This Privacy Policy complies with current Spanish and European regulations on personal data protection, specifically:

▪ Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

▪ Organic Law 3/2018, of December 5, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD-GDD).

▪ Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

DATA CONTROLLER

The data controller, pursuant to this Privacy Policy, is:

▪ Data Controller: CABO SOLUCIONES DE INVERSIONES INMOBILIARIAS S.L. (hereinafter, “CABO SOLUCIONES”)

▪ Tax ID No.: B75078303

▪ Address: Avenida Carlos III No. 81, CP 14100 La Carlota (Córdoba)

▪ Telephone: 692 95 52 96, Email: evaruizespejo@hotmail.com

▪ Registered in the Commercial Registry of Guipúzcoa, volume 2576, folio 198, page SS-34934.

PURPOSE AND LEGAL BASIS FOR PROCESSING

CABO SOLUCIONES will process your personal data for the following purposes:

▪ To manage the contracted service, including payment management (if applicable). The legal basis for processing is the execution of the contract between the parties. (Art. 6.1.b) GDPR).

▪ Respond to requests, queries, complaints, and/or claims made by the user through the channels provided for this purpose on the website.

The legitimate basis for data processing is the consent granted (Art. 6.1.a) GDPR).

PERSONAL DATA PROCESSED

Data provided for reservations:

▪ Identification data (e.g., first name, last name).

▪ Contact information (e.g., email address or telephone number).

▪ Check-in and check-out dates.

▪ Stay preferences.

DATA RETENTION

Your data will be retained for the period necessary to fulfill each purpose or to comply with applicable legal requirements, or until the user exercises their rights to erasure and objection, or revokes their consent.

COMMUNICATION OF YOUR DATA AND INTERNATIONAL TRANSFERS

CABO SOLUCIONES may communicate data to:

▪ Third-party data processors that provide services to CABO SOLUCIONES, with whom the corresponding agreement has been signed guaranteeing compliance with the GDPR and appropriate security measures.

▪ State law enforcement agencies, in compliance with current legislation. Some recipients indicated in this section may be located within or outside the European Economic Area, with international data transfers being duly legitimized in the latter case.

EXERCISE OF RIGHTS

At any time, you may exercise your rights of access, rectification, erasure and objection, data portability, and restriction of processing, as set forth in the GDPR, by contacting the postal or email addresses indicated above.

Likewise, you may revoke the consent granted without affecting the lawfulness of the processing based on the consent prior to its withdrawal.

The request must specify which of these rights you are requesting to be fulfilled and must be accompanied by a photocopy of your ID or equivalent identification document.

If you have not obtained satisfaction in the exercise of your rights or the manner in which you exercise them, you may file a complaint with the Spanish Data Protection Agency. Find out more at www.agpd.es

USER RESPONSIBILITY

The user guarantees that they are over 18 years of age and that the information provided is true, accurate, complete, and up-to-date. For these purposes, the user will be responsible for the veracity of all the information they provide and will keep it appropriately updated so that it reflects their actual situation.

They guarantee that they have informed any third parties to whom they provide their data, if any, of the aspects contained in this privacy policy.

They will be responsible for any false or inaccurate information they provide through the website and for any direct or indirect damages caused to CABO SOLUCIONES or third parties.

SECURITY MEASURES

CABO SOLUCIONES will treat user data at all times in an absolutely confidential manner and will maintain the mandatory duty of secrecy regarding said data, in accordance with the provisions of applicable regulations. To this end, it will adopt the necessary technical and organizational measures to guarantee the security of said data and prevent its alteration, loss, unauthorized processing, or access, taking into account the state of technology, the nature of the data stored, and the risks to which it is exposed.