Privacy Policy

PERSONAL DATA PROTECTION POLICY
May 25, 2018

CENTRO VACACIONAL IRRISARRI DE IGANTZI S.L. is an organization involved in the processing of personal data, which assigns it a significant responsibility in designing and organizing procedures to ensure compliance with legal regulations in this area.

In exercising these responsibilities and with the aim of establishing the general principles that must govern the processing of personal data within the Company, it approves this Personal Data Protection Policy, which is communicated to its Employees and made available to all its Stakeholders.

1. Purpose

The Personal Data Protection Policy is a proactive accountability measure intended to ensure compliance with the applicable legislation in this area and, in relation to it, the respect for the right to honor and privacy in the processing of personal data of all individuals who interact with the Company.
In accordance with this Personal Data Protection Policy, the principles governing data processing within the organization are established, along with the procedures, and the organizational and security measures that the individuals subject to this Policy commit to implementing within their scope of responsibility. To this end, CENTRO VACACIONAL IRRISARRI DE IGANTZI S.L., located at Barrio Irisarri, 1 CP 31790 IGANTZI (NAVARRA), shall assign responsibilities to personnel involved in data processing operations.

2. Scope of Application

This Personal Data Protection Policy applies to the Company, its administrators, executives, and employees, as well as to all individuals associated with it, explicitly including service providers with access to data (“Data Processors”).

3. Principles of Personal Data Processing

As a general principle, the Company shall strictly comply with personal data protection legislation and must be able to demonstrate such compliance (Principle of “proactive accountability”), paying special attention to data processing operations that may pose a higher risk to the rights of data subjects (Principle of “risk-based approach”).

In line with the above, CENTRO VACACIONAL IRRISARRI DE IGANTZI S.L. shall ensure compliance with the following Principles:

➔ Lawfulness, fairness, transparency, and purpose limitation. Data processing must always be communicated to the data subject through clauses and other procedures; and shall only be considered lawful if there is consent for the data processing (with particular attention to minors), or another valid legal basis, and the purpose is aligned with regulations.
➔ Data minimization. The data processed must be adequate, relevant, and limited to what is necessary for the purposes for which they are processed.
➔ Accuracy. Data must be accurate and, where necessary, kept up to date. Necessary measures shall be taken to ensure that inaccurate data are deleted or rectified without delay.
➔ Storage limitation. Data shall be kept in a way that allows identification of data subjects for no longer than is necessary for the purposes of the processing.
➔ Integrity and confidentiality. Data shall be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
➔ Data transfers. The purchase or acquisition of personal data from illegitimate sources, or in cases where data have been collected or disclosed in violation of the law or without proper legal origin, is prohibited.
➔ Hiring of service providers with data access. Only providers that offer sufficient guarantees to implement appropriate technical and security measures in data processing shall be contracted. Proper agreements with these third parties shall be documented.
➔ International data transfers. Any personal data processing subject to EU regulations involving transfers outside the European Economic Area must be carried out in strict compliance with applicable legal requirements.
➔ Rights of data subjects. The Company shall facilitate the exercise of the rights of access, rectification, erasure, restriction of processing, objection, and data portability. To this end, it shall establish internal procedures and, in particular, appropriate and necessary templates to enable their exercise, which must meet at least the legal requirements applicable in each case.
The Company shall promote the integration of the principles outlined in this Personal Data Protection Policy into (i) the design and implementation of all work procedures, (ii) the products and services offered, (iii) all contracts and obligations entered into or assumed, and (iv) the implementation of all systems and platforms that enable employee or third-party access and/or the collection or processing of personal data.

4. Employee Commitment

Employees are informed of this Policy and acknowledge that personal data is a Company asset. In this regard, they adhere to it and commit to the following:

Complete the data protection awareness training provided by the Company.
Apply the user-level security measures applicable to their job, without prejudice to their responsibilities in the design and implementation based on their role. within CENTRO VACACIONAL IRRISARRI DE IGANTZI S.L.
Use the established formats for the exercise of data subjects’ rights and promptly inform the Company to enable a timely response.
Report to the Company, as soon as they become aware, any deviations from this Policy, particularly any “personal data security breaches,” using the format established for this purpose.

5. Monitoring and Evaluation

An annual verification, evaluation, and assessment shall be conducted—or whenever there are significant changes in data processing—regarding the effectiveness of the technical and organizational measures in place to ensure data security.

CENTRO VACACIONAL IRRISARRI DE IGANTZI S.L.

“Non Stop Inn” hostel

Yrisarri Hotel-Palace

Luxury Cottages “Basajaun Basoa”

CUSTOMISED PROPOSALS

PERFORMANCE

THE KEYS TO ACHIEVING YOUR DREAM TEAM.

TRAIN TO WIN.

TEAM SPIRIT.

BUILDING COHESIVE TEAMS.

MENTAL TRAINING FOR TOP MANAGERS.

FROM THE COURT TO THE COMPANY. THE ART OF LEADERSHIP IN SPORT APPLIED TO THE COMPANY.

SUSTAINABILITY

FOREST BATHING.

CONNECTED.

REWILDING (Regeneration) & FOREST THERAPIES FOR YOUR ORGANISATION.

YOU WILL NEVER WALK ALONE.

SUSTAINABILITY IN YOUR LIFE AND IN YOUR BUSINESS.

THE MISSION.

TALENT

DISCOVER YOUR TALENTS WITH LEGO SERIOUS PLAY.

VALUING OUR DIVERSITY.

NEITHER CARROT NOR STICK.

RELATIONSHIPS THAT WORK.

THE GAME OF MASKS.

TALENT MAPPING.

WELLNESS

SMILE ON MONDAYS.

EMOTIONALLY HEALTHY WORK TEAMS.

ADAPTABILITY AND RESILIENCE.

CREATING A HEALTHY TEAM.

PLAY AND ART TO MANAGE AND RECONNECT.

SMILE IN COMPANY.

COHESION

THE BRIDGE.

BRING THE TEAM TOGETHER BY PLAYING.

IRRI SARIA / THE GREAT ESCAPE.

THE BAXI CROWN; A CHALLENGE FOR A COHESIVE TEAM.

UNITED TEAMS, EFFECTIVE TEAMS.

THE EFFECTIVE LOOK OF THE TEAM.

LEADERSHIP

PITCHERS; LEAD FOR RESULTS.

THE GPS TO LEAD MY TEAM.

THE POTENTIAL OF HUMAN STRENGTH.

THE 5 KEYS TO THE KAIZEN TEMPLE OF LEADERSHIP.

SUPERHABITS.

MOVE & SHINE.

PRODUCTIVITY

BUILD IT AS A TEAM! Change, resources and limited time. How do we make it happen?

LOST.

YOU OR ME / EUSKAL MYTHOLOGY / BE WATER MY FRIEND / ORDER MATTERS.

OPEN SPACE.

FEEDBACK.

THE COTTAGE.

COMMUNICATION

THE ART OF UNDERSTANDING EACH OTHER AND BUILDING TOGETHER.

SOLVE YOUR CHALLENGES BY PLAYING.

LISTEN TO THE SILENCE OF YOUR TEAM.

THE FLAME THAT BINDS US TOGETHER.

TOXIC ATTITUDES OUT! Learn tools for focused and positive communication.

BUSINESS STORYTELLING (Corporate storytelling).