PRIVACY & COOKIE POLICY Cycling Spain
With this privacy statement, we inform you about what kind of personal data we collect, how your data is processed, and what rights you have.
BOOKING
If you wish to book for other persons, you must be authorized by them to do so.
What data do we collect from you?
When you book a trip, the data you provide is recorded by us. We collect data including:
- Name, address, city, phone number, email
- Date of birth
- Payment details
- Dietary information (if you choose to provide it)
- Necessary medical information (if you choose to provide it)
- Details of the booked trip
- Company name and policy number of your travel insurance
What do we use the data for?
- Your data is needed to process requests, to provide you with information about your trip, for relevant communication regarding the booking, for the proper execution of the trip, and to handle the booking and payment.
- Your dietary information is shared with the hotel or other travel service providers that provide meals and, if this is for medical or religious reasons, only to the extent that you give your consent.
- To the extent that you give consent, your medical information is shared with the travel service provider who needs to be informed and where disclosure is necessary for your stated needs, your safety, or the safety of others.
- Name, address, bank details, and details of the booked trip, the costs, and the payment are processed for bookkeeping, debtor administration, and collection activities.
- Your data may be used for a legitimate interest of the company or third parties, such as handling complaints, disputes, and legal claims, insofar as your interest does not prevail.
- We process your experience to assess whether you meet the participation requirements. This is necessary for your safety, the safety of others, and for the proper execution of the trip.
Legal basis
We collect your data for the execution of the agreement we have with you. Additionally, data is processed based on the legitimate interest of the company and third parties, provided your interests do not prevail. Furthermore, data is collected to comply with legal obligations, including in particular the obligation to keep accounting records. For the processing of your dietary/medical data, you must give explicit consent.
How long do we keep your data?
- Unless otherwise specified, personal data will be retained for a maximum of two years after the trip.
- Medical data will be deleted [after the complaint period/30 days/….] after the trip.
- Data required for tax administration will be retained for the mandatory period (usually 7 years).
- The above retention periods may be deviated from due to a legal obligation or a legitimate interest of the company or third parties, provided your interest does not prevail. Data may be retained in the event of complaints, potential disputes, or legal claims for up to 2 years after resolution of the complaints, disputes, or legal claims.
With whom do we share your data?
- We make your data available to travel service providers if and insofar as this is necessary for the proper execution of the trip, for addressing your stated needs, for your safety, or the safety of others.
- In the processing of data, external processors are used, such as the booking system, accounting system, email system, bookkeeping, and for payment and collection.
Transfer to a third country or international organization outside the EU?
If your trip takes place outside the EU, the necessary personal data will be transferred to local travel service providers outside the EU based on the execution of the (travel) agreement with you. The travel service providers are themselves responsible for the proper processing of your personal data and are bound by the privacy rules applicable in that country.
TRIP EVALUATION
What data do we collect from you?
We collect data including your name, the trip taken, your evaluations of the trip, and any other feedback or information you mention in the trip evaluation.
What do we use the data for?
- We use the data for internal evaluation.
- We use the data for evaluation and feedback to the relevant travel service provider.
Legal basis
We collect your data based on the execution of the agreement we have with you. Additionally, data is processed based on the legitimate interest of the company and travel service providers in a thorough evaluation of their products or services, provided your interests do not prevail.
How long do we keep your data?
Data in the evaluation is retained for up to 2 years after the trip.
With whom do we share your data?
For the execution of the evaluation, external processors such as a survey company are used. The data may be passed on to the travel service provider. Depending on the situation, this is done anonymously.
NEWSLETTER
What data do we collect from you?
We collect data including your name and email address.
What do we use the data for?
When you subscribe to the newsletter or are a customer with us, your data is used to send you the digital newsletter. We ask for your name to personalize the greeting in the newsletter.
Legal basis
If you are not yet a customer, we process your data to the extent that you have given us permission for its use or for sending the newsletter. If you are already a customer, we send you a newsletter based on the legitimate commercial interest of the company in sending its latest travel offers to its customers.
How long do we keep your data?
Your data is retained for these purposes until you unsubscribe. You can unsubscribe at the bottom of each newsletter.
With whom do we share your data?
For sending the newsletter, we use an external mailing program.
BROCHURE
What data do we collect from you?
We collect data including your name and email address when requesting a digital brochure.
What do we use the data for?
When you request a brochure, your data is used to send it to you.
Legal basis
We process your data for the execution of the agreement after you request us to send the brochure.
How long do we keep your data?
Your data will be deleted within 1 month after sending, unless that data is lawfully used for other purposes mentioned in this privacy policy.
With whom do we share your data?
For sending the brochure, we use an external mailing program (digital).
COOKIES & PROFILING
What data do we collect from you?
With your consent, we collect anonymous data about your browsing behavior on our website. Your browsing behavior cannot be linked to you.
What do we use the data for?
To be able to tailor our website to the general wishes and interests of the visitor.
Legal basis
The data is only processed based on your consent.
How long do we keep your data?
Your profile is retained for a maximum of 6 months after the last website visit.
With whom do we share your data?
Your profile is stored with an external analytics service.
COMPLAINTS ABOUT THE TRIP
What data do we collect from you?
We collect data including your name, the trip taken, the complaint, and other information you provide in the complaint.
What do we use the data for?
- We use the data for internal evaluation of the complaint.
- If the complaint relates to the execution of the trip, we use the data for feedback to the relevant travel service provider, requesting a response to the complaint.
- Your data may be used for a legitimate interest of the company or third parties, such as disputes and legal claims, provided your interest does not prevail.
Legal basis
We collect your data based on the execution of the agreement we have with you. Additionally, data is processed based on the legitimate interest of the company and travel service providers in a thorough complaint assessment and handling, provided your interests do not prevail.
How long do we keep your data?
Data related to the complaint is retained for up to 2 years after the complaint is resolved.
With whom do we share your data?
If applicable, relevant personal data and details about your complaint are shared with and discussed with the travel service provider, our lawyer, and/or insurer, and dispute resolution bodies.
SECURITY
How do we secure your data?
We
take all appropriate organizational and technical measures to secure your personal data and require third parties processing your personal data on our behalf to do the same. This includes:
- Access to your personal data is restricted to persons who need to process this data through physical and digital access limitations.
- Our network, data storage, and data transmission are secured — and where appropriate, encrypted — according to current security standards.
- Login and user activities are logged to detect unauthorized processing.
- We train our staff and promote a privacy-conscious culture.
- The privacy policy is evaluated annually for effectiveness.
YOUR RIGHTS
Your rights:
- You have the right to access your personal data and the right to correct your personal data.
- You have the right to request that we delete your personal data insofar as:
- They are no longer necessary for the purposes for which they were collected and compatible purposes, or;
- The processing is based on your consent, and you withdraw this consent, and there is no other legal basis for the processing, or;
- The processing is based on a legitimate interest of the company or third parties, and you object to the processing, and your interest prevails over legitimate interests of the company and third parties.
- You have the right to restrict processing.
- You have the right to a digital copy of the personal data you provided to us.
- You have the right to withdraw given consent.
- You have the right to object to the processing of your personal data due to your specific situation, insofar as the processing is based on the legitimate interest of the company or third parties.
- You have the right to object to the use of your personal data for direct marketing purposes, including profiling.
- You have the right to file a complaint with the Data Protection Authority.
You can direct a request to the email or postal address below. To help us process your request, you must be able to identify yourself.
CHANGES
We may occasionally need to amend this privacy statement, including due to changes on the website, modified processing purposes, altered work procedures, or changes in regulations. We will amend the content of the statements unilaterally and without prior notice.
QUESTIONS, COMMENTS & COMPLAINTS
If you have any questions, comments, or complaints about how we handle your personal data, we would be happy to hear from you via the email address below. We will respond as soon as possible, but no later than 4 weeks.
DATA CONTROLLER
The following company is the data controller within the meaning of the General Data Protection Regulation (GDPR).
COMPANY NAME: Cycling Spain B.V.
ADDRESS: Bakenbergseweg 159, 6814 MG, Arnhem
EMAIL: administration@cyclingspain.com
COOKIE POLICY
Cookies are files that a website places on your computer, tablet, or smartphone, and send data back to the website that placed them. In your Internet browser, you can always delete cookies and also set whether you want to accept or block cookies. Below we will explain the types of cookies used on our website.
Cookie name: cookieyes-consent
Type of cookie: functional
Duration: 1 year
Cookie name: wp_wpml_current_language
Type of cookie: functional
Duration: session
Cookie name: _ga
Type of cookie: analytical
Duration: 1 year
Functional and analytical cookies
Functional cookies are used to ensure the proper functioning of the website. Analytical cookies help us adjust our website to the general preferences and interests of visitors. These cookies allow us to see how the website is being used, which pages cause problems for visitors, which are interesting, and so on. This data is important for us to continue to create a pleasant website experience for you. We measure visit information on the website using Google Analytics.