- Barceló
- General information
- my Barceló Privacy Policy
my Barceló Privacy Policy
I.- Who is responsible for handling your data?
The party responsible for processing your data is Barceló Gestión Hotelera, S.L. (hereinafter referred to as BGH or Barceló) with a registered office at c/ Josep Rover Motta, 27, 07006, Palma de Mallorca. If you have any questions regarding data protection, please contact the Barceló Group's Data Protection Office at dpo@barcelo.com.
II.- Why are we handling your data?
BGH hereby informs the interested party that their data will be treated by BGH, for the following purposes:
1. Registration on the my Barceló platform. Barceló will process the identity information necessary to enable the user's registration on the my Barceló platform so that the user can access information regarding the hotels that can be booked and/or request services that are received directly by the reception of the hotel where the client is staying at the time of the request. In this way, BGH will receive identity data such as first and last names, date of birth, country of residence, email, contact telephone number and postcode.
In the event that the user would like to identify themselves through Facebook or Twitter, they must know that in such cases said entity will provide us with the information relating to their ID (name, surname(s) and/or the network ID in question).
2. Management of requests made by the user through the platform. Barceló will process the data required for the purposes of information requests or customer service requests made by the user. With this stated, BGH may communicate your data to the hotel owner depending on the hotel chosen by the customer. This data transfer may involve an international transfer of data to a country that does not offer the same level of personal data protection as the European Union. In accordance with data protection regulations, the international transfer will be made in order to fulfill the contract requested by the customer. The data communicated to said entities shall be those essential to deal with the service requested by the customer through the application.
Legitimization: Such processing is necessary for the execution of the contract.
3. Analysis and study of user interactions on the platform. Barceló may process personal user data on the website, through their IP or MAC address, or in the event that the user is a member of my Barceló, linking said IP or MAC to identity data provided by the user, with the purpose of analyzing interactions, movements, scrolls, visits, and product consultations that the user may carry out on the website.
Legitimization: This processing is necessary to satisfy the legitimate interests of BGH. At any moment, the customer may object to their data being processed for this purpose by following the instructions set out in section V.
4. Sending of informative material. Barceló, for the purpose of performing the service requested by the user, may send personalized or commercial material regarding its products according to the information generated by the user with BGH, whether using the platform or not.
Legitimization: To perform the service requested by the user for his/her registration.
5. Computer control of the platform. Barceló will monitor and control the use of the platform in order to prevent and detect any fraudulent use, unauthorized access, alterations, or loss of personal or other data.
Legitimization: Such processing is necessary to comply with the obligations under the Law on Information Society Services and Electronic Commerce, as well as to satisfy Barceló’s legitimate interest in guaranteeing internet and information security.
6. System incident reporting and management. BGH will process the user information needed to manage any incident reported or detected by its own means. Such data processing will only be carried out in order to solve the incident and resolve any problems arising from it.
Legitimization: Such processing is necessary to satisfy the legitimate interests of BGH. At any time the customer may object to their data being processed for this purpose by following the instructions set out in section V.
7. Application of the treatments informed and, where appropriate, accepted by the client. BGH will apply the data processing process from the privacy policy regarding customer bookings, as well as the privacy policy accepted by the customer at check-in.
III.- How long will we keep your data for?
Any personal data that BGH has access to will be handled for the necessary time for which they were collected. Once the purpose of the processing has expired, BGH will retain the personal data, duly blocked, for the provision of the relevant Public Administrations, Judges and Courts or the Tax Ministry during the term of prescribing the actions that may arise from the relationship maintained with the customer and/or the timings for legally authorized conservation. Once said time frames have passed, BGH shall proceed with the physical deletion of the data.
IV.- Who will we share your data with?
BGH may disclose data to:
- Companies that own hotels, to meet the user's request.
- Competent Public Bodies, Judges and Courts.
- Beside the aforementioned data sharing, BGH works with third parties who provide services and have access to the personal data of the customers, which they process in representation and on behalf of BGH as a result of providing said services. To this end, BGH will contract the provision of services by third parties that make use of their activity, for example, and not limited, in the following sectors: legal advice, multidisciplinary professional services, tech services, IT services. Suppliers include Salesforce Inc., a company located in the United States and covered by the Privacy Shield.
V.- What rights do you require when providing us with your data?
The interested parties may, if they wish, exercise their rights to access, amend and delete their data, and request that the processing of their personal data is limited, oppose its use, request the portability of their data, and to not be the object of automated individual decisions, by means of the following:
- By sending a written request to the postal address above.
- By sending an emailed request to dpo@barcelo.com.
The Interested Parties may, in relation to those treatments that are based on the obtaining of their consent, withdraw their consent through the procedure described in the previous paragraph.
VI.- How have we obtained your data?
The personal data processed by BGH is the personal data collected using online forms. In the event that this is necessary to care for the request or exercise application of a right, BGH may request information to the hotels where the customer user has been registered, in their case, or to third parties who may have received their information, as a customer, based on the corresponding privacy policy (bookings, check-in, etc.).
VII.- With which authority can you exercise your right to claim?
The interested parties may file a claim with the Spanish Data Protection Agency in relation to the response they have received from BGH in dealing with their rights. In any case, the user is informed that the management of complaints regarding the processing of personal data will be handled by the Data Protection Officer of Barceló Hotel Group, located at c/ Josep Rover Motta, 27, 07006, in Palma de Mallorca, or by sending an email to dpo@barcelo.com, attaching in both cases to the request a copy of your DNI, NIF or official document that identifies you.