We do not trade with your data
We are internet users too, so we know that privacy is important, regardless of what a law says.
At Viando we do not trade with your data and use it only to ensure that our booking system and website works.
Privacy Policy
At VIANDO we understand that it is essential to maintain a transparent relationship with you. For this reason, we present our Privacy Policy below, so that you are always properly informed about how we collect and securely handle any data you provide us with.
Your data will be processed in accordance with current legislation and, in particular, in accordance with the provisions of Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Also with regard to Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights.
A careful reading of our Privacy Policy will provide you with the information you need to understand how we will use the data you provide to us.
Who is responsible for the processing of your data?
If you, or an authorised person, have provided us with your data, we inform you that VIANDOTREKS, SL, CIF B70781125, is responsible for the processing of this data.
This data will be processed in accordance with the provisions of the applicable regulations on the protection of personal data. It is possible that there may be other data controllers in the processing that we carry out. In this case, we will always inform you who is responsible for the processing of the data, as well as their identification data.
VIANDO is committed to complying with its obligation to maintain the secrecy of personal data and its duty to protect it. To this end, we adopt the necessary measures to prevent their alteration, loss, processing or unauthorised access in accordance with the provisions of the Regulation.
Where do we report?
From VIANDO we inform through the web page www.viandotreks.comin the section corresponding to the privacy policy. More information at Legal Notice.
What data do we process?
Depending on the different sections or services made available to and used by the user, as well as the additional processing permitted or authorised by the user, the data processed may be different.
Data provided by the user: are the data that you provide to us when you fill in the forms available on the website - whether to obtain information about a product or service, or to subscribe to our newsletters or bulletins. This includes identifying and contact details, such as your first and last name and email address, telephone number or other details. In each of the forms, it will be indicated which of these data are mandatory and which are optional.
Data not provided by the user: are those that may be provided by the browser during browsing, such as the IP address assigned by your provider or the information of the device used. To obtain this data, we use cookies, which refer to the browser used, and not to the specific person who is using it. For more information on this, you can consult the specific section on cookies.
Data provided by social networks: are those provided by the social networks with which you have chosen to register with Viando. In these cases, the different social networks may provide data that you have shared with them, including geolocation data, personal characteristics or social circumstances or academic and professional data, among others, including identification data or profile image.
How do we process the data?
At VIANDO we always process your personal data in strict compliance with current legislation. We also inform you that we have the appropriate technical and organisational measures in place to guarantee an optimum level of security, thereby ensuring that only authorised persons have access to your data, that we will keep it intact, preventing any intentional or accidental loss, and that we have reinforced our data processing systems and services. The operations, management and technical procedures that we carry out in an automated or non-automated way and that make possible the collection, storage, modification, transfer and other actions on personal data, are considered as personal data processing.
What is the legitimacy of the processing?
In accordance with the processing carried out on the website, we inform you below of the bases of legitimacy of each of them:
Execution of a contractual relationship. The data provided in the process of booking or contracting products and services.
Consent. It will be duly obtained for the sending of newsletters and news, as well as to give timely response to all those issues or questions raised by users. Consent is always revocable and may be withdrawn at any time.
Legitimate interest. It shall be in the legitimate interest of the Owner to send commercial communications, according to the tastes and interests of users and the data obtained from their browsing.
How do we manage electronic communications?
In accordance with the provisions of Law 34/2002 of 11 July, on Information Society Services and Electronic Commerce, and Directive 2002/58/EC, we inform you that you may receive communications and information of a commercial nature through this electronic communication system (e-mails, automated response messages from forms and other communication systems) when you have given us your consent or when they are commercial communications referring to products or services similar to those previously provided by the party responsible for the processing of your data.
In the event that you do not wish to receive communications and information of this nature, you can notify us by this same means indicating in the subject "UNSUBSCRIBE FROM COMMERCIAL COMMUNICATIONS" so that your personal data can be removed from our database. Your request will be acted upon within 1 month of being sent. In the event that we do not receive an express reply from you, we will understand that you accept and authorise our company to continue sending the aforementioned communications. In the event of receiving such communications by these means, we inform you that the messages are addressed exclusively to the addressee and may contain privileged or confidential information. If you are not the addressee indicated, we notify you that unauthorised use, disclosure and/or copying is prohibited under current legislation.
How long do we keep your data?
Personal data relating to natural persons that we collect by any means will be kept for as long as the data subject does not request their deletion. Likewise, they will be kept for as long as the relationship that gave rise to the processing of the data is maintained, respecting in any case the legal retention periods. At the end of this period, the personal data will be deleted from all our systems.
Will your data be communicated to third parties?
There will be no assignment, transmission or transfer of personal data, except those already reported, which are not the result of a legal obligation. If your data is requested from us by the Public Administration or Autonomous Institutions within the scope of the functions expressly attributed to them by law, your data will be transmitted. If there is an assignment, transmission or transfer of personal data outside of the aforementioned cases, you will be previously informed so that, if appropriate, you can give us your consent.
However, in order to be able to organise ourselves properly, to have good operations and procedures that guarantee good management, it may be necessary for us to hire the services of consultants, professionals or other service companies to process data under our instructions. This processing on behalf of third parties is regulated in a contract in writing or in some other legally admissible form that allows proof of its conclusion and content, expressly specifying that the data processor will process the data in accordance with our instructions and will not apply or use them for a purpose other than that stated in the contract, nor communicate them, not even for storage, to other persons.
What are your rights?
Data protection regulations give you the following rights:
- Right to revoke any consent previously given.
- Right of access. To know what type of data is being processed and the characteristics of the processing carried out.
- Right of rectification. To be able to request the modification of inaccurate or untrue data.
- Right of portability. To be able to obtain a copy in interoperable format of the data being processed.
- Right to limitation of treatment in cases where you consider that it is not necessary.
- Right of cancellation. To request the cessation of data processing and their deletion when their retention is no longer necessary.
If you would like more information regarding the processing of your data, rectify any data that is inaccurate, oppose and/or limit any processing that you consider unnecessary, or request cancellation of the processing when the data is no longer necessary, please write to VIANDOTREKS, S.L. at Rua do Rego 6C 5°D - Milladoiro, 15895 - Ames (A Coruña) or by e-mail to administracion@viandotreks.com. Such communication shall reflect the following information:
- Name and surname of the user.
- The request for application.
- The address and supporting information.
The exercise of rights must be carried out by the user himself. However, they may be exercised by a person authorised as the authorised person's legal representative. In this case, you must provide documentation accrediting this representation of the interested party.
Likewise, we would like to inform you that you can withdraw the consent given without affecting the lawfulness of the processing already carried out, by sending your request to the same address indicated in the previous paragraph. In this case, you must enclose with your request a copy of your ID card or other document proving your identity. You should also remember that you have the right to file a complaint with the Spanish Data Protection Agency (AEPD) if you consider that your data protection rights have been infringed.
C/ Jorge Juan, 6, 28001 Madrid
FAX: 914483680
TEL: 901 100 099
E-mail: ciudadano@agpd.es
What is the purpose and basis for the data processing and how long are the data retained?
The purposes of the data processing carried out by any or all of the Controllers listed above are set out below.
TREATMENT ACTIVITY | PURPOSE OF PROCESSING | BASIS OF LEGITIMACY | CONSERVATION PERIOD |
---|---|---|---|
Tax and accounting management | Processing necessary for compliance with tax and accounting obligations. | Contractual relationship. Legal obligation for the controller. Overriding legitimate interests of the controller or third parties. | 5 years from the end of the contract. The time necessary to meet legal obligations. |
Contact management | Processing of the data in order to be able to maintain communications with the interested parties. | Contractual relationship. Overriding legitimate interests of the data controller or third parties. Express consent of the data subject. | 5 years from the end of the contract. Until cancellation and/or opposition by the holder. Until the relevant loss of use. |
Information communication and notifications | Dissemination of activities and notifications of relevant information related to the entity's activity. | Overriding legitimate interests of the data controller or third parties. Express consent of the data subject | Until cancellation and/or opposition by the holder. |
Customer management | Processing of the data necessary for the maintenance of the commercial/contractual relationship with customers, invoicing, after-sales service, sending promotions and advertising and customer loyalty. | Contractual relationship. Commercial relationship. | 5 years from the end of the contract. The period legally established by the specific regulations. |
Sending advertising | Sending commercial information, notifications about events and events of interest, offers, information about products and services, to customers and/or potential customers. | Express consent of the data subject. | Until cancellation and/or opposition by the holder. Until the relevant loss of use. |
E-commerce | Preparation and management of orders and purchases made through web platforms. | Contractual relationship. Commercial relationship. | 5 years from the end of the contract The period legally established by the specific regulations. |
Management of the registration of users of the web platform | Registration, maintenance and upkeep of users of the web platform | Contractual relationship Express consent of the person concerned | Until cancellation and/or objection by the owner Until relevant loss of use |
Management of potential customers | To be able to carry out the necessary communications with potential clients and/or other interested parties, to send quotations, prices, product costs and other information requested prior to establishing a contractual relationship. | Business relationship | Until the relevant loss of use |
Web management | Manage enquiries, contacts and complaints received through the website. | Express consent of the data subject | Until cancellation and/or objection by the owner Until relevant loss of use |
Complaints and queries management | Handling enquiries from customers, potential customers, users and other interested parties about the company's services or handling complaints about invoicing, service delivery or other motivations. | Express consent of the data subject | Until cancellation and/or objection by the owner Until relevant loss of use |
- Revision date: 01/04/2024