PRIVACY POLICY

INTRODUCTION

The BERNABE LEON TEJERA Group of Companies is committed to ensuring that your personal information is protected and not misused.

In this document we explain who the controller is, for what purpose your personal information will be processed, the legitimacy for the processing, how we collect it, why we collect it, how we use it, the rights you have, and also explain the processes we have put in place to protect your privacy.

By providing us with your personal information and using our websites, we understand that you have read and understood the terms relating to personal data protection information set out below. The BERNABE LEON TEJERA Group Companies assume responsibility for complying with current national and European data protection legislation, and aim to process your data in a lawful, fair and transparent manner.

SCOPE OF APPLICATION

This document applies to all BERNABE LEON TEJERA Group companies.

CONSIDERATIONS TO BE TAKEN INTO ACCOUNT

WHO IS RESPONSIBLE FOR THE TREATMENT?

The definition of data controller is described in the General Data Protection Regulation, and is as follows:

DATA CONTROLLER” OR “CONTROLLER

The natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of the processing.

All the companies of the BERNABE LEON TEJERA group are in some way responsible for the processing of personal information about their customers.

If you have any questions, comments or concerns, or if you have any suggestions about how we use personal information, you can send an email to the Data Protection Officer of the BERNABE LEON TEJERA Group at the following address info@viajandovamos.com.

INFORMATION ABOUT THE COMPANIES OF THE BERNABE LEON TEJERA GROUP

Innovation is one of the hallmarks of all the companies that make up the BERNABE LEON TEJERA Group. We are constantly introducing new products in areas as diverse as fashion and accessories, decoration and home, technology, food and restaurants, and culture.

Company name BERNABE LEON TEJERA

  • Registered Office: PUNTARENAS 6, MASPALOMAS, 35109, LAS PALMAS

  • Mail: info@viajandovamos.com

  • Phone: 693 769 503

  • N.I.F.: 44710436T

  • Website: viajandovamos.com

FOR WHAT PURPOSE DO WE COLLECT YOUR PERSONAL INFORMATION?

The main reason we collect your personal information is to facilitate and improve the service, which you as a customer expect from us.

We collect your personal information to manage your purchases, orders or requests that you make to us, either in any of our shopping centers, stores, agencies, supermarkets or through our websites or applications, by phone or in any paper form.

The following are the main purposes we have identified in the companies of the BERNABE LEON TEJERA Group:

  • Compliance with legal obligations, including, but not limited to, Law 10/2010 on the Prevention of Money Laundering.

  • Management of the contracting of products or services offered by any of the companies of the BERNABE LEON TEJERA Group, including distance selling and management of shipments and returns.

  • Create and manage a personal account with unique registration to be used in the purchase of products and services offered on any website of the BERNABE LEON TEJERA Group companies.

  • Channel requests for information, suggestions and complaints from customers for their management and resolution.

  • Surveys to improve our services.

  • Market research and commercial prospecting, reports on consumer habits, statistical data and market trends, in order to offer you products and services that may be of interest to you.

  • Perform profiling and analysis of our customers’ behavior when using our websites or applications, but only if you give us your consent.

  • Keep you informed about our latest products, offers, opportunities, etc. The channels we usually use are: email, postal mail, telephone, SMS, Push message, but only if you give us your consent.

  • Capture of images of people and vehicles for security purposes and to assist in emergency and evacuation plans for buildings.

  • Management of VAT refunds for purchases by non-resident tourists in the European Community.

  • Personnel selection management.

HOW DO WE COLLECT INFORMATION ABOUT YOU?

We collect personal information about you by different means, in some cases you will contact us to share your personal information, and in other cases we collect your personal information using other means. Below, we will explain the different ways in which we collect personal information about you and some examples of how we use such information.

INFORMATION YOU PROVIDE US WITH

We collect personal information that you provide to us through some of the BERNABE LEON TEJERA Group websites, email, cell phone, when you contract a service, when you fill out a form, or others. In any case, at the time of collection, you will be informed of the data controller, the purpose of the processing, the recipients of the information, as well as how to exercise your rights under current legislation on data protection.

For example: you may provide us with information when you contact our customer service, place an order, register on our websites, update your preferences and account information, fill out a questionnaire, enter a contest, etc.

Generally, the personal information you provide to us are: name and surname, address, ID card number, date of birth, email address, contact telephone number and payment information. In very particular cases, and depending on the purpose and intended use of your data, we may collect data on personal, academic and professional characteristics, employment details, commercial information, social, economic and insurance circumstances, transfers of goods and services.

If you have never asked us to send you commercial communications, you can subscribe to the different newsletters that we make available to you or send us an email at info@viajandovamos.com

INFORMATION WE COLLECT FROM YOUR VISITS TO OUR WEBSITES

We collect and store limited personal information and anonymous aggregate statistics from all users who visit our sites, whether you actively provide such information to us or are simply browsing our sites. The information we collect includes the Internet protocol (IP) address of the device you are using, the browser software you are using, your operating system, the date and time of access, the Internet address of the website through which you accessed our websites and also information about how you use our websites.

We use this information to know the loading time of our websites, how they are used, the number of visits to the different sections and the type of information that most attracts visitors. It also helps to identify if the web is working properly, and if we detect failures or errors in the operation, solve them and improve the performance of our websites, in order to offer a better service to all users.

This information is collected through cookies, for more information see the cookie policy that can be found on each of the websites of the companies of the BERNABE LEON TEJERA Group.

SOCIAL NETWORKS

The use of social networks is becoming more and more frequent and in this sense the BERNABE LEON TEJERA Group is present in most of them, and it is another way to contact you.

The information we collect through social media sometimes includes personal information that is available online and to the public. We always ensure that all information we use is properly attributed to its source or is anonymized.

These social networks are likely to have their own privacy policies, which will explain how they use and share your personal information. We encourage you to carefully review the privacy policies before using these social networks to ensure that you are comfortable with how your personal information is collected and shared.

MOBILE PHONE

When using the APPs, the BERNABE LEON TEJERA Group has a geolocation tool whose main purpose is to know your location in order to show you the closest establishment to your location. Having the geolocation function of your mobile device activated allows you to benefit from all the functionalities of the Applications. If you do not have geolocation enabled, we will inform you and ask for your permission beforehand with a notification.

This geolocation service will not be used to provide your location to third parties, unless required by law.

Most mobile devices provide users with the ability to disable location services. Most likely, such a possibility can be found in the device’s configuration menu. If you are in doubt about how to disable location services on your device, we recommend that you contact your mobile service operator or your device manufacturer.

To disable location services on your Android device select Location Services from your phone’s settings menu. Most Android devices allow you to disable location services for the entire phone, such as GPS services and location services from other carriers. In general, when the box to enable location services is not checked, location services will remain disabled.

To disable location services on your iPhone device you can disable location services on all iPhone models from the Settings menu by selecting Location. To disable location services for the entire device, slide the bar until you see the Disable option. To disable location services for a particular application, slide the bar next to each application name until you see the Disable option.

WHAT IS THE LEGITIMACY FOR THE PROCESSING OF PERSONAL INFORMATION?

For the processing of your personal information, we rely on the legitimacy for several reasons:

  • For the fulfillment of a contract and/or business relationship.

  • For compliance with various legal obligations.

  • For legitimate interest, for example, for security reasons, fraud prevention, to improve our services and products through market research, or to handle requests, inquiries or possible complaints that may arise.

  • With your consent, for example, for sending personalized offers from BERNABE LEON TEJERA Group companies.

TO WHOM MAY WE DISCLOSE YOUR PERSONAL INFORMATION?

If you have given us your consent, the information you provide will be communicated to the companies of BERNABE LEON TEJERAto treat it for the purposes described above. Not all of the purposes described above involve the transfer of data, especially considering that the data is collected directly by each of the Group’s companies.

In some cases, it is necessary for us to communicate the information you have provided to us to third parties in order to provide you with the requested service, for example, travel and hotel reservations, logistics, transportation and delivery services, installers and/or fitters, and home renovations, etc.

There are also companies that provide us with other types of services, such as: information technology (storage and processing of information), security services, financial services, auditing services, etc.

These third parties only have access to the personal information they need to perform these services. They are required to keep your personal information confidential and may not use it in any way other than as we have requested.

In all cases, BERNABE LEON TEJERA Group companies assume responsibility for the personal information you provide to us, and we ask those companies with whom we share your personal information to apply the same level of information protection as we do.

Likewise, your personal information will be at the disposal of the Public Administrations, Judges and Courts, for the attention of the possible responsibilities born from the treatment.

INTERNATIONAL TRANSFER

The personal information we collect resides in Spain, although some Group companies may have a presence in other countries and your personal information may be collected in the country in which you reside.

In certain cases, services are contracted in Cloud Computing mode in the USA, performing international data transfers. In these cases, appropriate safeguards are in place to protect your information for which you may obtain additional information by writing to info@viajandovamos.com.

LINKS TO THIRD PARTY WEBSITES

In the event that we provide links to websites that are not operated or controlled by BERNABE LEON TEJERA Group companies, you will be promptly informed as BERNABE LEON TEJERA Group companies have no control over such sites nor are they responsible for the content of such sites, nor do they have control over the way in which third parties collect and use your personal information, nor are they responsible for or make any representations about third party websites.

These websites will likely have their own privacy policies explaining how they use and share your personal information. We encourage you to carefully review the privacy policies before using these websites to ensure that you are comfortable with how your personal information is collected and shared.

HOW LONG DO WE STORE YOUR PERSONAL INFORMATION?

We only store your personal information to the extent that we need it in order to use it for the purpose for which it was collected, and in accordance with the legal basis for processing it in accordance with applicable law. We will keep your personal information for as long as there is a contractual and/or commercial relationship with you, or as long as you do not exercise your right to delete and/or limit the processing of your data.

In these cases, we will keep the information properly blocked, without giving it any use, while it may be necessary for the exercise or defense of claims or may derive some kind of judicial, legal or contractual liability from its treatment, which must be attended and for which its recovery is necessary.

HOW CAN YOU EXERCISE YOUR RIGHTS?

Data protection regulations allow you to exercise your rights of access, rectification, opposition, erasure, restriction of processing, portability and the right not to be subject to individualized decisions before the data controller.

These rights are characterized by the following:

  • It is free of charge

  • If the requests are manifestly unfounded or excessive (e.g. repetitive nature), the person in charge may:

    • Charge a fee proportional to the administrative costs incurred.

    • Refusal to act.

  • Requests must be answered within one month, although, taking into account the complexity and number of requests, the deadline may be extended for a further two months.

  • The data controller is obliged to inform you about the means to exercise these rights. These means must be accessible and this right cannot be denied simply because you choose another means.

  • If the request is submitted electronically, the information will be provided by electronic means whenever possible, unless the interested party requests otherwise.

  • If the person in charge does not comply with the request, he/she shall inform, within one month at the latest, of the reasons for his/her inaction and the possibility of complaining to a Control Authority.

  • You may exercise your rights directly or through your legal representative.

  • It is possible that the person in charge may be the one to attend to your request on behalf of the person in charge if both have so established in the contract or legal act that binds them.

RIGHT OF ACCESS

The right of access allows you to contact the data controller to find out whether or not it is processing your personal data.

Download here the right of access form

RIGHT OF RECTIFICATION

The right of rectification means that you may obtain rectification of your personal data that is inaccurate without undue delay from the data controller.

Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of an additional declaration.

In your request you should indicate which data you are referring to and the correction to be made. In addition, when necessary, your request must be accompanied by documentation justifying the inaccuracy or incompleteness of your data.

Download here the right of rectification form

RIGHT OF OPPOSITION

The right to object, as its name suggests, means that you can object to the controller’s processing of personal data in the following cases:

  • When they are subject to processing based on a public interest mission or legitimate interest, including profiling.

  • When the purpose of the processing is direct marketing, including also the aforementioned profiling.

Download here the right of opposition form

RIGHT OF CANCELLATION

The right of deletion may be exercised before the data controller by requesting the deletion of your personal data when any of the following circumstances apply:

  • If your personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.

  • If the processing of your personal data has been based on the consent you gave to the data controller, and you withdraw your consent, provided that such processing is not based on another legitimate reason.

  • The controller’s processing was based on legitimate interest or on the fulfillment of a public interest mission, and no other reasons prevailed to legitimize the processing of your data.

  • To have their personal data used for direct marketing, including profiling related to such marketing.

  • If your personal data has been unlawfully processed.

However, this right is not unlimited, so that it may be feasible not to proceed with the erasure when the processing is necessary for the exercise of freedom of expression and information, for compliance with a legal obligation, for the performance of a task carried out in the public interest or in the exercise of public powers vested in the controller, for reasons of public interest, in the field of public health, for archiving purposes in the public interest, for scientific or historical research purposes or statistical purposes, or for the formulation, exercise or defense of claims.

The data controller is obliged to block the data when it is rectified or deleted.

The blocking of the data consists of the identification and reservation of the data, adopting technical and organizational measures to prevent their processing, including their visualization, except for making the data available to the judges and courts, the Public Prosecutor’s Office or the competent Public Administrations, in particular the data protection authorities, for the demand of possible responsibilities derived from the processing and only for the period of limitation of the same.

Once this period has elapsed, the data must be destroyed.

Download here the right of deletion form

RIGHT TO LIMITATION OF PROCESSING

This new right consists of obtaining the limitation of the data processing carried out by the data controller, although its exercise has two aspects:

You can request the suspension of the processing of your data:

  • When you contest the accuracy of your personal data, for a period of time that allows the data controller to verify it.

  • When you have objected to the processing of your personal data by the controller on the basis of legitimate interest or public interest mission, while the controller verifies whether these grounds override yours.

Ask the person in charge to keep your data:

  • When the processing is unlawful and you have objected to the deletion of your data and instead request the limitation of its use.

  • When the controller no longer needs the personal data for the purposes of the processing, but the data subject needs them for the formulation, exercise or defense of claims.

Download here the right of limitation form

RIGHT TO PORTABILITY

The purpose of this new right is to further strengthen control over your personal data, so that when processing is carried out by automated means, you receive your personal data in a structured, commonly used, machine-readable and interoperable format, and can transmit it to another data controller, provided that the processing is legitimized on the basis of consent or within the framework of the performance of a contract.

However, this right, by its very nature, cannot be applied when the processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority vested in the controller.

Download here the right of portability form

WHERE CAN YOU EXERCISE YOUR RIGHTS?

In order to exercise your rights, BERNABE LEON TEJERA and its Group of companies make available to you the following means:

  • By means of a written and signed request addressed to BERNABE LEON TEJERA, calle Hermosilla 112, 28009-Madrid, Ref. L.O.P.D., attaching a photocopy of the ID card or document proving the identity of the applicant.

  • By sending the completed and signed form together with a photocopy and/or scanned copy of the ID card or document proving the identity of the applicant to the e-mail address info@viajandovamos.com.

  • By calling Customer Service at 693769503.

  • At the Customer Service Department of any of the shopping centers in which BERNABE LEON TEJERA has the same.

You may file a complaint with the Spanish Data Protection Agency, especially when you are not satisfied with the response to the exercise of your rights, for more details you can consult the website www.agpd.es.

HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

We are committed to protecting your personal information. We use appropriate technical and organizational measures to protect your personal information and privacy and we review these measures periodically. We protect your personal information by using a combination of physical, computer and logical security controls, including access controls that restrict and manage how your personal information and personal data is processed, administered and managed. We also ensure that our employees are properly trained to protect your personal information. Our procedures indicate that we may ask you for proof of identity before we share your personal information with you.

In accordance with our security and confidentiality guarantee, we are especially interested in providing you with the highest level of security and protecting the confidentiality of the personal information you provide to us. Therefore, commercial transactions are carried out in a secure server environment under SSL (Secure Socket Layer) protocol.

If at any time you have problems accessing any part of our website, it may be due to the model or version of your browser or the configuration of your browser options. If you need us to help you find the solution or if you have any questions regarding the operation of our purchasing system, please call us at 902 22 44 11. We will be pleased to assist you.

The Internet is a medium that makes it possible to conduct commercial transactions over the network. Therefore, one of the main concerns of users who use the Internet is the security of data on the network.

An e-commerce transaction is understood as the whole process of making a commercial agreement including the contact between both parties: customer and company. The aspects that every commercial transaction must meet must be:

  • Authentication that guarantees the legal or physical personality with which we communicate.

  • Integrity, i.e. that the content of the communication between the two parties cannot be modified.

  • Confidentiality, which consists of the guarantee that no unauthorized person can know the content of the communication.

We are particularly concerned about security and ensuring the confidentiality of the data you provide. For this reason, in addition to being founding members of the @ECE (Spanish E-Commerce Association), we are members of Confianza Online, a system for resolving possible disputes that may arise between consumers and companies in the field of E-Commerce and Interactive Advertising, supported by a large number of business associations, the National Institute of Consumer Affairs, the Spanish Data Protection Agency and the Ministry of Science and Technology.

ARE CHILDREN’S DATA PROCESSED?

The BERNABE LEON TEJERA Group’s websites, applications and products are not normally directed at minors. Although on occasion we may carry out a campaign, such as the launch of consoles or video games, in which minors may show their interest. However, we do not knowingly collect any personal information from minors, except with the permission of a parent or guardian.

If you are a minor, please do not attempt to register as a user of our websites, applications or products. If we discover that we have mistakenly obtained personal information about a minor, we will delete that information as soon as possible.

WHAT PRECAUTIONS SHOULD BE TAKEN?

These are some of the precautions we advise our customers to take:

  • Do not give your username or password to anyone.

  • Do not write it down in easily accessible places: computer, agenda, etc.

  • Always use our SSL security system.

  • Always log out of the browser after accessing a security zone or after entering a user name or password into the system.

  • Modifications to this data protection information

We will review and update the data protection information when there are changes in the legislation or in any of the procedures for processing your personal information.

This data protection information was last reviewed and updated in October 2019.