Reset Password

DATA PROTECTION
OUR COMMITMENT TO THE PROTECTION OF PERSONAL DATA: “INFORMED INDIVIDUALS AND PROTECTED DATA”

The Management / Governing Body of THE BEST GROUP IBIZA S.L. (hereinafter, the Data Controller) assumes the utmost responsibility and commitment to the establishment, implementation, and maintenance of this Data Protection Policy, guaranteeing the continuous improvement of the Data Controller with the objective of achieving excellence in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119/1, 04-05-2016), and with Spanish personal data protection regulations (Organic Law, specific sectoral legislation, and implementing regulations).

The Data Protection Policy of THE BEST GROUP IBIZA S.L. is based on the principle of proactive accountability, under which the Data Controller is responsible for compliance with the regulatory and case law framework governing this Policy and must be able to demonstrate such compliance to the competent supervisory authorities.

In this regard, the Data Controller shall be guided by the following principles, which must serve as guidance and a reference framework for all personnel in the processing of personal data:

  1. Data protection by design: The Data Controller shall implement, both at the time of determining the means of processing and at the time of the processing itself, appropriate technical and organizational measures, such as pseudonymization, designed to effectively apply data protection principles, such as data minimization, and to integrate the necessary safeguards into the processing.

  2. Data protection by default: The Data Controller shall implement appropriate technical and organizational measures to ensure that, by default, only personal data necessary for each specific processing purpose are processed.

  3. Data protection throughout the information lifecycle: Measures ensuring the protection of personal data shall apply throughout the entire lifecycle of the information.

  4. Lawfulness, fairness, and transparency: Personal data shall be processed lawfully, fairly, and transparently in relation to the data subject.

  5. Purpose limitation: Personal data shall be collected for specified, explicit, and legitimate purposes and shall not be further processed in a manner incompatible with those purposes.

  6. Data minimization: Personal data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

  7. Accuracy: Personal data shall be accurate and, where necessary, kept up to date. All reasonable steps shall be taken to ensure that inaccurate personal data, with regard to the purposes for which they are processed, are erased or rectified without delay.

  8. Storage limitation: Personal data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes of the processing.

  9. Integrity and confidentiality: Personal data shall be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, through the implementation of appropriate technical or organizational measures.

  10. Information and training: One of the key elements in ensuring the protection of personal data is the training and information provided to personnel involved in processing activities. Throughout the information lifecycle, all personnel with access to data shall be appropriately trained and informed about their obligations regarding compliance with data protection regulations.

The Data Protection Policy of THE BEST GROUP IBIZA S.L. is communicated to all personnel of the Data Controller and made available to all interested parties.

Consequently, this Data Protection Policy involves all personnel of the Data Controller, who must be aware of and assume it as their own, each member being responsible for applying it and verifying the data protection regulations applicable to their activities, as well as identifying and proposing improvement opportunities deemed appropriate in order to achieve excellence in compliance.

This Policy shall be reviewed by the Management / Governing Body of THE BEST GROUP IBIZA S.L. as often as deemed necessary, in order to ensure continuous compliance with current personal data protection regulations.