Back to login

Privacy Policy

Last updated July 24th, 2024

This Privacy Policy, applicable to the Guestin App (“we”, “us”, or “our”), outlines how and why we may collect, store, use, and/or share (“process”) your information when you engage with our services provided through the Guestin application (“Services”) in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”). Such engagements include when you: (a) download and use Guestin or any other application of ours that links to this Privacy Policy; (b) contact us to personalize, enhance, or monitor your experience as an event guest; or (c) interact with us via Customer Support or in any other way related to Guestin or our Services.

Reading this Privacy Policy will help you understand your privacy rights and choices. If you disagree with our policies and practices, please refrain from using our Services. Should you have any further questions or concerns, please contact us at assistme@guestin.io

We may update this Privacy Policy from time to time to ensure compliance with applicable laws or to add relevant amendments or enhancements. Each updated version will be marked with a “Last updated” date and will take effect as soon as it is accessible. If there are material changes to this Privacy Policy affecting your rights, then we will send you a notification in order to obtain your prior express consent to the changes. We encourage you to frequently review this Privacy Policy to stay informed about how we are protecting your information.

  1. Who is the data controller of your information?

Antonio Puig S.A., Spanish company in Plaza Europa, 46-48, 08902, L’Hospitalet de Llobregat, con NIF ESA08158289, acts as the data controller for the information we collect through our Services. As the data controller, we are responsible for overseeing how your personal information is collected, stored, processed, and shared, ensuring compliance with GDPR and other applicable data protection laws and regulations. Our responsibilities include making decisions about how your personal information is used, ensuring that it is handled lawfully, transparently, and for specific purposes as outlined in this Privacy Policy. When you provide us with your personal information, we ensure that it is used only in accordance with the provisions set forth in this Privacy Policy.

Should you have any questions or comments regarding this Privacy Policy, please feel free to reach out to via email at assistme@guestin.io. Alternatively, you can contact us in our address above adding “Privacy” in the subject of your letter. We are committed to ensuring your privacy and managing your data responsibly, and we welcome any inquiries or feedback regarding our privacy practices.

  1. What personal information do we collect from you?

We collect personal information that you voluntarily provide to us. This includes details you submit when you register for our Services, directly as a result of your access to the AC37 Club Hospitality area (the “Facilities”) and/or experiences associated with the competition and their use, when you participate in activities related to the Services, or when you contact us directly. We may also collect information initially gathered by a company (“Client”) that has invited you to an event, celebration, social, sports, cultural, or other activity that prompts your access to the Facilities (“Experience”) and which may be shared with us for any of the purposes stated below.

The personal information we collect is influenced by your interactions with us and the Services, the choices you make, and the features you use. Typically, this information may include your name and surname, phone numbers, and email address when you sign up as a user of Guestin. We do not process sensitive personal information. Equally, in the course of providing our Services, we may collect and process personal information of your companions (including minors at times) who may access the Facilities. In this case, you represent and warrant that you have obtained the express consent of such companions to process their data in the manner specified in this privacy policy.

When you use Guestin, we may also collect additional information, provided you grant us access or permission through your mobile device, which includes:

  1. Mobile Device Access: We might request access to specific features on your mobile device, such as your calendar, reminders, and other functionalities. You have the option to modify our access or permissions through your device's settings.

  1. Mobile Device Data: We automatically gather data about your device, including your mobile device ID, model, manufacturer, operating system, version information, and system configuration details, as well as device and application identification numbers, browser type and version, hardware model, Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you use our applications, we might also collect data related to the phone network associated with your mobile device, the operating system or platform of your device, the type of mobile device you use, your mobile device’s unique ID, and details about the features of our applications that you accessed.

  1. Push Notifications: We may send push notifications regarding your account or specific features of the application(s). You can opt-out from receiving these notifications by disabling them in your device's settings.

It is important that all personal information you provide is accurate, complete, and up to date for the best possible guest experience. Please notify us immediately of any changes to your personal information.

  1. How do we process your personal information?

We process your information to provide, enhance, and manage our Services, communicate with you, ensure security and comply with legal obligations. As previously mentioned, the way we process your personal information varies based on your interactions with our Services:

  1. Account Management: We use your information to facilitate account creation and authentication. This allows you to create, log into, and maintain your account, ensuring it functions smoothly and remains secure.

  1. Delivery of Services: We process your information to deliver the Services you have requested. Essentially, our Services focus on providing the best experience as a visitor to the Facilities or, when applicable, as an invited guest to the Experience on behalf of the Client. This includes facilitating the management of your access ticket to the event as well as any other leisure or transportation activities related to your access to the Facilities, as well as in general any other activities necessary to provide personalized service features directly to you.

  1. Customer Support: We use your information to respond via telephone and / or email to your inquiries and address any issues you may encounter with our Services. This ensures that you receive comprehensive support and a better guest experience. Additionally, we may use your information to keep you informed and send you updates about other events, happenings, and activities that may take place at the Facilities and may be of interest to you. If you do not wish to continue receiving this information, you can opt out by following the instructions provided in the messages you receive.

  1. Order Management: We process your information to efficiently handle your orders and reservations with third-party service providers. This may include but not be limited to coordinating restaurants, transportation options, securing and managing tickets for cultural or entertainment events, and booking accommodations.

Each of these processing activities is conducted with diligent respect for your privacy and in strict compliance with applicable data protection laws. Our objective is to manage your information responsibly and transparently, giving you control over your personal data and ensuring the optimal experience.

  1. What legal grounds do we rely on to process your personal information?

We process your personal information strictly in accordance with the legal grounds provided under GDPR. We engage in the processing of your data when it is necessary and when we have legitimate legal grounds to do so.

We process your personal information based on your consent for the specific purposes stated above. You have the right to withdraw your consent at any time, which will cease any further processing of your data for those purposes for which you originally consented. Learn more about withdrawing your consent in point 8 below.

In addition to, we process your personal information to fulfil our contractual obligations to you, such as providing our Services. This ensures that we can manage our contractual relationship effectively and deliver the services you expect from us.

  1. Who do we share your personal information with? When and under what circumstances?

We may share your personal information in specific circumstances with various third parties who assist in delivering our Services. This includes sharing information for coordination with the Client, managing access to the Facilities, ticket management, managing guest requests, and other related Services. We collaborate with a range of third-party vendors, service providers, consultants, and agents who perform tasks on our behalf. These parties may need access to your information to effectively provide their Services which you have given consent. The categories of third parties with whom we may share your personal information include:

  1. Client: To coordinate and confirm your access to the Guestin guest experience as well as to enhance and monitor your satisfaction as a guest on behalf of the Client.

  1. Event Organizers: To facilitate your participation in events, manage tickets, and enhance your Experience.

  1. Technical and service providers who assist us in the management and maintenance of the Guestin application.

  1. Hospitality and travel service providers and other leisure activities: This includes but may not be limited to restaurants, hotels, and transportation services to manage reservations and travel arrangements as part of your access to the Facilities or the Experience.

  1. Security services located at the Facilities, in order to ensure the physical safety of the people accessing them, their belongings, and the properties located therein.

By sharing this information, we aim to provide a seamless and comprehensive Service, ensuring that all aspects of your access to the Facilities or your participation in the Experience are managed efficiently and effectively.

Moreover, please bear in mind that your data may be transferred, in the cases previously mentioned, to companies located within the European Economic Area ("EEA"). In the event that international transfers are made outside of the EEA, these transfers will be carried out based on the execution of standard contractual clauses for data protection adopted by the European Commission for international transfers, in order to ensure the protection of your personal information.

  1. What is the retention period of your personal information?

We retain your personal information only as long as necessary to fulfil the purposes outlined in this Privacy Policy, or as required by law. This includes meeting legal, accounting, or other regulatory requirements. We will not keep your personal information for longer than the duration for which you have an account with us unless a longer retention period is mandated by law. Therefore, and provided that there are no other outstanding legal obligations or responsibilities, we will proceed to cancel your personal data until you request its deletion or revoke your consent, or up to five years after your last commercial transaction with us.

Upon cancellation of your personal information we will implement data blocking by identifying and reserving your data while adopting technical and organizational measures to prevent its processing, including viewing, except to make it available to judges, courts, public administrations, especially data protection authorities, for addressing potential liabilities related to the processing. This data will be kept only for the general prescription period prescribed by law for contractual obligations (5 years), after which it will be completely erased.

  1. What security measures do we apply to your personal information?

We are committed to safeguarding your personal information through organizational and technical security measures in line with GDPR requirements. Thus, we have implemented state-of-the-art technical and organizational measures to ensure the protection of the personal data we process. These measures are specifically designed to secure your personal information against unauthorized or unlawful processing, accidental loss, destruction, or damage.

Despite our comprehensive security strategies, it is important to recognize that the transmission of information via the internet is not completely secure. As stated by GDPR, we continuously work to strengthen our security measures, but we cannot guarantee the absolute security of your data transmitted to our Services. Consequently, any data transmission carries inherent risks and is carried out at your own risk.

We advise you to ensure secure usage of our Services by accessing them within a protected environment and maintaining vigilance over the security of your own digital devices. We encourage you to be cautious about the information shared and to use strong, unique passwords for your accounts.

  1. What are your privacy rights?

You are granted with comprehensive rights concerning your personal data under the GDPR, which ensures you have substantial control over your information. Such rights include the following:

  1. Right to Access: You have the right to access your personal data to understand which data are being processed and the processing operations that are being performed.

  1. Right to Rectification: You can request the correction of any inaccurate personal data we hold about you.

  1. Right to Erasure: Also known as the 'right to be forgotten,' this allows you to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or you withdraw consent.

  1. Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data where the accuracy, legality, or necessity of the data processing is doubtful. In such cases, we may retain your data for the exercise or defence of legal claims.

  1. Right to Data Portability: This right allows you to receive your personal data in a structured, commonly used, and machine-readable format and have it transferred to another controller, particularly when processing is based on contractual relationships or your consent.

  1. Right to Object: You have the right to object to the processing of your personal data based on legitimate interests. We will cease processing your data unless we have a compelling legitimate reason, or it is needed for legal claims.

  1. Right to Withdraw Consent: You may withdraw your consent at any time, effectively stopping any processing based on it.

To exercise any of these rights, please contact us at assistme@guestin.io indicating the right you wish to exercise and providing your personal details. There is no charge for exercising your rights.

If you believe your data has not been processed appropriately, you can reach out to us and we will do our best to solve any problem or issue that you might have had. Should you feel that your data protection rights have been breached, you also have the right to lodge a complaint with the Spanish Data Protection Agency (www.aepd.es).

Back to login