Privacy Policy

Goierri Turismoa S.L. with B20694782 VAT number (onward GOITUR), in keeping with the legal requirements established in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and in particular, in application of article 25 and recital 78, the GOITUR acknowledges that it is responsible for personal data processing and undertakes to do so in accordance with the regulatory requirements and with the risks associated with said processing that have previously been identified.

To guarantee that personal data is managed correctly, all staff at the GOITUR that intervene in the data processing are aware of the data protection policies in place, thus ensuring the personal data’s confidentiality, integrity, availability and resilience, as well as the capacity to effectively recover the personal data as quickly as possible in the event of an incident.

Pursuant to current regulations, the GOITUR is not obliged to appoint a Data Protection Officer (DPO) given that the processing carried out in this case does not deal with sensitive data. Nevertheless, for any claims and/or suggestions, we are at your service and we hereby inform you of the following:

1. The party responsible for data processing

Identification of the responsible party: Goierri Turismoa S.L. CIF B20694782
Postal address: 
Edificio NBF (2.planta) – Polo Innovación Goierri. 20240 Ordizia, Gipuzkoa

Website: www.goierriturismo.com
Contact e-mail: goierri@goierriturismo.com
Contact tel.: +34 943 161 823

2. Purpose and duration of the personal data processing

Every time GOITUR requests your personal data, you will be expressly informed of the purpose of said processing for which you are giving your consent, at the moment your data is collected. Should GOITUR wish to use your data for other purposes (generally to send information about GOITUR’s activities that we feel you may be interested in), we will request your express consent beforehand. In those cases where you have authorised us to send you commercial information, we hereby inform you that we can draw up a “commercial profile” based on the data you have provided, in order to offer information to suit your interests. In any case, we would like you to know that exclusively automated decisions will not be made based on that profile.

Your data will be processed for an indefinite period of time, except if you exercise your right to erasure, at which moment we will remove your personal data apart from the information we are legally obliged to keep for the period set for the purpose in question (for example, data for invoicing our services).

3. Legitimisation of personal data processing

The legal basis that entitles us to process your personal data is your consent to said processing. In general, GOITUR asks for your consent for the primary purpose (to be able to provide the service you are requesting of us), such that if you choose not to give consent, we will be unable to provide the service you require. In the case of the secondary purpose (to be able to send you commercial information from GOITUR), you must expressly specify that you voluntarily consent to this purpose; if you wish to expressly not consent to the secondary purpose, GOITUR will take it that it is not legally entitled to send you commercial information and will act accordingly.

4. Recipients of your personal data

GOITUR does not envisage transferring your personal data on to third parties. Should a transfer of this nature arise, your consent will be requested in advance, informing you of the recipients of said data transfer or, if they are not clearly predefined, you will be informed of the category of recipients.

GOITUR will, however, be able to hire the services of third parties that entails access to your personal data by a third party, but always within the scope of the provision of a service that gives rise to a processing assignment under the conditions specified in articles 28 and 29 of the aforementioned European Regulation. In these cases, GOITUR will regulate the processing assignment by means of the corresponding data protection framework, in which the commitments undertaken by both parties as regards confidentiality, security and safety are clearly defined.

If the data processor is an entity from outside the European area, entities will only be selected that, according to the Spanish Data Protection Agency, meet the level of safety and security that is comparable and demonstrable through the following channels:

  • The service provider is on the list of countries with a level of protection that is comparable to that in the European Union.
  • The international transfer of personal data is expressly authorised by the Spanish Data Protection Agency.
  • The service provider works under the EU-US Privacy Shield agreement.

5. Rights regarding personal data processing

As the owner of personal data processed by GOITUR, and pursuant to articles 15 to 21 of the aforementioned European Regulation, you may, at any time, exercise your rights to access, rectification or erasure, restriction of processing, objection and/or portability. To do so, you must address GOITUR through any of the usual communication channels, and in particular, using the contact details given in point 1 of this Data Protection Policy, requesting the right in question. You must identify yourself clearly and unequivocally beforehand, guaranteeing that you are the owner of the personal data on which you wish to exercise the right. GOITUR will complete the request as quickly as possible and, in any case, without undue delay. Should you have any queries about your rights and how to exercise them, GOITUR is at your service to provide any additional information and to facilitate the procedure.

If you feel that your request to exercise your rights has not been handled correctly, you can report the fact to the competent Control Authority. To do so, please find below the main contact details for the Spanish Data Protection Agency:

Agencia Española de Protección de Datos (AEPD)
C/ Jorge Juan, 6
28001 Madrid (Spain)
www.agpd.es
Contact telephone numbers: +34 901 100 099 – +34 912 663 517

6. Source of the data

The source of the personal data processed by GOITUR will be the owner of the data or their legal representative, or the person(s) that the owner expressly authorises for this purpose. The categories of data processed will also be data of an identification or economic nature, commercial information, academic and professional data, and, in general, any type of personal data that is not considered to be specially protected data.

COOKIES POLICY

From goierriturismo.com inform you that our website uses cookies to analyze user navigation.

 

WHAT ARE COOKIES

Cookies are small text files, that are downloaded on your computer when you access a web page.

They are not malicious viruses, but are tools that play a vital role in providing numerous services on the Internet. Among other things they allow the system to keep track of the language that you want to browse the Internet in, to compile statistics to optimise the functionality of the site or allow you to be able to share our content on your social networks.

 

WHAT KINDS OF COOKIES DOES THIS WEB PAGE USE?

Technical cookies. These are cookies created and managed exclusively by us that allow you to browse through our web page and to use its different options and services.

Analysis cookies. These are cookies that are either processed by us or by third parties and allow us to quantify the number of users and measure and carry out statistical analysis of the use of our web page.

Under no circumstances do we obtain information about the user’s personal data, and we guarantee the protection of the privacy of those who browse the web.

 

HOW TO DISABLE OUR COOKIES (OR ANY OTHERS)

Although most browsers accept cookies automatically, you can change the configuration of your browser to enable, block or remove the cookies installed on your computer.