I. PRIVACY AND DATA PROTECTION POLICY
Respecting the provisions of current legislation, TRATRATRAVEL (hereinafter, also Website) undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected.
Laws incorporated into this privacy policy
This privacy policy is adapted to current Spanish and European regulations regarding the protection of personal data on the internet. Specifically, it complies with the following rules:
- Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of individuals with regard to the processing of personal data and the free movement of these data (RGPD).
- Organic Law 15/1999, of December 13, on the Protection of Personal Data (LOPD).
- Royal Decree 1720/2007, of December 21, approving the Regulations for the development of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
- Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).
Identity of the person responsible for the processing of personal data
The person responsible for the processing of the personal data collected in TRATRATRAVEL is: WEB LAB FACTORY SL with CIF B55346456 (hereinafter, Data Controller). Their contact details are as follows:
Address: Camí de Siurana 14, 17469 - El Far d'Empordà (Spain)
Contact email: [email protected]
Registration of Personal Data
The personal data collected by TRATRATRAVEL, through the forms extended on its pages, will be entered into an automated file under the responsibility of the Data Controller, and duly declared and registered in the General Register of the Data Protection Agency that can be consulted on the website of the Spanish Data Protection Agency (http://www.agpd.es), in order to facilitate, expedite and fulfill the commitments established between TRATRATRAVEL and the maintenance of the relationship that is established in the forms you fill out, or to respond to a request or query from the same.
Principles applicable to the processing of personal data
The processing of the User's personal data will be subject to the following principles set out in Article 5 of the RGPD:
- Principle of lawfulness, loyalty and transparency: the User's consent will be required at all times prior to fully transparent information on the purposes for which the personal data is collected.
- Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes.
- Principle of data minimization: the personal data collected will be only those that are strictly necessary in relation to the purposes for which they are processed.
- Principle of accuracy: personal data must be accurate and always up to date.
- Principle of limiting the storage period: personal data will only be kept in a way that allows the identification of the User for the time necessary for the purposes of their treatment.
- Principle of integrity and confidentiality: personal data will be treated in a way that guarantees their security and confidentiality.
- Principle of proactive responsibility: The Data Controller will be responsible for ensuring that the above principles are complied with.
Categories of personal data
The categories of data that are treated in TRATRATRAVEL are only identifying data. Under no circumstances are special categories of personal data processed within the meaning of Article 9 of the GDPR.
Legal basis for the processing of personal data
The legal basis for the processing of personal data is consent. TRATRATRAVEL undertakes to obtain the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes.
The User will have the right to withdraw their consent at any time. It will be as easy to withdraw consent as it is to give it. As a general rule, the withdrawal of consent will not condition the use of the Website.
In cases where the User must or can provide their data through forms to make inquiries, request information or for reasons related to the content of the Website, they will be informed if the completion of any of them is mandatory because they are essential for the proper development of the operation carried out.
Purposes of the processing for which personal data are intended
Personal data is collected and managed by TRATRATRAVEL in order to facilitate, expedite and fulfill the commitments established between the Website and the User or the maintenance of the relationship established in the forms that the latter completes or to respond to a request or query.
Likewise, the data may be used for a commercial purpose of personalization, operational and statistical purposes, and activities specific to the corporate purpose of TRATRATRAVEL, as well as for the extraction, storage of data and marketing studies to adapt the Content offered to the User, as well as to improve the quality, operation and navigation of the Website.
At the time the personal data is obtained, the User will be informed about the specific purpose or purposes of the processing for which the personal data will be used; that is, of the use or uses that will be given to the information collected.
Retention periods for personal data
Personal data will only be retained for the minimum time necessary for the purposes of its treatment and, in any case, only for the following period: 2 years, or until the User requests its deletion. At the time the personal data is obtained, the User will be informed about the period for which the personal data will be kept or, when that is not possible, the criteria used to determine this period.
Recipients of personal data
The User's personal data will be shared with the following recipients or categories of recipients:
As Hosting Providers:
- CORPORATE SOLUTIONS IP, S.L., (SCIP or Don Dominio), with registered office at Ronda Institut, 24 Bajos C.P. 07500 de Manacor (Balearic Islands), Spain
- Nicalia Internet S.L.U. with registered office at Calle Sant Marc 35, Canet de Mar, Barcelona - Spain
As email marketing service providers:
- ACUMBAMAIL, S.L., with CIF: B-13538590, Avenida Rey Santo 3D, floor 3, office 2 - 13001 Ciudad Real. Registered in the Commercial Registry of Ciudad Real, Diary 50, Entry 1248, Volume 551, Folio 1, Entry 1 with sheet CR-21870.
- SENDINBLUE, SAS, 55 Rue d'Amsterdam, 75008, Paris, with CIF: FR80498019298
- THE ROCKET SCIENCE GROUP, LLC (Identified by the “MailChimp” trademark), as a provider of email marketing campaign services, with registered office at 675 Ponce de León Ave NE, Suite 5000, Atlanta, GA 30308.
- MAKING SENSE LLC, CUIT 204518092 with address at 17806 IH-10, Suite 300. TX 78257, San Antonio, United States.
As providers of Cloud services and personalized ads:
- GOOGLE, INC., which provides cloud computing, email (GSuite) and personalized advertising services, with address at 1600 Amphitheater Parkway, 94043, Mountain View, California (USA).
If the Data Controller intends to transfer personal data to a third country or international organization, at the time the personal data is obtained, the User will be informed about the third country or international organization to which they intend to transfer the data, as well as of the existence or absence of an adequate decision by the Commission.
Personal data of minors
Respecting the provisions of articles 8 of the RGPD and 13 of the RDLOPD, only those over 14 years of age may grant their consent for the processing of their personal data lawfully by TRATRATRAVEL. If it is a child under 14 years of age, the consent of the parents or guardians will be necessary for the treatment, and this will only be considered lawful to the extent that they have authorized it.
Secrecy and security of personal data
TRATRATRAVEL undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, so as to guarantee the security of personal data and to avoid the accidental or illegal destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorized communication or access to such data.
The Website has an SSL (Secure Socket Layer) certificate, which ensures that personal data is transmitted in a secure and confidential manner, as the transmission of data between the server and the User, and in feedback, is fully encrypted or encrypted.
However, because TRATRATRAVEL cannot guarantee the impregnability of the Internet or the total absence of hackers or others who fraudulently access personal data, the Data Controller undertakes to inform the User without undue delay when a breach of personal data security occurs that is likely to pose a high risk to the rights and freedoms of individuals. In accordance with the provisions of Article 4 of the RGPD, a personal data security violation is understood to be any breach of security that causes the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorized communication or access to such data.
Personal data will be treated as confidential by the Data Controller, who undertakes to inform and to guarantee by means of a legal or contractual obligation that such confidentiality is respected by its employees, associates, and anyone to whom the information is accessible.
Rights derived from the processing of personal data
The User has TRATRATRAVEL and may, therefore, exercise the following rights recognized in the RGPD against the Data Controller:
- Right of access: This is the right of the User to obtain confirmation of whether or not TRATRATRAVEL is processing their personal data and, if so, to obtain information about their specific personal data and the treatment that TRATRATRAVEL has carried out or performs, as well as, among other things, the information available about the origin of said data and the recipients of the communications made or planned of them.
- Right to rectification: This is the right of the User to have their personal data modified that prove to be inaccurate or, taking into account the purposes of the processing, incomplete.
- Right of deletion (“the right to be forgotten”): This is the right of the User, provided that current legislation does not establish otherwise, to obtain the deletion of their personal data when they are no longer necessary for the purposes for which they were collected or processed; the User has withdrawn their consent to the processing and the latter has no other legal basis; the User objects to the processing and there is no other legitimate reason to continue with it; the personal data have been illegally processed; the personal data must be deleted in compliance with a legal obligation; or the personal data have been obtained as a result of a direct offer of information society services to a child under 14 years of age. In addition to deleting the data, the Data Controller, taking into account the available technology and the cost of its application, must take reasonable steps to inform those responsible who are processing the personal data of the interested party's request to delete any link to that personal data.
- Right to restrict processing: This is the right of the User to limit the processing of their personal data. The User has the right to obtain the limitation of treatment when they contest the accuracy of their personal data; the processing is unlawful; the Data Controller no longer needs the personal data, but the User needs it to make claims; and when the User has opposed the processing.
- Right to data portability: If the processing is carried out by automated means, the User has the right to receive their personal data from the Data Controller in a structured, commonly used and machine-readable format, and to transmit them to another data controller. Whenever technically possible, the Data Controller will directly transmit the data to that other controller.
- Right to object: This is the User's right not to have their personal data processed or to stop processing them by TRATRATRAVEL.
- Right not to be or not to be the subject of a decision based solely on automated processing, including profiling: This is the right of the User not to be the subject of an individualized decision based solely on the automated processing of their personal data, including profiling, existing unless otherwise established by current legislation.
Thus, the User may exercise their rights by means of written communication addressed to the Data Controller with the reference “RGPD-www. TRATRATRAVEL”, specifying:
- Name, surname of the User and a copy of the ID. In cases where representation is allowed, it will also be necessary to identify the person representing the User by the same means, as well as the document accrediting the representation. The photocopy of the ID may be replaced, by any other means valid in law that proves the identity.
- Request with the specific reasons for the request or information you want to access.
- Address for notification purposes.
- Date and signature of the applicant.
- Any document that proves the request you make.
This request and any other attached document should be sent to the following address and/or email:
Postal address: Camí de Siurana 14 - El Far d'Empordà (Spain)
Email: [email protected]
Links to third party websites
The Website may include hyperlinks or links that allow access to third party web pages other than TRATRATRAVEL, and which are therefore not operated by TRATRATRAVEL. The owners of these websites will have their own data protection policies, being themselves, in each case, responsible for their own files and their own privacy practices.
Complaints to the supervisory authority
If the User considers that there is a problem or violation of current regulations in the way in which their personal data is being processed, they will have the right to effective judicial protection and to file a complaint with a supervisory authority, in particular, in the State where they have their usual residence, place of work or place of the alleged violation. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (http://www.agpd.es).
II. COOKIE POLICY
What are cookies? : A cookie is a device or small file that the server of this Website sends to the browser of the terminal (computer, smartphone, tablet, etc.) from which you connect, with the purpose of storing information about the browsing you carry out from that terminal, which can, if appropriate, be retrieved later.
At this link you can access the cookie guide published by the Spanish Data Protection Agency (AEPD):
http://www.agpd.es/portalwebAGPD/canaldocumentacion/publicaciones/common/Guias/Guia_Cookies.pdf
What types of cookies are there? : There are different categories of cookies, but the same cookie can be included in more than one category:
Types of cookies depending on the entity that manages them: Depending on the entity that manages the computer or domain from which the cookies are sent and processes the data obtained, we can distinguish:
- Own cookies: These are those that are sent to the user's terminal equipment from a computer or domain managed by the owner/editor of the Website and from which the service requested by the user is provided.
- Third-party cookies: These are those that are sent to the user's terminal equipment from a computer or domain that is not managed by the owner/editor of the Website, but by another entity that processes the data obtained through cookies.
If cookies are installed from a computer or domain managed by the owner/editor of the Website but the information collected through them is managed by a third party, they cannot be considered as own cookies.
Types of cookies depending on the period of time they remain active:
- Session cookies: These are a type of cookies designed to collect and store data while the user accesses a web page. They are usually used to store information that is only interesting to keep for the provision of the service requested by the user on a single occasion.
- Persistent cookies: These are a type of cookie in which the data is still stored in the terminal and can be accessed and processed for a period defined by the person responsible for the cookie, which can range from a few minutes to several years.
Type of cookie according to its purpose: Depending on the purpose for which the data obtained through cookies are processed, we can distinguish between:
- Technical cookies: These are those that allow the user to navigate through a web page, platform or application and to use the different options or services that exist there, such as, for example, controlling traffic and data communication, identifying the session, accessing parts of restricted access, remembering the elements that make up an order, carrying out the purchase process of an order, making the request for registration or participation in an event, using security elements while browsing, storing content for the dissemination of videos or sound or for sharing content through social networks.
- Personalization cookies: These are those that allow the user to access the service with some predefined general characteristics based on a series of criteria in the user's terminal, such as the language, the type of browser through which they access the service, the regional configuration from which they access the service, etc.
- Analysis cookies: These are those that allow the person responsible for them to monitor and analyze the behavior of the users of the websites to which they are linked. The information collected through this type of cookie is used to measure the activity of websites, applications or platforms and to create browsing profiles of users of such sites, applications and platforms, in order to introduce improvements based on the analysis of the usage data made by users of the service.
- Advertising cookies: These are those that allow the management, in the most efficient way possible, of the advertising spaces that, if appropriate, the publisher has included in a web page, application or platform from which the requested service is provided, based on criteria such as the content edited or the frequency at which the advertisements are displayed.
- Behavioral advertising cookies: These are those that allow the management, in the most efficient way possible, of the advertising spaces that, if appropriate, the publisher has included in a web page, application or platform from which the requested service is provided. These cookies store information on user behavior obtained through the continuous observation of their browsing habits, which allows the development of a specific profile to display advertising based on it.
What cookies do we use on the Website? :
Name | Tipo | Entity that manages them | Purpose | Expiration | Information |
---|---|---|---|---|---|
c_tratratravel | + Customization Techniques | Web page | Stores language preferences and identifies the user's session | 2 years | |
_ga | Analytical | Google Analytics | Distinguish unique users by assigning a randomly generated number as a customer identifier. | 2 years | LINK |
_gat | Analytical | Google Analytics | Limit data collection on high-traffic sites | 1 minute | LINK |
_gid | Analytical | Google Analytics | Store and update a unique value for each page visited | 1 day | LINK |
__gads or __gac | Publicitaries | Measure interactions with the advertisements included on the web and avoid being shown the same advertising too many times. Show personalized advertising. The use of advertising cookies allows Google and its partners to display advertisements based on the visits made by users to their websites or other websites on the Internet. On some of our websites, third-party vendors, including Google, use cookies to serve ads based on your previous visits to our website and other websites. Google's use of advertising cookies allows it and its partners to provide you with advertisements based on your visits to our site and other sites on the Internet. You can opt out of personalized advertising by visiting Google's Ad Preferences. Alternatively, you can opt out of the use of third-party cookies for personalized advertising by visiting aboutads.info. | 1 year | LINK |
Google Tag Manager is used on this Website: Google Tag Manager is a tag management system that allows you to easily and quickly update the tags and code fragments of a website or its mobile applications, such as those intended for traffic analysis and optimization of marketing campaigns. You can add and update custom, third-party or AdWords, Google Analytics, Firebase Analytics and Floodlight tags from the Tag Manager user interface instead of changing the code on websites.
Information on how to deactivate and/or block cookies: When you access the Website, cookies will only be installed if you explicitly accept them (except for technical ones, which we need them for the proper functioning of the website). You can click on the button below to revoke cookies.
In addition, the user can -at any time- manage the use of cookies through the browser installed on their terminal. In the following links you can find information about what cookies the user has installed in their browser, allow their installation, block them or delete them from their computer:
- Chrome, from: http://support.google.com/chrome/bin/answer.py?hl=es&answer=95647
- Explorer, from: https://support.microsoft.com/es-es/help/17442/windows-internet-explorer-delete-manage-cookies
- Firefox, from: http://support.mozilla.org/es/kb/habilitar-y-deshabilitar-cookies-que-los-sitios-we
- Safari, from: https://support.apple.com/kb/PH19214?viewlocale=es_ES&locale=es_ES
- Opera, from: http://help.opera.com/Windows/11.50/es-ES/cookies.html
There are third-party tools, available online, that allow users to detect cookies on each website they visit and manage their deactivation, such as Ghostery (https://www.ghostery.com/).
Web browsers are the tools responsible for storing cookies and from this place the user can exercise their right to delete or deactivate them. Neither this website nor its legal representatives can guarantee the correct or incorrect manipulation of cookies by the above-mentioned browsers.
In some cases it is necessary to install cookies so that the browser does not forget the user's decision not to accept them.
III. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY
It is necessary for the User to have read and comply with the conditions on the protection of personal data contained in this Privacy and Cookie Policy, as well as to accept the processing of their personal data so that the Data Controller can proceed with it in the manner, for the periods and for the purposes indicated. The use of the Website will imply acceptance of the Website's Privacy and Cookie Policy.
TRATRATRAVEL reserves the right to modify its Privacy and Cookie Policy, at its own discretion, or motivated by a legislative, jurisprudential or doctrinal change of the Spanish Data Protection Agency. Changes or updates to this Privacy and Cookie Policy will be explicitly notified to the User.
This Privacy and Cookie Policy was updated on May 21, 2018 to adapt to Regulation (EU) 2016/679 of the European Parliament and the Council, of April 27, 2016, regarding the protection of individuals with regard to the processing of personal data and the free movement of these data (RGPD).