Right to Information
In accordance with Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and the free movement of such data, as well as Spanish Organic Law 3/2018 of 5 December on Personal Data Protection and the Guarantee of Digital Rights (LOPDGDD), users are hereby informed of the existence of an automated processing of personal data created by MARIA LUISA GARCIA CASAL and carried out under her responsibility, with the personal data that users may provide while browsing our website, either during registration or when sending an email message.
Data Controller:
Company name: MARIA LUISA GARCIA CASAL (“ARRUEIRO”)
Tax ID (CIF): 78802404B
Address: LUGAR DE ARRUEIRO S/N SOESTO – 15118 – LAXE
Telephone: +34 617749636
Email for communications: casa.arrueiro@gmail.com
Purpose of Data Processing:
Please note that the purpose of processing your data is described in each of the forms available on the website through which you provide your information.
CONTACT FORM: To manage your enquiry and send you more detailed information.
RESERVATIONS:
To manage your booking through the website:
https://www.avaibook.com/reservas/nueva_reserva.php?cod_alojamiento=380100&lang=es This platform is owned by AvaiBook On-line S.L.. For further information regarding the processing of your personal data, please consult their Privacy Policy.
Legal Basis
Processing is based on Article 6(1)(a) of the GDPR, whereby the data subject has given consent to the processing of their personal data for one or more specific purposes.
Data Retention and Processing:
Your data will be stored for the time necessary to process your request, unless you indicate otherwise by exercising your right to erasure, or for the time required to comply with legal obligations and to address any potential liabilities arising from the purpose for which the data was collected. Where necessary, ARRUEIRO will delete or rectify personal data when it is inaccurate, incomplete, or no longer required for its intended purpose, in accordance with applicable data protection legislation.
Unless you inform us otherwise, we will assume that your data has not been modified and that you undertake to notify us of any changes. We will also assume that we have your consent to process your data in order to maintain and develop the relationship between the parties.
The data provided will not be shared with third parties, except where there is a legal obligation to do so.
ARRUEIRO will not create user profiles based on the information provided. No automated decisions will be taken based on profiling.
In accordance with Law 34/2002 on Information Society Services and Electronic Commerce (LSSI-CE), Article 21, we will request your consent before sending you marketing or promotional communications by email or other equivalent electronic means that we believe may be of interest to you.
You have the right to object to and/or withdraw your consent to the processing of your data at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To do so, please notify the data controller using the contact details provided above.
Technical and Organisational Measures
ARRUEIRO implements technical, organisational and physical security measures that are reasonably reliable and effective in order to safeguard the integrity, security and confidentiality of your personal data.
However, ARRUEIRO shall not be held responsible for damages arising from alterations that third parties may cause to the user’s computer systems, electronic documents, or files.
All staff members with access to personal data have been properly trained and are aware of their obligations regarding the processing of personal data.
Where contracts are established with service providers, clauses are included requiring them to maintain confidentiality regarding personal data accessed during the provision of services, as well as to implement the necessary technical and organisational security measures to ensure the ongoing confidentiality, integrity, availability and resilience of personal data processing systems.
All these security measures are reviewed periodically to ensure their adequacy and effectiveness.
Nevertheless, absolute security cannot be guaranteed, and no security system is completely impenetrable. Should any data under our control be compromised due to a security breach, we will take appropriate measures to investigate the incident, notify the relevant Supervisory Authority, and, where necessary, inform affected users so they can take appropriate action.
User Rights:
Users may exercise their rights of access, rectification, erasure, objection, restriction of processing, data portability, and the right not to be subject to automated individual decision-making, in relation to the processing of their personal data. These rights may be exercised by contacting the Data Controller at the address indicated above or by sending an email to casa.arrueiro@gmail.com
, attaching a copy of a valid identification document (ID card or equivalent). If you are not satisfied with the response to your request, you have the right to lodge a complaint with the competent Data Protection Supervisory Authority, which in Spain is the Spanish Data Protection Agency (Agencia Española de Protección de Datos – AEPD). Further information is available at:
https://sedeagpd.gob.es