Privacy policy

Last updated: September 2023

This privacy policy applies to the website www.universalbeachhotels.com. 

Please read it carefully. It contains important information about the processing of your personal data and the rights recognized by the current regulations on the matter.  

We reserve the right to update our privacy policy at any time due to business decisions, as well as to comply with any legal or jurisprudential changes. If you have any questions or need any clarification regarding our Privacy Policy or your rights, you can contact us through the channels indicated below.

You declare that the data you provide to us, now or in the future, is correct and truthful and you agree to inform us of any changes. If you provide personal data of third parties, you undertake to obtain the prior consent of the affected parties and to inform them about the content of this policy.

In general, the fields in our forms marked as mandatory must necessarily be completed in order to process your requests. 

1. Who is responsible for processing your data? 

The entity responsible for processing the personal data collected on this website is: CIA. HOTELERA SANT JORDI, S.A.

Postal address: Gremi de Cirurgians i Barbers, 25, Block B, 3rd floor, Pol. Son Rossinyol – 07009 Palma de Mallorca. 

Tax ID: A07015597

Email of the Data Protection Officer: privacy@universalhotels.es

If you make a reservation at one of our hotels, the entity responsible for processing the data related to the reservation will be the hotel operating entity, which you can contact at the same address indicated for CIA. HOTELERA SANT JORDI, S.A. You can check the identifying details of the operating entity HERE.

2. For what purposes will we process your data? 

Management of the relationship with users: We process the data that our users provide in the virtual assistant, contact form, callback request form, and registration form to handle their requests.  

These processes are necessary for executing the legal relationship with website users or for applying pre-contractual measures at their request.  

Reservation management: We process the data that our customers provide in the reservation form to provide the contracted services and manage their booking.  

This processing is necessary for executing the contractual terms of the reservation.  

The transaction data carried out on the website will also be processed for accounting and administrative management purposes, based on our legal obligations in accounting and tax matters.  

Sending commercial communications: If you authorize us, we will send you commercial communications about our discounts, special promotions, booking benefits, and relevant information. 

You can request to unsubscribe from commercial processing at any time by sending an email to: unsuscribe@universalhotels.es 

To manage our mailing lists, we segment communication recipients based on their nationality or language. This processing consists of a simple classification according to objective criteria and does not aim to create commercial profiles, predictions, or behavioral analysis. 

Management of the relationship with agencies: The identifying and professional contact data of the director and/or responsible person of companies or agencies, provided in the agency registration form, will be used to manage the relationship with them, handle their requests and inquiries, and process reservations.

This processing is based on the legal relationship established with the agencies.

Administration and management of website security: We process browsing data (IP addresses or logs) to administer and manage website security. This processing is based on our legitimate interest in ensuring website security. This interest is expressly recognized in Recital 49 of the GDPR. To assess this interest against your rights and freedoms, we have considered that this processing corresponds to generalized security practices and does not pose significant threats to data subjects.   

Statistical and quality management purposes: To evaluate and manage the quality of our services, we compile statistics based on aggregated data obtained from transaction data and website browsing data, such as IP addresses, weblogs, visited pages, or actions taken on the website (+ more info in our cookie policy).  

These processes are based on our legitimate interest in evaluating and managing the quality of our services. To assess this interest against your rights and freedoms, it was determined that the processing had a limited impact on the privacy of data subjects, corresponded to reasonable expectations, and did not pose significant threats.  

3. How long will we keep your data?  

In general, we retain your data for the duration of your relationship with us and, in any case, for the periods established in the applicable legal provisions, such as those related to accounting and tax matters, and for the time necessary to address any potential liabilities arising from the processing. We will delete your data when they are no longer necessary or relevant for the purposes for which they were collected. Data processed for commercial purposes will remain active unless you request their deletion. Logs of access to restricted areas of the website will be deleted one month after their creation. Browsing-related information will be deleted once the web session ends and statistical analyses are completed.  

4. Who can we share your data with? 

Your data will only be shared with third parties when legally required, with your consent, or when your request implies such disclosure. In this regard, we inform you that, for the correct processing of your reservations, the data provided will necessarily be shared with the companies whose services are included in the contracted service. 

5. What are your rights? 

You have the right to obtain confirmation as to whether or not we are processing your personal data and, if so, to access them. You can also request that your data be corrected if they are inaccurate or completed if they are incomplete, as well as request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.

In certain circumstances, you may request the restriction of the processing of your data. In such cases, we will only process the affected data for the establishment, exercise, or defense of legal claims or for the protection of the rights of other individuals. Under certain conditions and for reasons related to your particular situation, you may also object to the processing of your data. In this case, we will cease processing your data unless there are compelling legitimate grounds that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.  

Additionally, under certain conditions, you may request the portability of your data so that they are transmitted to another data controller. 

You can withdraw the consent you have given for specific purposes at any time, without affecting the lawfulness of processing based on consent before its withdrawal. 

At any time, you can revoke your consent or object to the processing of your data for direct marketing purposes, including the creation of commercial profiles. In such cases, we will stop processing your personal information for these purposes. You also have the right to object to automated individual decision-making that produces legal effects on you or significantly affects you in a similar way, where this right applies under Article 22 of Regulation (EU) 2016/679. 

You also have the right to file a complaint with a data protection authority. You can check the list and contact details of European data protection agencies on the European Commission website at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.   

To exercise your rights, you must send us a request by postal mail or email to the addresses indicated in the section "Who is responsible for processing your data?" 

To revoke your consent for receiving our commercial communications, simply send an email to: unsuscribe@universalhotels.es 

You can obtain more information about your rights and how to exercise them on the website of the Spanish Data Protection Agency at http://www.aepd.es.