Privacy Policy


FIRST LAYER

Data Controller Mobail Apps S.L. Mobail Apps S.L.
B85879831
Paseo General Martínez Campos, 42, 28010, Madrid, gdpr@stay-app.com
Purposes of the processing of personal data Manage and maintain the business relationship. Attend to requests for information. Send communications of our own or of third parties, always through Stay-App.
Data retention periods: As long as the commercial relationship is maintained or its elimination is not requested by the data subject, they should not be deleted because they are necessary for the fulfillment of a legal obligation or for the formulation, exercise and defense of claims.
Source Provided by the user himself. Obtained by using the app.
Legal basis The legal obligations of Stay-App.
The execution of the contract with the user.
Data transfers All are necessary for the fulfillment of the above-mentioned purposes, or are carried out in compliance with a legal obligation. Public administrations, suppliers for the provision of the requested services, companies and collaborating entities.
Data Subjects’ Rights They will be exercised by e-mail: gdpr@stay-app or at the registered office of Stay-App: Paseo General Martínez Campos, 42, 28010, Madrid.
We inform you that you can exercise, where appropriate, the rights of access, rectification or deletion, limitation of processing, opposition, to the portability of the data or not to be subject to a decision based solely on the automated processing, as well as to withdraw the consent given.
You can file complaints at the Spanish Data Protection Agency: www.aepd.es, Spanish Control Authority
More information in the complete Privacy Policy of this document.


Identification of the Controller

Mobail Apps, S.L., hereinafter “Stay-App”, is the Controller of the processing of your personal Informe adecuación Sitio Web Mobail Apps, S.L. data in order to provide you the services identified in this website (the “Website”).

Mobail Apps, S.L. is a company domiciled at Paseo General Martínez Campos, 42, 28010, Madrid, Spain and its Tax ID number is B85879831.

Stay-App is committed to the fundamental right to the protection of your personal data and this privacy policy is intended to inform you of your rights.

Stay-App provides services to the Customer (the account holder who contracts the services, and for whose data Stay-App acts as Data Processor), in order to offer a platform that allows him to interact with his End Users and to provide them with a better experience (the customers of the Customer who use the platform, and for whose data Stay-App acts as the Processing Manager). These processings are developed in compliance with data protection regulations and the necessary security guarantees. In the event that Stay-App acts as a processor, its activity will be regulated within a Data Processing Agreement. This agreement can be accessed through a request to: gdpr@stay-app.com

We inform you that Stay-App has a Data Protection Officer in accordance with the GDPR, who is at your disposal for any doubts or queries you may have in relation to this matter, and whom you may contact from here.



What information will we collect from you?

Whether the interested data subject be a web user, a guest using a hotel guest application or a registered hotel employee, they should be aware that there are different ways to collect personal data:



The data you provide directly to us.

Stay-App, as part of the provision of its services, carries out two processing of personal data in relation to the Service: the Customer’s data, related to its registration and account, as the account holder and the person contracting the Service, and the data of the Customer’s Employees as well as the End Users, processed for the provision of the contracted service:

Client’s data: in order to manage our relationship, including activation, support, billing and additional sales, we may collect data relating to your email, your name and surname, VAT number, your country of residence, date of birth, company you belong to or your contact details. With respect to this type of data, Stay-App acts as the Data Controller. Data of the Customer's employees: data of the Customer's employees may be collected, such as their name and surname, NIF, company they belong to or their contact details, in order to allow the use of the service, and to facilitate their registration and use. With respect to this type of data, Stay-App acts as the Data Controller, the Responsible being the Customer. End User Data: data may be collected from the Customer's end users, such as their name and surname, and the data related to their reservation, in order to allow the use of the service, and to facilitate their registration and use. With respect to this type of data, Stay-App acts as the Data Controller, the Responsible Party being the Customer.

Insofar as Stay-App acts as a Data Processor, it undertakes to comply with the duties required by the regulations, as well as to sign a Data Processing Agreement, in accordance with the instructions given by the Data Controller. This Data Processing Agreement can be accessed by sending a request to: gdpr@stay-app.com

In order to ensure that the information provided is always up to date and free of errors, you must notify Stay-App as soon as possible of any changes to your personal data by sending an e-mail to the e-mail address at gdpr@stay-app.com

Likewise, by clicking on the “I accept” (or equivalent) button incorporated in the aforementioned registries, you declare that the information and data you have provided are accurate and truthful.



Data obtained indirectly.

When you browse, different cookies and other tracking devices may be installed on your device, as explained in our Cookies Policy.



What is the source of your data?

We consider that all the data processed by Stay-App has been provided to us freely.

In the event that the personal data provided is from a third person, you guarantee that you have informed them of this Privacy Policy and have obtained their authorisation to provide the data to Stay-App for the purposes indicated above. You also guarantee that the information provided is accurate and up to date, and you are responsible for any direct or indirect damage or harm that may be caused as a result of non-compliance with this obligation.

If you are an End User of the platform or an Employee of the Customer, your data will be provided by our Customer, in accordance with the contract for the provision of services that binds us, in order to provide the requested service



How will we use your personal information and what services will we provide you?

Stay-App acts as the controller of the personal data for the following purposes:

- Based on the management of the contractual or precontractual relationship:

To manage the acquisition of the products or services that we offer on our Website and application and to attend to any type of incident or request derived from the same, and carry out any management related to its development or the service. To provide you with the services you have requested and to attend to your requests for information, as well as to facilitate the exercise of your rights.

- Based on the existence of a legitimate interest of Stay-App:

To keep you informed about the products and services of Stay-App, as well as to send you news, events and other activities that we carry out in Stay-App or that our clients carry out in the interest of the guests and the employees that use our app, by conventional and/or electronic means (e-mails, SMS, …), related to the products or services that we carry out and that may be of your interest. To carry out periodic reviews of our services and carry out satisfaction surveys in order to evaluate and improve the quality of the service we provide. Carry out internal reviews and, if necessary, contact you in the event that a possible fraud or identity theft is detected or there are well-founded suspicions.

However, if you do not wish your data to be processed for these purposes, you may object at any time by contacting us at gdpr@stay-app.com as indicated in the Rights Management section of this Privacy Policy.

Stay-App acts as a data processor for the following purposes:

To manage your registration as a registered user in the hotel gest applications, as well as to allow your access to the Private Area for employees in our hotel PMS application. To provide the services entrusted by our Client. To carry out periodic reviews of our services and carry out satisfaction surveys in order to evaluate and improve the quality of the service we provide.

- Data transfers and international transfers.

All transfers of personal data that we carry out are necessary for the fulfilment of the above-mentioned purposes, or are made in order to fulfil a legal obligation:

If you are a Client, your data may be communicated to:

To public administrations and the administration of justice, and to law enforcement agencies in compliance with the legal obligations applicable to us. Companies providing payment services (banks, payment gateways, etc.), in case the Customer makes a payment through the service offered by one of these companies. Companies providing IT services, tools or IT infrastructure on which the services provided by Alto Analytics are based, such as hosting providers, CRMs, emailing service companies, etc.

In this regard, we inform you that any transfer will be made taking into account all the necessary legal safeguards. We also guarantee that we sign specific contracts with all our service providers as established by the regulations.

Furthermore, Stay-App guarantees that the necessary safeguards are in place to ensure that

the data can be transferred securely, either because the provider offers adequate guarantees, through, among others, its participation in the Privacy Shield EU-US and Swiss-US, the signing of Standard Contractual Clauses of the European Commission, or any of the exceptions contained in the regulations.

- If you are an End User, as a guest of a hotel, and you are interested in the services offered through the hotel application provided by Stay-App, we can transfer your data to the hotel with which you have made the reservation in order to manage your request, and inform them about the use of the platform, based on the existence of the contract signed between Stay-App and the hotel.

- If you are a Hotel’s Employee that uses our PMS application we will transfer your use and organization data to the hotel and specifically to its authorized staff, since this communication is necessary for the maintenance of the contract signed with Stay-App.

Exercising your rights.

We inform you that you will be able to exercise the following rights:

- Rights of access to your personal data to know which ones are being processed and the processing operations carried out with them.

- Right to rectify any inaccurate personal data.

- Right to delete your personal data, where possible.

- Right to request limitation of the processing of your personal data when the accuracy, legality or necessity of the data processing is in doubt, in which case, we may retain the data for exercise or defence of claims.

- Right to object to the processing of your personal data when the legal basis that enables us to process them is the legitimate interest.

- The right to the portability of your data, when the legal basis that enables us to process them is the existence of a contractual relationship or your consent.

- Right to revoke the consent granted to Stay-App.


You can exercise your rights at any time and for free in the following ways:

By sending an e-mail to this email address indicating the right you wish to exercise and your identification data.

By sending a written request to the address Paseo General Martínez Campos, 42, 28010, Madrid indicating the right you wish to exercise and your personal data.

In addition, when you receive any communication from us, by clicking on the unsubscribe section that will contain that communication, you can unsubscribe from all previously accepted commercial communications.

We also inform you that you have the right to file a complaint at the Spanish Data Protection Agency, Spanish Data Protection Authority, if you believe that we have breached the applicable data protection legislation regarding the processing of your personal data.

In addition, we inform you that you can sign up for the Robinson List at www.listarobinson.es: the advertising exclusion system managed by the Spanish Association for the Digital economy (ADIGITAL), where you can register in order to show your opposition to your data being used for the purpose of sending you commercial communications.



Retention periods and Cookies.

We will only keep your data for as long as necessary to provide you with these services. Any of the data you provide us through the channels will be blocked as long as they are no longer necessary to manage the service and will only be available if there is a legal obligation (derived from a request from the appropriate authorities) and when you exercise your rights here.

Regarding the personal data obtained through the Stay-App channels, Stay-App uses Cookies according to the Cookies Policy that you can consult here.



Security and confidentiality.

We are dedicated to the security of your information. In order to prevent unauthorized access or unauthorized disclosure of personal data, we have undertaken appropriate technical and physical measures and management processes to safeguard and secure the information we collect from you.


Minors

Minors under 14 years of age may not use the services available through the Website without the prior authorization of their parents, guardians or legal representatives, who shall be solely responsible for all acts performed through the Website by the minors in their care, including the filling of forms with the personal data of such minors and the marking, where appropriate, of the boxes accompanying them. In this regard, and to the extent that Stay-App is not able to control whether or not users are minors, it shall be the parents and guardians who shall enable the necessary mechanisms to prevent minors from accessing the Website and/or providing personal data without their supervision, and Stay-App shall not accept any liability in this regard.



Update of the privacy policy

We do our best to keep our privacy policy fully updated on a monthly basis. If we make changes, they will be clearly identifiable in a conspicuous manner (for example: we may communicate changes to you by email).

This privacy policy has been reviewed and published as of April, 1st, 2020.