Hotel Florida Magaluf

Website privacy policy


Last modified: September 2023

This privacy policy applies to the website at

Please read it carefully as it contains important information about the processing of your personal data and your rights pursuant to the corresponding legislation in force. 

We reserve the right to update our privacy policy at any time for reasons of corporate decisions, as well as to comply with any possible changes to legislation or legal precedents. If you have any queries or require clarification regarding our Privacy Policy or your rights, you may contact us via the channels indicated below.  

You declare that the data you provide us with both now and in the future, are correct and truthful and you undertake to inform us of any changes thereto. If you provide personal data corresponding to third parties, you undertake to obtain the prior consent of those concerned and to inform them of the contents of this policy.

As a general rule, the fields marked as compulsory on our forms, must necessarily be completed in order to process your requests.  


1. Who is responsible for controlling your data?

The controller with responsibility for the processing of the personal data included on this website is CIA. HOTELERA SANT JORDI, S.A.

Postal address:  Gremi de Cirurgians i Barbers, 25, Bloque B, 3er piso Pol. Son Rossinyol – 07009 Palma de Mallorca (Spain). 

Spanish Tax ID No. CIF: A07015597

The email address of our Data Protection Officer is

If you book at one of our hotels, the operator of that hotel shall be responsible for processing the data corresponding to your booking. You may get in touch with this data controller via the same contact details indicated for CIA. HOTELERA SAN JORDI, S.A. You may consult the identification data of the operating company HERE .


2. Why will we process your data? 

User relations management: We process the data that our users provide the virtual assistant, on the contact form, included in requests for us to call you and on the registration form for the purpose of handling your requests.    


Processing is necessary in order to execute the legal relationship with website users or to apply the pre-contractual measures at their own request.  


Booking management: We process the data our customers provide on the booking form in order to offer the contracted services and to manage their bookings.   


Processing in this sense is necessary to execute the contractual terms and conditions of the booking.  


Furthermore, data corresponding to transactions made on the website shall be processed for administrative and accounting management purposes on the grounds of compliance with our legal obligations in matters of accounting and taxation.  


Sending of commercial communications: If you provide your consent, we will send you commercial information regarding our discounts, special promotions, benefits when making online bookings and other information of interest.   

You may at any time request to unsubscribe from the processing of your data for commercial purposes by sending an e-mail to:

In order to manage our distribution lists, we segment the recipients of our communications in accordance with their nationality or language. This processing consists of a simple classification based on objective criteria and is not used for commercial profiling, prediction purposes or behavioural analysis.  


Agency relations management: The identification and professional contact details of the director and/or manager of companies or agencies provided in the agency registration form will be used to manage relations with them, handle their requests and queries and processing bookings. 

This processing is based on the legal relationship established with the agencies.   

Website security administration and management:  We process browsing data (IP addresses or logs) to administer and manage the website security. This processing is based on our legitimate interest in ensuring website security. This interest is expressly recognised by recital 49 of the GDPR. Weighing this interest against your rights and freedoms, it has been determined that said processing is a widespread security practice and does not pose any significant threats to the interested parties. 


Statistical purposes and quality management:  In order to assess and manage the quality of our services, we compile statistics based on aggregated data obtained from transaction data and website browsing data, e.g. IP address, weblogs, pages visited or actions carried out on the website (+ info is available in our cookies policy).    


This processing is based on our legitimate interest in assessing and managing the quality of our services. Weighing this interest against your rights and freedoms, it has been determined that said processing has a limited impact on the privacy of data subjects, corresponds to their reasonable expectations and does not pose any significant threats.


3. How long will we keep your data for?  

As a general rule, we will keep your data for the duration of your relationship with us and at all events for the periods stipulated in the legal provisions applicable, such as accounting and taxation matters, and for the time necessary to respond to any liabilities that may arise from the processing. We will cancel your data when they are no longer necessary or relevant for the purposes for which they were collected. Data processed for commercial purposes will be kept for as long as you do not request their erasure. Access logs to restricted areas on the website will be cancelled one month after their creation. The information related to browsing will be cancelled once the web connection has ended and the statistics have been compiled.


4. Who can we pass on your data to? 

Your data will only be passed on to third parties when so required by law, with your consent or when your request implies said communication. In this sense, you are hereby informed that in order to process your bookings correctly, the data provided must necessarily be passed on to those companies whose services are included in the service contracted.  


5. What are your rights? 

You are entitled to obtain confirmation as to whether or not we are processing your personal data, and, where appropriate, access said data. You may likewise request the rectification of any incorrect data or the completion of incomplete data. You may also request their erasure when, amongst other reasons, the data are no longer necessary for the purposes for which they were collected. 

Under certain circumstances, you may request the restricted processing of your data. In this case, we will only process the affected data in order to lodge, exercise or defend complaints or with a view to protecting the rights of other persons.  

In certain cases, and for reasons related to your particular circumstances, you may also oppose the processing of your data. In this case, we shall cease to process your data, except for overriding legitimate reasons that prevail over your interests, rights or liberties, or in order to lodge, exercise or defend complaints. 

Likewise, and under certain circumstances, you may request the portability of your data for the transfer thereof to another data controller. 

You may revoke any consent you have given for certain purposes, without affecting the lawfulness of the processing based on the consent given prior to the withdrawal thereof.

You may at any time revoke your consent and oppose the processing of your data for direct marketing purposes, including the creation of commercial profiles. In this case, we shall cease to process your personal data for these purposes. You may also object to the adoption of automated individual decisions that produce legal effects on you or significantly affect you in a similar way, when this right applies in accordance with the provisions of Article 22 of Regulation (EU) 2016/679.  

Likewise, you may lodge a complaint before a data protection body. You may consult the list and contact details of European data protection agencies on the European Commission website at   

To exercise your rights, you must send a request thereto by conventional post or email to the addresses given in the section entitled “Who is responsible for controlling your data?”   

To revoke your consent to the sending of our commercial communications, it is sufficient to send an email to the following address: 

For further information regarding your rights and how to exercise them, you may consult the Spanish Data Protection Agency website at