CONTROLLER RESPONSIBLE FOR THE TREATMENT: POSEIDON HOTELS (Hoteles Devesa, SLU, Turística Benimaurell, SL, Orde Hoteles, SL)
NIF: B03067584, B53175659 AND B54083415
Address: Calle Esperanto, 9 03502 Benidorm Spain
Email Data Protection Officer: protecciondedatos@hotelesposeidon.com

Depending on the products, services or functionalities that you want to enjoy at any given time, we will need to process some data or others. In general, said data will be, depending on the case, the following:

- Your identifying data (Among others, name, surname, NIF, address, country from which you interact with us, other contact information, etc.)
- Data necessary to perform online check-in (among others, data related to your reservation such as arrival date or reservation locator).
- Economic and transactional information (For example: Your payment or card information, information about your reservations, cancellations...).
- Professional data (among others, restricted area Agencies).
- Connection, geolocation and navigation data (in case you interact with us from your mobile, for example).
- Data contained in your resume.
- Commercial information if you are subscribed to our newsletter.
- Any other information or data that you decide to share with us.

In some cases, it is mandatory to complete the registration form to access and enjoy certain services offered on the website; Likewise, failure to provide the requested personal data or failure to accept this data protection policy means it will be impossible to subscribe, register or participate in any of the promotions in which personal data is requested.

Depending on how you interact with our website, we will process your personal data for the following purposes:
- For the development, compliance and execution of the Contract
- This purpose includes the processing of your data mainly for:
· Contact you in relation to updates or informative communications related to reservations and/or products purchased, including sending quality surveys about the services and/or products supplied.
· Manage payment for the reservation or the product you purchase, regardless of the payment method used.
· Activate the necessary mechanisms in order to prevent potential fraud against you and ourselves during the reservation and/or purchase process. If we consider that the operation may be fraudulent, this processing may result in the blocking of the transaction.
· Manage possible returns once you have made a reservation and manage requests for information about the availability of different products. Invoice and to make available to you the tickets, invoices and any other document proving payment regarding the reservations and/or purchases you have made on this website.
· To respond to the requests or requests that you make through the different means incorporated into our website.
· We only process personal data that is strictly necessary to manage or resolve your request or request, in accordance with their needs.
· For your registration on the website

If you decide to register on our website, we need to process your data to identify you as a user of the website and give you access to its different functionalities, products and services that are at your disposal as a registered user. You can cancel your registered user account by contacting us at protecciondedatos@hotelesposeidon.com.

- For marketing and newsletter purposes

To the extent that you subscribe to our newsletter, your personal data will be used for the periodic sending of informative and commercial bulletins from the Poseidon Hotels chain. You must remember that you can unsubscribe from the newsletter at any time and at no cost from the email received, in the UNSUBSCRIBE section, or by communicating it to Hoteles Poseidon at the e-mail protecciondedatos@hotelesposeidon.com

- Usability and quality analysis to improve our services (Cookies)
If you access our Platform, we inform you that we will process your browsing data for analytical and statistical purposes, that is, to understand the way in which users interact with our Platform and thus be able to make improvements to it. Likewise, on occasions, we carry out quality actions and surveys aimed at knowing the degree of satisfaction of our clients and users and detecting those areas in which we can improve.

· Candidacies
We will process your personal data to manage your professional candidacy and your inclusion in the employment pool of the hotels that make up the Poseidon Hotels chain.
· Online check-in
We will process the personal data necessary to manage your online check-in through the area designated for this purpose on our web portal.
· Agencies Area
We will process your personal data to manage your access to the restricted area of ​​the website for collaborating Agencies.

The legal basis that allows us to process your personal data also depends on the purpose for which we process it, in this way we will find different legal bases based on the following purposes:

Development, compliance and execution of the contract

The processing of your data is necessary for the execution of the contract that binds us to you. We understand that the processing of this data is positive for all the parties involved when payment for a purchase occurs and in particular for you since it allows us to establish appropriate measures in order to protect you against fraud attempts carried out by third parties.

Customer Support.

We consider that we have a legitimate interest to respond to the requests or queries that you submit to us through the various existing means of contact. We understand that the processing of this data is also beneficial for you as it allows us to properly serve you and resolve any queries raised.

When you contact us, in particular, to manage incidents related to the product purchased through the Platform, the processing is necessary for the execution of the purchase and sale contract. When your Query is related to the exercise of the rights about which we inform you below, or to claims related to our products or services, what legitimizes us to process your data is compliance with legal obligations on our part.

For your registration on the website

The basis of legitimacy is the provision of your consent when you register on our website www.hotelesposeidon.com, if this functionality is available.

Marketing and newsletter.

The basis of legitimacy to process your data for marketing purposes is the consent that you give or the contractual relationship that unites you with Poseidon Hotels, when you agree to receive personalized information through various means, when you authorize the sending of a newsletter, or when you accept the legal bases to participate in a promotional action.

Usability and quality analysis

We consider that we have a legitimate interest in analyzing the usability of the Platform and the degree of user satisfaction since we understand that the processing of this data is also beneficial for you because the purpose is to improve the user experience and offer a higher quality service. .

Candidacies

The basis of legitimacy is the execution of pre-contractual measures requested by you, as well as your informed consent.

Online check-in

The basis of legitimacy for the processing of your data is your informed consent, as well as the execution of a contract of which you are a party.

Agencies Area

Your data is processed based on your express consent, the execution of a contract of which you are a party and the fulfillment of obligations imposed on the data controller.

Development, compliance and execution of the purchase and sale contract.
We will process your data for the time necessary to manage the purchase of the products or services you have purchased and subsequently the legally established deadlines for compliance with our tax obligations. On some occasions, we will only process some data until the time you decide, such as the payment data (credit card) that you have asked us to store for possible future purchases.

Customer Support
We will process your data for as long as necessary to respond to your request or request.

For your registration on the website
We will process your data for as long as you remain a registered user (that is, until you decide to unsubscribe).

Marketing and Newsletter
We will process your data until you request unsubscription or cancel your subscription to the newsletter. If you participate in promotional actions, we will keep your data for a period of six 6 months from the end of the action.

Regardless of whether we process your data for the time strictly necessary to fulfill the corresponding purpose, we will subsequently keep it duly stored and protected for the time in which responsibilities arising from the processing may arise, in compliance with the regulations in force at all times. Once the possible actions are prescribed in each case, we will proceed to delete the personal data.

Candidacies
We will keep your data for one year from receipt of the resume, then we will proceed to delete or destroy it.

Online check-in
Your data will be kept for the time necessary to respond to potential claims or judicial or police requirements.

Agencies Area
Your data will be kept for the duration of the commercial relationship and subsequently for the time necessary to respond to claims or legal requirements.

In some cases, only when necessary, Hoteles Devesa, SLU will provide user data to third parties. However, data will never be sold to third parties. External service providers (for example, payment providers, providers of technological services such as reservations,) with whom Hoteles Devesa, SLU works may use the data to provide the corresponding services, however they will not use said information for their own purposes or to transfer to third parties.

Hoteles Devesa, SLU seeks to guarantee the security of personal data when it is sent outside the company and ensures that third-party service providers respect confidentiality and have appropriate measures to protect personal data. These third parties have the obligation to ensure that the information is treated in accordance with data privacy regulations.

In some cases, the law may require the disclosure of personal data to public bodies or other parties, only what is strictly necessary to comply with such legal obligations.
The personal data obtained may also be shared with other companies in the group.

Generally, data is stored within the EU. For data sent to third parties outside the EU, we will ensure that it offers a sufficient level of protection, either because they have Binding Corporate Rules (BCR) or because they have adhered to the “Privacy Shield”.

You can direct your communications and exercise your rights by submitting a request to the following email: protecciondedatos@hoteleposeidon.com
Under the provisions of the RGPD you can request:
- Right of access: you can request information about the personal data that we have about you.
- Right to rectification: you can communicate any change to your personal data.
- Right to deletion and to be forgotten: you can request the deletion after blocking personal data.
- Right to limit processing: implies the restriction of the processing of personal data.
- Right to object: you can withdraw your consent to the processing of data, opposing further processing.
- Right to portability: in some cases, you can request a copy of personal data in a structured, commonly used and machine-readable format for transmission to another controller.
- Right not to be subject to individualized decisions: you can request that decisions not be made that are based solely on automated processing, including profiling, that produce legal effects or significantly affect the interested party.

In some cases, the request may be rejected if you request that data necessary to comply with legal obligations be deleted. Likewise, if you have any complaints about the processing of your data, you can file a complaint with the data protection authority.

In principle, our services are not specifically aimed at minors. However, in the event that any of them are directed to minors under fourteen years of age, in accordance with article 8 of the RGPD and article 7 of LO3/2018, of December 5 (LOPDGDD), Hoteles Devesa, SLU will require the valid, free, unequivocal, specific and informed consent of your legal guardians to process the personal data of minors. In this case, the DNI or other form of identification of the person providing consent will be required.

In the case of those over fourteen years of age, the data may be processed with the user's consent, except in those cases in which the Law requires the assistance of the holders of parental authority or guardianship.

Poseidon Hotels has adopted the legally required levels of security for the protection of Personal Data, and seeks to install other additional means and technical measures at your disposal to prevent the loss, misuse, alteration, unauthorized access and theft of the Personal Data provided. to Poseidon Hotels
Hoteles Poseidon is not responsible for hypothetical damages or losses that may arise from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, caused by causes beyond the control of Hoteles Poseidon; of delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties. people through illegitimate interference outside the control of Poseidon Hotels. However, the user must be aware that Internet security measures are not impregnable.

On the Poseidon Hotels website there may be links to other web pages. By clicking on one of these links and accessing an external website, the visit will be subject to the privacy policy of said website, leaving Hoteles Poseidon disassociated from any type of responsibility regarding your privacy policy.

The Poseidon Hotels website and social networks use cookies in order to optimize and personalize your navigation through it. Cookies are physical information files that are hosted on the user's own terminal. The information collected through cookies serves to facilitate the user's navigation through the portal and optimize the browsing experience. The data collected through cookies can be shared with their creators, but in no case will the information obtained by them be associated with personal data or data that can identify the user.
However, if the user does not want cookies to be installed on their hard drive, they have the possibility of configuring the browser in such a way as to prevent the installation of these files. For more information see our Cookies Policy: https://hotelesposeidon.com/politica-de-cookies.

This privacy policy may be modified. We recommend that you review the privacy policy periodically.

By contracting our "Travel Safe Rate" and "+60 Rate" you are authorizing us to transfer your personal data to the company FLEXMYROOM INSURETECH, S.L., domiciled in Benidorm (03503 – Alicante), Calle Gerona, 13, Local CA 18, and with CIF number B42687616, with the sole purpose of protecting your reservation enjoying the services and insurance products offered. Only the data strictly necessary for the activation of the insurance (name and surname, identity number, postal address and contact information) will be transferred, in our common interest. This entity will cancel your personal data when the service has ended and the legally established deadlines have been met. You can exercise your rights of access, rectification, deletion, limitation of treatment, data portability, and opposition to treatment and not be subject to automated decisions at the email address datos@flexmyroom.com