Villaverde Gardens logo
Online Check-in

Privacy Policy

Table of contents

The house of Villaverde S.L. puts at your disposal through the website https://jardinesvillaverde.com/ this privacy policy in order to inform you, in detail, about how we treat your personal data and protect your privacy and the information you provide to us. In case of introducing changes in the future about it we will communicate it through the website or through other means so that you can know the new privacy conditions introduced.

In compliance with Regulation (EU) 2016/679, General Data Protection and Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights, we inform you of the following:

Responsible for the Treatment
  • Identity:The house of villaverde SL, with CIF B39880836
  • Dir. Postcard: Calle del sol s/n – 39793 Villaverde de Pontones, Cantabria
  • E-mail: info@jardinesvillaverde.com
  • Website: www.jardinesvillaverde.com

For what purpose do we process your personal data?

The accommodation collects and treats your personal information in general to manage the relationship we have with you, being the main purposes that we have identified the following:
  • Management and contracting of the services offered by our accommodation
  • Channel requests for information, suggestions and complaints that you can send us
  • Keep you informed about events, offers, products and services that may be of interest to you through different communication channels as long as you have given your consent.
  • Management of the business relationship with our suppliers

How do we collect your information?

We collect your personal information through different means:
  • Contact form: to send information about the consultation carried out (name, surname and email), obtaining the corresponding legitimacy through the pre-contractual relationship of the parties;
  • Service form: to maintain the contractual relationship, as well as the management, administration, information, provision and improvement of the service offered obtaining the corresponding legitimation through the contractual relationship between the parties, which will be sent once the client contacts us.
You will always be informed at the time of collection by means of informative clauses about the controller, the purpose and legal basis thereof, the recipients of the data and the period of retention of your information, as well as the way in which you can exercise your rights regarding data protection. In general, the personal information we process is limited to identifying data (name and surname, date of birth, address, ID, telephone and email). The accommodation uses social networks and this is another way to reach you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies that explain how they use and share your information, so we recommend that you consult them before making use of these to confirm that you agree with the way in which your information is collected, treated and shared. In addition, this website collects cookies, which you can consult at the following link: COOKIES POLICY

User responsibility

By providing us with your data through electronic channels, the user guarantees that he is over 14 years old and that the data provided to the accommodation are true, accurate, complete and updated. For these purposes, the user confirms that he is responsible for the veracity of the data communicated and that he will keep this information properly updated so that it responds to his real situation, being responsible for the false and inaccurate data that he could provide, as well as for the damages, direct or indirect, that could arise.

How long do we keep your information?

We will only keep your information for the period of time necessary to fulfill the purpose for which it was collected, comply with the legal obligations imposed on us and meet the possible responsibilities that may arise from compliance with the purpose for which the data was collected. If at any time we have collected your data to contact you as a potential user of our services or to respond to a request for information made by you, said data will be kept for a maximum of 6 months from its collection, being deleted after that period if a contractual relationship has not been formalized or at the time you request it. In any case, and as a general rule, we will keep your personal information as long as there is a contractual relationship that binds us or you do not exercise your right to erasure and / or limitation of the treatment, in which case, the information will be blocked without using it beyond its conservation, as long as it may be necessary for the exercise or defense of claims or some type of liability could arise that had to be addressed.

To whom do we communicate your data?

In general, we do not share your personal information, except for those assignments that we must make based on imposed legal obligations. Although it is not a transfer of data, to provide the requested service it may be that third parties, acting as our suppliers, access your information to carry out the service we have hired them. These managers access your data following our instructions and without being able to use them for a different purpose and maintaining the strictest confidentiality.
  • Hetzner Online GmbH, residing in Industriestr. 25, 91710 Gunzenhausen, Germany, VAT Reg. No. DE 812871812, which provides hosting management services. You can consult the privacy policy and other legal aspects of said company at the following link: https://www.hetzner.com/legal/privacy-policy
  • PAYPAL: The operating company of PayPal is PayPal (Europa) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. If the data subject chooses "PayPal" as the payment method during the order process, we automatically transmit the data of the data subject to PayPal. By selecting this payment method, the interested party accepts the transfer of the personal data required for the processing of the payment. PayPal's applicable privacy policy can be found at https://www.paypal.com/es/webapps/mpp/ua/privacy-full
  • STRIPE: Credit card payments are processed by Stripe, Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, USA. U.S.A. In Europe, Stripe services are provided by a subsidiary entity based in Ireland, Stripe Payments Europe Limited (“Stripe Payments Europe”). Stripe Payments Europe transmits personal data to Stripe, Inc. with EU-U.S. certification. U.S.A. You can consult its privacy policy at the following link: https://stripe.com/es/privacy.
  • Redsys: Redsys Processing Services, S.L.: company used to manage credit card payments on the website. Located in Francisco Sancha, 12 – 28034 Madrid. Privacy policy and other legal aspects of said company at the following link: http://www.redsys.es/legal/20200224_poli%CC%81tica_de_privacidad.pdf
  • Google LLC, 1600 Amphitheatre Parkway, 94043, Mountain View, California, United States, provides measurement, survey and mail services. They have adopted standard data processing clauses approved by the European Commission which can be consulted at: https://cloud.google.com/security/gdpr/resource-center. Privacy policy and other legal aspects of said company at the following link: https://www.google.com/intl/es/policies/privacy/
  • KROSS BOOKING: Krossbooking is a software for holiday rental owners to which basic booking data is sent for centralized management, which belongs to the Str-based Solutions Plus SRL company. Prov. Bitonto – Aerop. Palese, 28 – Bari, Italy. Link to Krossbooking privacy policy: https://www.krossbooking.com/privacy/
Likewise, your personal information will be available to the Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the treatment.

International data transfers

With our suppliers we have agreed that, for the provision of the contracted service, they make use of servers located in the EEA and if, in the future, we need to make use of servers located outside the territory of the EU, appropriate measures will be taken, which will be incorporated into this Privacy Policy, ensuring that there are adequate guarantees.

What are your rights in relation to the processing of your data and how can you exercise them?

The regulations on data protection allow you to exercise your rights of access, rectification, deletion and portability of data and opposition and limitation to their processing, as well as not to be subject to decisions based solely on the automated processing of your data, where appropriate. These rights are characterised by the following:
  • Their exercise is free of charge, unless they are manifestly unfounded or excessive requests (e.g. repetitive), in which case the accommodation may charge a fee proportional to the administrative costs incurred or refuse to act
  • You can exercise the rights directly or through your legal representative or volunteer
  • We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline can be extended by another two months.
  • We have the obligation to inform you about the means to exercise these rights, which must be accessible and without being able to deny you the exercise of the right for the sole reason of opting for another means. If the request is submitted by electronic means, the information will be provided by these means where possible, unless you ask us to do otherwise.
  • If we do not comply with the request, you will be informed, no later than one month, of the reasons for your failure to act and the possibility of complaining to a Supervisory Authority
In order to facilitate its exercise, we provide you with the links to the application form for each of the rights:

Form exercise of the right of access

Form for the exercise of the right of rectification

Form for the exercise of the right to object

Form for the exercise of the right of erasure (right to be forgotten)

Form for exercising the right to restriction of processing

Exercises of the right to portability form

Exercise form not subject to automated individual decisions

To exercise your rights we put at your disposal the following means:
  1. By written and signed request addressed to the postal address of the person responsible for the treatment with Ref. Exercise of Rights LOPD.
  2. Sending a scanned and signed form to the email address of the data controller indicated above, indicating in the subject Exercise of Rights LOPD.
In both cases, you must prove your identity by accompanying a photocopy or, where appropriate, a scanned copy, of your ID or equivalent document to verify that we only respond to the interested party or his legal representative, having to provide in this case document accrediting the representation. In addition, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you may file a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, C / Jorge Juan, 6 – 28001 Madrid.

How do we protect your information?

We are committed to protecting your personal information. We use measures, controls and procedures of a physical, organizational and technological nature, reasonably reliable and effective, aimed at preserving the integrity and security of your data and guaranteeing your privacy. In addition, all staff with access to personal data have been trained and are aware of their obligations in relation to the processing of their personal data. In the case of the contracts that we enter into with our suppliers, we include clauses in which they are required to maintain the duty of secrecy regarding the personal data to which they have had access under the order made, as well as to implement the technical and organizational security measures necessary to guarantee the confidentiality, integrity, availability and permanent resilience of the systems and services for the processing of personal data. All these security measures are reviewed periodically to ensure their adequacy and effectiveness. However, absolute security cannot be guaranteed and there is no security system that is impenetrable, so in the case of any information that is processed and under our control is compromised as a result of a security breach, we will take appropriate measures to investigate the incident, notify the Control Authority and, where appropriate, those users who may have been affected so that they take appropriate measures.