Deia Retreats (DR) is committed to protecting and respecting your personal data.
For the purpose of the General Data Protection Regulations (the GDPR), the data controller is Deia Retreats, Es Clot 17, 07179 Deia, Spain.
DR may collect and process the following data about you:
- Information you give to DR. You may give DR information about you by filling in forms on DR’s site https://www.deiaretreats.com/or by corresponding with DR by phone, e-mail or otherwise. This includes information you provide when you inquire about DR or register for a programme, search for a programme, sign up to any subscription services, and when you report a problem with DR’s site. The information you give DR may include your name, address and phone number, gender, e-mail address, financial and credit card information. Potential and actual participants on programmes may also give DR personal data about them which is kept by DR. The records may be notes of conversations or discussions or may be the result of formal questionnaire replies.
Uses made of the information
DR uses information and personal data held about you in the following ways:
- To provide you with the information, products and services that you request from DR;
- In the case of programme participants, to make the programmes as relevant and effective as they can be;
- To provide you with information about other goods and programmes DR offers that are similar to those that you have already purchased or enquired about;
- To notify you about changes to DR’s service;
- If you do not provide personal data to DR then you may not be able to participate in any of the DR programmes.
Disclosure of your information
DR may share your information with selected third parties:
- If DR or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If DR is under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect the rights, property, or safety of DR, its customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where DR store your personal data
All information you provide to DR is stored on secure servers.
Unfortunately, the transmission of information via the internet is not completely secure. Although DR will always do its best to protect your personal data, DR cannot guarantee the security of your data transmitted to DR’s site; any transmission is at your own risk. Once DR has received your information, it will use strict procedures and security features to try to prevent unauthorised access.
The period for which and information may be retained
Personal data will be kept no longer than is necessary. This means that the data will be destroyed or erased from our systems when it is no longer required.
As a general rule, DR will keep personal data and information according to the following guidelines:
The data and information provided when you register with DR for any programmes or services will be kept together with any updates that you make to such information for the duration of your membership on the programme and for an appropriate period thereafter in accordance with appropriate regulatory and legal timescales. DR will regularly review and audit its data storage and is committed to destroying personal data that is no longer required to be retained for legitimate purposes.
Where DR relies on consent to use your personal data and information, you have the right to withdraw that consent at any time. You have the right to ask DR not to process your personal data for marketing purposes. DR will usually inform you (before collecting your data) if it intends to use your data for such purposes or if DR intends to disclose your personal data or information to any third party for such purposes. You can exercise your right to prevent such processing at any time by writing to firstname.lastname@example.org.
DR’s site may, from time to time, contain links to and from the websites of its partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that DR does not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. You have the right to:
- Access and update the contact personal details and data we hold about you;
- View the personal data which we hold about you;
- Opt out of receiving marketing communications by post or email or text message or other electronic or paper-based methods;
- Opt out of receiving postal marketing communications from DR
- Request access for your information;
- Ask that you update, complete or direct your information;
- Ask that we restrict our use of your data and information;
- Request that we provide your information to you in a commonly used electronic format and to have that information transmitted directly to another organisation (this is known as the right to “data portability”);
- Object to DR or any companies acting on its behalf using your personal data or information in certain circumstances or at all.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the GDPR.