PRIVACY POLICY
Who is the controller of your personal data?
The controller processing of your personal data is MUGABURU SL, sited in Miramar 2 de Donostia-San Sebastián, with tax registration number NIF B20023982, and registered at Gipuzkoa Companies Register, volume 1.082, folio 188, sheet number SS-1883, 25th entry (hereinafter, referred to as “Arbaso Hotel”).
What personal data we collect?
Arbaso Hotel collects through this Web Site the following Client personal data, according to the services requested by each Client:
- Identification Data: full name, identification card/passport (or similar), nationality, date of birth.
- Family Data: identification data of children.
- Health Data: reduced mobility.
- Vehicle data: license plate number.
- Contact Data: address, email address and phone number.
- Transaction Data: goods and services provided by Arbaso Hotel.
- Economic Data: data to make payments.
- WIFI connection Data: Device MAC address, device IP address, connection sessions, pages visited, type of device, browser and operating system.
If the Client communicates data of third parties, Arbaso Hotel disclaims any liability for the consequences of this data communication caused to third parties, given that this communication by the Client to Arbaso Hotel is completely voluntary, consented and unsolicited.
Additionally, Arbaso Hotel collects the personal data of identification data, contact data, academic and professional data of the job applicant who contacts us through the “Work with us” Section of this Web Site.
For what purposes we process your personal data?
The Client personal data will be processed for the following purposes and, as the case may be, for those others expressly indicated:
- Management of the room booking as well as the Online Check-in service.
- Management of the Customer Loyalty Club, which is voluntary and free of charge.
- Sending commercial communications, provided that express consent has been given.
- Providing the accommodation service, as well as complementary services, such as WIFI, transfers, catering and others.
- Conducting quality services surveys and/or evaluations.
- Data communication to the competent State security bodies and forces.
- Online reputation monitoring services.
- WIFI service in the Arbaso Hotel facilities.
- Answering e-mails received through the present Web Site www.hotelarbaso.com.
The personal data received through the “Work with us” Section of this Web Site will be processed to carry out the human resource selection.
How did we get the data?
Personal data are provided directly by the Customer in our direct channels such as this Web Site and others.
The Client is responsible for the accuracy, authenticity and updating of the data. Until you inform us the contrary, Arbaso Hotel considers that the data have not been modified.
Personal data received through the “Work with us” Section are provided directly by the job applicant.
What are the legal bases to process your personal data?
The legal bases for the processing of your personal data by Arbaso Hotel depend on the purposes for which they were collected, as follows:
| DATA PROCESSING | LEGAL BASES |
|---|---|
| Management of the room booking as well as the Online Check-in service. | The performance of a contract. |
| Management of the Customer Loyalty Club. | Client’s consent and a legitimate interest pursued by Arbaso Hotel. |
| Sending commercial communications. | Client’s consent. |
| Providing the accommodation service, as well as complementary services, such as WIFI, transfers, catering and others. | The performance of a contract. |
| Conducting quality services surveys and/or evaluations. | A legitimate interest pursued by Arbaso Hotel. |
| Data communication to the competent State security bodies and forces. | The compliance with a legal obligation. |
| Online reputation monitoring services. | A legitimate interest pursued by Arbaso Hotel. |
| WIFI service in the Arbaso Hotel facilities. | A legitimate interest pursued by Arbaso Hotel. |
| Answering e-mails received. | A legitimate interest pursued by Arbaso Hotel. |
| DATA PROCESING | LEGAL BASES |
|---|---|
| The human resource selection. | To take steps prior to entering into a contract. |
Who will we share your personal data with?
We do not disclosure your personal data without your prior and written consent, except for:
- Services providers, particularly, marketing services, technological services, online reputation monitoring services and quality surveys and/or evaluations services. These providers only have access to data for these purposes and are requested to apply the same degree of data protection as Arbaso Hotel, and
- Competent State security bodies and forces, in order to comply with a legal obligation.
- Judges and Courts, in order to respond to judicial requirements.
For job applications received in the section WORK WITH US, we share the personal data with the companies that provide us with human resource selection services.
What rigthts do you have concerning your personal data?
The Client can exercise the following rights contacting the corporate postal address indicated above or protecciondedatos@mugaburu.com:
- Right of access to be informed about what personal data is being processed and for what purposes.
- Right of rectification if the personal data are incomplete or inaccurate.
- Right of erasure if the purpose for which the data were provided has disappeared, the processing of the data is not lawful, consent has been revoked and in other cases provided for by law.
- Right to object to prevent your data from being processed for certain purposes or in certain circumstances.
- Right to restriction of the personal data processing to check the accuracy of the data, the lawfulness of the processing, to process complaints and similar circumstances.
- Right to personal data portability to receive the data in a structured and commonly used electronic format and be able to transmit it to another company.
Additionally, contacting protecciondedatos@mugaburu.com you can revoke your consent, request additional information about the Privacy Policy and contact the Data Protection Officer.
Finally, we informed you that you can file a complaint with the supervisory authority that you consider appropriate, particularly the AEPD.
How we protect your personal data?
Arbaso Hotel process the personal data which are adequate, relevant and limited to what is necessary for the above-mentioned purposes and performs this in a lawful, fair and transparent manner.
Arbaso Hotel has taken the technical and organisational measures necessary to ensure an appropriate level of security taking into account the risk evaluated, and ensures that the staff is properly trained and informed to protect the personal data.
The periods for which the personal data are stored by Arbaso Hotel depend on the purposes for which we process them, as follows:
| DATA PROCESSING | STORE PERIOD |
|---|---|
| – Management of the room booking as well as the Online Check-in service. – Providing the accommodation service, as well as complementary services, such as WIFI, transfers, catering and others – Conducting quality services surveys and/or evaluations. – Online reputation monitoring services. | During the contractual relationship and once concluded during the limitation period for legal action. |
| – Management of the Customer Loyalty Club. – Sending commercial communications. – Answering e-mails received. | Indefinitely until revocation of consent or the exercise of a Data Protection right and, from that moment, during the limitation period for legal action. |
| – WIFI service in the Arbaso Hotel facilities. | WIFI connection Data will be stored for 1 year. |
| DATA PROCESSING | STORE PERIOD |
|---|---|
| – The human resource selection. | – Data on job applications will be stored for 2 years. |
What happens if we change our Privacy Policy?
The present Privacy Policy will be reviewed according with news regulations to come and/or data processing changes. The last updated will be indicated below.
This Privacy Policy was last revised and updated in November 2022.
