+34 608 56 79 84
Menú
+34 608 56 79 84

Privacy Policy

Last updated: January 2025

  1. Data Controller Information

In compliance with Regulation (EU) 2016/679 (GDPR) and the Spanish Organic Law 3/2018 (LOPDGDD), this Privacy Policy informs users that the personal data provided through this website will be processed by:

Data Controller: Gloma Travel S.L.U.
Tax ID (CIF): B72445885
Address: Calle Juan de Mattos y Azofra Nº10 2º Izda, 38009 Santa Cruz de Tenerife, Spain
Email: [email protected]

Phone: +34 659 177 026
Data Processing Responsible: Luis González

  1. Purposes of Data Processing

Gloma Travel S.L.U. processes personal data for the following purposes:

2.1. Contact Forms

To respond to inquiries, requests or information sent through contact forms.

2.2. Reservation Forms

To manage private tour reservation requests and tourist services.

2.3. Customer Management

To maintain commercial, pre-contractual and contractual communication necessary for providing the requested services.

2.4. Sending Tourist Information & Quotes

To provide useful information about excursions, destinations, recommendations and personalized price quotes.

2.5. Newsletter Delivery

To send newsletters, promotions, or updates (only with prior consent).

2.6. WhatsApp Business Communication

To provide customer support and manage reservations via WhatsApp Business.

2.7. Payment & Billing Management

To process payments, issue invoices, and comply with legal and tax obligations.

2.8. Cookies and Analytics

To collect browsing data via:

  • Google Analytics
  • Meta Pixel
  • Technical, analytical and advertising cookies
  • (See Cookies Policy for further details.)
  1. Legal Basis for Processing

Processing of personal data is based on the following legal grounds:

User consent (Art. 6.1.a GDPR) — forms, newsletters, cookies.

Performance of a contract (Art. 6.1.b GDPR) — reservations, payments, invoicing.

Legitimate interest (Art. 6.1.f GDPR) — communications with existing customers.

Legal obligation (Art. 6.1.c GDPR) — tax and invoicing requirements.

  1. Categories of Personal Data Processed

Identification data: name, surname, phone number, email.

Reservation data: date, number of people, language, accommodation.

Browsing data (IP address, device, approximate location).

Payment information (when required).

Communications via WhatsApp, email, or forms.

  1. Data Recipients

Your data may be shared with:

  • Software providers used on this website.
  • Turitop (booking management platform).
  • WhatsApp Ireland Limited.
  • Meta Platforms Ireland Ltd. (Meta Pixel).
  • Google LLC / Google Ireland Ltd. (Google Analytics, Gmail, Google Maps).
  • Email hosting providers (Ionos).
  • Email marketing platforms.
  • All providers comply with GDPR and, when applicable, with the EU-U.S. Data Privacy Framework.
  1. International Data Transfers

Some tools used (Google, Meta, WhatsApp) may involve international data transfers.

These companies adhere to the EU-U.S. Data Privacy Framework, ensuring adequate data protection.

If regulations change, Gloma Travel will implement additional safeguards (Standard Contractual Clauses).

  1. Data Retention Periods

Personal data will be retained for:

As long as the commercial relationship remains active.

Up to 5 years after the last reservation (legal tax requirement).

Newsletter data: until consent is withdrawn.

Cookies data: according to the duration stated in the Cookies Policy.

  1. User Rights

Users may exercise their rights at any time by emailing [email protected]

Available rights include:

Right of access (know what data is held).

Right of rectification (correct inaccurate data).

Right of erasure (delete data).

Right to object (stop certain processing).

Right to restriction (temporarily limit processing).

Right to data portability (receive data in digital format).

Right to withdraw consent at any moment.

If users are not satisfied, they may file a complaint with the Spanish Data Protection Agency (AEPD).

  1. Data Security

Gloma Travel S.L.U. applies adequate technical and organizational security measures to ensure:

Integrity

Confidentiality

Availability

Protection against unauthorized access

All website connections are protected with SSL encryption.

  1. Processing of Minors’ Data

No personal data of individuals under 14 years old will be processed without the explicit consent of parents or legal guardians.

  1. Changes to this Policy

Gloma Travel S.L.U. may update this Privacy Policy as necessary.
The latest version will always be published on this website.