Last Revision: [April 5, 2019]

This Privacy Statement explains how the Spring Hotels group collects, uses, shares and processes your information.



Gran Hotel Arona SAU


Avd. Juan Carlos I, 38 – 38650 Los Cristiano,  Arona (Tenerife)

Collection and Use of Personal Data

Personal data is information that can be used to identify you directly or indirectly. This data includes anonymous information linked to information that can identify you directly or indirectly. The personal data does not include those that have been specified as anonymous or aggregated data, with which we are not allowed to identify you, either in combination with other information or in any other way.

Below is a description of the types of personal data we may collect, and how we can use them:

Personal Data We Can Collect

Depending on the products and services you use, we may collect different personal information about you or about you.

  • Data you provide: We collect personal data that you provide when using our services, such as when you make a reservation or our online chat tool.
  • Financial data: If you have made a purchase, the data that we will have, are those related to that purchase. This information includes the payment information, the credit or debit card number, information about your card, authentication information and billing, shipping and contact details.
  • Data on the use of our services and products: When you visit our websites, we can collect data on the type of device with which you connected, the device identifier, the IP of the device, your operating system, the type of search engine you use, the use of data, diagnosis of information and location of computers, telephones or other devices in which you have installed our APP or our products or services have access. Where available, our services can use your GPS, your IP address and other types of technologies to determine the approximate location of your device and thus, improve our products and services. How to Use Your Personal Data.

In general, we use personal data to offer, improve and develop our products and services, to communicate with you and to offer you personalized services. To protect our clients and ourselves.

The Spring Hotels Group, determines how to process your personal data acting as a controller with the following objectives:

Provide, improve and develop our products and services: we use personal data to help us provide, improve and develop our services. This includes the use of personal data for purposes such as data analysis, research and audits. This processing is based on our legitimate interest in offering products and services and for business continuity. If you participate in a contest or other promotion, we may use the personal information you provide us to administer those programs. Some of these activities have additional rules, which may contain more information about how we use personal information, so we recommend that you read those rules carefully before participating.

Communicate with you: Subject to your prior express consent, we may use personal data to send you communications of the Spring Hotels Group, communicate with you about your account or transactions and inform you about our policies and terms. We may also use your information to process and respond to your requests when you contact us. Subject to your prior express consent, we may share your personal information with the Spring Hotels Group.

NOTE: For any of the uses of your data, described above, your prior express consent is required, please note that you can withdraw this consent by contacting

Promote security: we use personal data to help verify user accounts and activity, as well as to promote security, monitoring fraud and investigating suspicious, potentially illegal activities or violations of our terms or policies. Such processing is based on our legitimate interest in helping to ensure the safety of our products and services.

Cookies and Other Similar Technologies

We use cookies and similar technologies to provide, protect and improve our products and services, such as, for example, by personalizing content, offering advertisements, understanding user behavior and providing a more secure browsing experience.

You can delete or reject cookies using the settings of your browser or device, but in some cases doing so may affect your ability to use our products and services.

Service Providers

We may share personal information with companies that provide services on our behalf, such as websites, email services, marketing, sponsorship of sweepstakes, contests and other promotions, audits, fulfillment of customer orders, data analysis, customer service provision and conducting research with clients and satisfaction surveys. These companies are obliged to protect your data and can be located anywhere we operate.

Affiliates and Corporate Transactions

We may share personal information with all companies affiliated with the Spring Hotels Group. In the case of a merger, reorganization, acquisition, association, assignment, division, transfer or sale or disposal of all or part of our business, even in connection with any bankruptcy or similar proceedings, we may transfer all or a part of the personal data to the corresponding third part.

Legal and Security Compliance

It may be necessary-by law, by legal process, litigation and / or requests from public and governmental authorities inside or outside your country of residence-to disclose your personal information. We may also disclose personal information if we determine that, for purposes of national security, law enforcement or other matters of public importance, disclosure is necessary or appropriate.

We may also disclose personal information if we determine in good faith that the disclosure is reasonably necessary to protect our rights and seek available solutions, enforce our terms and conditions, investigate fraud or protect our operations or users.

Legal Basis for the Processing of Personal Data of Residents in the EEA

If you reside within the European Economic Area (EEA), the processing of your personal data will be legitimized as follows: Whenever we request your consent for the processing of your personal data, such processing will be justified in accordance with Article 6 (1) paragraph (a) of the General Data Protection Regulation (EU) 2016/679 (« GDPR »). If the processing of your personal data is necessary for the execution of a contract between you and us or to take any pre-contractual action upon request, such processing will be based on Article 6 (1) of GDPR paragraph (b). When processing is necessary for us to comply with a legal obligation, we will process your data based on Article 6 (1) of GDPR paragraph (c), and when processing is necessary for the purposes of our legitimate interests, such processing will be performed in accordance with Article 6 (1) of the GDPR paragraph (f).

Your rights

We take reasonable measures to ensure that your personal information is accurate, complete and up-to-date. You have the right to access, correct or delete the personal data we collect. You also have the right to restrict or oppose, at any time, the further processing of your personal data. You have the right to receive your personal data in a structured and standard format. You can file a complaint with the competent data protection authority regarding the processing of your personal data.

To protect the privacy and security of your personal data, we may request data to enable us to confirm your identity and right to access such data, as well as to search and provide you with the personal data we keep. There are instances in which applicable laws or regulatory requirements allow us or require us to refuse to provide or remove some or all of the personal data we maintain.

You can contact us to exercise your rights. We will respond to your request within a reasonable time and, in any case, in less than 30 days.

Security, Integrity and Data Retention

We use reasonable physical, administrative and technical security measures, designed to safeguard and help prevent unauthorized access to your data, and to correctly use the data we collect. For example, access to your personal data is restricted to our employees, contractors and agents who need access to such data to perform their assigned work tasks.

In the case of a security breach, we will notify you and the appropriate authorities if required by law.

We will retain your personal data for as long as necessary to comply with the purposes described in this Privacy Statement, unless the law requires or permits a longer retention period.


Our services are intended for adults. As a result, we do not collect, use or disclose data of children under 16 years of age knowingly. If we discover that we have collected the personal data of a child under the age of 16 or the equivalent minimum age according to the jurisdiction, we will take steps to eliminate the data as soon as possible. Contact us immediately if you are aware that a child under the age of 16 has provided us with personal information.

Transfers, Storage and Global Data Processing

When we share your personal data with our Group affiliated companies and service providers, your personal data may be transferred and / or accessible from countries outside the European Economic Area. In such circumstances, we will establish model contractual clauses as adopted by the European Commission, or we will rely on alternative legal bases such as the Privacy Shield, when applicable, or binding corporate rules, where our partners or service providers have adopted such approved internal policies. by European Data Protection Authorities.

Changes in this Privacy Statement

We may periodically change this Privacy Statement to keep pace with new technologies, industry practices and regulatory requirements, among other reasons. We hope that most of those changes are minor. Any non-material changes will take effect immediately after the publication of an updated Privacy Statement. However, there may be cases in which changes to the Privacy Statement may be more significant. In such cases, we will first provide a more detailed notice.

The continued use of our products and services after the effective date of the Privacy Statement means that you accept the revised Privacy Statement. If you do not agree with the revised Privacy Statement, refrain from booking our services via the web and contact us to help you.

Contact us

If you have any questions regarding this Privacy Statement or its implementation, you may contact us:

In relation to the use of your personal data for the following purposes:

• To provide, improve and develop our products and services;

• to communicate with you;

• to share your personal information with third parties for marketing communications;

• to promote safety.

• the use of your personal data for the provision of services you requested.