Legal notice Surfing Colors
Legal notice Surfing Colors
I. PERSONAL DATA PROTECTION POLICY
May 25, 2.018
NIEPRAPE HOTELES S.L. is an Organization in which data processing activities are given
of personal nature, which gives it an important responsibility in the design and
organization of procedures so that they are aligned with legal compliance in this
In the exercise of these responsibilities and in order to establish the general principles that
must govern the treatment of personal data in the Company, approves this Policy
of protection of personal data, which notifies its employees and makes available to
all your interest groups.
The Policy of protection of personal data is a measure of Liability
proactive that has the purpose of ensuring compliance with the applicable legislation in this
matter and relation to it, respect for the right to honor and privacy in the treatment of
Personal data of all people who are related to The Company.
In development of the provisions of this Policy of protection of personal data, it is
establish the Principles that govern data processing in the organization and in
consequence, the procedures, and the organizational and security measures that people
affected by this Policy are committed to implement in their area of responsibility. With
this end NIEPRAPE HOTELES S.L., CALLE PEJÍN Nº2 CP 35660 CORRALEJO (LAS PALMAS)
assign the responsibilities to the personnel that participate in the treatment operations of
2. Scope of application
This Policy of protection of personal data will apply to the Company, to its
administrators, managers and employees, as well as all the people who relate to it,
with the express inclusion of service providers with access to data ("Managers of
3. Principles of the processing of personal data
As a general principle, the Company will scrupulously comply with the legislation on
protection of personal data and must be able to demonstrate it (Principle of
"Proactive responsibility"), paying special attention to those treatments that may
pose a greater risk to the rights of those affected (Principle of "risk approach").
In relation to the exposed NIEPRAPE HOTELES S.L. will ensure compliance with the following
➔ Lawfulness, loyalty, transparency and limitation of the purpose. The data processing always
the affected party must be informed, through clauses and other procedures; and only
It will be considered legitimate if there is consent to the processing of data (with special
attention paid to minors), or has another valid legitimation and the
Its purpose is in accordance with Regulations.
➔ Data minimization. The data processed should be adequate, relevant and limited
to what is necessary in relation to the purposes of the treatment.
➔ Accuracy. The data must be accurate and, if necessary, updated. To this
respect, the necessary measures will be taken to eliminate or rectify them without
delay personal data that are inaccurate with respect to the purpose of processing.
➔ Limitation of the conservation period. The data will be maintained in a way that allows
identification of interested parties for no longer than necessary for the purposes of the
➔ Integrity and Confidentiality. The data will be treated in such a way as to guarantee a
adequate security of personal data, including protection against treatment
authorized or unlawful and against its loss, destruction or accidental damage, through the
application of appropriate technical or organizational measures.
➔ Data transfers. The purchase or obtaining of personal data is prohibited
from illegitimate sources or in those cases in which said data have been collected or
ceded in contravention of the law or its legitimate origin is not sufficiently guaranteed.
➔ Hiring of suppliers with access to data. They will only be chosen for hiring
suppliers that offer sufficient guarantees to apply technical measures and
appropriate security in data processing. With these third parties, the
due Agreement in this regard.
➔ International data transfers. All processing of personal data
subject to European Union regulations that involve a transfer of data outside the
European Economic Area must be carried out in strict compliance with the
requirements established in the applicable law
➔ Rights of those affected. The Company will provide those affected with the exercise of the rights
access, rectification, deletion, treatment limitation, opposition and portability,
establishing for this purpose the internal procedures, and in particular the models for
exercise that are necessary and timely, which must satisfy, at least, the
legal requirements applicable in each case
The Company will promote that the principles included in this Data Protection Policy of
personal character are taken into account (i) in the design and implementation of all
work procedures, (ii) in the products and services offered (iii) in all contracts and
obligations that formalize or assume and (iv) in the implementation of how many systems and platforms
allow the access of employees or third parties and / or the collection or processing of character data
4. Commitment of workers
The workers are informed of this Policy and declare themselves aware that the
Personal information is an asset of the Company, and in this respect adhere to it,
committing to the following:
* Carry out awareness training on Data Protection that the Company puts at its
* Apply security measures at the user level that apply to your workplace, without
prejudice of the responsibilities in its design and implementation that could be attributed to it
depending on its role within NIEPRAPE HOTELES S.L.
* Use the established formats for the exercise of Rights by those affected and
inform the Company immediately so that the response can be effective.
* Inform the Company, as soon as it becomes aware, of deviations from what is established in this
Policy, in particular "Violations of security of personal data", using the format established for that purpose.
5. Control and evaluation
An annual verification, evaluation and evaluation will be carried out, or whenever there are changes
significant differences in data processing, the effectiveness of technical and organizational measures
to guarantee the safety of the treatment.
NIEPRAPE HOTELES S.L.