Your privacy is important. It is a priority for us that you know how we process your personal data, the categories of personal data we process and for what purposes. In addition, it is important that you know what rights you have before Cal Piu as Responsible for the Treatment of your personal data and how you can exercise them.
WHAT ARE PERSONAL DATA?
Personal data is any information that can be linked to an identified or identifiable natural person, directly or indirectly, such as name, postal address, email address, IP address and mobile phone number.
We may process personal data linked to the following categories of data subjects:
Web users: visitors to the website www.calpiu.com (hereinafter, 'the website').
Clients: individuals or representatives of legal entities who make reservations at Cal Piu.
Contact persons: natural persons who are representatives of our clients, partners, suppliers or public authorities.
Candidates: job seekers who contact Cal Piu.
In all cases, your data will be processed as Data Controller by Cal Piu as the owner of this website.
The Data Controller must ensure that your personal data is treated securely and lawfully in accordance with EU Regulation 2016/679 (hereinafter 'RGPD'), national data protection laws.
WHAT ARE THE LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL DATA?
According to the RGPD, cal Piu must base the processing of personal data on a legal basis. Our processing of your personal data will be based on one or more of the following, as explained later in this policy:
The processing of personal data is necessary for the performance and management of a contract to which you are a party or to take steps at your request prior to entering into a contract.
The processing of personal data is necessary for the fulfillment of a legal obligation, among others, the obligation to keep the information in accordance with current legislation on accounting/tax matters or any other related to rural rentals.
The treatment is necessary for the fulfillment of a task of public interest or in the exercise of official authority.
The treatment is necessary for the purposes of our legitimate interest, as long as this interest is not overridden by your interests or by the fundamental rights and freedoms that require the protection of personal data.
You have consented to processing for one or more specific purposes.
WHY DO WE HAVE ACCESS TO YOUR DATA AND WHY DO WE TREAT THEM?
Visiting the Web does not imply that the user is obliged to provide any information about himself. However, the use of some of the functionalities of the website and the services available through it depend on you facilitating or allowing the processing of certain personal information as indicated in the 'Cookies Policy', this processing being covered by Your consent. In the event that you make use of any of the services offered through the web, the personal data you provide will be processed for the proper provision thereof, the legitimizing basis of the processing being the correct management of your request, which makes it necessary to process your personal information.
Your data will be processed for the management of the collection of your reservation, payment of the deposit, records and compliance with regulatory obligations, etc. This means that there is a contractual relationship and the execution requires processing your personal data, without your prior consent being necessary.
In accordance with our legitimate interest, we can also carry out advertising, commercial and statistical activities in order to inform about promotions or meet Cal Piu users and customers.
In the case of natural persons or representatives and contact persons of other entities with whom we have commercial or legal relationships, your data will be processed to fulfill the agreement we have with you or with the company you represent. Therefore, the processing of your personal data is necessary for the correct execution of the contract.
In accordance with our legitimate interest, we may also use your data in order to maintain relationships of any kind with the legal entity in which you provide your services or to provide commercial information by any means, including electronic ones, about our services, prospects, analysis, events, trainings that are likely to be of interest to you.
In all cases, we may process personal data in order to resolve disputes, complaints or legal proceedings and to comply with the law or a court order.
WHAT CATEGORIES OF PERSONAL DATA DO WE PROCESS?
The categories of personal data we process vary depending on the data subject and its purpose.
Personal identification and contact data: including name, address, zip code, city/town, date of birth, gender, email address, telephone number, etc. for the management of your reservation and to be able to communicate with you, either to act on your behalf or on behalf of a legal entity.
Identification document number (DNI or NIE): such as the social security number, the passport number, a unique identifier or other, issued by a public body to guarantee a safe and true identification, for example, to comply with our legal obligation to provide your personal data to the Mossos d'Esquadra in the tenant registration obligation.
Voice and image: For the safety of our employees and to keep your personal data safe, we can also use surveillance cameras in our centers.
Personal identification and contact data: We have the necessary information for the management of the contractual or prospective commercial relationship. In order to be able to communicate with you and guarantee a safe and true identification, we need your name, position and contact information such as address, telephone number and email.
The processing of anonymous data, that is, data that cannot be linked directly or indirectly to a natural person, is not subject to the restrictions described in this policy.
DO WE PROCESS SENSITIVE PERSONAL DATA?
Sensitive personal data means personal data that reveals racial or ethnic origin, political opinions, religious or philosophical convictions, trade union membership, processing of genetic data, biometric data to unequivocally identify a natural person and data relating to the health or sexual life or sexual orientation of a natural person. As a general rule, and unless you give us your express consent or it is necessary for the establishment, exercise or defense of legal claims, we will not include special categories of personal data.
TO WHOM CAN WE COMMUNICATE PERSONAL DATA?
Your personal data will not be communicated to third parties, unless the specific management that you can request through the web implies, for its correct execution, the need to carry out this communication.
We may also share personal data with our contracted third-party partners (such as reservation management company, etc.). The providers that process data on our behalf do so based on an Agreement that regulates the responsibilities of these providers as Data Processors in relation to the processing of the personal data they access to provide the respective contracted service.
We may also share personal data with authorities where we are required by law to do so, this may include regulators, law enforcement authorities, social welfare authorities and fraud prevention authorities. Likewise, we have a legal obligation to provide your personal data when we are audited by the authorities and to prevent, control and evidence fraud, money laundering and other criminal activities.
DO WE TRANSFER YOUR PERSONAL DATA TO COUNTRIES OUTSIDE THE EU/EEA AREA?
We may transfer your data to another country. If we do so, we will ensure that adequate safeguards are in place to comply with the GDPR. In general, your personal data will not be transferred outside the European Economic Area (EEA), unless it is necessary to manage your reservation, collect a debt and/or carry out a legal claim in a country outside the EU. /EEA.
HOW LONG DO WE STORE YOUR PERSONAL DATA?
Your personal data will be kept for the time necessary to adequately attend to your request.
Personal data will be kept for as long as the commercial or contractual relationship that motivates its treatment persists, and until the legal responsibilities derived from them expire.
If you are a job seeker, we will keep your data in the application process and delete it after 12 months from the date of your application / creation of your profile. If we have selected you for the position, we will retain your personal data in your personnel file in accordance with our HR privacy guidelines (for the duration of the employment relationship and thereafter for as long as legal disputes may arise) .
DO WE KEEP YOUR PERSONAL DATA SAFE?
In order to ensure the security of personal data, we establish the relevant security measures to avoid illicit or malicious circumstances, events or actions that compromise the availability, authenticity, integrity and confidentiality of the personal data we process.
WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
Your rights are regulated by the regulations and correspond to access, rectification, forgetting, limitation, opposition, data portability, revocation of consent; and, you can exercise the same by submitting one through the email firstname.lastname@example.org
USE OF THIRD-PARTY WEBSITES