§1 Responsible and Scope
The responsible within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of the member states as well as other data protection regulations is:
Calle San Nicolas 7
§2 General principles of data processing
Data processing here means processing (e.g. collecting, querying, using, storing or transmitting) of personal data regarding to chapter 1, Art. 4 of the GDPR. Personal data is any information that relates to an identified or identifiable natural person. These include for example information such as your name, phone number, e-mail address, IP address or user behavior.
Information in which we can not (or only with disproportionate effort) relate to you, e.g. by anonymizing the information, is not personal information. The processing of personal data always requires a legal basis or your consent.
We will inform you below about the scope and purpose of the data processing, the legal basis for the processing and the respective retention period.
§3 Processes, processed data and retention policy
§ 3.1 Room booking
We are trying to keep it as low as possible, but to be able to create a room/bed reservation for you, it is necessary to store the following basic data:
- Mandatory data:
- Optional data (if provided):
- Special requests
We exclusively use this information for:
- Reservation of the room(s)/bed(s) for your booking timespan.
- Creation of a taxable invoice after your stay.
The personal information in your booking record will be kept until the end of the year that is following on your booking year. For example if you make a booking sometime in 2019, we will anonymize your personal data by end of 2020.
For statistical reasons we will kep the booking entry itself and the country for long term, but your name, email and anything else relatable to you as a person will be deleted in best case after 1 or maximum less than 2 years, depending on your booking time in the year before.
§ 3.2 Logfiles for website operation
The website host stores logfiles automatically, for example for the purpose of error search in case something goes wrong. The logfiles are stored for 7 days (until automatic deletion) and contain the following information:
- IP of the user
- Timestamp (Date and time of the hit)
- Type of request
- Client information (type, version)
- Operating system of user (device, operating system version of device)
- Referrer information (source of access)
§ 3.2 Analytics data for country research
To learn about where our customers re coming from, our booking plugin is collecting location and minor usage information of the booking process, if you visit our accommodation pages and/or make a booking.
We only use this data, to figure out in which countries we maybe have a lack of (online) presence, to be able to take regarding measures. This is a helpful tool for us right now in the beginning, since we want to have people from all over the world gathering in our place, to make the nicest experience for everyone.
The data is solely stored on our website and not provided to any third parties. The data is kept for one month.
§4 Forwarding of data
We do not actively provide any of your information to any third parties.
§5 Links to other websites and embedded content
Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
§6 Your rights
Regarding to chapter 3 of the GDPR law you have the following rights on your personal data:
- Insight: on request, we will provide you with a detailed overview of your personal data that we are storing.
- Restriction / Deletion: these are normally separate rights, but since we only store very little information for your booking, it is almost not possible to restrict your data, it will always be a deletion of data, if you request either one. Of course this is only possible if you don`t have an ongoing room booking at that moment, because without your information a reservation will be impossible.
- Correction: on request we will correct your personal information.
In any of the above cases, if you want to make use of your rights just contact us via email@example.com.
§7 Data protection
Just like our own data, of course your data will be proteted as far as possible by us, through taking any possible measures on our website. Examples are secure hosting with additional security plugins, firewall and usage of secure connections (SSL), as well as regular updates.
Still we want to point out that the transmission of data via the internet (e.g. by e-mail) is always opposed to security vulnerabilities. For us it is impossible to safeguard the data completely against access by third parties and we cannot assume any liability for damages arising as a result of such security vulnerabilities.