This legal text gives details of how we collect and process your personal data through your use of our website http://www.dmcstay.com, including any information you may provide to us through the site when you contract a service or provide your details through the form provided for this purpose.
When you provide us with your data, we inform you that our services are not possible for those persons who are not able to give consent, so when you send us the forms, you guarantee that you have sufficient capacity to give consent.
Below we inform you about the data protection policy of: Ciprian Rosian
1. Data Controller.
Contact details of the person in charge:
Ciprian Rosian, with CIF: X5026471M and address at: Calle Campillos, número 33, piso 2º B 29210 Cuevas De San Marcos Málaga Email: info@dmcstay.com
Ciprian Rosian(hereinafter referred to as "we" or "us" or "our").
2. What data do we collect?
The General Data Protection Regulation, defines the personal data as any information about an identified or identifiable natural person, i.e. any information capable of identifying a person. This would not include anonymised data, nor percentage data.
The personal data that may be collected directly from the data subject will be treated confidentially and will be incorporated into the corresponding processing activities, owned by Ciprian Rosian.
We may process certain types of personal data on our website, which may include:
- Identity data: name, surname and user name.
- Contact details: email, address and telephone.
- Financial data: bank details.
- Profile data: username and password.
We do not collect any data relating to special categories of personal data (data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership and information about your health, genetic or biometric data).
In the event that you are required to collect personal data by law or under the terms of any contract between us and you refuse to provide it, we may not be able to enter into such contract or provide the service and you must notify us in advance.
3. How do we collect your personal data?
The means we use to collect personal data are:
- Through the form on our website, through our contact email, by telephone or by post, when:
- Contract the provision of our services
- Through technology or automated interactionsOn our site we may automatically collect technical data about your computer, browsing actions and usage patterns. This data is collected through cookies or similar technologies. For more information, please see our cookie policy. here.
- Through third parties:
- Google: analytical data or search data. Outside the European Union.
4. Purpose and legitimacy for the use of your data.
The most common uses of your personal data are:
- For the conclusion of a contract between Ciprian Rosian and you.
- When you consent to the processing of your data.
- When we need them to comply with a legal or regulatory obligation.
- Where it is necessary for our legitimate interest or that of a third party.
The User may revoke the consent given at any time by sending an e-mail to info@dmcstay.com or by consulting the section on exercising rights below.
Below is a table showing the ways in which we will use your personal data and the lawfulness of its use, as well as the types of personal data we will process. We may process some personal data for additional legal reasons, so if you need details please email us at info@dmcstay.com
Form | Purpose | Data type | Legitimacy of treatment |
Contact | The purpose is to manage contacts and requests for information received via the web. | NameEmail | Consent of the data subject (art. 6.1.a RGPD) Pre-contractual measures (art. 6.1.b GDPR)Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1.f GDPR) |
Register your accommodation | The purpose is the management of accommodation records | NameEmail | Consent of the data subject (art. 6.1.a RGPD) Pre-contractual measures (art. 6.1.b GDPR)Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1.f GDPR) |
Access | The purpose of customer access | EmailPassword | Consent of the data subject (art. 6.1.a GDPR)Pre-contractual measures (art. 6.1.b GDPR)Processing is necessary for the purposes of the legitimate interests pursued by the controller (art. 6.1.f GDPR) |
Bookings | The purpose is to manage accommodation bookings | First nameSurnameEmailTelephoneAddress | Consent of the data subject (art. 6.1.a RGPD) Processing necessary for compliance with a legal obligation applicable to the controller (art. 6.1.c RGPD) Processing necessary for the performance of a contract to which the data subject is party or for the implementation at his or her request of pre-contractual measures (Art. 6.1b GDPR)Processing is necessary for the purposes of the legitimate interests pursued by the controller (Art. 6.1f GDPR) |
PurposeWe will only use your data for the purposes for which we collect it, unless we reasonably believe that we should use it for another purpose, provided that we notify you in advance so that you are aware of the lawful reason for processing and provided that the purpose is compatible with the original purpose.
5. How long will we keep your data?
They will be kept for the time necessary to fulfil the purpose for which they were collected and to determine any possible liabilities that may arise from this purpose and from the processing of the data. The provisions of the different regulations regarding the retention period shall apply, insofar as applicable to this processing.
6. Minors.
Ciprian Rosian does not authorise persons under 14 years of age to provide their personal data through the means provided on this website (completion of web forms for requesting services, contact or by sending e-mails). Therefore, persons who provide personal data using these means formally declare that they are over 14 years of age, and that they are Ciprian Rosian exempted from any liability for failure to comply with this requirement.
If your child below the age limit has provided personal information to Ciprian RosianPlease contact us in order to request the exercise of your applicable rights.
In those cases where the services offered by Ciprian Rosian are intended for children under 14 years of age, arrangements shall be made to obtain the consent of the child's parents or legal guardians.
7. Exercise of Data Protection Rights:
How to exercise these rights? Users may address a communication to the registered office of Ciprian Rosian or e-mail address info@dmcstay.com, including in both cases a photocopy of your ID card or other similar identification document, to request the exercise of the following rights:
- Access to your personal data: you can ask Ciprian Rosian if you are using your personal data.
- To apply for your rectificationIf they are not correct, or to exercise the right to be forgotten with respect to them.
- To apply for the limitation of processingin this case, they shall only be retained by Ciprian Rosian for the exercise or defence of claims
- A object to their treatment: Ciprian Rosian will no longer process the data in the manner you have indicated, unless for legitimate reasons or for the exercise or defence of possible claims, the data must continue to be processed.
- A la portability of the data: in case you want your data to be processed by another firm, Ciprian Rosianwill facilitate the portability of your data to the new data controller.
You may use the forms made available to you by the Spanish Data Protection Agency to exercise your aforementioned rights: Here
Complain to the AEPD: if you consider that there is a problem with the way in which Ciprian Rosian is processing your data, you may address your complaints to to the corresponding control authority, which in Spain is the competent authority for this purpose: Spanish Data Protection Agency.
We will ask you for specific information to help us confirm your identity and to ensure your right to access your personal data (or exercise any of the other rights mentioned above). This is a security measure to ensure that personal data is not disclosed to anyone who is not entitled to receive it.
All requests will be dealt with within the legal deadline of one month. However, it may take longer than one month if your request is particularly complex. In this case, we will notify you and keep you updated.
8. Communication of data: provision of services.
It is possible that, in the course of our work, we may need the assistance of third parties, who will only process the data to provide the contracted service, and with whom we have the corresponding measures in place to guarantee your rights:
- Service providers providing information technology and systems management services.
- Professional advisors including lawyers, auditors and underwriters providing banking, legal, insurance and accounting consultancy services
All processors to whom we transfer your data will respect the security of your personal data and will process it in accordance with the GDPR.
We only allow these service providers to process your data for specified purposes and in accordance with our instructions. However, in order to comply with transparency requirements, you can request a list of the companies that provide services to us by sending an email to: info@dmcstay.com.
9. Data Security.
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, modified or disclosed. In addition, we restrict access to your personal data to those employees, agents, contractors and other third parties who have a business need to know that data. They will only process your personal data in accordance with our instructions and are subject to a duty of confidentiality.
We have implemented procedures to deal with any suspected breach of your personal data and will notify you and the Supervisory Authority in the event of a breach of security as regulated in Articles 33 and 34 of the GDPR.