The General Data Protection Regulation (Regulation (EU) 2016/679) harmonizes the legislation on Data Protection throughout the European Union, increasing the protection of people and granting them greater control over their personal data.

At the Wellington Hotel, SL we have always been concerned about the protection of personal data. For this reason, we have updated our Privacy Policy in order to adjust it to the new regulation and inform you about the changes that affect your rights:

Who is responsible for the treatment of your personal data?

Hotel Wellington, SL, CIF: B28054609 with address at C/Velázquez, 8 (28001-Madrid).

What is the purpose of having your personal data?

The data that the Wellington Hotel collects through different channels (website, email, electronic or paper forms and documents) within its activity, are used for the following purposes:

• Maintenance of the commercial and contractual relationship with its clients / suppliers.
• Send information about our services.
• Sending bulletins and newsletters.
• Carrying out customer satisfaction surveys.
• Selection and recruitment of Personnel.
• Video surveillance and security of the facilities.
• Compliance with current regulations and laws (Organic Law 4/2015 on the Protection of Citizen Security).

How long do we keep your data?

• In the case of suppliers, clients, collaborators and staff, we keep the data for the duration of the contractual relationship and, subsequently, during the mandatory legal period.
• In relation to the personnel selection processes, the data will be kept for the duration of the process and, in the event that the CV is of interest to the company, it will be kept for a period not exceeding one year, after that time, it will be removed or destroyed.
• In relation to the actions aimed at commercial prospecting, the data will be kept until the interested party shows their opposition to the treatment or withdraws their consent.
• In relation to video recording through security cameras and access control to the facilities, the data will be kept for a maximum of 30 days.

Why do we use your personal data?

Your personal data is processed by the Wellington Hotel on the following legal bases:

• Your given consent or it was voluntarily provided by you whether it be by a written or online form, e-mail.
• The maintenance, development and execution of a contractual relationship that we maintain with you, in the case of: (i) provision of services; (ii) labor, commercial, administrative relationship, among others.
• For legitimate interest, always respecting your right to the protection of personal data, honor and privacy, for the development and dissemination of our services.
• In compliance with a legal obligation (Organic Law 4/2015 on the Protection of Citizen Security).

To whom will we communicate your data?

Your data will be kept under strict security measures that guarantee their confidentiality and security. In the same way, they will only be communicated to the entities and for the following purposes:

• Entities and suppliers that provide services to the Wellington Hotel for the proper execution of our activities and projects. Said entities and providers are duly accredited and sign the corresponding data treatment contract with us in compliance with current data protection regulations.
  To give you examples of the services that they provide us and that may involve the processing of personal data on behalf of the Wellington Hotel, we can mention, by way of example and not limited to: multidisciplinary professional services, logistics, legal advice, technological, computer, messaging and distribution, maintenance, security and surveillance, advertising and marketing, call center etc.
• Public institutions and authorities as well as Courts and Tribunals, when there is a legal obligation to provide the data.

What security measures do we apply to your personal data?

We apply the necessary security measures to prevent theft, alteration or unauthorized access to the data, taking into account the state of the technique, application costs, nature, scope, context and the purpose for its treatment, as well as probability risks and severity for the rights and freedoms of any natural person.

In the case of hiring services, we demand and ensure that the person in charge of the treatment applies appropriate technical and organizational measures to guarantee an adequate level of security to the existing risks, as stated in art. 32 of the General Data Protection Regulation.

We also carry out Impact Assessments on those treatment operations that we consider may have a risk for the rights and freedoms of people, in order to implement the necessary and timely measures to avoid a violation of confidentiality.

What are your rights?

Every person has the right to know if the Wellington Hotel handles your personal data. You also have a right to:

• Access your personal data,
• Request the rectification of inexact data.
• Request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected
• Oppose the processing of your data, for reasons related to your particular situation, requesting that they not be processed by the Wellington Hotel.
• In certain circumstances, request the limitation of the processing of your data, in which case we will only keep them for the exercise or defense of complaints.
• Withdraw, whenever you want, the consent given, without affecting the legality of the treatment that we have carried out prior to said withdrawal.

When you exercise your rights of deletion, opposition, limitation or withdraw your consent, the Wellington Hotel will stop processing your data, except for compelling legitimate reasons or the exercise or defense of possible complaints.

All these rights may be exercised by contacting Hotel Wellington, SL., Velázquez Street, 8 (28001-Madrid) or by mail at: info@hotel-wellington.com.

Remember that when you exercise any of the rights that we have exposed, a copy of your ID or similar document that allows us to verify your identity must be attached with your request.

Furthermore, if you are not satisfied with how we have handled your rights, you may file a claim with the Spanish Agency for Data Protection, through the website www.aepd.es.