well as to address potential liabilities arising from the processing and to comply with applicable legal obligations. Data retention periods will vary depending on the purpose of processing and, in general terms:

  • Data related to the contracting of services or products: retained for the duration of the contractual relationship and, after its termination, for the statutory limitation period of any legal actions that may arise.

  • Contact data and information requests: retained as long as the user does not request their deletion or cancellation.

  • Newsletter subscription data: retained until the data subject requests to unsubscribe or restrict processing.

  • Job applicant data or received CVs: retained for a period of 12 months from receipt, unless the data subject expressly authorises a longer period.

  • Data processed through the internal whistleblowing channel: retained for a maximum period of 3 months, unless it is necessary to keep them blocked to demonstrate the proper functioning of the system.

  • Data derived from web browsing and commercial profiles: retained until the user withdraws consent or requests deletion.

Once the retention periods have elapsed, the data will be blocked and securely deleted, ensuring that they cannot be processed for purposes other than those that justified their collection, in accordance with Articles 5(1)(e) and 32 of the GDPR and Article 32 of the LOPDGDD.

6. Data Disclosure and International Transfers

Data will not be disclosed to third parties, except in the following cases:

  • Legal obligation, by request of administrative or judicial authorities.

  • Service providers acting as data processors (e.g. technology providers, web hosting services, recruitment agencies or maintenance services), with whom agreements have been signed in accordance with Article 28 of the GDPR.

No international data transfers outside the European Economic Area (EEA) are envisaged, except in cases covered by standard contractual clauses or adequacy decisions of the European Commission.

7. Data Subject Rights

Users may exercise their rights of access, rectification, erasure, objection, restriction, data portability and withdrawal of consent at any time. To do so, they must submit a request together with a copy of their identity document by e-mail to info@hotelesport.com or by post to MONTIMAR S.A., Carrer d’Antoni Montis 10, 07108 Port de Sóller (Balearic Islands), Spain.

Users may also lodge a complaint with the Spanish Data Protection Agency via its website www.aepd.es.

8. Information Security

MONTIMAR S.A. implements appropriate technical and organisational measures to ensure a level of security appropriate to the risk, in accordance with Article 32 of the GDPR. These measures include SSL/TLS encryption, access control, backups, incident management and staff training.

9. Cookie Policy

This website uses its own and third-party cookies for technical, analytical and personalisation purposes. Non-essential cookies will only be installed when the user gives consent through the configuration panel displayed upon accessing the website.

Further details are available in our Cookie Policy.

10. Use of Social Media

MONTIMAR S.A. maintains corporate profiles on Facebook, Instagram and YouTube.
The processing of followers’ personal data is carried out in accordance with the GDPR, the LOPDGDD and the terms and conditions of each platform.

When users interact with our pages (by following, sharing or commenting), we may receive information from those social networks, including user IDs or public profile data.
MONTIMAR S.A. does not incorporate such data into its systems without explicit consent.

Social networks have their own privacy policies, which users must review and accept when interacting with them.

11. Amendments to the Privacy Policy

MONTIMAR S.A. reserves the right to amend this policy in order to adapt it to legislative or case-law developments. In the event of significant changes, users will be informed via a notice on the website or by e-mail, where appropriate.

BOOK NOW
BOOK NOW