In accordance with EU REGULATION 2016/679 OF THE PARLIAMENT AND COUNCIL OF EUROPE OF 27 April 2016 relating to the protection of individuals with respect to personal data processing and the free circulation of this data and by which is repealed Directive 95/46/CE (General data protection regulation), FÖRDE REEDEREI SEETOURISTIK IBERIA, S.L.U. (FRS) whose address is Polígono Industrial de la Vega, c/ La Línea de la Concepción, 3 – 11380 Tarifa, Cádiz (Spain) advises you that the personal data gathered through the web will be subject to processing for the following purposes:
- Tourist package reservation management
- Enabling the provision and performance of the sea transport service through the issue of the appropriate boarding cards and the sending of information relating to it.
- Sending advertising related to the services as well as for subscription to our newsletter with the aim of keeping you informed about our offers and news that might be of interest. Similarly, the data will be used for any marketing campaigns on social networks and also for draws and awarding prizes.
The legal bases that legitimise the personal data processing are:
· The fulfilment of a contract and/or commercial relationship
· For compliance with the various legal obligations that FRS is obliged to meet
· For legitimate interest deriving from all types of safety motives, improving our services, managing your information requests, claims and fraud management.
The data that we request, both your own and that of people accompanying you on the trip, are adequate, relevant and strictly necessary to achieve the ends described. Any online reservation will be confirmed automatically by email. You can request a full summary of your online reservations stored in the system. You have the right to withdraw the consent at any time, without it affecting the legality of the processing based on the consent prior to its withdrawal. We also guarantee the authenticity, accuracy and veracity of all the information provided to us, undertaking to keep the data you supply to us up to date so that at any time it reflects the actual situation. You will therefore be solely responsible for false or inaccurate statements and for any damage that these might cause.
We will conserve the data while there is a contractual or commercial relationship with you, or while you do not exercise your right to deletion, cancellation and/or restriction of the data processing. Once this conservation period has elapsed, FRS will remove, destroy, block or give your personal data a pseudonym. In the case of blocking, your information will always be kept without giving it any use or carrying out any processing, as this information may be useful for processing complaints or some type of judicial, legal or contractual responsibility might arise from its processing that must be addressed and for which reason it may be necessary to recover it.
Assignment of data
The data that is provided to us may be assigned to Ferrys Rápidos del Sur, S.L.U. for provision of the above-mentioned services.
Users are also advised that their data will be transferred to the company The Rocket Science Group, LLC solely for the provision of the newsletter via MailChimp.
If you are a member of a large family, military or resident in Ceuta, your data may be forwarded to the competent authorities for the purposes of managing the appropriate allowances.
Your personal data will be made available to the competent Spanish authorities, independent of whether the transport is carried out interchangeably to or from Ceuta, Melilla or any other point of Spanish territory. In the event of participating in excursions to Moroccan territory, the data may be transferred to the local authorities in that country.
If you reserve a trip with us, we will ask your name, gender, address and other contact details and password. The law obliges us to send the port authorities a list of all passengers and vehicles on board. For this we need the gender, nationality, date of birth and ID document of each passenger.
If you pay with a credit card, the data will be encoded and will be transferred to our payment partners. Any personal data about you will only be used internally within the FRS group and will not be assigned to third party companies and bodies apart from those expressed here.
We are advising you that your personal data will be transferred to the insurance company MAPFRE for the purposes of managing the travel assistance cover that our company offers when contracting our services.
Finally, if you send us a CV for a job application, this will go on to become part of a file the owners of which will be Förde Reederei Seetouristik Iberia S.L.U. The purpose of the file is the selection of personnel and when you send us this information spontaneously you are giving your express consent for your data to be available in future personnel recruitment, contracting or selection processes. In addition, this data will be transferred to Ferrys Rapidos del Sur, S.L.U. for the same purpose.
Exercise of rights
You will be able to exercise the rights of access, rectification or deletion, processing restrictions, cancellation or objection, as well as your right to portability, at FRS, Polígono Industrial de la Vega, c/ Línea de la Concepción, nº 3, 11380 – Tarifa (CÁDIZ) and through our DATA PROTECTION OFFICER at the email address: [email protected] Equally, you will have the right to present a complaint to the Spanish Data Protection Agency, either through the electronic headquarters of their web portal (www.agpd.es), or by writing to them at their postal address (c/ Jorge Juan, 6, 28001 - Madrid). Exercising your rights provided for in the Personal Data Protection legislation may be done in Spanish, French, English or German.
With the purpose of safeguarding the security of your personal data, we are notifying you that the FRS has adopted all measures of a technical and organisational nature necessary for guaranteeing the IT safety of the personal data supplied, including among other things:
1) The giving of a pseudonym and encryption of personal data when appropriate
2) The ability to guarantee the confidentiality, completeness, availability and permanent resilience of the processing systems and services.
3) The ability to restore availability and access to personal data rapidly, in the event of a physical or technical incident.
4) A regular checking, assessment and evaluation process of the efficiency of technical and organisation measures in guaranteeing the security of processing.