Privacy Policy

PRIVACY POLICY

I – Who are your data controllers?

The data controllers for this website are Parques Reunidos Servicios Centrales, S.A. and Leisure Parks, S.A (hereinafter, jointly referred to as the “Controllers”), both act as co-controllers, with registered office in Paseo de la Castellana 216 – Planta 16, 28046 Madrid, Spain. If you have any data protection questions, you can write to the Controllers’ Data Protection Office at the email dpo@grpr.com  or the address Paseo de la Castellana 216, planta 16, 28046, Madrid, Spain.

II.- For what purpose and on what legal basis do you process your data?

The Controllers inform the user or their legal representative qualified to provide their data through this website or for the acquisition of any of its products and/or services that their data will be processed by the Controllers for the following purposes:

  1. Management of the purchase and services purchased and of the booked events. To formalise and manage the purchase of products and provision of the services offered by the Controllers through this website, as well as to manage the organization of the booked events (e.g. corporative events, first communion event, etc.) The data will also be used to manage their contractual relationship to the customer. To this end, the Controllers will process the customer’s data for purposes of contact, invoicing, collection and debt management, customer service, and claim management, among others.
    Legal basis: This processing is required for the enforcement of the agreement.
  2. Fulfilment of accounting, legal, tax, and administrative duties.
    Legal basis: This processing is required for the enforcement of the agreement.
  3. Delivery by electronic means of information about offers and promotions regarding products and services offered by the Controllers. In order to offer products and services that might be of their interest, the customer will be sent information about leisure and hotel products and services offered by the Controllers for their consideration. In any case, the customer may opt not to receive this kind of communication through the means provided in section V of this privacy policy.
    Legal basis: This processing will only be performed if the Controllers have the customer’s consent.
  4. To send commercial communication including offers connected to products and/or services offered by the Controllers that might be appealing of the customer, your personal data may be processed to create profiles based on internal sources (e.g. navigation from history and statistical cookies) whose result make it possible to create and analyse personalised products through segmentation into different groups on the basis of common patterns.  To this end, the customer’s preferences regarding the communications received may be monitored and their behaviour regarding those communications may be analysed.  These profiles may be used to send you personalised communications about products and/or services offered by the Controllers.
    Legal basis: This processing will only be performed if the Controllers have the customer’s consent.
  5. Management of registration for the newsletter, for delivery by electronic means of information about offers and promotions regarding products and services offered by the Controllers. When a customer signs in for the newsletter through the section provided for this purpose in this website, the Controllers may send you commercial communications about products and services offered by the Controllers, as well as about events organised by them.
  6. Surveys among customers or potential customers. In order to verify the quality of communications, of the Controllers’ procedures, of the customer services, as well as of the Controllers’ products and/or services, the Controllers may conduct satisfaction surveys among their customers and/or potential customers.
    Legal basis: This processing is based on the Controllers’ legitimate interest. To improve the Controllers’ procedures, surveys may be conducted among customers and/or potential customers to find their level of satisfaction and thus improve those matters that require it. The customer and/or potential customer may always opt not to receive this kind of communication from the Controllers.
  7. Managing of the schools visits to the park. The Controllers shall process the personal data in order to reserve, organize and manage the visit of the schools to the parks. In those cases on which personal data of minors of 13 years have to be processed, it will be necessary to have in advance the relevant consent of their parents or of their legal guardians.
    Legal basis: This processing shall only be done if the Controllers have obtained the customer’s consent.  It is understood that when booking the visit to the park, the relevant representatives/directors of the school are giving their consent for the processing of their personal data for this purpose, and they shall provided to the park, whenever necessary, the consents of the parents or legal guardians of the minors of 13 years.

IF YOU ARE UNDER 13, we need your parents’ or tutors’ consent, so they must confirm that they are your parents or tutors and given their consent for us to accept your request.

III. – How long will we keep your personal data?

Any personal data to which access is given will be processed for as long as the contractual relationship lasts. After this period, the Controllers will retain your personal data, duly blocked, after the contractual relationship has come to an end, in order to make them available to the competent Public Administrations, Judges and Courts or the Prosecutor’s Office until any actions that might derive from the relationship with the client become time-barred and/or the retention periods established by law end.  The Controllers will proceed to physically eliminate your data once these deadlines have elapsed.

Also, if the customer has consented to the delivery of commercial communications, the Controllers may process their personal data as described in this privacy policy.  You may opt out of receiving these communications if you see fit by the means stated in section V or by de-subscribing from the newsletter.

IV- To whom will we transfer your data?

The Controllers will transfer customer data to:

  • Regulatory and controlling authorities, competent public bodies, Judges, and Courts.
  • The Controllers work with third-party service providers that have access to customers’ personal data and process those data for and on behalf of he Controllers as a result of their provision of services. More specifically, the Controllers outsource the provision of services from third-party providers that, without limitation, work in the following sectors: legal advisory services, multidisciplinary professional services, technological services, IT services.V- What rights do you have when you give us your data?

The user/customer may exercise, if they so wish, their rights of data access, rectification, and deletion, as well as request that the processing of their personal data be restricted and that they not be the object of individual automated decisions, by sending a message in both cases in writing to the Parques Reunidos Data Protection Delegate at Paseo de la Castellana 216, planta 16, 28046, Madrid, Spain, or else by sending an email to  dpo@grpr.com, attaching in both cases a copy of their national identification number, tax identification number, or identifying official document.

The user/customer may, regarding any processing based on their consent, withdraw their consent at any time and object to processing on the basis of legitimate interest if they see fit, by means of the procedure detailed in the previous paragraph.

VI – How did we obtain your data?

The persona data processed by the Controllers are the personal data obtained from interested subject when they entered their data through this website and/or during the contractual relationship between the parties.

During the contractual relationship, the Controllers may process third-party data provided by the customer. In this regard, the customer agrees to inform all these individuals of these data protection provisions and obtain the third parties’ consent to the processing of their data by the Controllers.

VII. – Before which authority may you bring your claims?

The user/customer may file a claim with the Spanish Data Protection Agency regarding the answer received from the Controllers when exercising their rights. In any case, you may initially address the Parques Reunidos Data Protection Officer at the email address dpo@grpr.com or else at Paseo de la Castellana 216, planta 16, 28046, Madrid, Spain, to solve any problem so that the Controllers may assist you.

Soy un bloque de texto. Haz clic en el botón Editar para cambiar este texto. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.