Privacy Policy

This website (WWW.OASISBALEAR.COM) collects personal information that is required for the management and maintenance of some of our services.


You are informed that the WEBSITE OWNER (the “Data Controller”) complies with Spanish Organic Act 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (the “LOPDGDD”), EU Regulation 2016/679 on Data Protection (the “GDPR”), and other legislation in force and applicable at any given time, seeking to ensure the correct use and processing of the personal data of the user (also referred to herein as “data subject”).


Pursuant to Article 13 of the GDPR and Article 11 of the LOPDGDD, this Privacy Policy applies to the processing carried out by OASIS BALEAR, S.L., as Data Controller, of the personal data that users and/or customers (natural persons) provide in response to information requests and/or the engagement of the services and/or products it provides and sells via its website, or of data collected in any section of the website.




  • Data Controller: OASIS BALEAR, S.L.
  • Fiscal Identification Number (CIF): B62321443





Your personal data will be used for the general purposes of managing and monitoring the commercial relationship entered into and for the specific purposes of:


  • managing all aspects of the access and the correct use of the services and/or products by our users;
  • communicating with our users in response to any issues, requests, comments and enquiries they bring to our attention via the services and/or products, as well as the contact forms on our website (including email and telephone);
  • providing, updating, maintaining and protecting the services and/or products and activities;
  • offering new services and/or products, special offers and updates;
  • if applicable, managing the staff recruitment procedures in respect of employee and/or partner selection processes;
  • communications: we may send you emails, messages and other types of communications regarding our services and/or products, technical issues or changes to the same – these notifications are considered part of the services and/or products and you may not opt out of them;
  • if applicable, marketing communications: we may use your data to contact you, via electronic and non-electric means, to conduct surveys, to find out your opinion on the service provided and, occasionally, to notify you of changes, important developments regarding the services and/or products, offers and/or promotions in respect of our services and/or products or of those of third companies related to us. These marketing notifications will, in all cases, require your express, separate authorisation. You may withdraw consent to receive these notifications at any time by using the opt-out tool included in the notification email, or via the preferences settings on the customer account.


We do not process your personal data for any other purposes than those described above, unless required by law or pursuant to a court order.




The personal data you provide will be processed and retained for the duration of the relationship for the provision ofservices and/or products, without prejudice to you being able to exercise your data protection rights (right of access, right to rectification, right to erasure, right to object, right to restrict processing, right to data portability and the right not to be subject to a decision based solely on automated processing).


The personal data of users who wish to receive information on our services and/or products will be kept on the system indefinitely, provided the user does not request their deletion.




OASIS BALEAR, S.L. processes your personal data based on the two (2) following legal bases: your consent as data subject (1) and legitimate interest (2).


  1. Your consent as data subject, for the above-mentioned purposes, which will be requested:


  • prior to processing your data;
  • during the customer registration process; and
  • when sending communications from OASIS BALEAR, S.L.


Any information requests you submit to us require that you voluntarily supply us with the data we need in order to assist you or to provide you with our services and/or products. However, you may freely refuse to provide us with these data, or may withdraw at a later date the consent previously given to process your data, although such refusal will mean that we cannot process your request.


  1. OASIS BALEAR, S.L. has a legitimate interest in retaining its customers and/or users, maximising customer loyalty and further improving how it caters for their expectations or previously expressed interests, e.g. improving products, managing requests, enquiries and complaints, offering similar products to those already purchased, providing information on promotions etc. without prejudice to OASIS BALEAR, S.L.’s fulfilment of the remaining obligations in relation to sending marketing communications by electronic means.


OASIS BALEAR, S.L. understands that, upon providing us with these data, you warrant and accept responsibility for such data being true, accurate and up-to-date and accept and consent to their processing for the above-mentioned purposes.




On a general basis, OASIS BALEAR, S.L. will not disclose your personal data to third parties unless we are legally required to do so, or you have expressly authorised us to do so by using our services and/or products.


OASIS BALEAR, S.L. will not carry out cross-border transfers of the personal data collected by our website, except when:


  • the cross-border data transfer is required in order to perform an agreement or pre-contractual measures to which the data subject is party.
  • the cross-border data transfer is required in accordance with the legislation in force.
  • the cross-border data transfer is carried out due to being hosted on the web page of servers located outside of the European Economic Area.


In any event, should a cross-border data transfer be carried out, OASIS BALEAR, S.L. will ascertain that the country importing the data ensures that the data are adequately protected, in accordance with the legislation in force.




The data protection regulations allow you to exercise your rights of access, to rectification, to object, to erasure (the “right to be forgotten”), to restrict processing, to data portability and not to be subject to a decision based solely on automated processing:


  • The right of access allows the data subject to know and obtain information regarding their personal data being processed.
  • The right to rectification allows the data subject to rectify mistakes, modify inaccurate or incomplete data and ensure that their personal data are accurate.
  • The right to erasure allows data subjects to request that their personal data be erased once they are no longer necessary for the performance or provision of the service.
  • The right to object allows data subjects to object to or stop the processing of their personal data, except where there are legitimate grounds or grounds for brining or defending claims, in which case we would block the data for the duration of the relevant period.
  • The right to object to receiving marketing communications allows data subjects to opt out marketing communications, being able to withdraw their consent at any time.
  • The right to restrict processing allows data subjects to request, in certain circumstances, a restriction of the processing of their data, in which case they would only be kept in relation to bringing or defending a claim.
  • The right to data portability allow data subjects to request to receive the data concerning them and which they have provided to us, or request that, where technically possible, we send them to a different data controller of their choice, in machine readable standard structured format.
  • Rights in relation to automated individual decision-making and profiling: data subjects are entitled not be subject to a decision based solely on automated processing that has an impact on or significantly affects them.
  • The right to withdraw consent allow data subjects to withdraw their consent at any time, with this not affecting the legality of the processing based on the consent provided when providing their data.



If you wish to exercise any of the above-mentioned rights, please contact us by email or by post at the addresses included under the heading “Information about the Data Controller” and include the following information: your name and surname, National Identity Document number, contact email address and postal address, the right you wish to exercise and the conditions of the same.


Bringing a claim before the Supervisory Authority: OASIS BALEAR, S.L. informs you of your right to file a claim before the Spanish Data Protection Agency ( should you consider that the processing is not compliant with the legislation in force.




Retention of certain data

 OASIS BALEAR, S.L. informs you that, in compliance with the provisions of Spanish Act 25/2007, of 18 October, on the retention of data related to electronic communications and public communications networks, it will retain and store certain traffic data generated when sending communications for the purpose of disclosing them to authorised authorities, when the legal circumstances foreseen in said Act are met.


Recorded data

 Our services automatically collect information when the user accesses the website services. These data may include the IP address, the identification details of the device from which the products are accessed, the operating system, and device settings.


Security measures

 You are also informed that the WEBSITE OWNER (the Data Controller) has technical and organisational security measures in place to guarantee the security of your personal data and prevent their alteration, loss and processing and/or unauthorised access, considering the state of the technology, the nature of the data stored and the risks to which they are exposed, whether resulting from human action or a physical or natural process. Likewise, additional measures have been put in place to reinforce the confidentiality and integrity of the information as to its organisation, carrying out the ongoing monitoring, control and evaluation of the procedures in place to guarantee the privacy of the data.




The Social Media Privacy Policy of the WEBSITE OWNER (the Data Controller) concerns the personal data of users who register via a social media account and/or browse while being logged into their social media account. When registering with your social media identification details, you expressly consent to the processing of your personal data in accordance with this Privacy Policy.


Users who provide their personal data via the information available on their social media account and/or user profile are informed that the relevant social media site is responsible for the processing of personal data, unless other conditions are expressly indicated for a specific case of processing.


Pursuant to the provisions of the applicable data protection legislation, THE SOCIAL MEDIA/WEBSITE OWNER respects users’ privacy and the confidentiality and security of their personal data, adopting for such purpose the necessary legal, technical and organisational measures to prevent the loss, improper use, alteration, unauthorised access and theft of the personal data provided, considering the state of the technology, the nature of the data and the risks to which they are exposed.


Users’ personal data will only be obtained for processing if they are appropriate for, relevant to and not beyond the scope and purposes for which they have been collected. Their processing will therefore be limited to those purposes indicated to the Users in each case.


Whenever your personal data are collected, you will be previously informed in a clear and unambiguous manner of the circumstances related to their processing, pursuant to the data protection requirements in force at any given time. Similarly, your personal data provided will only be retained if you do not request their deletion or rectification or object to them being processed, or in those cases where your consent is required, you do not withdraw said consent.




Children under the age of 14 are prohibited from accessing and registering on the website or via social media sites. If a minor or legally incapacitated individual wishes to register, their parent, guardian or legal representative must provide a valid document evidencing their legal representation as such.


THE SOCIAL MEDIA/WEBSITE OWNER will be expressly exempt from any liability resulting from the use of the social media sites by minors or legally incapacitated individuals.