Privacy Policy

Contact Information

Users are informed that the present website https://www.hotelvillalba.com/es/ (hereinafter, “Website”) is the official website of Hotel Spa Villalba.

  • Data Controller: Hoteles Reverón, S.A.
  • Tax Identification Number: A38104022
  • Contact Address: Camino San Roque S/N, 38613, Vilaflor, S/C de Tenerife
  • Contact Email: administracion@hotelesreveron.com

Information Principle

Below are details of each of the treatments outlined on this website, as well as second-layer information where the data controller performs processing in their hotel establishment:

Purpose: The personal data provided through this website will be used for the following purposes:

  • Request for information and inquiries: Management of requests, sending information and communications about inquiries made through forms, emails, and contact telephones.
  • Commercial communications: Management of sending commercial communications about news, exclusive content, communications, and special offers from Hotel Spa Villalba to the email provided in “Subscribe to our Newsletter” or if applicable, by checking the corresponding box for sending commercial communications in registration forms.
  • Hotel Spa Villalba Club: Management of registered customers through the form “Register in Reverón Legacy” who can enjoy discounts and benefits at Hotel Spa Villalba.
  • Teide Challenge: Management of request for information, inquiry or registration for the Teide Challenge activity.
  • Reservations: Management of reservations made by users through this website for different services offered at Hotel Spa Villalba.
  • Gift vouchers: Management of gift vouchers available on this website for services offered at Hotel Spa Villalba.

The Data Controller uses the Redsys online payment platform. The payment platform complies with legally stipulated security guarantees. Any problem or malfunction with the payment platform should be directed to it https://pagosonline.redsys.es/.

*Category of data processed: The data that we may process for the purposes described in this Privacy Policy are:

  • For the processing of information request and inquiry data:
    – First name, Last name, Email and telephone.
  • For the processing of commercial communication data:
    – Email, First name, Last name/s
  • For the processing of data for registering in Club Villalba:
    – First name, Last name/s, Email, Date of birth, Country of residence.
  • For the processing of Desafío Teide data:
    – First name, Last name/s, Email, phone number, and Address.
  • For the processing of reservation data:
    – First name, Last name/s, Email, phone number. Billing data.
  • For the processing of gift voucher data:
    – First name, Last name, ID/PASSPORT, Email, phone number. Billing data.

The personal data provided by users should be appropriate, relevant and not excessive in relation to the scope and the specified, explicit and legitimate purposes for which they were obtained.

The user alone will be responsible for the accuracy and correctness of the data provided. Users will personally answer to the Data Controller, to affected or interested parties, and to the Spanish Agency for Data Protection in the event of providing false data or data of third parties without their consent.

Furthermore, it is notified that the data provided in the contact and registration forms must be filled out voluntarily, except for those data that appear as mandatory. If the required mandatory data is not provided, the management of the request cannot be guaranteed.

The recipient of the service commits to communicate to the Data Controller any changes in their data, so that the data at all times truthfully reflect their current situation.

*Treatment of minors’ data: It’s forbidden for minors under 14 years of age who are not duly authorized, to access and use this website. The personal data of such minors can only be collected and processed with the explicit consent of their parents or legal guardians and to obtain this consent, they must be clearly and previously informed about the purposes of the process. The owner of this website understands that from the moment a minor accesses this website, and/or makes a reservation, they have permission from their parents, guardian or legal representative. In addition, we remind adults who are in charge of minors that it will be their sole responsibility if a minor incorporates their data to make a reservation.

*Category of data processed: The data that we may process for the purposes described in this Privacy Policy are:

  • For the processing of data related to request for information and enquiries:
    – Express consent.
  • For the processing of data related to the sending of commercial communications:
    – Express consent.
  • For the processing of data related to registration in Club Villalba:
    – Express consent with the request to join the Club.
  • For the processing of data related to Teide Challenge:
    – Express consent. In case of contracting the service, business relationship.
  • For the processing of data related to reservations:
    – Express consent for the reservation request of the managed service and precontractual/contractual relationship.
  • For the processing of data related to gift vouchers:
    – Business relationship.

Consent for the processing of personal data provided in the contact and/or registration forms will be understood as expressly, freely, and unequivocally given for the purposes described, by checking the boxes specified therein. The receipt of emails and phone calls will be understood as consent given for the matters requested by the user.

UNSUBSCRIBE FROM COMMERCIAL COMMUNICATIONS: If you do not wish to receive information about the products and services we offer at Hotel Spa Villalba, you can unsubscribe by sending an email with the words “UNSUBSCRIBE FROM COMMERCIAL COMMUNICATIONS” to administracion@hotelesreveron.com.

Retention period: Your data will be stored for the following periods:

  • For the processing of information requests and inquiries data:
    – Until you revoke your consent.
  • For the processing of commercial communications:
    – Until you revoke your consent.
  • For the processing of registration at Club Villalba data:
    – Until you revoke your consent.
  • For the processing of Desafío Teide data:
    – Until the revocation of consent, however, if you contract the service during the commercial relationship and, in any case, during the legally applicable periods in accounting, tax and claim matters.
  • Reservations:
    – Royal Decree 933/2021, of October 26, which establishes the documentary registration and information obligations of individuals or legal entities that carry out accommodation and motor vehicle rental activities, will apply. In case of reservations for spa and restaurant services, during the legally established periods for possible claims.
  • For the processing of gift vouchers data:
    – During the commercial relationship and, once this is ended, during the legally established period for possible claims.

Recipients:

  • For the processing of information requests and inquiries data:
    – No data transfers are made.
  • For the processing of data for sending commercial communications:
    – No data transfers are made.
  • For the processing of data to register at Club Villalba:
    – No data transfers are made.
  • For the data processing of the Teide Challenge:
    – There are no transfers to other third parties.
  • For the data processing of reservations:
    – Competent Organism (Royal Decree 933/2021). In case of proceeding to payment to banking entities. The information about Check In and Invoicing is in the Additional Information of the current Privacy Policy.
  • For the processing of data of gift vouchers:
    – In case of proceeding to payment to banking entities. The information about Invoicing is in the Additional Information of the current Privacy Policy.

Data will not be transferred to other third parties except under legal obligation. If in the future Hotel Spa Villalba makes other transfers of personal data, it will inform in due time.

The management of online reservations of the hotel establishment carried out on this website, is carried out through the reservation service provider, a collaborating company in the management of online reservations, and with whom the person responsible for processing maintains a contractual relationship that covers the requirements established in the current regulations on Data Protection.

Data hosting and third parties with access to data

This website is hosted on a server located in the European Union. The sole purpose is to host our website, therefore, having the hosting mode, the management company will not have access to your personal data.

Similarly, our emails, as well as cloud backups, are managed by companies located within the territory of the European Union, as well as their hosting servers.

With all collaborators and external professionals who access personal data of our company and clients, we have formalized a contract for access to data on behalf of third parties as established in the current legislation on personal data protection.

Additional Information about the data processing carried out at Hotel Spa Villalba:

In compliance with the current legislation regarding Personal Data Protection, this Privacy Policy informs you about the data processing carried out at Hotel Spa Villalba:  
  • Customer Check-In
  When you register at the hotel, you give your consent for the processing of your personal data and that of your companions for the purpose of managing customer check-in and check-out. The legal basis for the processing of your personal data is the mandatory registration of travelers, on registration books and parts of visitor entries in hospitality establishments and others similar (Royal Decree 933/2021), as well as the contractual relationship. The collection of this data is mandatory to carry out the registration. If you refuse, it will not be possible to provide you with the accommodation service you have contracted. Your data will be in our database for the legally established prescription years in this matter (Royal Decree 933/2021). We inform you that your data will be transferred to the State Security Forces due to legal obligation. This communication is necessary for the provision of our services. Your data will not be transferred to other third parties, unless there is a legal obligation. No international data transfers will be made.  
  • Billing
  If you contract our services, you are informed and expressly consent that your personal data provided to Hotel Spa Villalba are used for the purpose of managing your billing. The legal basis for the processing of your personal data is the obligation to issue invoices for the delivery of goods and services, as set out in Law 58/2003, of December 17, General Tax Law, which makes the collection and processing of your data mandatory and essential to provide our services. Your data will be in our database for the legally established prescriptive years in accounting and tax matters. The competent public administrations may access your data, where appropriate. This communication is necessary for the provision of our services. Your data will not be transferred to other third parties, unless there is a legal obligation. No international data transfers will be made.  
  • Curriculum Management
  Our internal policy about receiving of CVs states that they should be collected through our email address administracion@hotelesreveron.com or in person at the hotel premises. In compliance with the quality principle of data, defined in the current Data Protection regulations, we will keep your personal data for 3 years in order to use them in future selection processes. Following the aforementioned principle, please refrain from including unnecessary information in your CV to ensure that the data included are always adequate and relevant. In the event of a change in your data, we kindly ask you to promptly notify us. No third party data will be transferred. No international transfers of your data are made.  
  • Use of social networks
  Our social networks are used to link news, articles, or other relevant information for our customers and followers. Identifiable photographs of individuals might be included. In that case, if the affected person wants to remove her image, she can contact the Data Processing Manager of the page for its removal at administracion@hotelesreveron.com.   In no case will we use the contact details of our followers to include them in our mailing list for advertising. You may exercise your rights as follows:   Should you experience any problems regarding the processing of your personal data, you can exercise your rights to access, rectify, delete, and carry your data, and to limit or oppose its processing, at any time, by means of a written request accompanied by an identification document, addressed to Hoteles Reverón, S.A., Camino San Roque S/N, 38613, Vilaflor, S/C de Tenerife or by email to administracion@hotelesreveron.com.   The Data Controller must respond to the request to exercise rights within one month from your request. The deadline may be extended to two months considering the complexity and the number of requests. The Data Controller will inform the interested party of any such extensions within one month from the receipt of the request, indicating the reasons for the delay. When the interested party submits a request by electronic means, the information will be provided by electronic means where possible, unless the interested party requests otherwise.   If you have not obtained satisfaction in exercising your rights, you can file a complaint with the Control Authority. You can contact the Spanish Data Protection Agency through the website www.agpd.es.   Modification of these conditions and duration   The owner of this website may modify the conditions specified here at any time, being duly published as they appear here, due to their own criteria or due to the modification of legislation or guidelines from the Spanish Data Protection Agency. The validity of the mentioned conditions will apply until they are modified by others duly published.   Legislation and jurisdiction   The legislation applicable to the content of the website will be the Spanish one and the jurisdiction will correspond to the competent Courts and Tribunals in Santa Cruz de Tenerife.   Last modification: November 20, 2025