Book now
Menu Close

Privacy Policy

EGAL REGULATIONS:

This website complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the Protection of Individuals’ Data (RGPD), Organic Law (ES) 3/2018 of 5 December on Data Protection and Guarantee of Digital Rights (LOPDGDD), as well as with Organic Law (ES) 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSICE or LSSI).

RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA:
Fonda b12, SL.
CIF: B67728071
Address: C/ BARRANCO Nº12 – CP: 11403 JEREZ DE LA FRONTERA (CÁDIZ)
Telephone: +34 680 79 52 88
E-mail: info@lagitanilla.com

The purpose of this document is to establish and regulate the rules of use of the website www.lagitanilla.com, meaning all pages and their contents owned by Fonda b12, SL. which are accessed through the domain www.lagitanilla.com and its subdomains.

The use of this website confers the condition of User of the same and implies acceptance of all the conditions included in the Legal Notice and this Privacy Policy. Each time you provide us with or it is necessary for us to access any information that by its nature allows us to identify you, such as your name, surname, email, address, phone number, credit card number, debit card or equivalent payment method, etc., (hereinafter personal data) either to navigate or make use of our services will be under the application of this Privacy Policy and Cookies should review these texts to verify that you agree with them.

The Owner reserves the right to modify or adapt the Legal Notice and this Privacy Policy at any time. We recommend you to review it, and if you have registered and access your account or profile, you will be informed of the changes.

The Holder undertakes to treat your data as absolutely confidential and exclusively for the purposes indicated. The Holder informs you that it has implemented the necessary technical and organizational security measures to ensure the security of your personal data and avoid its alteration, loss, treatment and / or unauthorized access, given the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or the physical or natural environment. All this in accordance with current legislation on data protection.

If you are one of the following groups, please consult the drop-down information:

  • CUSTOMERS AND RESERVATIONS
  • For what purposes we will treat your personal data?
  • To manage reservations and provide accommodation services.
  • Invoicing of services and payment.
  • Elaboration of the budget and follow-up of the same by means of communications between both parts.
  • Information by electronic means, concerning your request.
  • Commercial information or events by electronic means, as long as there is express authorization.
  • Manage administrative, communications and logistics services performed by the Responsible.
  • To carry out the corresponding transactions.
  • Access control and security Video surveillance.
  • Control and recovery management.

For the sending of commercial communications, the express consent of the user will be requested at the time of registration. In this regard, the user may revoke the consent given by contacting Fonda b12, SL. using the means indicated above. In any case, in each commercial communication, you will be given the opportunity to unsubscribe from receiving them, either through a link and / or email address.

What is the legitimacy for the processing of your data?

  • Execution of the contract to provide you with our services
  • Fulfillment of legal obligations of the responsible
  • Consent of the data subject
  • Legitimate interest of the data controller (video surveillance)

How long will we keep personal data?

  • At least for the terms established by consumer, commercial and tax regulations.
  • Passenger entry reports, three years.
  • Video surveillance, up to one month, except for data related to incidents or crimes.

To which recipients will your data be communicated?

  • Guest registration: competent authorities in compliance with the provisions of the Organic Law 4/2015 on the protection of public safety, Order INT/1922/2003.
  • In accordance with private security regulations, when necessary the video surveillance data will be made available to the Security Forces and competent authorities.
  • SUPPLIERS

For what purposes will we process your personal data?

  • Invoicing and declaration of the appropriate taxes.
  • Sending information by electronic means, related to your request.
  • Sending commercial information or events by electronic means, provided there is express authorization.
  • Manage administrative, communications and logistics services performed by the Responsible.
  • Carry out the corresponding transactions.

What is the legal basis for the processing of your data?

The legal basis is the acceptance of a contractual relationship, or otherwise your consent to contact us or offer us your products by any means.

  • WEB OR EMAIL CONTACTS
  • What data do we collect through the Web?
  • We may treat your IP, what operating system or browser you use, and even the duration of your visit, anonymously.
  • If you provide us with data in the contact form, you will be identified so that we can contact you, if necessary.

For what purposes will we process your personal data?

Answer your queries, requests or petitions.

Manage the requested service, answer your request, or process your request.

Information by electronic means, related to your request.

Commercial or event information by electronic means, provided that express authorisation has been given.

To carry out analysis and improvements on the Web, about our services.

To improve our commercial strategy.

What is the legitimacy for the processing of your data?
The acceptance and consent of the interested party: In those cases where to make a request it is necessary to fill in a form and click on the send button, the completion of the same will necessarily imply that you have been informed and have expressly given your consent to the content of the clause attached to the form or acceptance of the privacy policy.
All our forms contain obligatory data. If you do not provide these fields, or do not tick the checkbox to accept the privacy policy, we will not allow the information to be sent.

CONTACTS SOCIAL NETWORKS
For what purposes will we process your personal data?

To answer your queries, requests or petitions.

To manage the requested service, answer your request, or process your request.

To get in touch with you and create a community of followers.

What is the legitimacy for the processing of your data?
The acceptance of a contractual relationship in the corresponding social network environment, and in accordance with its privacy policies:
Facebook http://www.facebook.com/policy.php?ref=pf
Twitter http://twitter.com/privacy
YouTube http://www.google.com/intl/es/policies/privacy/

For how long will we keep personal data?
We can only consult or remove your data in a restricted way when you have a specific profile. We will process your data for as long as you allow us to follow us, become a friend or click “like”, “follow” or similar buttons.
Any rectification of your data or restriction of information or publications must be done through the configuration of your profile or user in the social network itself.

VIDEO SURVEILLANCE
For what purposes will we process your personal data?

Video surveillance of our facilities.

Monitoring of our employees.

Occasionally it may be transferred to the courts and tribunals for the exercise of legitimate actions.

What is the legitimacy for the processing of your data?
The unequivocal consent of the data subject when accessing our facilities after viewing the information sign of the video-surveilled area.

EMPLOYEES
For what purposes will your personal data be processed?

Management of the relationship with the employee/collaborator (whether employment, service provision or collaboration, internship contracts, interns, etc.) and, where appropriate, of the employee’s file.

Carrying out all administrative, tax and accounting procedures necessary to comply with contractual commitments, obligations in terms of labour regulations, social security, occupational risk prevention, tax and accounting.

Payroll payment management through a financial institution.

Collection of the worker’s contribution and transfer of the same to the Trade Union.

Where appropriate, carry out training activities, both subsidised and non-reimbursed training.

Time control through the control system that is set up.

Use of video surveillance systems for: security, both for clients and workers/collaborators, controlling access to the facilities as well as controlling compliance with the obligations of the worker/collaborator. The areas under surveillance will be suitably signposted.

In relation to the purposes of controlling the fulfilment of the obligations of the worker/collaborator, we inform you that the information obtained through the control system may be used for the imposition of disciplinary sanctions for breaches of the employment contract or of the service provision relationship.

Management of collective insurance / company pension plan.

What is the legal basis for processing your data?
Execution of a contract: The legal basis for processing your data is the execution of an employment contract.

Fulfilment of a legal obligation:

  • The processing of data derived from labour relations is legitimised by Royal Legislative Decree 2/2015, of 23 October, which approves the revised text of the Workers’ Statute Law.
  • Royal Decree – Law 8/2019, of 8 March, on urgent measures for social protection and the fight against precariousness in the working day.
  • Obligation of protection in terms of Occupational Risk Prevention, by virtue of Law 31/1995, of 8 November, on Occupational Risk Prevention.
  • Provision of information to the entities managing the economic benefits of the Social Security in accordance with the General Law on Social Security.
  • Communication of their data when so requested by the Labour Inspectorate. Law 42/1997, of 14 November, regulating the Labour Inspectorate.
  • Tax obligations of the entity, in accordance with the General Tax Law.

To which recipients will your data be communicated?

  • Your data will be communicated to the entities and organisations listed below:
  • To the corresponding banking entities, in order to be up to date with payments.
  • To the tax authorities.
  • Social Security bodies, Mutua de Accidentes de Trabajo y Enfermedades Profesionales de la Seguridad Social.
  • In the event that we are requested to do so, your data will be transferred to the Labour Inspectorate.
  • To entities that participate in the management of training courses that the worker wishes to attend in order to participate in the courses that are organised. In the case of receiving subsidised training, as established by Organic Law 5/2002 of 19 June, on Qualifications and Vocational Training, as well as in the case of contracts for training and apprenticeship provided for by R.D. 1529/2012, all the information required for the monitoring and control of the training actions carried out must be provided to the competent public administrations.
  • JOB SEEKERS
  • For what purposes will we process your personal data?
  • Organisation of selection processes for the recruitment of employees.
  • To summon you for job interviews and evaluate your application.

How long will we keep the personal data?
By virtue of LA GITANILLA ALOJAMIENTO Y ENCANTO’s retention policy, personal data will be kept for a maximum period of one year from the receipt of the CV.

What is the legal basis for the processing of your data?
The legal basis is your unequivocal consent, by submitting your CV.

To which recipients will your data be communicated?

The data will not be passed on to third parties without your consent.

Legal obligations that apply to us.

Do we include personal data of third parties?
No, as a general rule we only process the data provided to us by the data subjects. If you provide us with data of third parties, you must inform and request their consent beforehand, otherwise we will be exempt from any liability for failure to comply with this requirement.

What about data of minors?
We do not process data of children under 14 years of age, so please refrain from providing them if you are under 14 years of age.

Will we send communications by electronic means?

They will only be made to process your request, if it is one of the means of contact you have provided us with.

If we send commercial communications, they will have been previously and expressly authorised by you.

What security measures do we apply?
You can rest assured: We have adopted an optimum level of protection for the Personal Data we handle, and we have installed all the technical means and measures at our disposal according to the state of technology to prevent the loss, misuse, alteration, unauthorised access and theft of Personal Data.

To which recipients will your data be communicated?
Your data will not be passed on to third parties, unless legally obliged to do so. Specifically, they will be communicated to the State Agency of Tax Administration and to banks and financial institutions for the collection of the service provided or product purchased. As well as to the data processors necessary for the execution of the agreement.
In case of purchase or payment, if you choose any application, website, platform, bank card, or any other online service, your data will be transferred to that platform or will be processed in their environment, always with maximum security.
When we order it, the web development and maintenance company or the hosting company will have access to our website. They will have signed a service contract that obliges them to maintain the same level of privacy as we do.
Any international transfer of data when using American applications will be subject to the Privacy Shield agreement, which guarantees that American software companies comply with European data protection policies on privacy.

What rights do you have?

  • To know whether or not we are processing your data.
  • To access your personal data.
  • To request the rectification of your data if it is inaccurate.
  • To request the deletion of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw your consent.
  • To request the limitation of the processing of your data, in certain cases, in which case we will only keep them in accordance with the regulations in force.
  • To submit your data, which will be provided to you in a structured, commonly used or machine-readable format. If you prefer, we can send them to the new data controller you designate. This is only valid in certain cases.
  • To file a complaint with the Spanish Data Protection Agency if you believe that we have not dealt with you correctly.
  • To revoke consent for any processing for which you have consented, at any time.
  • Would you like a form for exercising your rights?
  • We have forms for exercising your rights, ask us for them by email or, if you prefer, you can use the forms prepared by the Spanish Data Protection Agency or third parties.
  • These forms must be signed electronically or be accompanied by a photocopy of your ID card.
  • If someone is representing you, you must attach a copy of their DNI, or have them sign it electronically.
  • The forms can be submitted in person, sent by letter or by email to the address of the Data Controller at the beginning of this text.
  • How long does it take for us to reply to the Exercise of Rights?
  • It depends on the right, but a maximum of one month from your request, and two months if the issue is very complex and we notify you that we need more time.
  • If you modify any data, please let us know so that we can keep them up to date.

Do we use cookies?
We use cookies, which are small files containing information about your browsing on this platform and whose purpose is to facilitate your browsing on it. You can consult the cookies policy in the corresponding link at the beginning of our website.

How long will we keep your personal data?

Personal data will be kept for as long as you remain linked to us.

Once you disengage, the personal data processed for each purpose will be kept for the legally stipulated periods, including the period in which a judge or court may require them in accordance with the statute of limitations for legal action.

The data processed will be kept until the aforementioned legal periods expire, if there is a legal obligation to keep them, or, if there is no such legal period, until the interested party requests their deletion or revokes the consent granted.

Nº Turismo: H/CA/01270

 

Kit Digital - La Gitanilla

C/Barranco, 12 C.P. 11403
Jerez de la Frontera (Cádiz)

+34 680 795 288

info@lagitanilla.com
reservas@lagitanilla.com

Follow us
Facebook-f Instagram
Expedia
Booking.com Traveller Review Awards 2024
Asociación de Empresas Turísticas de Cádiz
Legal notice / Privacy Policy / Cookies Policy / Booking conditions / House rules

© 2025 La Gitanilla. La Gitanilla. All rights reserved.