Privacy Policy

Data controller

Teneryfa Apart S.L.
Tax ID: B75643361
Address: Calle Herrero 3/14, 38677 Tijoco Bajo, Adeje, Santa Cruz de Tenerife, Spain
Email: reservas@canariasapart.com

Personal data we collect

Depending on the services you use, we may collect the following personal data:

Full name
Email address
Phone number
Identity document (ID/Passport)
Postal address
Nationality
Payment data (processed through secure gateway, we do not store card data)
IP address and browsing data
Language and communication preferences

Purposes of data processing

Managing holiday accommodation bookings and related communications
Processing payments and generating invoices
Complying with legal obligations (traveller registration, Canary Islands tourism regulations)
Sending confirmations, reminders and post-stay evaluations
Managing enquiries, complaints and customer support
Improving our services through anonymised statistical analysis
Sending commercial communications (only with your prior consent)

Legal basis for processing

Data retention periods

Personal data is retained for the time strictly necessary to fulfil the purposes described and, subsequently, for the legally established periods: tax and billing data for 4 years (Spanish General Tax Law), traveller registration data as per current Canary Islands tourism regulations, registered user data while the account remains active, and commercial communications data until consent is withdrawn.

Data recipients

Your personal data may be communicated to: competent public authorities when there is a legal obligation (National Police, Civil Guard, tourism and tax administration), service providers acting as data processors under contract (payment gateway, hosting service, email service), and vacation property owners exclusively for the management of your stay. We never sell your personal data to third parties.

Your rights

In accordance with the GDPR, you can exercise the following rights by sending an email to reservas@canariasapart.com with a copy of your identity document:

Access: know what personal data we process about you.

Rectification: correct inaccurate or incomplete data.

Erasure: request deletion of your data when no longer necessary.

Objection: object to the processing of your data in certain circumstances.

Restriction: request limitation of processing in certain cases.

Portability: receive your data in a structured, commonly used format.

You may also file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es if you believe your rights have not been properly addressed.

Security measures

We apply appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These measures include SSL/TLS encryption on all communications, secure storage on protected servers, restricted access control for authorised personnel, and regular backups.

Changes to this policy

We reserve the right to modify this Privacy Policy at any time. Any changes will be published on this page with the last update date. If changes are significant, we will notify you by email or through a prominent notice on our website.

Data controller

Personal data we collect

Purposes of data processing

Legal basis for processing

Data retention periods

Data recipients

Your rights

Security measures

Changes to this policy

Consent Management

Settings

Necessary cookies

Analytics cookies

Marketing cookies

Preference cookies

Data controller

Personal data we collect

Purposes of data processing

Legal basis for processing

Contract performance

Legal obligation

Consent

Legitimate interest

Data retention periods

Data recipients

Your rights

Security measures

Changes to this policy