Data Protection Policy

Both data privacy and the confidentiality of information are important aspects for NO SOM HOTEL S.L.U. This data protection policy sets out how personal data obtained from its clients, contacts, and suppliers is processed and may vary over time due to possible legislative changes, case law, or the criteria followed by the Spanish Data Protection Agency and/or the competent authority at any given time. For this reason, the company reserves the right to modify this policy to adapt it to legislative or judicial developments that are in force at the precise moment the website is accessed.

Last update date: 1/02/2025

1. Who is responsible for processing your data?

NO SOM HOTEL, S.L.U.
NIF: B65899288
Address: Trafalgar, 39, 8-2, Barcelona
Contact email: hola@helloyok.com

2. For what purpose and legal basis do we process your data, and how long do we keep it?

The personal data we collect is necessary to provide the service to you, being adequate, relevant and not excessive, limited to what is necessary in relation to the purposes for which they are processed.
We ask that, to keep your data current, accurate, and up to date, you notify us of any changes or modifications that may occur.

At NO SOM HOTEL, we process personal data for the following purposes:

RESERVATIONS

  • Purpose: We manage reservations and pre-stay relationships.
  • Legal basis: The legal basis for processing your data is the pre-contractual relationship established by the acceptance of the reservation conditions.
  • Retention period: Data will be deleted if the reservation is not finalized.

CLIENTS

  • Purpose
    • Check-in and registration to communicate information to the competent authorities.
    • Management of the contracted services and accommodation.
    • Sending of electronic communications related to them.
    • Management of payments and their invoicing.
    • Commercial actions and electronic newsletters.
  • Legal basis: The legal basis for processing is the existence of a contractual relationship for the provision of the requested services, the legal obligation established in Royal Decree 933/2021, of October 26, which establishes the obligations of documentary registration and information for individuals or legal entities engaged in lodging activities, and the consent for the sending of commercial communications in cases where it has been granted.
  • Retention period: Your data will be retained for the legal periods established in civil legislation for the statute of limitations of contractual obligations and in accounting and tax legislation (5 years).
    Lodging registration data will be retained for a period of 3 years.

SUPPLIER AND PARTNER DATA

  • Purpose: Management of orders and payments, as well as maintaining a contact database for possible future collaborations.
  • Legal basis: The legal basis for processing is the existence of a contractual relationship.
  • Retention period: Data will be retained in all cases for the duration of the contractual relationship and subsequently for the legal periods established in civil legislation for the statute of limitations of contractual obligations and in accounting and tax legislation (5 years), and the communication of information to the competent authorities.

3. Who will we share your data with?

NO SOM HOTEL will share your data with third parties in the following cases:
By legal obligation, guest data will be communicated to law enforcement authorities. (Law 4/2015, on the Protection of Citizen Security)

They may also be communicated to the tax administration for the payment of taxes, to judges, and courts that request it through judicial proceedings.

It is informed that no international data transfer is planned.

4. What are your rights?

Any person has the right to obtain information about what data we are processing.
Below, we list your rights:

  • Right of access: The right to access your personal data to know if personal data is being processed and to obtain a copy of it.
  • Right of rectification: The right to request the correction of inaccurate data.
  • Right to restriction: You may request the limitation of the processing of your data, in which case they will only be retained for the exercise or defense of legal claims.
  • Right to object: In certain circumstances and for reasons related to your particular situation, you may object to the processing of your data. The company will stop processing the data, unless there are compelling legitimate reasons, or for the exercise or defense of possible claims.
  • Right to data portability: You will have the right to receive the personal data that concerns you, that you have provided, in a structured, commonly used and machine-readable format when: a) the processing is based on consent or a contract, and b) the processing is carried out by automated means.

To exercise the aforementioned rights, you may contact us via email at hola@helloyok.com indicating the following information:

Full name
DNI number
Contact email
Right you wish to exercise
Data involved in your request

We will respond to your request within a maximum period of one month, notifying you at the email address you provided.

5. Security in data processing

Taking into account the state of the art, the implementation costs, and the nature, scope, context, and purposes of the processing, as well as the varying probability and severity of risks to the rights and freedoms of natural persons, the company will apply appropriate technical and organizational measures to ensure a level of security appropriate to the risk, which prevent the accidental or unlawful destruction, loss, or alteration of personal data transmitted, stored, or otherwise processed, or the unauthorized communication or access to such data.