1. Identity and contact details of the controller.

Lopesan Hotel Management, S.L., domiciled at C/ Concepción Arenal 20, 2º Cial., 35006, Las Palmas de Gran Canaria (Las Palmas, Spain), with employer identification number B-76261130 and telephone number +34 928128750 (“Lopesan”), is the controller of the personal data filled out in the travel agencies registration form.

We also inform you that the Group to which Lopesan belongs has a data protection officer designated at a Group level who you may contact at the following address: dpo@lopesan.com should you have any doubts about the processing of your data.

2. General information on the processing of your data.

Lopesan will process your personal details and contact data based on:
its legitimate interest, in order to initiate and, as the case may be, safeguard the subsequent continuity contractual relationship between Lopesan and the travel agency you represent or work at; or
the fact that said processing is necessary to initiate and, as the case may be, safeguard the subsequent continuity of the contractual relationship between Lopesan and yourself if you are self-employed/an individual.
For this purpose, Lopesan will process your data for the duration of the contractual relationship with you or with the travel agency you represent or work at.
Furthermore, if you expressly consent by marking the newsletters box, Lopesan will process your data to send you our newsletter with commercial information on the Lopesan Hotel Group. You may withdraw your consent at any time, without this affecting the lawfulness of the processing based on your consent prior to its withdrawal.
We inform you that your data and the data of future guests that you provide when making the reservation, may be disclosed to third parties in accordance with applicable legislation and, in particular, to judges and the courts, and law enforcement agencies. Furthermore, your data and the data of future guests that you provide when making the reservation may be disclosed to the relevant entity of the Lopesan Hotel Group that owns the hotel at which the guests will be staying, since such disclosure is necessary for the performance of the contractual relationship between you or the travel agency you represent or work at, and Lopesan. A list of said companies can be found here: link to Legal Entities of travel agencies
In addition, systems, technology tools, marketing and document management service providers of Lopesan may also access your data and the data of future guests that you provide to us when making the reservation. If any of them are located outside the European Economic Area, Lopesan will adopt the relevant standard contractual clauses, will require adhesion to the Privacy Shield or will require that additional safeguards be implemented. For further information on the transfers and safeguards adopted please write to dpo@lopesan.com.
You may request more detailed information on the recipients of your data by sending an email to dpo@lopesan.com, indicating the specific processing for the recipients in relation to which you require information.

3. Necessary, up-to-date information and declaration of compliance with data protection legislation.

Completion of all the fields marked with an asterisk (*) or regarding which the system requires completion in the forms provided is compulsory. Failure to fill out any of these fields could prevent you receiving the services. You must provide truthful information; using an alias or other methods to hide your identity is prohibited.
In order to ensure that the information provided is always up to date and does not contain errors, you should inform Lopesan as soon as possible of any amendments to or changes in your data at reception or via the following email: dpo@lopesan.com.
By accepting this document you declare that the information and data you have provided are accurate and true and that you fully comply with data protection legislation in force and, specifically with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC and Organic Law 3/2018, of December 5, 2018, on Data Protection and the Safeguard of Digital Rights with respect to the personal data of third parties that you disclose to Lopesan as a result of the reservations you make on our website. In this regard, you should inform your customers that their data will be disclosed to Lopesan and to the relevant entity of the Lopesan Hotel Group that owns the hotel at which you will be staying.

4. Exercise of your rights

You may exercise the following rights:
the right of access to your personal data to know which data are being processed and the processing operations that are being performed with that data;
the right to rectification of any inaccurate data;
the right to erasure of your personal data, where possible;
the right to request the restriction of the processing of your personal data where the accuracy, legality or need to process the data is doubtful, in which case we may store your data duly blocked for the exercise or defense of claims;
the right to object to the processing of your personal data, when the legal basis that enables us to process them, of those indicated in point 2 above, is Lopesan’s legitimate interest. Lopesan will cease to process your data unless it has a compelling legitimate interest to do so or it is necessary for the defense of claims.
right to data portability, when the legal basis that enables us to process them, of those indicated in point 2 above, is the existence of a contractual relationship or your consent;

You may exercise your rights at any time, without charge, by sending an email to dpo@lopesan.com indicating the right you wish to exercise and your personal particulars.
You may also lodge a complaint with the Spanish Data Protection Agency if you consider that data protection legislation has been breached in the processing of your personal data.