The general regulatory framework is the European GDPR 679/2016 on the protection of personal data.
To enable the use of the Green Rooms application and the rest of the platforms on which Green Rooms’s services are offered, it is necessary to be a registered user of the same and accept the privacy rules detailed below for this purpose, in accordance with those established in the European Data Protection Regulation (Regulation 2016/679) and the specific laws of the country and the region where the subject of the data is located.
2. What do we do with your data?
The treatments, and therefore, the use of personal data that are carried out are as follows:
-Management of stays, in order to control the stay in our accommodations.
-Information to the Authorities, as required by the Tourism regulations, since there may be a legal obligation to do so.
3. What personal data do we process in the application?
The following data could be processed (there would be some regions where the collection of some data is not mandatory) for managing your stay and sending info to the Authorities: Name, Surname, Second Surname, Gender, Nationality, Citizenship, Birth Date, Birth Country, Birth City, Residence Country, Residence City, Residence Address, ID Type, ID Number, ID Date of issue, ID Country of Issue, ID City of Issue, Purpose of Stay, VISA Number, Signature.
4. How long are they stored for?
In general, we store the information for the time necessary to carry out the different treatments, and at least, in accordance with tourism regulations, for a period of 3 years.
5. To whom do we transfer data?
Any data that is collected by the accommodation owner, under no circumstances, will be transferred to third companies, except in the cases detailed below:
-All the aforementioned treatments are exclusively assigned to Chekin.io for the purposes of the complete management of the application.
-The transfer of treatments to the Authorities.
6. Do we make automated decisions?
No, no automated treatment decisions are currently being made.
7. Rights of access, rectification, deletion, limitation of treatment, portability of data and opposition.
In accordance with the General Data Protection Regulation, together with their right to oppose the automation of decisions, any user who has provided data to the accommodation owner has the following rights that they can exercise:
-Limitation of treatment.
-Portability of data.
The exercise of these rights must be carried out by means of a communication addressed, either to the postal address, or to the electronic address provided for this purpose (by the host), without prejudice to the use of any other valid means in law that allows the legally valid requirements to be fulfilled.
To prove your identity in case you want to exercise the aforementioned rights, we will need you to provide us:
-Name and surname of the interested party; copy of ID, passport or similar and, where appropriate, of the person representing him.
-Object of the request.
-Address for notification purposes, date and signature of the applicant.
-Documents supporting the petition of the petition formulated in the event that they are deemed convenient or necessary