In accordance with General Regulations on Data Protection (EU) 2016/679, OF THE EUROPEAN PARLIAMENT AND COUNCIL, of 27 April 2016 (henceforward GRDP) and the rest of the regulations relating to personal data protection, LOARRE TURISMO ACTIVO, S.L. provides the current Policy in relation to the handling and protection of personal data.
Data controller information
The data controller for this website, and therefore, for the personal data that may be collected by the same, is LOARRE TURISMO ACTIVO, S.L., whose address is C/ MAYOR, 30 of 22809 LOARRE - HUESCA and whose NIF is B22310742.
Both the entity responsible for the data files and those involved at any stage of the data handling, as well as the entities who have received these through the authority conferred by the user are subject to the most professional and strictest confidentiality and expressly commit to adopt the levels of protection and required technical and organisational measures to guarantee the security of the personal data and avoid its alteration, misuse, loss, theft, and unauthorised access or handling, whether externally or within the framework of the structure and staff, bearing in mind the state of the technology, the nature of the stored data and the risks to which it is exposed, whether these are due to human actions or to the physical or natural environment.
Similarly, the handling and recording in files, programmes, systems, equipment, locations and centres that comply with the requirements and conditions of integrity and security established within the current regulations are guaranteed.
Scope of application
The application of this policy is subject to:
- Those visiting the website http://castillodeloarre.es and/or those who voluntarily contact LOARRE TURISMO ACTIVO, S.L. through email messages, chat, or any other means of data collection of the abovementioned website.
- Those requesting information about products and services from LOARRE TURISMO ACTIVO, S.L. or who subscribe to any of our commercial activities.
- Those who establish a contractual relationship through the contract of our products and services.
- Any other persons who, directly or indirectly, have given their express consent to their data being handled by LOARRE TURISMO ACTIVO, S.L. for any of the purposes outlined in the current Policy.
LOARRE TURISMO ACTIVO, S.L. requires the express acceptance of this policy in order to use any of its products and services.
Furthermore, we advise that, except in the event of a legally constituted representation, no user and/or client may use the identity or the personal data of another person, and therefore, the data provided must be your own personal data corresponding to your own identity, which is up to date, correct and truthful. The user and/or client will be the only person responsible for dealing with any direct ot indirect damages caused to third parties or to LOARRE TURISMO ACTIVO, S.L. by the use of another person's data or their own data if this is false, untrue, out of date or irrelevant.
The user and/or client that provides personal data to LOARRE TURISMO ACTIVO, S.L. states that they are of adult age, according to that outlined in Spanish legislation, and if otherwise, will abstain from providing data, except with the consent of their parents, guardians or legal representatives, who will be considered as the persons responsible for the minors under their care.
This Policy will be of a subsidiary and/or complementary nature when specific conditions exist for the protection of personal data that establish a special character and are communicated through the registration forms, contracts and/or specific and applicable conditions of service.
Types of data gathered
For the proper functioning of our website and the provision of our services, anonymous and personal data may be gathered by the following means:
- Comments. If these are active, when visitors leave comments on the website, we compile the data found on the comments form, the visitor's IP address and the user agents chain from the navigator to assist in the detection of spam.
- Audiovisual media. If at any time, the website allows the publication of photographs, videos or any other audiovisual material, even if no personal data is gathered from it, these will be used with the understanding that the user expressly authorises their publication.
- Contact forms. The forms provided to the user for contactacting us, request the standard data for this type of communication, such as name, email address and/or telephone number, and this data will be stored for a certain period of time for the purpose of providing a service to the client.
- Contracting or reserving services. In the event of a contract and/or reservation being made through our website for the services we offer, we will ask the user for the necessary information to provide the services requested.
- Analytics. Our website uses tools to generate statistics and anonymous data on user navigation.
Purpose of data gathering and handling
As the data controllers, we inform the user and/or client of the existence of various procedures and files in which personal data communicated through the website is compiled and stored.
The purpose of gathering and handling the data is:
- Using "cookies" when navigating the website that will be stored in the user's terminal (computer or mobile device) and which compile information for the purpose of improving the useability of the website, finding out the habits or navigation requirements of the users in order to adapt the website to their needs, as well as obtaining information for statistical purposes. All the information about the cookies used can be found in our Cookies Policy.
- The statistical tools are used to count visits to the website, duration of visit, the ratings and user behaviour, among other metrics.
- When communicating personal data by sending emails or through any other method, such as a contact form on the website, the purpose of the compilation and handling of this data is to respond to questions and information requests about the products and services offered.
- For contracting the services offered by LOARRE TURISMO ACTIVO, S.L., where the only personal data collected will be that required to establish a contractual relationship and facilitate the supply of services, their invoicing and the payment of these by the client.
- In situations in which LOARRE TURISMO ACTIVO, S.L. needs to access and/or handle personal data for which the client is the controller or is in charge of handling, we will handle said data as the entity responsible for data handling according to Article 28 of the GRDP and in accordance to that indicated for the data controller, including this Policy.
- For other purposes which expressly appear within the specific conditions and that correspond to a contracted product or service.
Storage period for personal data
LOARRE TURISMO ACTIVO, S.L. will store the personal data for the time required in order to comply with the purposes outlined above.
Data will be stored in accordance with Law 25/2007 of 18 October relating to the storage of data from electronic and public communication networks. The storage period for this will be outlined within the current legislation.
Recipients of the personal data
The recipients of the personal data gathered will be the following:
- Our own employees, so that they can fulfil their tasks.
- Our providers, if they need to take part in providing the services, in the event that this is necessary for the provision of these.
- Judicial or administrative bodies, such as State Security Forces, if required, in accordance with the current legislation to provide information related to our clients, products and services.
- Anyone else who, due to the nature of the product or service, needs to access the data accompanying these, as outlined in the Specific Conditions that apply to the corresponding product or service contracted by the client and expressly accepted by the user and/or client.
Users' rights and how to exercise these
Users and/or clients will be able to exercise the following rights at any time, as recognised by the GRDP:
- Right to access: Users and/or clients have the right to obtain information relating to the handling of their data and access to this.
- Right to correction: Users and/or clients have the right to the correction of their personal data if this is incorrect or incomplete.
- Right to suppress: Users and/or clients have the right to request the suppression of their data when this is no longer required for the purpose for which it was provided, or when the remaining legal circumstances have been met.
- Right to limit handling: In certain circumstances, users and/or clients have the right to request the limited handling of their personal data, so that the standard handling processes are not applied to their data, in accordance with Article 18 of the GRDP.
- Right to portability: Users and/or clients have the right to receive personal data that apply to them in a structured format, whenever this data applies to the user and has been provided by them.
Users can exercise their rights by sending a request in writing to LOARRE TURISMO ACTIVO, S.L. via the email firstname.lastname@example.org, indicating the right they wish to exercise and attaching a copy of both sides of their DNI or a legal identification document.
Acceptance and consent
LOARRE TURISMO ACTIVO, S.L. reserves the right to modify the current policy to adapt it to new legislation or rulings as well as to industry practices. In this case, we will announce any changes made on this page within a reasonable timeframe before they are put into effect.