Who are we? We are GF HOTELS, and we process your data as the Data Controller. This means we are responsible for how we use and protect your personal data.
What do we use your data for? We use the data you provide online or through any other means to respond to your questions and suggestions, provide you with the services or products you request, register you as a user, send you the personalized communications you've subscribed to, monitor comments on our blog, and process your reservation or online purchase.
Why do we have them? We are entitled to process your data for various reasons. When you fill out a form or send an email with a question or suggestion, we have a legitimate interest in addressing it. When you register on our website or make a reservation or purchase, we must execute the contract you accept with us, just as we are legally obliged to issue an invoice containing your data when the service or purchase is carried out. We are also entitled to your consent when you authorize us to send you our newsletter and personalized offers.
Who do we share your data with? We will only share your data with collaborating companies to process requests and provide our services or products, as well as with banks and organizations required by law. Under no circumstances do we sell your data to third parties.
What rights do you have? You have the right to access, rectify, or delete your personal data. You also have the right to object to our use of data that you have previously authorized us to use, to the right to transfer it, and to not be subject to automated individual decision-making.
In processing your personal data, we apply the following principles to ensure maximum protection for you:
In this privacy policy, you will find more detailed information about how we use the personal data of our customers, suppliers, and users, and in general, of all people who have contact with us, regardless of the means they use to communicate (online form, by phone or email, or in person).
We like to be transparent about what we do with your personal data, so you understand the implications of our use of it, and the rights you have regarding your data. For this reason, we keep our Privacy Policy, Legal Notice, and Cookie Policy updated, all of which can be found on this website.
If you have any questions or would like more information about the privacy policy, you can continue reading the document.
GF HOTELES undertakes to comply with current legislation regarding the processing of personal data. Through the following privacy policy, GF HOTELES , in accordance with the requirements of the GDPR and the LOPDGDD (Spanish Data Protection Act), informs users and the individuals whose data it processes of:
The person responsible for processing your data is GF HOTELES , made up of the following entities: EXPLOTACIONES SANTONEL SL with CIF B38588760, COSTA ADEJE GRAN HOTEL, SL with CIF B38555140, ISABEL FAMILY HOTEL SLU with CIF B38964490, FELAHOTEL, SLU with CIF B38489688 and NOELIA PLAYA, SLU with CIF B38741013
| Address | Brussels Avenue 13, 38670 - Adeje (Santa Cruz de Tenerife) |
| Phone | 922712857 |
| Web | gfhoteles.com |
| protecciondedatos@grupofedola.com | |
| Data Protection Officer | dpo@gfhoteles.com |
GF HOTELES informs the user that the data provided to us through browsing our website, the various data collection forms, or when sending emails will be processed by GF HOTELES and that said processing is recorded in the Register of Processing Activities managed by GF HOTELES in accordance with the provisions of the GDPR.
At gfhoteles.com , we process data from both our website users and third parties who maintain relationships with us. To make it easier for you to understand how we process your data, we have differentiated the purposes for which we use the data, the types of data, and the legal basis based on the category of individuals whose data we process.
Below, we classify the people whose data we process based on the type of relationship they have with GF HOTELES :
When you accept our privacy policy, you authorize us to use the personal data you provide for the following purposes:
We obtain your data through:
The express consent of the user ( article 6.1.a. GDPR ) expressed by completing the different forms, checking the box to send the newsletter and receiving commercial communications/information about offers, activities and promotions from GF HOTELES and the sector that may be of interest to them, as well as participating in our blog, is what legitimizes the processing by GF HOTELES . The user may revoke the consent given at any time, although if they revoke it, this will not affect the data processing carried out prior to its revocation.
The legitimate interest in creating browsing profiles and detecting preferences through the installation of cookies.
The execution of a contract or the adoption of pre-contractual measures when the client makes a request using the different forms available to the user on our website or requests information about the services provided by GF HOTELES .
If you are an online customer, we obtain your data through:
If you are a face-to-face customer, we obtain your data through:
In the execution of a pre-contract/contract to send you the information and carry out the actual management of the service provided or the product supplied, otherwise, this cannot be done.
The user's consent to receive the newsletter and commercial communications regarding offers, activities, and promotions from GF HOTELES and the sector that may be of interest to them, as well as the management of our blog. The user may revoke this consent at any time.
In the legitimate interest of sending information about exclusive promotions, the latest news, and personalized information tailored to the profile of the interested party, and for sending satisfaction surveys about the products or services purchased.
The personal data provided to us by candidates is used only for the selection processes that are open or are to be carried out if the data provided is for our job board.
The user's consent is obtained by submitting their data and resume to the GF HOTELES website to participate in active selection processes, as well as in future processes that may be carried out, provided they do not object to the processing of their data.
In the execution of a pre-contract/contract that binds you to the corresponding social network and in accordance with its privacy policies:
gfhoteles.com will always endeavor to establish appropriate mechanisms to obtain the User's consent for the installation of cookies that require it. When a user accesses our website, a pop-up appears informing them of the existence of cookies and indicating that by continuing to browse our site, they consent to the installation of cookies.
By accepting the installation of cookies, you agree to the storage of your IP address in gfhoteles.com 's records, along with the date of acceptance, for a period of one year, in order to demonstrate your consent.
You can find more information in our “Cookie Policy” .
Data processed based on the web user's consent will be retained as long as it remains relevant to the purpose for which it was collected and consent is not revoked.
For data processed based on legitimate interest, the retention period will be the same as that which motivated the collection of the data, always ensuring appropriate safeguards and respect for the rights and freedoms of the data subjects.
Data processed pursuant to the execution of a contract or the adoption of pre-contractual measures will be retained for the duration of the contractual relationship, as well as for any subsequent period required by law.
The IP address obtained through cookies will be retained for one year to demonstrate user consent.
Regarding the retention period of cookies, you can obtain more information on our website in the "Cookie Policy" section.
For data processed based on legitimate interest, the retention period will be the same as that which motivated the collection of the data, always ensuring appropriate safeguards and respect for the rights and freedoms of the data subjects.
For data processed based on a contract, or if part of the processing is legitimized by a legal obligation, the data will be retained for the duration of the contractual relationship. Data will be retained after the end of the contract, or if processing is linked to a legal obligation, for the period established by law. Data processing cannot be revoked by the data subject except under the provisions for blocking such processing provided for by law.
Data processed based on the customer's consent will be retained as long as it remains relevant to the purpose for which it was collected and consent is not revoked.
For data processed based on legitimate interest, the retention period will be the same as that which motivated the collection of the data, always ensuring appropriate safeguards and respect for the rights and freedoms of the data subjects.
For data processed based on a contract, or if part of the processing is legitimized by a legal obligation, the data will be retained for the duration of the contractual relationship. Data will be retained after the end of the contractual relationship, if processing is linked to a legal obligation, for the period established. Data processing cannot be revoked by the data subject except under legally stipulated blocking provisions.
Data processed based on the consent of the job applicant and candidate will be retained as long as the selection process for which they applied remains open. If the application is not for a specific selection process but is for future applications, the retention period will be a maximum of one year, at which point the CV will be deleted and destroyed, unless the interested party expresses their desire for it to be retained and updated.
The data processed regarding social media contacts will be retained as long as the user and GF HOTELES maintain a connection on the social network. Since GF HOTELES does not directly control the processing of this data, we can only view or delete your data on a limited basis. We will process your data as long as the social media user connects with GF HOTELES as a "friend," clicks "like," "follow," or similar buttons.
To rectify your data, restrict the information or publications you share, GF HOTELES will not be responsible for making such corrections. Instead, the user of the Social Network must do so by configuring their profile in accordance with the Social Network's privacy policy.
Regardless of the legal basis for collecting the data, it may be processed for scientific, historical, or statistical research purposes, always implementing appropriate safeguards and respecting the rights and freedoms of the data subjects.
Only those over 14 years of age may provide information through our website and email. If you are under this age, you must have the consent of your parent or legal guardian.
The User guarantees the authenticity and currency of all data provided to GF HOTELES and declares that he or she is over 14 years of age and will be solely responsible for any false or inaccurate statements made.
When booking a service or making a purchase online, the interested party must be over 18 years of age, the legal age established in the Civil Code for acquiring legal capacity and legal capacity.
The personal data processed by GF HOTELES may be mandatory or voluntary. Special categories of data will not be requested through web forms to guarantee your privacy. If special categories of data are required to provide you with a service, you will be requested through other means. The data requested through the forms are:
Voluntary information is information that the user is not required to provide in order to contact us.
Fields marked with an asterisk (*) or the word (required) on our forms are mandatory. Failure to do so will result in the inability to provide the service or address your request.
If you provide us with third-party data, you declare that you have their consent and undertake to share the information provided to you in this clause with them, releasing GF HOTELES from any obligation. However, GF HOTELES may carry out verifications to ensure that the third party has been informed, taking the due diligence measures established in data protection regulations.
Data will not be shared with third parties unless legally required or necessary to fulfill your request. Among the recipients to whom your data may be shared are:
gfhoteles.com is hosted in Canada, a country located within the European Union, within the European Economic Area, or that complies with the guidelines established in Articles 46 and 47 of the GDPR. Therefore, international transfers of data provided by users on the website will not occur.
Our website only accesses user data through the following means:
International data transfers may also occur based on the aforementioned transfers/communications, for which GF HOTELES will use the tools provided in Articles 46 and 49 of the GDPR as a guarantee for those transfers made to countries that do not have an adequacy decision from the European Commission.
In any case, third parties with whom certain personal data are shared will have previously demonstrated the adoption of appropriate technical and organizational measures for the proper protection of such data. Such measures will only be used with third countries when a binding legal instrument exists in accordance with Articles 46 et seq. of the GDPR. By accepting this privacy policy, you agree that an international transfer of data may occur in accordance with the indicated guarantees.
If the requirements established in the GDPR are not met, the data subject may give his or her consent to the international transfer or a contract may be executed in his or her interest. Otherwise, authorization must be requested from the Supervisory Authority.
We also inform you that some services provided by and for GF HOTELES may involve the transfer of personal data to a third country outside the EU, using cloud services offered by some of the major international providers (e.g., Google, Microsoft). These services will confirm compliance with the aforementioned terms.
GF HOTELES does not sell its users' data to third parties under any circumstances.
The user may exercise the following rights before GF HOTELES:
To exercise their rights, the user must send a letter stating the right they wish to exercise, accompanied by proof of identity and a postal or email address for notification purposes. This request can be made either by post to: GF HOTELES Avenida de Bruselas 13, 38670 - Adeje (Santa Cruz de Tenerife), or by email to the following address: protecciondedatos@grupofedola.com.
The interested party is informed that GF HOTELES has appointed a Data Protection Officer to whom they may raise any questions regarding the processing of their personal data. The interested party may contact the Data Protection Officer by email at dpd@grupofedola.com or at the following postal address: Avenida de Bruselas 13, 38670 - Adeje (Santa Cruz de Tenerife).
GF HOTELES must respond to the request to exercise rights within one month of receiving it. This period may be extended by another two months if necessary, taking into account the complexity and number of requests. We will inform you of any extension within one month of receiving the request, stating the reasons for the delay.
Likewise, interested parties have the right to file a complaint with the competent Control Authority (Spanish Data Protection Agency) when they consider that GF HOTELES has violated the rights recognized by data protection regulations at www.aepd.es.
GF HOTELES has a valid contract with Google LLC for hosting its website. This European company uses the latest security measures. It is hosted in Canada but has adequate technical and organizational security measures in place to ensure proper data protection. International data transfers are carried out pursuant to a legally binding instrument pursuant to Articles 46 et seq. of the GDPR.
In any case, GF HOTELES guarantees the adoption of the appropriate measures to ensure the confidential treatment of your data, taking into account their confidential nature and undertakes to ensure that said data remains secret, treating them with the utmost confidentiality, and declares that it has implemented in its information system the security policies corresponding to the type of data handled in accordance with the provisions of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and the free circulation of these data (RGPD).
All data provided through our platform is collected using a secure protocol. Our website has an SSL certificate, which allows for an encrypted connection when a user visits our website and exchanges information with us.
Users can register on our website, but creating an account is required. Users are responsible for maintaining the confidentiality of their account information, including their password, and for all activities that occur under their account.
The user is obliged to inform GF HOTELES immediately in the event of illegitimate use of their account or password, or if any security-related problem occurs, by sending an email to protecciondedatos@grupofedola.com .
If you choose to leave our website via links to other websites not belonging to our entity, GF HOTELES will not be responsible for the privacy policies of said websites or for the cookies they may store on the user's computer.
Date: March 6, 2025