LEGAL NOTICE & PRIVATE POLICY Privilege-Property

Legal Notice & Private Policy for Privilege-Property

This is the Legal Notice & Private Policy for PRIVILEGE-PROPERTY, accessible from www.privilege-property.com

Processing of Clients Data

Informative clause:

“We process the information you provide us on behalf of our company with the purpose of providing the requested service, and billing for the service. The data provided will be kept as long as the business relationship is maintained or for the years necessary to comply with legal obligations. The data will not be transferred to third parties except in cases where there is a legal obligation.

Rights of the interested parties: you can exercise your rights of access, rectification, cancellation, opposition, suppression or limitation of the treatment by sending an email with the detail of your request and a photocopy of a valid Identity Card or Passport to PRIVILEGE-PROPERTY email address: info@privilege-property.com, also through the contact form of our website. We will be happy to assist you and we will do our best to attend your request.

By accepting, we will to offer you products and services related to those requested and to retain you as a client.”

Processing of Potential Clients Data

Informative clause:

“We process the information you provide us on behalf of our company with the purpose of sending you publicity related to our products and services by any means (postal, email or telephone) and inviting you to events organized by our company. The data provided will be kept until you request the cessation of the activity. The data will not be transferred to third parties except in cases where there is a legal obligation or marketing purposes. You have the right to obtain confirmation as to whether PRIVILEGE-PROPERTY is processing your personal data, therefore you have the right to access your personal data, rectify the inaccurate data or request its erasure when the data are no longer necessary for the purposes that were collected”.

Processing of Personal Data

Informative clause:
“We process the information you provide us on behalf of our company with the purpose of ordering and billing the services. The data provided will be kept as long as the business relationship is maintained or for the years necessary to comply with legal obligations. The data will not be transferred to third parties except in cases where there are a legal obligation & marketing purposes. You have the right to obtain confirmation as to whether we are processing your personal data, therefore you have the right to access your personal data, rectify inaccurate data or request its erasure when the data is no longer necessary”.

If clients submit their data through another system, they will be asked to sign a dated form containing the above information.

Records of Processing Activities

Processing: Clients & Processing PurposeManagement of clients relationshipDescription of categories of clients and of categories of personal data:

Clients:

People with whom you maintain a business relationship as clients

Categories of personal data:

Those necessary for the maintenance of the business relationship. Invoicing, sending postal or email advertising, after-sales service and loyalty

Identification: first and last names, TIN, postal address, telephones, e-mail

Personal characteristics: marital status, date and place of birth, age, sex, nationality

Bank details: for direct debit payments

Property Details: Legal documents to manage Real Estate services.

The categories of recipients to whom personal data were or will be communicated:

Tax administration

Social Security

Banks and financial institutions

Law enforcement authorities

Third Parties

Where possible, deadlines for deleting the different categories of data:

Those provided by tax legislation with respect to liabilities prescription

 

Processing: Potential clients

Processing purpose

Management of potential clients relationship

Description of categories of potential clients and of categories of personal data:

Potential clients:

People with whom you want to maintain a business relationship as clients

Categories of personal data:

Those necessary for the commercial promotion of the Company

Identification: first and last names, TIN, postal address, telephones, e-mail

Personal characteristics: marital status, date and place of birth, age, sex, nationality

The categories of recipients to whom personal data were or will be communicated:

Not covered

Where possible, deadlines for deleting the different categories of data:

One year from the first contact

 

Processing Personal Data:

Processing purpose

Management of suppliers relationship

Description of categories of suppliers and of categories of personal data:

Personal Data:

People with whom a commercial relationship is maintained as organizing the services we offer.

Categories of personal data:

Those necessary for the maintenance of the employment relationship

Identification: first and last names, TIN, postal address, telephones, e-mail

Bank details: for direct debit payments & bank transfers.

Where possible, deadlines for deleting the different categories of data:

Those provided by tax legislation with respect to liabilities prescription

ANNEX OF SECURITY MEASURES Privilege-Property

General Interest Information

This document has been designed for processing of low-risk personal data, so it cannot be used for processing of personal data that includes personal data relating to ethnic or racial origin, political, religious or philosophical ideology, trade union membership, genetic and biometric data, health data, and sexual orientation data of individuals as well as any other data processing that result in a high risk to the rights and freedoms of natural persons.

Article 5.1.f of the General Data Protection Regulation (GDPR) determines the need to establish appropriate security safeguards against unauthorized or unlawful processing, against accidental loss, destruction or damage. This implies the establishment of technical and organisational measures aimed at ensuring the integrity and confidentiality of personal data and the possibility (Article 5.2) to demonstrate that these measures have been implemented (accountability).

In accordance with the type of processing you defined when completing this form, the minimum security measures that you should take into account are the following:

Organisational Measures

INFORMATION TO BE KNOWN BY ALL STAFF WITH ACCESS TO PERSONAL DATA

All staff with access to personal data must be aware of their obligations regarding the processing of personal data and shall be informed of such obligations. The minimum information that shall be known by all staff will be the following:

  • DUTY OF CONFIDENTIALITY AND SECRECY
    • Unauthorized access to personal data should be avoided, for that purpose: personal data will not be exposed to third parties (unattended electronic screens, paper documents in public access areas, media with personal data, etc.), this consideration includes screens used for the images display of the video-surveillance system. When you are absent from the workstation, the screen will be blocked or the session will be closed.
    • Paper documents and electronic media will be stored securely (lockers or restricted access rooms) 24 hours a day.
    • Electronic documents or media (CDs, pen drives, hard disks, etc.) will not be discarded with personal data without guaranteeing their destruction.
    • No personal data or personal information will be transferred to third parties, special attention will be paid not to disclose protected personal data during telephone consultations, emails, etc.
    • The duty of secrecy and confidentiality remains even when the worker’s employment relationship with the company ends.

 

  • RIGHTS OF THE DATA SUBJECTS

All workers will be informed about the procedure to handle the rights of the data subjects, with mechanisms clearly defined to exercise the rights (electronic means, reference to the Data Protection Officer if any, postal address, etc.) taking into account the following:

  • On presentation of their national identity card or passport, the data subject (stakeholders) may exercise their rights of access, rectification, erasure, to object and portability. The controller must respond to the data subject without undue delay.

For the right of access, the data subject will be provided with a list of the available personal data, together with the purpose at the time they were collected, the identity of the recipients of the data, the storage period, and the identity of the controller to exercise the rights of rectification, erasure and to object.

To exercise the right of rectification it will be required to modify the data of the data subject that were inaccurate or incomplete taking into account the processing purposes.

To exercise the right of erasure data will be deleted when the data subjects express their refusal or opposition to the consent for their data processing and there is no legal duty that prevents it.

To exercise the right to data portability, data subjects must communicate their decisions and inform data controller about the identity of the data controller who is to be provided with his personal data, if it is the case.

The controller must inform all people with access to personal data about the terms of compliance to address the data subject’s rights, the form and procedure to handle those rights.

Technical Measures

Identification

  • When the same computer or device is used for the processing of personal data and personal use purposes it is recommended to have several profiles or different users for each of the purposes. Professional and personal uses of the computer should be kept separate.
  • It is recommended to have profiles with administration rights for the system installation and configuration and users without privileges or administration rights to access to personal data. This measure will prevent a cybersecurity attack and gain access privileges to modify the operating system.
  • It will be guaranteed the use of passwords to access personal data stored in electronic systems. The password will have at least 8 characters, a mixture of numbers and letters.
  • When personal data are accessed by different people, for each specific person with access to personal data, a specific user and password will be available (unambiguous identification).
  • The confidentiality of passwords must be guaranteed so that they are not exposed to third parties. For the management of passwords, you can consult the Privacy and security guide on the internet of the Spanish Data Protection Agency and the National Institute of Cybersecurity.

Duty to Keep Information Secure

The following are the minimum technical measures to ensure the safeguarding of personal data:

  • UPDATING OF COMPUTERS AND DEVICES: The devices and computers used for the storage and processing of personal data should be kept updated as possible.
  • MALWARE: On computers and devices where the automated processing of personal data is carried out, an anti-virus system will be available to guarantee, as far as possible, the theft and destruction of information and personal data. The antivirus system should be updated periodically.
  • FIREWALL: In order to avoid undue remote access to personal data, it must be ensured that a firewall is activated on computers and devices in which personal data are stored and / or processed.
  • DATA ENCRYPTION: When it is necessary to bring personal data outside the facilities where their processing is performed, either by physical or electronic communications means, the possibility of using an encryption method to guarantee the confidentiality of the data must be assessed to avoid unauthorized access to information.
  • BACKUP COPY: A backup copy will be made periodically on a second media other than the one used for daily work. The copy will be stored in a safe place, other than that in which the computer is located with the original files, in order to allow the recovery of personal data in case of loss of information.

The security measures will be periodically reviewed, the revision can be performed by automatic mechanisms (software or computer programmes) or manually. Consider that any computer security incident that had happened to any other data controller or processor may happen to you, therefore you should prevent it from happening.

More Information

Responsible: Identity: PRIVILEGE-PROPERTY – : TIN: X2188317M Notification address: Murillo, 58, Attic A, 07013, Santa Catalina, Palma de Majorca, Balearic Islands, Spain.Telephone: +34 637 861 618 Email: info@privilege-property.com

Hopefully, that has clarified things for you and as was previously mentioned if you are still looking for more information then you can contact us through our preferred contact method:

Contact

BOOKING CENTER  Privilege-Property

General Interest Information

This legal text has been designed for processing the Booking Center requirements.

8/2012, 19th of July in Illes Balears tourism Law, determines the need to establish appropriate processing registration for Holiday Rental Advertising.

This implies in accordance with the measures to demonstrate that these measures have been implemented.

Responsible Information

Responsible: Identity: Patrick Schröder -: Booking center reg. number: CR/231 Notification address: Murillo, 58, Attic A, 07013, Santa Catalina, Palma de Majorca, Balearic Islands, Spain. Telephone: +34 637 861 618 Email: info@privilege-property.com.

Responsible Process 

Privilege-Property Real Estate is responsible for answering questions and dealing with complaints about holiday rental measures.

Privilege-Property Real Estate has procedures to deal with complaints. We encourage you to talk to the real estate agent about the issue first, because this may be the quickest and easiest way to resolve the issue.

If you are still not satisfied, please call us or email us to talk about your complaint. We can help you decide the best way to resolve the problem and we can also send you a complaining form process.

More Information

Hopefully, that has clarified things for you and as was previously mentioned if you are still looking for more information then you can contact us through our preferred contact method:

Contact

Customer Service Representative

You really do have to be honest with people. That’s what it’s all about…building trust.

Legal Services

 Personalized, National and International Attention 

Contact Us

Submit your property, contact form, membership packages. 

WhatsApp chat