Policy · GDPR
Privacy Policy
At Balearic Experience we respect your privacy and are committed to protecting your personal data in accordance with Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 on the Protection of Personal Data and the guarantee of digital rights (LOPDGDD).
1. Data controller
- Registered name:
- CIF:
- Registered office: , Palma de Mallorca, Spain
- Email: privacidad@balearicexperience.com
- Website: https://balearicexperience.com
2. Purpose of processing
We process the personal data you provide for the following purposes:
- To respond to your request for information or enquiry sent via form, email or WhatsApp.
- To prepare and send you proposals for itineraries and concierge services.
- To manage the provision of the services you book (yacht, villa, helicopter, transport, dining, experiences).
- To coordinate bookings with selected external suppliers (yacht owners, villa owners, restaurateurs, operators).
- To comply with legal tax and accounting obligations.
- Where you consent, to send you commercial communications about new experiences or seasonal availability.
3. Legal basis
- Consent of the data subject when completing forms or initiating contact.
- Performance of a contract for the provision of concierge services.
- Legal obligations that apply (invoicing, tax withholding).
- Legitimate interest in responding to enquiries and maintaining the client relationship.
4. Retention periods
Data will be kept for as long as necessary to fulfil the stated purpose and, thereafter, for the periods required by law (a minimum of 6 years for tax and commercial records, art. 30 of the Spanish Commercial Code).
5. Recipients of the data
To provide the service you book, we may share your data with:
- External tourism service providers (yacht owners, villa owners, helicopter operators, transport companies, restaurants, wineries), strictly for the provision of the booked service.
- Data processors under contract (web hosting, transactional email, tax advisers).
- Public authorities, in compliance with legal obligations.
We do not carry out international data transfers outside the European Economic Area, except where strictly necessary to provide the booked service (e.g. a booking with an international operator). In such cases, the appropriate safeguards set out in the GDPR apply.
6. Your rights
You may exercise your rights of access, rectification, erasure, objection, restriction of processing and portability by sending a written request to privacidad@balearicexperience.com, enclosing a copy of your ID or equivalent identification document.
You are also entitled to lodge a complaint with the Spanish Data Protection Agency (AEPD) if you consider that the processing does not comply with current legislation.
7. Data security
We apply appropriate technical and organisational measures to ensure a level of security suited to the risk, including encryption in transit (HTTPS), access control, backups and retention policies. Web form data is hosted on servers located within the European Union (Frankfurt, Germany) through Supabase Inc. under a data processing agreement.
8. Cookies
This website uses cookies. For more information, please see our Cookie Policy.
9. Amendments
This policy may be updated to reflect changes in legislation or operations. We recommend that you review it periodically. The date of the last update is shown at the top of this document.