Legal Notice

In compliance with the Law 34/2002 on Information Society Services and Electronic Commerce of Spain, we inform you that this website is owned by Viatges Estiber S.A., hereinafter referred to as Estiber, with its registered address at C/Casanova 101, 08011 Barcelona, with Tax Identification Number A-58220468, and registered in the Mercantile Registry of Barcelona with the following details: Book 6875, Section 2ª, Folio 50, Volume 7610, Sheet 87731, Entry No. 1.

For any inquiries or proposals, please contact us via email at info@estiber.com or by phone at 93 454 83 08.

This website is governed by regulations exclusively applicable in Spain, and it is subject to them, both for nationals and foreigners who use this website.

Access to our website by the USER is free and is conditioned on the prior reading and full, express, and unconditional acceptance of the current GENERAL TERMS OF USE at the time of access, which we kindly ask you to read carefully. The USER, upon using our portal, its content, or services, expressly accepts and submits to the general terms of use. If the user does not agree with the present conditions of use, they should refrain from using this portal and operating through it.

A. INTELLECTUAL PROPERTY

All content, texts, images, and source codes are the property of Estiber or third parties from whom exploitation rights have been acquired, and they are protected by Intellectual and Industrial Property rights.

The user is only entitled to private, non-profit use of the content and requires express authorization from Estiber and/or the rights holder to modify, reproduce, exploit, distribute, or exercise any right belonging to the rights holder.

The establishment of links to our portal does not confer any rights over it, and authorization is exclusively granted to allow access to our website. The total or partial reproduction of images and content from our portal is prohibited on other pages. Likewise, merely establishing a link to our website does not entitle one to be classified as a collaborator or partner of Estiber.

Imitation of our portal, whether in whole or in part, is strictly prohibited.

B.ACCES CONDITIONS

Access to our website is free and does not require prior subscription or registration. However, Estiber reserves the right to offer services that require user registration. In any case, these services will be properly identified on the website, with easy instructions for registration.

The user must access our website in good faith, in accordance with public order norms, and these General Terms of Use. Access to our website is undertaken at the user's own and exclusive responsibility. The user will be held accountable for any damages and losses caused to third parties or to us.
 
The user is expressly prohibited from using and obtaining the services and content offered on this website through procedures other than those stipulated in these terms of use, and, where applicable, in the specific conditions regulating the acquisition of certain services.
 
Considering the inability to control the information, content, and services contained on other websites that may be accessed through the links provided on our website, we inform you that Estiber is exempt from any liability for damages of any kind that may arise from the use of those external websites by the user.
 
Estiber reserves the right to take legal action against those USERS who violate these general terms of use. The USER acknowledges that the failure to initiate these actions does not constitute a formal waiver of them, and they remain in effect until the expiration of the prescription periods for the offenses.
 

C. PROTECTION OF PERSONAL DATA

Privacy and Data Protection Policy

VIATGES ESTIBER, S.A. (hereinafter, the Travel Agency) is committed to due diligence and compliance with Data Protection regulations.
 
The following provides detailed information about the confidentiality and Personal Data Protection policy in accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, regarding the protection of individuals concerning the processing of personal data and the free movement of such data (General Data Protection Regulation or GDPR) and Article 11 of Organic Law 3/2018, on Personal Data Protection and Digital Rights Guarantee (LOPD GDD).
 
Data Controller and Data Protection Officer (DPO) Contact Information:
 
Address / ZIP Code: C/ Casanova nº 101, 08011, Barcelona
Phone: 93 454 83 08
Website: www.estiber.com
Email: info@estiber.com
DPO Contact: dpdexterno@bonetconsulting.com
Data Protection Channel: www.corporate-line.com/cnormativo-grupo-estiber
 

Processing Purposes:

The Travel Agency will process the personal data provided by individuals through this website and/or any other means for the following purposes:
 
> Manage attention, visits, and meetings at our facilities.
> Handle any type of request, suggestion, and/or information inquiry about our services and tourist packages made by users through any means.
> Sale and Organization of Trips and Tourist Packages, including activities such as:

  • Reservation, accommodation, transportation, and other ancillary services.
  • Payment management for services and refunds.
  • Handling claims and incidents related to contracted services.
Categories of Processed Data: The Travel Agency may incidentally process certain health data and information about food intolerances to correctly provide the services of selling and organizing the contracted trip.
 
Informational and Commercial Communications: Processing of your data to inform you about activities, articles of interest, and general information related to our activity, promotions, and services/products related to the tourism sector.
 
Customer Service and Follow-Up: To improve our products and services and enhance customer satisfaction and experience, handle administrative purposes of the entity, ensure network and information security owned by the Travel Agency, comply with legal obligations, and meet all applicable customs and immigration requirements related to your trip, etc.
 
> Ensure the security of offices, facilities, and individuals through access controls, video surveillance systems, and other access control/identification systems.

> Manage relationships with our Suppliers/Collaborators for the management and execution of services/products contracted by the Travel Agency.

> Manage data provided by job applicants through their Curriculum Vitae (CV) for the purpose of the selection and recruitment process.

> Comply with legal provisions applicable to the Entity and its activities in health and occupational risk prevention matters.

> Implement any treatments necessary for compliance with official/sectoral regulations and requirements applicable to our activity.

>
Manage and control the operation of internal mechanisms, policies, and protocols established by the Travel Agency for compliance and management of reporting channels.  
For the proper execution and development of the aforementioned purposes, the processing of your data for the relevant purposes mentioned above will be carried out in strict compliance with Data Protection regulations and the Policy detailed here.
You may exercise your rights at any time (see specific section).
 

Data Retention Criteria

> Management of Tourist Services/Packages Contracted with the Travel Agency: Personal data provided in contracts, offers, and/or service proposals, as well as those of other individuals involved, will be retained for the duration of the contracted services. After the provision of the contracted service(s), personal data may be retained in cases where responsibilities with the agency arise or to comply with other applicable legal frameworks. Personal data will be maintained to allow for the identification and exercise of the rights of the data subjects, under technical, legal, and organizational measures necessary to ensure confidentiality and integrity.
 
> CV Management: As a general rule, the Travel Agency retains Curriculum Vitae for a maximum period of one year. After this period, data will be automatically destroyed in compliance with the data quality principle.
 
> Management of Employment Contracts: Personal data will be retained for the duration of the employment relationship and, after its termination, in cases where responsibilities may arise between the parties and as required by law.
 
> Others: The rest of the data and information provided by the data subject through any means will be retained for the time necessary to fulfill the purpose for which they were collected.
 
 

Legitimation

> The legal basis that authorizes the Travel Agency to process the personal data of users, clients, and potential clients is as follows:
 
> Consent of the individuals interested: For the processing and management of any request for information or inquiry about our services and products related to the tourism sector.
 
> Consent provided by job candidates: For the purpose of selection and recruitment.
 
> Framework of provision and/or contracting of services/products with the Travel Agency.
 
> Legitimate interest: To send informative, commercial, and/or promotional offers related to the activities of the Travel Agency and the services/products contracted through email or any other means.
 
> Compliance with legal obligations and internal compliance procedures.
 
> Legitimate interest: To ensure the security of offices, facilities, and individuals.
 

Recipients

The Travel Agency may disclose your personal data to other entities in the tourism sector involved when strictly necessary for the proper management and organization of the tourist services contracted by the user. The entities to which the Travel Agency may disclose your personal data include:
 
[No specific entities were provided in the original text. If available, you should insert the names of specific entities.]
 
 
 

ENTITIES

PURPOSES

Insurance Companies

Formalization of Travel Insurance Policies for Coverage of Risks Arising from the Trip

National and Foreign Collaborating Agencies

Management and Organization of Travel and Tourist Packages

Airlines and Transportation Companies

Ticket Reservation, Acquisition, and Sales

Hotel Establishments

Accommodation Reservations


Origin

Personal data is obtained directly from the individuals concerned and our collaborators. The categories of personal data provided to us include:
 
> Identification data.
> Postal or email addresses.
> Banking data.
> Data provided and/or consented to by the interested parties related and necessary for the management and provision of the requested service/product.
 

Rights

Right of Access, Rectification, and Deletion: Individuals have the right to confirm whether the Entity is processing personal data concerning them. They have the right to access their personal data and request the rectification of inaccurate data or the deletion of data when, among other reasons, it is no longer necessary for the purposes for which it was collected.
 
Right to Limitation and Objection: In certain circumstances, individuals may request the limitation of the processing of their data, in which case we will only keep the data for the exercise or defense of claims. In certain circumstances and for reasons related to their particular situation, individuals may object to the processing of their data. The Entity will stop processing the data in this case, except for compelling legitimate reasons, or for the exercise or defense of possible claims.
 
Right to Withdraw Consent: Individuals have the right to withdraw their consent at any time, except for data processing required by Data Protection regulations or necessary for the provision of the contracted service, which does not require such consent. However, this withdrawal does not have retroactive effects, so it will not affect the legality of processing based on consent given before.
 
These rights can be exercised through our Channel (see specific section).
 
Security and Control Measures:
 
General
 
In compliance with data protection regulations, the Travel Agency will process personal data by applying appropriate technical, legal, organizational, and security measures to ensure the confidentiality and integrity of the information it manages, in accordance with current regulations.
 
We appreciate your notification to the Data Protection Officer through the contact information/Channel established in this Privacy Policy of any security risks you may be aware of that could compromise the integrity and confidentiality of personal data and/or confidential information. This allows us to take necessary measures to prevent unauthorized processing, loss, destruction, or accidental damage.
 
Cybersecurity
 
As a specific and complementary concept to the above, the Travel Agency implements cybersecurity measures to prevent and manage potential attacks and fraud by cybercriminals that may threaten the privacy and data protection within the scope of its activities and operations.
 
In this regard, we want to alert you that in the face of possible risky situations arising from communications whose content and/or format raise authenticity concerns, we recommend disregarding them and contacting the Data Protection Officer using the contact details provided in this Privacy Policy.
 
Additionally, any request received from our Agency regarding changes in payment methods, requests for data or contact persons, confidential (non-public) information, banking and/or credit card details, and/or other official data should not be acted upon without direct confirmation from our Agency through an alternative means. We appreciate and rely on your collaboration in reporting and denouncing any notifications related to such requests and other potential cybersecurity risks involving our Agency, as well as any possible security risks of which you may be aware.
 
Channel
 
The Travel Agency has implemented a Channel, demonstrating the highest commitment, rigor, and professionalism in terms of security, experience, independence, and knowledge in handling received communications.
 
The Channel, which includes the use in the field of Data Protection, is implemented through a web platform developed and managed by an independent external expert, providing and ensuring our previous commitments.
 
Through the Channel, you can communicate and process the exercise of your Rights (see previous section) and report any signs or knowledge you may have of potential security breaches, cyberattacks, and/or possible non-compliance or irregularities regarding Data Protection regulations and this Travel Agency Policy.
 
The access details for the Channel are provided at the beginning of this Policy.
 
Supervisory Authority
 
If you have disagreements with the Entity regarding the processing of your data, you have the right to file a complaint with the relevant Data Protection Supervisory Authority. In Spain, this authority is the Spanish Data Protection Agency (www.aepd.es).
 
Support and Assistance
 
Individuals may communicate any doubts about the processing of their personal data or the interpretation of our Policy by contacting the Data Protection Officer (DPO) at the address indicated at the beginning of this Policy.
 

D. RESPONSIBILITIES

By providing the user with this website, we aim to offer a range of quality content and services, using the utmost diligence in their provision and the technological means employed. However, we will not be responsible for the presence of viruses and other elements that may damage the user's computer system.
 
The USER is prohibited from taking any action on our portal that may cause an excessive overload on our computer systems, as well as the introduction of viruses or the installation of robots or software that may disrupt the normal functioning of our website, or ultimately cause damage to our computer systems.
 
For any questions regarding the Terms of Use of our website, you can contact us using the above-mentioned contact information or with our advisors at BONET consulting: www.bonetconsulting.com/servicioslssi.html
 
The Travel Agency has the insolvency guarantee established for package holidays in Art. 252.10 of Law 22/2010, of July 20, of the Consumer Code of Catalonia, formalized through the surety bond number 62709521 with the insurance company AXA Seguros Generales Sociedad Anónima de Seguros y Reaseguros (C/. Monseñor Palmer, 1, 07014 Palma de Mallorca). This coverage, in the event of the Travel Agency's insolvency, covers the effective refund of payments made by travelers who have contracted a package holiday and have not received the corresponding services until the completion of the contracted trip. If transportation is included in the contracted package trip, it also covers repatriation expenses and accommodation expenses prior to repatriation.
 
Procedure in Case of Request for Provision: The request for provision must always be made through the AXA telephone: Provision at the destination and Refund at the origin: From Spain: 911 119 544. Rest of the World: 0034 911 119 544