Book now
Your privacy, always protected
Your privacy, always protected
Book now
Check-in
05/27/2026
Check-out
05/28/2026
Rooms & people
1 room for 2 adults
Promotional code

Hotel Medes II's privacy policy

March 2025

HOTEL MEDES II, SL is committed to protecting the privacy of users who access this website and/or any of its services. Use of the website and/or any of the services offered by HOTEL MEDES II, SL implies acceptance by the user of the provisions contained in this Privacy Policy and that their personal data will be processed as established herein.

Please note that while our website may contain links to other websites or social media platforms, this Privacy Policy does not apply to the websites of other companies or organizations to which our website may redirect. HOTEL MEDES II, SL does not control the content of third-party websites and accepts no responsibility for the content or privacy policies of such websites.

Basic information on data processing

EU Regulation 2016/679 and Organic Law 3/2018

Data controller:

HOTEL MEDES II, SL

NIF: B17736885

C/ Guillem de Montgrí, 38

17258 L'Estartit

Email: info@hotelmedes.com

Purpose of treatment:

To offer and manage tourist accommodation, catering, celebrations and complementary activities.

Legitimation:

Consent obtained from the interested party when they request information from us.

Performance of the service contract when you contract with us.

Compliance with legal obligations.

Recipients:

The data will not be communicated to third parties, unless required by law, necessary to fulfill the purpose of the processing, or the user has given their express consent to communicate them to collaborating companies in tourist activities.

Human rights:

Interested parties have the right to exercise their rights of access, rectification, limitation of processing, erasure, portability and opposition by sending their request to our address.

Data retention period:

While the business relationship is maintained or for the years necessary to comply with legal obligations.

Claim:

Those interested can contact the AEPD to file any complaint they deem appropriate.

Additional information:

You can find additional and detailed information below, in the section “Privacy Questions”.

Questions about privacy

In compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, GDPR, and Organic Law 3/2018 of 5 December on the Protection of Personal Data and Guarantee of Digital Rights, LOPDGDD, we offer you the following information on data processing:

Who is responsible for processing your data?

Identity: HOTEL MEDES II, SL

NIF: B17736885

Address: C/ Guillem de Montgrí, 38 - 17258 L'Estartit

Tel.: 972 750 880

Email: info@hotelmedes.com

For what purpose do we process your personal data?

We process the information provided to us to manage tourist accommodation, catering and complementary activities.

Specifically, we process your data for:

How long will we keep your data?

The personal data provided will be kept while you are a user of our services or wish to receive information, as you can object to the processing of your data for promotional purposes at the time you provide it to us or at any time later, by contacting us at info@hotelmedes.com.

Subsequently, the data will be kept for the periods established to comply with our legal obligations:

What is the legal basis for processing your data?

For the management of the contractual relationship with the interested party, we will base the processing of the data on the execution of the contract or within the framework of the pre-contractual relationship.

For sending commercial information, we will base the processing on your consent. However, if you are already our customer, we may send you information about our products and services, always providing a simple and free way to unsubscribe, in accordance with the provisions of Article 21.2 of Law 34/2002, of July 11, on Information Society Services and Electronic Commerce.

Regarding information submitted by children under 14 years of age, it is essential that this be done with the consent of the child's parent, guardian, or legal representative for the personal data to be processed. Otherwise, the child's legal representative must inform us as soon as they become aware of it.

Regarding the capture of images through the video surveillance system, the legitimacy is given by the legitimate interest of preserving the safety of people and property.

To whom will your data be communicated?

The data will not be disclosed to third parties, unless required by law or necessary to fulfill the purpose of the processing.

In some cases, in order to provide the service properly, it will be necessary to share your data with:

What are your rights when you provide us with your data?

Everyone has the right to obtain confirmation as to whether or not we are processing their personal data.

Interested parties have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.

In certain circumstances, interested parties may request the restriction of the processing of their data. In that case, we will only retain it for the exercise or defense of legal claims.

Also, in certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. In that case, we will cease processing the data, except for compelling legitimate grounds or for the establishment, exercise, or defense of legal claims.

Interested parties also have the right to data portability.

Every interested person shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her.

Finally, interested parties have the right to lodge a complaint with the competent Supervisory Authority.

How can you exercise your rights?

You can exercise your rights by sending a written request, attaching a copy of a document that identifies you, to our physical or electronic address.

How did we obtain your data?

The personal data we process comes from the data subject. The data subject guarantees that the personal data provided is accurate and is responsible for communicating any changes to it.

Data marked with an asterisk will be mandatory in order to provide the requested service.

What data do we process?

The categories of data that we may process in the provision of our services are:

In accordance with Royal Decree 933/2021, of October 26, which establishes the documentary registration and information obligations of natural or legal persons who carry out accommodation activities, we are legally obliged to collect and communicate to the Security Forces and Corps certain data of all guests over 14 years of age.

For this reason, in addition to the data mentioned above, we will also collect:

For children under 14 years of age, their data will be provided by the adult accompanying them, indicating the relationship of kinship where appropriate.

The data required to complete traveler registration is collected using procedures that ensure only the information strictly necessary to comply with this legal obligation is gathered, without retaining additional information or full images of identity documents. The collection and communication of this information is a legal obligation and is essential for providing accommodation services.

In the case of CVs received for selection processes, in addition to basic identification and contact information, we will process the following information that you provide to us:

Data is limited, as we only process the data necessary for the provision of our services and the management of our activity.

Do we use cookies?

We use cookies while browsing our website with the user's consent.

Users can configure their browser to be notified about the use of cookies and to prevent their use. For more information, please see our cookie policy.

What security measures do we apply?

We apply the security measures established in Article 32 of the GDPR. Therefore, we have adopted the necessary security measures to guarantee a level of security appropriate to the risk of the data processing we carry out, with mechanisms that allow us to guarantee the confidentiality, integrity, availability, and ongoing resilience of the processing systems and services.

Some of these measures are:

By booking on the official website you will get:
Best price guaranteed
Best price guaranteed
Free cancellation
Free cancellation
Exclusive discounts
Exclusive discounts
Code promo

What is a promotional code and what is it for?
With a discount code or promotional code, you will get other benefits in addition to the basic rate conditions.

How to use it?
If you already have a code, enter it in the Promotional Code field and start the reservation process. If the reservation meets the conditions of the code, it will be automatically applied to the reservation.

General conditions of use:

  • A promotional code can only be applied to the room and board portion of your reservation.
  • Any discounts associated with your promotional code cannot be applied to the complementary product portion of the reservation.
  • Only one promotional code can be applied to a reservation.
  • The establishment reserves the right to apply or not apply a promotional code.
  • Apart from the general conditions of use, each promotional code has specific conditions. These conditions can be viewed on the campaign or offer information page related to the code (for example, code expiration dates).