Privacy Policy

1. DETAILS OF OUR PRIVACY POLICY

1.- GENERAL INFORMATION

This "Privacy and Data Protection Policy" aims to inform you of the conditions that govern the collection and processing of your personal data by our entity or corporate group in order to safeguard fundamental rights, your honor, and freedoms, all in compliance with the current regulations governing the protection of personal data under the European Union and the Spanish Member State.

In accordance with these regulations, we need your authorization and consent to collect and process your personal data. Therefore, below we provide all the relevant details regarding how we carry out these processes, for what purposes, which other entities might have access to your data, and what your rights are.

For all the above reasons, once you have read and reviewed our Data Protection Policy, it is essential that you accept it as proof of your agreement and consent.

2.- DATA CONTROLLER

Who collects and processes your data?

The Data Controller is the natural or legal person, public or private, or administrative body that, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by EU or Spanish Member State law.

In this case, our identification data as Data Controller are as follows:

3.- SECURITY MEASURES

What do we do to guarantee the privacy of your data?

Our company adopts the necessary organizational and technical measures to guarantee the security and privacy of your data, preventing its alteration, loss, unauthorized processing, or access, depending on the state of technology, the nature of the stored data, and the risks to which they are exposed.
Among others, the following measures stand out:

• Ensuring the permanent confidentiality, integrity, availability, and resilience of processing systems and services.
• Restoring the availability and access to personal data quickly in the event of a physical or technical incident.
• Regularly verifying, evaluating, and assessing the effectiveness of the implemented technical and organizational measures to ensure processing security.
• Pseudonymizing and encrypting personal data, in case of sensitive data.

4.- PURPOSE OF DATA PROCESSING

Why do we want to process your data?

We need your authorization and consent to collect and process your personal data, so below we detail the intended uses and purposes:

• Email: Communications via email
• Website inquiries: Responding to queries received through the website's electronic form
• Subscriber management: Marketing, advertising, and commercial prospecting
• Commercial communications: Marketing, advertising, and commercial prospecting
• Social media: Sharing information on social networks
• WhatsApp communications: Communications via WhatsApp instant messaging
• Tour package management: Customer/supplier, accounting, tax, and administrative management
• Data protection: Protection of personal data and information privacy

How long do we keep your data?

We use your data for the time strictly necessary to fulfill the purposes mentioned above. Unless there is a legal obligation or requirement, the retention periods are:

• Email: For a period of 6 years from the last confirmation of interest
• Website inquiries: For a period of 1 year from the last confirmation of interest
• Subscriber management: Until the data subject requests deletion
• Commercial communications: Until the data subject requests deletion
• Social media: Until the data subject requests deletion
• WhatsApp communications: For a period of 6 years from the last confirmation of interest
• Tour package management: For a period of 5 years from the last confirmation of interest
• Data protection: For a period of 5 years from the last confirmation of interest

5.- LEGAL BASIS FOR PROCESSING

Why do we process your data?

• Email: Legitimate interest of the Data Controller or third parties
• Website inquiries: Explicit consent of the data subject
• Subscriber management: Explicit consent of the data subject
• Commercial communications: Explicit consent of the data subject
• Social media: Explicit consent of the data subject
• WhatsApp communications: Explicit consent of the data subject
• Tour package management: Explicit consent of the data subject; Existence of a contractual relationship with the data subject
• Data protection: Legal obligation of the Data Controller

6.- DATA RECIPIENTS

To whom do we disclose your data within the European Union?

• Social media platforms
• Telecommunication service providers (WhatsApp)
• Banks, insurance companies, tour operators
• Public administration and the Spanish Data Protection Agency

Do we carry out International Data Transfers outside the European Union?

In some cases, we contract services with entities outside the EU, which involves international transfers. Adequate protection mechanisms are always guaranteed.

7.- SOURCE AND TYPES OF DATA PROCESSED

Where did we obtain your data from?

From the data subject or their legal representative in all cases: clients, employees, suppliers, subscribers, website contacts, followers on social networks.

What types of your data have we collected and processed?

• Identification data: Name, surname, address, phone number, email
• Financial and insurance data: bank details, credit card information
• Transaction data: goods and services transactions
• Employment details (employees): job position

8.- DATA SUBJECT RIGHTS

What rights do you have?

• Request ACCESS to your personal data
• Request RECTIFICATION of your data
• Request ERASURE of your data (“right to be forgotten”)
• RESTRICT or OBJECT to the use of your data
• RIGHT to DATA PORTABILITY
• RIGHT to WITHDRAW your consent
• RIGHT to file a COMPLAINT with the Spanish Data Protection Agency

How can you exercise your rights?

By sending your request to info@canaventura.es or by postal mail to: Calle Hércules, 1 Local 10-D, 38630 Costa del Silencio, Arona – Tenerife – Spain

9.- CONSENT AND ACCEPTANCE

Accepting this document indicates that you understand and agree to all the clauses of our privacy policy and authorize the collection and processing of your personal data under these terms. This acceptance is given by checking the "Read and Accept" checkbox of our Privacy Policy.