This privacy policy applies to the website (hereinafter the Website) and its reservations platform (hereinafter the Reservation Platform/s). Please read this privacy policy carefully. In this document, you can find important information on the processing of your personal data, and the rights you are recognised as having by the current legislation. We reserve the right to update our privacy policy at any time because of business decisions, as well as in order to comply with any changes in legislation or case law. If you have any doubts or require any clarification on our Privacy Policy or your rights, you can contact us via the contact channels detailed below. You declare that the data you provide to us, now or in the future, are truthful and accurate, and you undertake to inform us of any change to them. If you provide personal data of third parties, you undertake to obtain their prior consent and to inform them about the content of this privacy policy. In general terms, the fields in our forms that are marked as compulsory need to be filled in, so that we can process your requests.

1. Who is the data controller for your data?

The data controller for the data collected via the Website and the reservations platform is CALA EN FENOLL, S.L., head office at Agustín Argüelles, nº1, 07400 Alcudia. You may contact our Data Protection Officer at

2. What personal data do we collect?

The data we process are the following:  From the forms you fill out and the requests you make on the Website, for example when you register, when you give us your feedback on your experience with us in quality surveys, when you register for our newsletters, or book a stay. We also process the data included in the questions and requests we receive by email or at our service centre.  From profiles and analytics obtained from the users browsing the Website, whether they are registered or not. The data we obtain are either directly provided by you, or by third parties that forward requests on your behalf, for example the reservation holder. The categories of data we process typically consist of:  Identification and contact details, ID or passport number;  Data on personal characteristics, such as language, gender, date of birth and nationality;  Financial and transaction data;  Data connected with your browsing, for example the IP address from which you connect to the Website, weblogs, visited pages, or actions performed on the Website. For this purpose we use cookies and similar technologies that may entail tracking your browsing. More information on our cookies policy available at URL.  Data on your reservation and contact history with HOTELS VIVA;  Commercial follow-up data and, if applicable, data on preferences and marketing profile. More information on the privacy policy applicable to the drawing up and the use of profiles of customers and users of the Iberostar group is available at  Data on the social networks with which you register. We only access the data you have configured as public, for example, likes, comments, images…

3. What will we process your data for?

The data of the Website’s users will be processed by HOTELS VIVA for managing its relationship with them, responding to their questions and requests, the administration and management of the Website’s security, and for fulfilling its legal obligations.

Such data will also be processed for the internal administrative purposes of the HOTELS VIVA group, statistics, and quality assessment. This includes the analysis of aggregate reservation data sent via the website, and opinion surveys, though filling them out is not mandatory. If you register with our newsletter, your data will be processed by HOTELS VIVA in order to send to you marketing information on the group. If you give your consent, HOTELS VIVA will draw up a marketing profile based on the data provided on the Website and on the Reservations Platform, so as to be able to offer you customised treatment in the performance of the services requested, and to provide you with commercial offers consistent with said profile. No automatic decisions will be taken based on our customers’ profiles. The customisation of services is based on your consent that any hotels of the HOTELS VIVA group that you may contact in the future in order to hire or book services can access your data as a customer of the chain. You can obtain more information on the privacy policy applicable to the drawing up and use of profiles of customers and users of the group at URL. The data supplied during the reservation process will be processed by INVERSIONES PASCUAL, S.L. for the handling of and commercial follow-up to your requests, the provision of the requested services, the administration and management of the Reservation Platform and the fulfilment of legal obligations. Said data will also be processed for statistical purposes and for quality improvement. Your data will be used merely to respond to your request via Facebook Message, whose provider is Facebook Ireland Ltd. You can consult its privacy policy at We will only have access to data you have already set as public on the Facebook account with which you register to access the chat inquiry service.

Con su consentimiento, elaboraremos un perfil comercial a partir de sus datos para que nuestras ofertas y comunicaciones comerciales sean ajustadas a dicho perfil. No se toman decisiones automatizadas en base a los perfiles de nuestros clientes.

4. To whom can we disclose your data?

Your data will only be disclosed to third parties because of legal obligations, or with your consent, or when your request entails such disclosure. For example: For the proper management of reservations, the data supplied will necessarily be disclosed to the destination hotels, or to the companies whose services are included in a booked service. This includes the disclosure to said hotels of the details of the credit card you have supplied for the reservation, in order to meet any potential penalties for cancellations or no-shows set in the terms of the rate. The management of your reservations necessarily entails the aforementioned processing; therefore, the process cannot be completed if you object to such processing.

5. Lawful basis for processing

The basis for the processing of your data is the management of the legal relationship with you, the provision of requested or booked services, and the fulfilment of legal obligations, in particular of the applicable regulations on accounting, taxation, and tourism. The security management of the Website and the Reservations Platform is based on the existence of a legitimate interest. The analysis of the consolidated data of customers, the gathering of statistics and performance of quality control, the commercial follow-up to your requests are based on our legitimate interest in internal administrative purposes, as well as in evaluating and promoting our services. The drawing up of commercial profiles, the customisation of services and the sending of customised marketing offers and information are based on the consent that you are asked for, and any withdrawal of such consent cannot affect the provision of the booked services.

6. How long will we store your data for?

Generally speaking, we store your data throughout your relationship with us and, in any case, for the timeframes set forth in the applicable legal provisions, for example regarding accounting and tax matters, and for the time necessary to comply with any obligations arising out of the processing. We will delete your data when they are no longer necessary or relevant for the purposes for which they were collected

The access logs to restricted areas of the website will be deleted within a month of their creation. The information related to browsing will be deleted once the connection to the website is over and statistics are gathered. Data processed for marketing purposes, including marketing profiles, will be stored until you request their deletion. The files and documents proving your consent to data processing for these purposes, for example, the logs of electronic forms, will be stored throughout the duration of the processing and for the applicable legal timeframes.

7. What are your rights?

You have the right to obtain confirmation as to whether we are processing your data or not and, if so, to access them. You may also ask for your data to be rectified when they are inaccurate, or that they be completed when they are incomplete, as well as asking for their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were gathered. In certain circumstances, you may ask for the processing of your data to be restricted. In such a case, we will only process the data in order to lodge, exercise or defend claims, or in order to protect the rights of other persons. In certain circumstances, and for reasons connected to your specific situation, you may also object to the processing of your data. In such a case, we will stop processing your data, except for compelling legitimate reasons that prevail over your interests, rights and freedoms, or in order to lodge, exercise or defend claims. Likewise, under certain circumstances, you may request the portability of your data, so they may be sent to another data controller. You may withdraw the consent you may have given for specific purposes, without this affecting the lawfulness of the processing based on the consent you gave before it was withdrawn, and make a complaint to the Spanish Data Protection Agency (Agencia Española de Protección de Datos). To ask that the processing of your data for marketing purposes be stopped, you can send an email to the following address: To exercise your rights, you will need to send the relevant data controller a request along with a copy of your national identity document, or other current document identifying you, by mail or email to the addresses indicated in the section Who is the data controller for your data? You can obtain more information on your rights and on how to exercise them on the website of the Spanish Data Protection Agency at

Así mismo y bajo ciertas condiciones podrá solicitar la portabilidad de sus datos para que sean transmitidos a otro responsable del tratamiento. Puede revocar el consentimiento que hubiese prestado para determinadas finalidades, sin que ello afecte a la licitud del tratamiento basado en el consentimiento previo a su retirada.

Para solicitar su baja de los tratamientos con fines comerciales puede:

 Enviar un email a la siguiente dirección de correo electrónico: Tiene igualmente el derecho a presentar una reclamación ante una autoridad de protección de datos. Para ejercer sus derechos deberá remitirnos una solicitud acompañada de una copia de su documento nacional de identidad, u otro documento válido que le identifique por correo postal o electrónico, a nuestro Delegado de Protección de Datos en las direcciones indicadas en el apartado ¿Quién es el responsable del tratamiento de sus datos? Podrá obtener más información sobre sus derechos y cómo ejercerlos en la página de la Agencia Española de Protección de Datos en