1. Right to information
For the purposes of the provisions of Regulation (EU) 2016/679 of April 27, 2016 (GDPR), regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data and Organic Law 3/2018 of December 5, on the protection of personal data and guarantee of digital rights (LOPDGDD), the user is informed of the existence of an automated processing of personal data created by HOTEL LA SOBREISLA, C.B. and under its responsibility with the personal data that you may provide us with while browsing our Website, either at the time of registration or when you send an email.
2. Data controller:
• Company name: HOTEL LA SOBREISLA, C.B.
• Trade name: LA SOBREISLA
• CIF: E74421678
• Registered office: SOIRANA S/N, 33790 - PUERTO DE VEGA (ASTURIAS)
• Telephone: 985648175
• Email for communication purposes: administracion@lasobreisla.com
3. Purpose of the treatment:
We inform you that the purpose of processing your data is as described in each of the forms on the website where you provide your data.
• CONTACT: Manage your request and send you more detailed information.
• RESERVATIONS: Manage your reservation through the website https://www.lasobreisla.com/
4. Legitimation:
Article 6.1.a) of the GDPR. The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
Article 6.1.b) of the GDPR. Processing necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Article 6.1.c) of the GDPR. Processing is necessary for compliance with a legal obligation to which the controller is subject.
• Royal Decree 933/2021, of October 26, 2021.
• Article 45 of the Schengen Agreement of June 1985
• Organic Law 4/2015, of March 30.
5. Data storage and processing:
Your data will be retained for the time necessary to process your request, unless you instruct us otherwise by exercising your right to erasure, or for the time necessary to comply with legal obligations and address any potential liabilities that may arise from the purpose for which the data was collected. If necessary, HOTEL LA SOBREISLA, C.B. will delete or rectify the data when it is inaccurate, incomplete, or no longer necessary for its intended purpose, in accordance with current Personal Data Protection legislation.
Unless you inform us otherwise, we will assume that your data has not been modified, that you agree to notify us of any changes, and that we have your consent to use it to maintain the relationship between the parties.
The data provided will not be shared with third parties except in cases where there is a legal obligation to do so. HOTEL LA SOBREISLA, C.B. will not create any type of profile based on the information provided. Automated decisions will not be made based on profiles.
In accordance with Article 21 of Law 34/2002 on Information Society Services and Electronic Commerce, we will request your consent to send you advertising communications that we believe may be of interest to you, by email or any other equivalent means of electronic communication.
You have the right to object to and/or withdraw consent to the processing of the data indicated above, where applicable, and at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal, by notifying the data controller at the address(es) indicated.
6. Technical and organizational measures:
HOTEL LA SOBREISLA, C.B. adopts reasonably reliable and effective physical, organizational, and technological technical measures, controls, and procedures aimed at preserving the integrity and security of your data and guaranteeing your privacy. However, it assumes no liability for damages resulting from alterations that third parties may cause to the user´s computer systems, electronic documents, or files.
Furthermore, all personnel with access to personal data have been trained and are aware of their obligations regarding the processing of personal data.
In the contracts we sign with our suppliers, we include clauses requiring them to maintain confidentiality regarding the personal data to which they have had access pursuant to the order placed, as well as to implement the necessary technical and organizational security measures to guarantee the ongoing confidentiality, integrity, availability, and resilience of the systems and services that process personal data.
All of these security measures are reviewed periodically to ensure their suitability and effectiveness.
However, absolute security cannot be guaranteed, and no security system is impenetrable. Therefore, if any information processed and under our control is compromised as a result of a security breach, we will take appropriate measures to investigate the incident, notify the Supervisory Authority, and, where appropriate, notify any potentially affected users so that they can take appropriate action.
7. Rights:
The user may exercise their rights of access, rectification, erasure, objection, restriction of processing, data portability and not to be subject to automated individualized decisions, in relation to the data being processed, by contacting the data controller at the aforementioned address or by email to administracion@lasobreisla.com, attaching a copy of their ID or equivalent document. If they have not obtained satisfaction in the exercise of their rights, they may file a complaint with the competent Data Protection Control Authority, which is the Spanish Data Protection Agency, whose contact details are accessible at https://sedeagpd.gob.es.
