GDPR summary
This page outlines our GDPR approach: transparency, security, and respect for your rights.
Controller & contact
- Controller: ¡HolaOlas! (platform operator).
- Contact for GDPR requests: via the Contact page.
- Developer contact: renegrenon@gmail.com
Legal bases
- Contract: managing accounts, bookings, and payments.
- Consent: optional communications.
- Legal obligation: invoicing, fraud prevention.
Processors & transfers
- Essential processors (hosting, Stripe, emailing, Google Calendar for booking synchronization).
- Google Calendar: used only if you voluntarily enable synchronization. Booking data is synced with your Google Calendar according to your settings.
- Standard contractual clauses used when data leaves the EU.
Security
- Encryption in transit (HTTPS) and application-level access controls.
- Security logs kept for a limited time to detect abuse.
Data subject rights
- Access, rectification, deletion, objection/limitation, portability.
- Withdraw consent at any time (no retroactive effect).
- You may lodge a complaint with your local authority.
How to exercise
- Send your request via the Contact page and mention the email concerned.
- We will reply within legal timeframes unless the request is manifestly abusive.