Privacy Policy

PRIVACY – EXTENDED INFORMATION

The Privacy Policy forms part of the General Conditions governing this website.

VERSION 15.12.2022

Who is responsible for the processing of your data?

Canary Boat Trips, S.L.U

Address: C/ Nuestra Señora del Carmen nº9, bajo derecho (Morro Jable)

C.P. 35625

Pájara.

CIF: B76278977

Tfno: +34 630 975 023

Mail: dpo@magicandsailing.com

You can contact us in any way you wish.

We reserve the right to modify or adapt this Privacy Policy at any time. We recommend that you review it, and if you have registered and log in to your account or profile, you will be informed of the changes.

If you are one of the following groups, please see the information below:

+ CONTACTS FROM THE WEB OR EMAIL

What data do we collect through the website?

We may treat your IP address, what operating system or browser you use, and even the duration of your visit, anonymously.

If you provide us with your details in the contact form, you will be identified so that we can contact you, if necessary.

For what purposes will we process your personal data?

  • Respond to your queries, requests or petitions.
  • Manage the requested service, answer your request, or process your request.
  • Information by electronic means, concerning your application.
  • Commercial or event information by electronic means, subject to express authorisation.
  • To carry out analysis and improvements on the Web, on our products and services. Improve our commercial strategy.

What is the legitimacy for the processing of your data?

The acceptance and consent of the data subject, granted through a voluntary action, such as in cases where to make a request it is necessary to fill in a form and click on the send button, the completion of the same will necessarily imply that he/she has been informed and has expressly given his/her consent to the content of the clause attached to said form or acceptance of the privacy policy.

All our forms are marked with the * symbol in the mandatory fields. If you do not provide these fields, or do not tick the checkbox to accept the privacy policy, the information will not be allowed to be sent. It usually has the following formula: “□ I am over 14 and I have read and accept the Privacy Policy”.

How long will we keep personal data?

Until revocation of the consent given.

+ NEWSLETTER CONTACTS

What data do we collect through the newsletter?

On the Web, you can subscribe to the Newsletter, if you provide us with an e-mail address, to which the Newsletter will be sent.

We will only store your email address in our database, and we will proceed to send you periodic emails, until you unsubscribe, or we stop sending emails.

You will always have the option to unsubscribe, in any communication.

For what purposes will we process your personal data?

  • Manage the requested service.
  • Information by electronic means, concerning your application.
  • Commercial or event information by electronic means, subject to express authorisation.
  • Carry out analysis and improvements in mailing, in order to improve our commercial strategy.

What is the legitimacy for the processing of your data?

Acceptance and consent of the data subject. In those cases where you subscribe you will need to accept a checkbox and click on the submit button. This necessarily implies that you have been informed and have expressly given your consent to receive the newsletter.

If you do not check the checkbox to accept the privacy policy, the information will not be allowed to be sent. It usually has the following formula: “□ I am over 14 and I have read and accept the Privacy Policy”.

How long will we keep personal data?

Until revocation of the consent given.

+CLIENTS

For what purposes will we process your personal data?

  • Preparation of the budget and monitoring of the budget through communications between both parties.
  • Information by electronic means, concerning your application.
  • Commercial or event information by electronic means, subject to express authorisation.
  • Manage the administrative, communications and logistical services provided by the Head.
  • Invoicing and declaration of the appropriate taxes.
  • Carry out the relevant transactions.
  • Control and recovery management.

What is the legitimacy for the processing of your data?

The existence of a contractual relationship between the parties. The processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures at the request of the data subject.

How long will we keep personal data?

For the duration of the relations between the parties and for the limitation periods arising therefrom.

+PROVIDERS

For what purposes will we process your personal data?

  • Information by electronic means, concerning your application.
  • Commercial or event information by electronic means, subject to express authorisation.
  • Manage the administrative, communications and logistical services provided by the Head.
  • Billing.
  • Carry out the relevant transactions.
  • Invoicing and declaration of the appropriate taxes.
  • Control and recovery management.

What is the legitimacy for the processing of your data?

The legal basis is the acceptance of a contractual relationship, or alternatively your consent to contact us or offer us your products by any means.

How long will we keep personal data?

For the duration of the relations between the parties and for the limitation periods arising therefrom.

+CONTACTS SOCIAL NETWORKS

For what purposes will we process your personal data?

  • Respond to your queries, requests or petitions.
  • Manage the requested service, answer your request, or process your request.
  • Engage with you and create a community of followers.

What is the legitimacy for the processing of your data?

The basis for legitimising the processing is the voluntary consent of the data subject to contact and, where appropriate, the acceptance of a contractual relationship in the relevant social network environment. The processing of data within the Social Network will be carried out in accordance with its privacy policies.

How long will we keep personal data?

We can only consult or remove your data in a restricted way if you have a specific profile. Sólo podemos consultar o dar de baja tus datos de forma restringida al tener un perfil específico.

Any rectification of your data or restriction of information or publications must be made through the configuration of your profile or user in the social network itself.

+JOBSEEKERS

For what purposes will we process your personal data?

  • Organisation of selection processes for the recruitment of employees.
  • Call you for job interviews and evaluate your application.
  • If you have given us your consent, we may pass it on to collaborating or related companies for the sole purpose of helping you find employment.
  • If you tick the checkbox to accept the privacy policy, you give us your consent to transfer your job application to the entities that make up the group of companies in order to include you in their recruitment processes.

We also inform you that one year after receipt of your curriculum vitae, we will proceed to its secure destruction.

What is the legitimacy for the processing of your data?

The legal basis is your unambiguous consent by sending us your CV.

How long will we keep personal data?

For a minimum period of 1 year or until revocation of the consent given.

Do we include personal data of third parties?

No, as a general rule we only process the data provided to us by the data subjects. If you provide us with data of third parties, you must inform and request their consent beforehand, or else we shall be exempt from any liability for non-compliance with this requirement.

What about data on minors?

We do not process data of children under 14 years of age. Therefore, please refrain from providing them if you are not of that age or, if applicable, from providing data of third parties who are not of that age. Canary Boat Trips, S.L.U disclaims any liability for failure to comply with this provision..

Will we communicate electronically?

  • They will only be made to process your request, if it is one of the means of contact you have provided us with.
  • If we send commercial communications, they will have been previously and expressly authorised by you.

What security measures do we apply?

You can rest assured: We have adopted an optimal level of protection for the Personal Data we handle, and we have installed all the technical means and measures at our disposal according to the state of technology to prevent the loss, misuse, alteration, unauthorised access and theft of Personal Data.

To which recipients will your data be communicated?

Your data will not be passed on to third parties, unless legally obliged to do so. Specifically, they will be communicated to the State Tax Administration Agency and to banks and financial institutions for the collection of the service provided or product purchased, as well as to the data processors necessary for the execution of the agreement.

In case of purchase or payment, if you choose any application, website, platform, bank card, or any other online service, your data will be transferred to that platform or processed in its environment, always with maximum security.

When ordered by us, the web development and maintenance company, web hosting/hosting, will have access to our website. They will have signed a service contract that obliges them to maintain the same level of privacy as we do.

Any international transfer of data when using American applications will adhere to the Privacy Shield agreement, which ensures that American software companies comply with European data protection policies on privacy.

What rights do you have?

  • To know whether we are processing your data or not.
  • To access your personal data.
  • To request the rectification of your data if it is inaccurate.
  • To request the deletion of your data if they are no longer necessary for the purposes for which they were collected or if you withdraw your consent.
  • To request the limitation of the processing of your data, in certain cases, in which case we will only keep them in accordance with the regulations in force.
  • To submit your data, which will be provided to you in a structured, commonly used or machine-readable format. If you prefer, we can send them to the new person in charge that you designate. It is only valid in certain cases.
  • To file a complaint with the Spanish Data Protection Agency or competent supervisory authority if you believe that we have not dealt with you correctly.
  • To withdraw consent to any processing for which you have consented, at any time.

If you change any data, please let us know so that we can keep them up to date.

Do you want a form for exercising your rights?

  • We have forms for the exercise of your rights, ask us for them by email or if you prefer, you can use those prepared by the Spanish Data Protection Agency or third parties.
  • These forms must be electronically signed or be accompanied by a photocopy of the ID card.
  • If someone is representing you, you must attach a copy of their ID card, or have them sign it with their electronic signature.
  • The forms can be submitted in person, by letter or by mail to the address of the Responsible at the beginning of this text.

 

How long does it take to get back to you on the Exercise of Rights?

It depends on the law, but at the most within one month from your request, and two months if the issue is very complex and we notify you that we need more time..

Do we process cookies?

If we use other types of cookies that are not necessary, you can consult the cookie policy in the corresponding link at the top of our website.

How long will we keep your personal data?

  • Personal data will be kept for as long as you remain connected with us.
  • Once you unsubscribe, the personal data processed for each purpose will be kept for the legally stipulated periods, including the period in which a judge or court may require them in accordance with the statute of limitations for legal actions.
  • The data processed will be kept until the expiry of the aforementioned legal periods, if there is a legal obligation to keep them, or, if there is no such legal period, until the data subject requests their deletion or revokes the consent granted.
  • We will retain all information and communications relating to your purchase or the provision of our service, for the duration of product or service warranties, to address potential claims.
  • For each processing or type of data, we provide you with a specific period, which you can consult in the following table:
FileDocumentConservation
ClientsInvoices10 years
Forms and coupons15 years
Contracts5 years
Human ResourcesPayrolls, TC1, TC2, etc.10 years
CurriculumsUntil the end of the selection process, and 1 year more with your consent.
Severance pay docs.

Contracts.

Data on temporary workers.

4 years
Worker’s file.Up to 5 years after sick leave.
MarketingDatabases or web visitors.For the duration of treatment.
SuppliersInvoices10 years
Contratos5 years
Access control and video surveillanceList of visitors30 days
Videos30 days blocking

3 years destruction

AccountingAccounting books and documents.

Shareholders’ agreements and boards of directors, articles of association, minutes, regulations of the board of directors and delegated committees.

Financial statements, audit reports

Records and documents related to grants

6 years
ProsecutorAdministration of the company’s administration, rights and obligations relating to the payment of taxes.

Administration of dividend payments and withholding taxes.

10 years
Information on intra-group pricing establishments18 years

8 years for intra-group transactions for price agreements

Health and SafetyWorkers’ Medical Records5 years
EnvironmentInformation on chemical or substantially hazardous substances10 years
Documents relating to environmental permitsWhile the activity is being carried out.3 years after closure of the activity

10 years (statute of limitations)

Records on recycling or waste disposal3 years
Grants for clean-up operations must keep records of entitlements and obligations, receipts and payments.4 years
Accident reports5 years
Insurance Insurance policies6 years (general rule)

2 years (damage)

5 years (personal)

10 years (life)

ShoppingRegistration of all supplies of goods or services, intra-Community acquisitions, imports and exports for VAT purposes.5 years
LegalIntellectual and Industrial Property Documents.

Contracts and agreements.

5 years
Permits, licences, certificates6 years from the date of expiry of the permit, licence or certificate.

10 years (criminal statute of limitations)

Confidentiality and non-competition agreements Always the period of duration of the obligation or of confidentiality
RGPD/LOPDGDDProcessing of personal data, if different from the processing notified to the AEPD3 years
Personal data of employees stored on networks, computers and communications equipment used by employees, access controls and internal management/administration systems.5 years