Smart Map
Check in / Check out
Occupancy
Rooms
Adults
Children
Children's ages
Room 1
Ages
Add room
Confirm
en
esEspañol deDeutsch enEnglish frFrançais
Check in / Check out
10.02.2026 - 11.02.2026
Occupancy
2 persons
Rooms
Adults
Children
Children's ages
Room 1
Ages
Add room
Confirm

Legal Information

Privacy Policy

1. Identification of the Data Controllers

The data controllers responsible for processing your personal data, depending on where the booking is made, may be:

  • Prinz Hoteles, S.A., with registered office at Calle Ter, 27, Polígono Son Fuster, 07009, Palma de Mallorca, and Tax ID number (CIF) A-07190309.

  • Hotel Mal Pas, S.L., with registered office at Camino Vell de la Victoria, 1, 07400 Alcudia, and Tax ID number (CIF) B-07754781.

  • Caleta Club, S.A., with registered office at Calle Ter, 27, Polígono Son Fuster, 07009, Palma de Mallorca, and Tax ID number (CIF) A-07190291.

  • Hotel La Pineda, S.A., with registered office at Calle Castellet, 72, 07590 Cala Rajada, and Tax ID number (CIF) A-07190309.

  • Hotel La Dorada, S.A., with registered office at Calle Romaní, s/n, 07458 Playa de Muro, and Tax ID number (CIF) A-07123441.

  • Hotel Alba, S.A., with registered office at Calle de sa Conillera, s/n, 07660 Cala d'Or, and Tax ID number (CIF) A-07190309.

  • Apartamentos Zenit, S.A., with registered office at Calle Ter, 27, Polígono Son Fuster, 07009, Palma de Mallorca, and Tax ID number (CIF) A-07123441.

Each of these entities shall act independently as data controller depending on where you make your booking (hereinafter referred to as the “Data Controllers” or the “Prinsotel Group”). For further information on the services offered, you may consult our Terms and Conditions of Service.

2. Identification of the Prinsotel Data Protection Officer

We inform you that the Prinsotel Group has appointed a Data Protection Officer (DPO), who is responsible for supervising data protection measures across all companies within the Group. For any queries or requests related to data protection matters, you may contact our DPO at the following email address: dataprotection@prinsotel.com

3. Purpose and legal basis for processing your data

For the purposes of this Privacy Policy, “personal data” shall mean any information that identifies you or may be used to identify you, such as your name, address, telephone number or email address. The Data Controllers shall process the personal data that you provide during the course of the relationship established (through bookings, commercial communications, customer service, etc.). Your personal data shall be processed for the purposes detailed below, in accordance with the channel through which you have provided such data:

  • Booking management and contracted services, including modification or cancellation requests
    • The personal data provided shall be processed in order to manage bookings at any of the hotels, process payments, and send you booking confirmations and receipts by email.
    • Legal basis: performance of a contract for the provision of services.
    • Categories of personal data: first name, surname, country of residence, email address, mobile phone number, payment information derived from the booking, billing details.
  • Product and/or service personalisation
    • The personal data provided during the booking process may be used to personalise future products and/or services offered, as well as to personalise pricing based on the customer’s booking history.
    • Legal basis: legitimate interest.
    • Categories of personal data: first name, surname, booking history.
  • Compliance with accounting, legal, tax and administrative obligations
    • Personal data shall be processed in order to comply with applicable legal obligations arising from the contractual relationship, in accordance with European Union law and/or applicable national legislation.
    • Legal basis: compliance with legal obligations. Without this personal data, the Data Controllers would not be able to properly comply with the aforementioned legal obligations or respond to potential legal liabilities.
    • Categories of personal data: first name, surname, telephone number, email address, transactional information related to the booking, and any other information required by competent authorities.
  • Compliance with Royal Decree 933/2021 on traveller registration
    • Pursuant to Royal Decree 933/2021, which establishes documentary registration and information obligations for accommodation providers, the Prinsotel Group is required to collect traveller data for the purpose of maintaining a traveller registry.
    • Legal basis: compliance with legal obligations.
    • Categories of personal data: first name and surname, gender, ID card or passport number, nationality, date of birth, habitual residence (full address, city and country), landline and mobile telephone numbers, email address, number of travellers, family relationship, contract details (reference number, date and signatures), contract performance details (check-in and check-out dates and times), and payment details.
  • Sending commercial communications
    • For customers who have expressly opted to receive newsletters and exclusive promotions, personal data may be processed to send commercial communications related to products and/or services previously contracted.
    • Personal data may be used to create profiles based on internal sources, allowing for segmentation and the delivery of personalised offers. These profiles shall not be used for automated decision-making with legal or significant effects.
    • Legal basis: explicit consent.
    • Categories of personal data: first name, surname, booking details, dates, destination and email address.
    • You may unsubscribe from commercial communications at any time, free of charge, by sending an email to: dataprotection@prinsotel.es
  • Customer service and complaints management
    • Personal data may be processed to respond to enquiries, requests, complaints or claims made via customer service channels.
    • Legal basis: performance of a contract or pre-contractual measures.
    • Categories of personal data: first name, surname, telephone number, email address, transactional information, country, voice (in the case of telephone calls), and any additional information provided.
  • Customer satisfaction surveys
    • Surveys may be sent in order to assess customer satisfaction and improve service quality.
    • Legal basis: legitimate interest. Participation is voluntary.
    • Categories of personal data: email address, telephone number, booking-related transactional information, and any non-personal information provided in surveys.
  • Fraud prevention and detection
    • Transactional analysis may be carried out to prevent and detect fraudulent activities, including the creation of temporary exclusion lists where necessary.
    • Legal basis: overriding legitimate interest in fraud prevention.
    • Categories of personal data: transactional data, payment information and contact details.
    • Use of cookies and similar technologies. Cookies and similar technologies are used in accordance with our Cookie Policy.

4. Recipients of Personal Data

Personal data may be disclosed to competent Public Authorities, Courts, Tribunals, or the Public Prosecutor where required by law. Data processed under Royal Decree 933/2021 will be communicated to the competent authorities and stored in a file held by the Secretariat of State for Security. Personal data may also be shared within the Prinsotel Group and with service providers (e.g. car rental companies, excursion providers, insurance brokers, technology, legal or administrative service providers), subject to confidentiality and data protection agreements.

5. Data retention

Personal data will be retained for the periods necessary according to the purpose of processing, including:

  • Reservation management: for the duration necessary to manage the booking.
  • Legal obligations: data will be blocked while legal liabilities may arise.
  • Traveller registration (RD 933/2021): 3 years from the end of the service.
  • Commercial communications: until consent is withdrawn.
  • Customer service: for the duration necessary; call recordings will be kept for one (1) month.
  • Quality surveys: up to 12 months.
  • Fraud prevention: until the issue is resolved and legal liabilities expire.
  • Cookies: for the duration of the consent and cookie validity period.

Once retention periods expire, data will be permanently deleted.

6. Exercise of rights

You may exercise your rights of access, rectification, erasure, objection, restriction, portability, and not to be subject to automated decision-making by contacting: dataprotection@prinsotel.es

You may also lodge a complaint with the Spanish Data Protection Agency (AEPD): www.aepd.es

7. Confidentiality

Employees and service providers with access to personal data undertake to maintain confidentiality and not to use such information for purposes other than those authorised.

8. Social media

 

The Data Controllers maintain profiles on social media platforms and process data in accordance with each platform’s rules. No personal data will be extracted unless the user has provided explicit consent.

9. Links to third-party websites

This website may contain links to third-party websites. The Data Controllers are not responsible for the privacy policies or content of such sites and recommend reviewing their privacy policies.

10. Amendments to this Privacy Policy

The Data Controllers reserve the right to amend this Privacy Policy at any time. Changes will be published on the website. If personal data are to be used for purposes other than those originally stated, you will be informed by email where available. If any provision of this Privacy Policy is declared invalid, the remaining provisions shall remain in full force and effect.

 

Last updated: 4 February 2026

Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel Prinsotel
Done