Privacy statement

By using our services, you entrust your data to us. We know that this is a great responsibility and we make the maximum effort to protect your information and to allow you to control it.

The purpose of this Privacy Statement is to inform you about what data we collect from you, why we collect it, who we share it with, for how long, the legal basis of processing it and how we protect it. It also tells you how you can exercise your rights over that data and how to contact us if you have any concern or enquiry regarding the privacy of your information.


Who is the data controller?

The following conditions apply to the services of RIU Hotels, including those offered on this website and on all the RIU Hotels websites and mobile applications, as well as the services offered at our call centre.

By reading and accepting this Privacy Statement, users are informed of how RIU HOTELS collects, processes and protects the personal data that is provided to it through the website www.riu.com and any other belonging to RIU HOTELS (hereinafter, “the websites”), through RIU HOTELS applications (hereinafter, “the apps”), as well as data deriving from connecting to and browsing the websites (hereinafter, “browsing”) and any other data that users may provide in the future to RIU HOTELS through the accommodation contract or any other means available through our call centre.

Users must read this Privacy Statement carefully, which has been written in a clear and simple way to make it easy to understand, and decide, freely and voluntarily, if they wish to provide their own details or those of third parties to RIU HOTELS.

For all data processing carried out through our websites, call centre and any other information exchange with our customers through websites belonging to RIU HOTELS, the data controllers are, jointly, the companies RIUSA II, S.A and RESERVATION SHOP, S.L.U. In addition, all the companies listed in the Terms and Conditions also act as joint data controllers for this data processing in order to market hotel services according to the booked hotel’s destination.


For what purposes do we process the data you give us?

RIU HOTELS may process the data for the following purposes, according to the request the user makes or the functionality he/she uses:

1. When you contact us to make a booking at our hotels, either through the website or the call centre.

2. When contacting us to manage your booking:

3. When you subscribe to our newsletter:

4. When you join our loyalty programme, Riu Class:

5. When interacting with our blog posts:

6. When interacting with us on social media:

7. When registering in our Press area:

8. When requesting a wedding quote:

9. When contacting us to report an incident or complaint:

10. When engaging with us as a professional travel agency at RIU Pro and RIU Partner Club

In all data processing conducted through our websites, we analyse usage and verify the users’ preferences and behaviour to show content that matches their preferences.


What user data does RIU Hotels process?

RIU HOTELS may process the following user data, according to the purpose of our services and the functionality used by the user:

1. When you contact us to make a booking at our hotels, either through the website or the call centre.

2. When contacting us to manage your booking.

3. When you subscribe to our newsletter.

4. When you join our loyalty programme, Riu Class.

5. When interacting with our blog posts.

6. When interacting with us on social media.

7. When registering in our press area.

8. When requesting a wedding quote:

9. When contacting us to report an incident or complaint.

10. When engaging with us as a professional travel agency at RIU Pro and RIU Partner Club.

In addition, in any information request form we process the basic details of the request: Name and surname, e-mail address, telephone, message and which RIU Hotels department it is addressed to.

Some functions of the RIU Hotels app enable the geolocation of the device (tablet, smartphone etc.) that it is installed on. The user can disable this option on the device itself. However, deactivating the location may prevent the use of some of the app’s functionality.

If the user sends data about third parties, he/she expressly states that he/she has their consent and undertakes to provide the interested party, the holder of that data, with the information contained within this Privacy Statement and exempting RIU HOTELS from any responsibility in this regard. However, RIU HOTELS may carry out the verifications needed to confirm this and adopt the corresponding due diligence measures in accordance with data protection legislation.


What is the legal basis for processing personal data?

1. When you contact us to make a booking at our hotels, whether through the website or the call centre, the consent you give us on accepting this statement. with a legitimate interest we can send you birthday greetings in order to better meet expectations and increase the level of satisfaction.

2. When you contact us to manage your booking, the consent you give us on accepting this statement.

3. When you subscribe to our newsletter, the consent you give us on accepting this statement.

4. When you join our loyalty programme, Riu Class, the consent you give us on accepting this statement.

5. When you interact with our publications on our blog, the consent you give us on accepting this statement.

6. When you interact with us on social media, the consent you give through the social network.

7. When you subscribe to our press area, the consent you give us on accepting this statement.

8. When you request a wedding quote, the consent you give us on accepting this statement.

9. When you contact us to report an incident or make a complaint, the consent you give us on accepting this statement.

10. When engaging with us as a professional travel agency at RIU Pro and RIU Partner Clubthe consent you give us on accepting this statement.

In general, as you browse our websites and apps, we have a legitimate interest in storing your IP address and the activity carried out.

The purpose of this data processing is based on carrying out analysis of the use of the website and verifying user preferences and behaviours in order to show content that matches their preferences.


How long do we store your data?

In general, the personal data to which we have access is processed for the amount of time necessary to fulfil the purpose for which it was collected. Then, RIU Hotels will hold duly blocked personal data after it is no longer relevant to the purposes for which it was collected, in order to make it available to the competent public authorities, judges or tribunals, or the tax administration, for the duration of the limitation period of the actions that may derive from our relationship with the customer and/or the legally established storage periods. RIU Hotels will proceed to physically delete the data once those periods have passed.


Who do we share your personal data with?

In general, all the information collected from our websites and call centre is managed by companies that are part of, or affiliated with, the RIU Hotels group, all of which are in the hospitality sector. In addition, your data will be communicated to the bodies to which the hotels belong, in order that they know the conditions of your stay (price, dates, services included etc.). Some of them may be situated outside of the European Economic Area, including in countries which do not have a comparable level of protection to that of Spain, with the sole purpose of being able to render you the services appropriately.

Some of our companies may be located outside the European Economic Area, and in this case any international data transfers are duly authorised, according to the details listed below:

Personal data processing Company and location of information systems Contractual measures and authorisation
Global call centre management MX RIUSA Internal contractual measures in the RIU Hotels group.
Management of the call centre that serves local requests in Morocco. SOCIEDAD MARRUECOS Internal contractual measures in the RIU Hotels group.
Marketing e-mail delivery provider. EXPERIAN Contractual measures with the provider. Assurance of the supply chain with third parties.
Storage of personal data in blogs and wedding services. JOOPBOX or MARKSITE Contractual measures with the provider. Assurance of the supply chain with third parties.

In complaint management, data is managed only by the After-Travel Customer Service department, and the data is only processed for that purpose. Data may only be made available to the public authorities for legal reasons. You can contact us at crm@riu.com

To be able to travel, it may be compulsory (due to being a requirement of the government authorities in the points of departure and/or arrival) to disclose and process your personal data for the purposes of immigration, border control, security and anti-terrorism, or any other purpose that those authorities deem appropriate. Certain countries only allow you to travel if you provide your passenger details in advance (for example, the Caribbean Community and United States security with flight details). These requirements may change, depending on your destination and we recommend checking them. We may share the minimum necessary personal data with other public authorities if there is a law that obliges us to do so, or if we are legally authorised to do so.


Cookies

Cookies and identification of devices.

The RIU Hotels & Resorts websites use cookies, which are small encrypted text files stored on the computer or device (smartphone, tablet, smartTV etc.) that the user accesses the website with. They are saved on the hard drive or storage system and your browser may use them in the future. Your browser settings allow you to accept or refuse the installation and/or use of cookies.

If you use or access our website, you consent to the use of cookies by RIU Hotels & Resorts and the third parties that offer advertising services. This page lists the tools that allow you to configure your browser correctly.

Types of cookies used by RIU Hotels & Resorts.

On the RIU Hotels & Resorts websites, we use different types of cookies, some of which are strictly necessary in order to provide some of our services via the website and to ensure certain aspects of security (for example, we need to use this technology for you to make a booking with us). We also have functionality and performance cookies which allow your visit to our website to adapt to your needs and use, as well as to improve performance so that your experience is satisfactory.

At RIU we use cookies for the following purposes:

Manage your cookies.

You can see, delete or manage the cookies stored on your device, as well as block cookies from RIU or associated third parties or any other website. Internet browsers let you install only cookies from the websites you visit or block third party advertising cookies.

Through these links, you can find information about how to configure your browser:

Be aware that if you block certain cookies, it may affect the quality of your experience on our websites.

If you would like more information about how to manage advertising cookies, visit www.youronlinechoices.com where you can set your general preferences with the main advertising service providers.


Legal age and capacity

The user declares that he/she is over 16 years of age (expressed as “legal adult” in any potential documentation from RIU Hotels) and therefore has the necessary legal capacity to engage the services offered on the website in accordance with the contracting terms and conditions https://www.riu.com/terms


How RIU Hotels protects your personal data

RIU Hotels will at all times process users’ data with absolute confidentiality and honour the compulsory duty to keep it secret, in accordance with the provisions of the applicable legislation. It will, to this effect, adopt the necessary technical and organisational measures that guarantee the security of your data and prevent its unauthorised alteration, loss, processing or access, taking into account the development of technology, the nature of the stored data and the risks to which it is exposed.


What are your rights over your personal data

You have the right to obtain confirmation of whether we are processing your personal data or not and, if we are, to access it. You may also request that your data is corrected if it is inaccurate or completed if it is incomplete, and request its deletion when the data is no longer needed for the purposes for which is was collected, among other reasons.

In certain circumstances, you can request limitation to the processing of your data. In this case, we will only process the data affected by lodging, pursuing or defending a complaint or with a view to protecting the rights of other people. In certain conditions and for reasons related to your specific situation, you may also oppose the processing of your data. In this case, we will stop processing your data except for compelling legitimate reasons that override your interests or rights and freedoms, or to lodge, pursue or defend a complaint. In addition, and under certain circumstances, you may request that your data is made portable so that it can be transferred to another data controller. You may also revoke the consent you gave for certain purposes (for example, marketing communications), without that affecting the legality of the data processing based on consent prior to its withdrawal.

To request and exercise your rights, send an e-mail to privacy@riu.com

In addition, if you believe that we have not met the terms of this Privacy Statement, you can contact the RIU HOTELS Data Protection Officer at the e-mail address dpo@riu.com. You also have the option of making a complaint to the competent supervisory authority, following the procedure set out by that authority in your country.


Changes to our declaration

Version updated on 27 May 2020. Statement written in accordance with the General Data Protection Regulation GDPR 2016/679 and our data security policies and directives. The current content replaces all previous versions. We may modify the Statement at any time, so please check our websites regularly for any updates. If the changes are significant, we will post a prominent notification on our websites.