POLÍTICA DE PRIVACIDAD

En cumplimiento de lo dispuesto en REGLAMENTO (UE) 2016/679 DEL PARLAMENTO EUROPEO Y DEL CONSEJO de 27 de abril de 2016, relativo a la protección de las personas físicas en lo que respecta al tratamiento de datos personales y a la libre circulación de estos datos (en adelante, “RGPD”) y la Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y garantía de los derechos digitales (en adelante, “LOPD-GDD”), STAYFORLONG, S.L. (en adelante, “STAYFORLONG” o “Responsable del Tratamiento”) le informa de lo siguiente en relación con sus datos de carácter personal que nos facilite de forma voluntaria a través de es.stayforlong.com:

RESPONSABLE DEL TRATAMIENTO: STAYFORLONG, S.L., con NIF B-66460536, domicilio social en Ronda Sant Pere, 17, 08010, Barcelona (Barcelona, España) y contacto legal@stayforlong.com, es la entidad Responsable del Tratamiento de sus datos de carácter personal.

Para cualquier cuestión relacionada con la presente Política de Privacidad, puede contactar con STAYFORLONG en la dirección postal indicada o a través de la dirección de correo electrónico habilitado a tal efecto legal@stayforlong.com.

DELEGADO DE PROTECCIÓN DE DATOS: El Responsable del Tratamiento le informa que ha designado un Delegado de Protección de Datos (en adelante, “DPD”) para dirimir cualquier duda, queja o sugerencia sobre el tratamiento de sus datos personales. Puede ponerse en contacto con el DPD a través de la siguiente dirección: legal@stayforlong.com.

TIPOLOGÍA Y ORIGEN DE DATOS DE CARÁCTER PERSONAL:

STAYFORLONG tratará los datos de carácter personal que se describen a continuación:

(1) DATOS PERSONALES DEL USUARIO:

Son aquellos datos personales que usted nos facilite de forma voluntaria a través del presente Sitio Web, ya sea mediante el formulario de contacto o a través del correo electrónico corporativo facilitado o, en su caso, a través del registro habilitado. En este caso, la tipología de datos tratados por STAYFORLONG corresponde a:

  • Datos identificativos: nombre y apellidos, DNI/Pasaporte, imagen, firma, etc.
  • Datos identificativos de familiares del Usuario: nombre y apellidos, DNI/NIE/Pasaporte, etc.
  • Datos de características personales: género, fecha de nacimiento, etc.
  • Datos de contacto: dirección postal, correo electrónico corporativo, correo electrónico personal, teléfono, etc.
  • Datos profesionales y/o académicos: puesto de trabajo, categoría profesional, datos corporativos relativos a la empresa para la que trabaja/colabora, estudios, experiencia profesional, otros detalles de empleo, información fiscal para facturas, información incluida en el cv, etc.
  • Datos económicos, financieros y de facturación: datos bancarios, número de cuenta, otra información económica vinculada a la relación contractual o comercial.
  • Datos sobre información comercial: información vinculada a los productos o servicios en los que el Usuario muestre interés, solicitudes de información, suscripción a newsletters, datos de la reserva, el historial de su contacto con atención al cliente, reclamaciones de reservas, etc.
  • Datos sobre sorteos y concursos: datos necesarios para gestionar inscripciones, participaciones, selección de ganadores, entrega de premios, contenidos enviados para poder participar, objeto del concurso, perfil en redes sociales, etc.
  • Datos de redes sociales: nombre del Usuario, perfil de Usuario, mensajes, interacciones, participación en campañas, contenidos compartidos o enviados de forma voluntaria por el Usuario.
  • Datos contenidos en los mensajes o comunicaciones del Usuario: consultas, sugerencias, reclamaciones u otra información facilitada a través de los formularios disponibles en el Sitio Web o mediante los canales de contacto habilitados.
  • Datos de la cuenta del Usuario: nombre Usuario y contraseña.
  • Datos sobre opiniones: opiniones y comentarios sobre la reserva y fotos subidas.
  • Datos de geolocalización.

(2) DATOS PERSONALES DE OTROS VIAJEROS:

Es posible que usted nos facilite datos de otros viajeros con la finalidad de hacer una reserva que incluya otros viajeros. El Responsable del Tratamiento le solicita que no lo haga sin antes tener la autorización de estos y que además se asegure de proporcionar dichos datos de manera exacta y veraz. En este caso, la tipología de datos tratados por STAYFORLONG corresponde a:

  • Datos identificativos de familiares del Usuario: nombre y apellidos, DNI/Pasaporte, etc.

(3) DATOS RECOGIDOS DEL USUARIO MEDIANTE COOKIES Y/O TECNOLOGÍAS SIMILARES:

Son aquellos datos que se almacenan fruto de su navegación en nuestro Sitio Web, puede encontrar más información en relación a las categorías de datos tratados y tipología en: [ENLACE DE LA POLÍTICA DE COOKIES].

(4) DATOS PERSONALES DEL USUARIO RECIBIDOS POR PARTE DE TERCEROS:

En algunos casos, el Responsable del Tratamiento podría recibir datos del Usuario por parte de terceros como bedbanks, alojamientos, hoteles, colaboradores y/o empresas del grupo, con la finalidad de prestar los servicios contratados por el Usuario y gestionar las reservas correspondientes, incluyendo reclamaciones y demás finalidades incluidas en esta Política de Privacidad.

Algunos de los alojamientos anunciados en es.stayforlong.com su reserva podría estar disponibles en sitios web de terceros (“terceros colaboradores”). En estos casos, cuando el Usuario seleccione una oferta o realice determinadas acciones relacionadas con la reserva, podrá ser redirigido a plataformas externas de estos terceros colaboradores como:

Estas reservas se gestionarán bajo su propia política de privacidad. No obstante, en este caso concreto, los terceros colaboradores compartirán con STAYFORLONG determinada información relacionada con la reserva.

Mientras no se nos comunique lo contrario, entenderemos que los datos facilitados no han sido modificados, que usted se compromete a notificarnos cualquier variación y que tenemos su consentimiento para utilizarlos para las finalidades mencionadas.

Los formularios puestos a su disposición pueden rellenarse en el idioma que usted desee, sin embargo, STAYFORLONG no se hace responsable de los errores o de la imposibilidad de atender su solicitud debido al uso de un idioma inadecuado. La cumplimentación de los formularios, así como de cualquier otro cuestionario que pueda facilitarse en un futuro, es totalmente potestativa, no obstante, la negativa a facilitar determinados datos, podrá suponer la imposibilidad de cumplir con su petición.

FINALIDADES Y BASE DE LEGITIMACIÓN:

Las finalidades y base legal de los tratamientos de datos que lleva a cabo STAYFORLONG como Responsable de Tratamiento son exclusivamente las que se describen a continuación:

  • a) Gestión de la cuenta del Usuario (base de legitimación: EJECUCIÓN CONTRACTUAL).
  • b) Gestión de consultas y requerimientos web (base de legitimación: CONSENTIMIENTO EXPRESO e INTERÉS LEGÍTIMO).
  • c) Gestión de la relación con los clientes potenciales (base de legitimación: APLICACIÓN DE MEDIDAS PRECONTRACTUALES).
  • d) Gestionar la relación con los clientes, incluyendo la gestión y tramitación de las reservas y su seguimiento, facturación, atención al cliente, servicio postventa y gestión de reclamaciones relacionadas con las reservas, gestionar el servicio de atención al cliente, etc. (base de legitimación: EJECUCIÓN CONTRACTUAL).
  • e) Comercialización de productos y/o prestación de los servicios (base de legitimación: EJECUCIÓN CONTRACTUAL).
  • f) Envío de comunicaciones comerciales y/o informativas (base de legitimación: CONSENTIMIENTO EXPRESO).
  • g) Gestionar candidaturas en procesos de selección de STAYFORLONG (base de legitimación: APLICACIÓN DE MEDIDAS PRECONTRACTUALES y CONSENTIMIENTO EXPRESO).
  • h) Gestionar su participación en los sorteos, concursos o promociones organizadas por STAYFORLONG, gestionar el premio y la publicación del ganador (base de legitimación: CONSENTIMIENTO EXPRESO).
  • i) Gestión de eventos, formación y acciones corporativas (base de legitimación: CONSENTIMIENTO EXPRESO).
  • j) Atender los derechos de Protección de Datos (base de legitimación: OBLIGACIÓN LEGAL DEL RESPONSABLE DEL TRATAMIENTO).
  • k) Permitir el funcionamiento del Sitio Web a través de cookies para las finalidades descritas en la Política de Cookies (base de legitimación: CONSENTIMIENTO EXPRESO).
  • l) Realización de estadísticas anónimas respecto de los hábitos de acceso y la actividad desarrollada por los Usuarios (base de legitimación: INTERÉS LEGÍTIMO).
  • m) Realización de encuestas de satisfacción (base de legitimación: INTERÉS LEGÍTIMO).
  • n) Comunicación de los datos a empresas del grupo para fines administrativos y de gestión (base de legitimación: INTERÉS LEGÍTIMO).
  • o) Cumplimiento de las obligaciones legales (base de legitimación: OBLIGACIÓN LEGAL DEL RESPONSABLE DEL TRATAMIENTO).

Su consentimiento expreso podrá ser revocado en cualquier momento, sin que ello afecte a la licitud del tratamiento basado en el consentimiento previo a su retirada.

MENORES DE 18 AÑOS:

Le informamos que el uso de los formularios disponibles en es.stayforlong.com está limitado a Usuarios mayores de 18 años, por lo que al utilizar cualquiera de ellos, usted garantiza que cumple con este requisito y acepta las consecuencias que se deriven en caso de no ser así.

RESPONSABILIDAD DEL USUARIO:

El Usuario declara que todos los datos aportados son verdaderos, exactos, completos y actualizados, siendo responsable de cualquier daño o perjuicio, directo o indirecto, que pudiera ocasionarse como consecuencia del incumplimiento de tal obligación. En caso de que los datos aportados pertenecieran a un tercero, el Usuario garantiza que ha informado a dicho terceros de los aspectos contenidos en este documento y obtenido su autorización para facilitar sus datos a STAYFORLONG para los fines señalados. Será responsable de las informaciones falsas o inexactas que proporcione a través del Sitio Web titularidad de STAYFORLONG y de los daños y perjuicios, directos o indirectos, que ello cause a STAYFORLONG o a terceros.

DECISIONES AUTOMATIZADAS:

Le informamos de que sus datos personales no son objeto de decisiones automatizadas. Todos los procesos de toma de decisiones de nuestra entidad relacionadas con dichos tratamientos se realizan con intervención humana.

DESTINATARIOS DE SUS DATOS PERSONALES:

Por un lado, STAYFORLONG no prevé la cesión de sus datos personales, no obstante, en caso de que precise comunicarlos a terceros para otras finalidades distintas a las descritas en este apartado, previamente le solicitará su consentimiento. Por otro lado, sus datos personales si podrán ser comunicados a:

  • (i) Terceros colaboradores de alojamiento seleccionados por el Usuario (incluyendo: bedbanks, alojamientos, hoteles, apartamentos, etc.), con la finalidad de llevar a cabo la gestión de la reserva que el Usuario ha contratado, así como proveedores de seguro.
  • (ii) Las Administraciones Públicas competentes en la materia, cuando sea necesario para cumplir con las finalidades del tratamiento, de acuerdo con las obligaciones a las que STAYFORLONG está sujeta, de acuerdo con su naturaleza y actividad, conforme a la normativa vigente.
  • (iii) Las Autoridades Públicas, Juzgados y Tribunales, en caso de que así lo requieran.
  • (iv) Proveedores que precisen acceder a los mismos para la prestación de los servicios que STAYFORLONG haya contratado con los cuales tiene suscritos contratos de Encargado del Tratamiento exigidos por la normativa en Protección de Datos.

OTROS PROVEEDORES:

STAYFORLONG le informa de que en caso de que el Usuario realice una reserva que incluya una oferta disponible a través de los siguientes sitios web, la Política de Privacidad de los mismos también será de aplicación:

TRANSFERENCIAS INTERNACIONALES:

Asimismo, STAYFORLONG informa al Usuario que determinados proveedores, colaboradores o prestadores de servicios pueden encontrarse ubicados fuera del Espacio Económico Europeo, lo que puede conllevar transferencias internacionales de datos personales. Más concretamente:

  • Transferencias basadas en una decisión de adecuación: algunos de los proveedores de STAYFORLONG que pueden tener acceso a sus datos personales están ubicados fuera del Espacio Económico Europeo, concretamente en Argentina, Uruguay y Reino Unido, países que han sido declarados por la Comisión Europea de un nivel adecuado de Protección de Datos.
  • Transferencias basadas en garantías adecuadas: algunos de los proveedores de STAYFORLONG que pueden tener acceso a sus datos personales están situados fuera del Espacio Económico Europeo, concretamente en Colombia, Emiratos Árabes Unidos, países que no cuentan con una decisión de adecuación de la Comisión Europea. En este caso, dichas transferencias se han regularizado mediante suscripción de las Cláusulas Contractuales Tipo aprobadas por la Comisión Europea.
  • Transferencias necesarias para la ejecución del contrato: en caso de que el Usuario contrate servicios turísticos o alojamiento situados fuera del Espacio Económico Europeo, sus datos personales podrán ser comunicados a los correspondientes proveedores cuando dicha transferencia resulte necesaria para la correcta ejecución de la relación contractual solicitada por el Usuario.

En caso de que, STAYFORLONG contrate en el futuro servicios de otros proveedores ubicados fuera del Espacio Económico Europeo que no dispongan de normativa equivalente a la europea; en ese caso, se encargará de que la contratación de los citados servicios cumpla con los requisitos establecidos por la normativa vigente en materia de Protección de Datos, aplicando a dichas transferencias las garantías y salvaguardas necesarias para preservar la privacidad de sus datos de carácter personal.

PLAZO DE CONSERVACIÓN:

Sus datos personales se conservarán mientras se mantenga su relación con el Responsable del Tratamiento y, tras la finalización de dicha relación por cualquier causa, mientras no comunique usted lo contrario y durante los plazos de prescripción legales que sean de aplicación. En este supuesto, se tratarán a los solos efectos de acreditar el cumplimiento de las obligaciones legales o contractuales del Responsable del Tratamiento. Finalizados dichos plazos de prescripción, sus datos serán eliminados o, alternativamente, anonimizados.

DERECHOS DE LOS INTERESADOS:

STAYFORLONG le informa que puede ejercer los derechos de limitación del tratamiento, portabilidad de los datos, acceso, rectificación, supresión, oposición y a no ser objeto de decisiones individuales automatizadas, incluida la elaboración de perfiles, dirigiéndose a legal@stayforlong.com o a la dirección postal indicada con anterioridad.

Asimismo, si usted considera que el tratamiento de sus datos personales vulnera la normativa vigente en materia de Protección de Datos, puede presentar una reclamación ante la Autoridad de Control, en este caso la Agencia Española de Protección de Datos a través de su sede electrónica o dirección postal.

Privacy & Data Protection Policy

We inform you that the personal data that user voluntarily communicates through the portal www.stayforlong.com (the “Web”), through email or telephone, will be subject to automated processing and will be incorporated into files whose responsibility is STAYFORLONG, SL (hereinafter, “Stayforlong”), under the terms of this Privacy Policy and for the purposes set forth herein.

All personal information that is provided or collected through the Web will be treated by Stayforlong, as the responsible subject for the treatment:


Responsible for the processing /treatment of his data


Identity

STAYFORLONG, S.L., with CIF B-66460536, registered in the Company Register of Barcelona with Volume 161, Sheet B-462443


Phone

93.000.33.48


Email

legal@stayforlong.com

By providing personal data to Stayforlong, users expressly declare that they have read and expressly accepted this Privacy Policy and give their express , unequivocal and informed consent to the processing of their personal data in the terms indicated in this Privacy Policy.


Users guarantee the authenticity and veracity of all their data communicated through the Web and must keep updated the information provided to Stayforlong, so that it responds at all times to their actual situation, being the users the only responsibles for false or inaccurate statements they carry out, as well as the damages caused to Stayforlong, or to third parties.


When you make a booking through our platform that involves offers available from Booking.com, the privacy policy of Booking.com will apply. You can review Booking.com’s privacy policy in full by visiting the following link: https://www.booking.com/content/privacy.en-gb.html.

1- Legitimation for data treatment

The legal basis for the treatment of your data is the registration of users on the Web and the provision of services contracted by them through the Web.


The consent of the users is the legitimate basis for the treatment of the data that Stayforlong does for the purposes explained specifically in this Privacy Policy, other than the provision of the services expressly requested by the users.

2- Data collected

2.1 Information directly provided by users to Stayforlong


-Registration data: In order to register on the Web, users must provide their email and password, or they can choose to register on the Web either through their Facebook account or Google account.


These data are mandatory completion by users. The refusal on the part of the users to facilitate them will imply not being able to register on the Web.


-Information of “My Profile“: users can add or modify data in their profile in order to use Stayforlong services, such as their first and last name, contact telephone number or email address, by contacting Stayforlong to legal@stayforlong.com


-Data of the reservations: the information of the reservations made by the users through the Web as well as the possible evaluations and / or comments made about them, as long as they are not done anonymously.


-Credit / debit card details: Stayforlong may store some bank card details provided by the user, such as the cardholder’s name, the expiration date, the last four digits of the card and the type of card. Notwithstanding the foregoing, the complete data of the credit / debit card of the users will be stored by the payment service provider chosen by Stayforlong for the purposes of correctly processing the payment made by the user, in accordance with the provisions of the clause 5.1 of this Privacy Policy.


Users may, at any time, request Stayforlong to delete their credit / debit card data by email to legal@stayforlong.com.


-Data derived from incident or issues management: if the user goes to Stayforlong via email, phone, chat available on the Web, Whatsapp or Facebook Messenger, Stayforlong will collect the messages received in the format used by the user and can use them and store to manage present or future incidents.


-Additional information: any information provided by the user through email, phone, chat available on the Web, Whatsapp or Facebook Messenger.

2.2 Information indirectly provided by users

-Data derived from the use of the Web: Stayforlong collects data derived from the use of the Web by users every time they interact with the Web.


-Application and device data: Stayforlong stores the device and application data that the user uses to access the services. These are:


-Internet IP address that the user uses to connect to the Internet with his computer or mobile.


-Information about your computer or mobile, such as your Internet connection, your browser type, the version and operating system, and the type of device.


-The complete clickstream of Uniform Resource Locators (URL), including the date and time.


-The browsing history and user preferences.


-Data derived from the website of origin of the user: if the user arrives at the Website through an external source (such as a link from another web page or from a social network), Stayforlong collects the data from the source of the which the user proceeds.


Cookies: Stayforlong uses its own and third party cookies to facilitate navigation to its users and for statistical purposes (see Cookies Policy).


Data derived from external third parties: Stayforlong may collect information or personal data from external third parties only if users authorize those third parties to share the information cited with Stayforlong, for example, in the event that users register on the Web through from your Facebook or Google account.


In the event that the user registers on the Website through his Facebook account, Stayforlong may access the user’s public profile, his or her friends list and the email address associated with the Facebook account. In no case is the Web allowed to publish content in the user’s Facebook profile.


3- Purposes of the collection and processing of personal data


3.1 Purposes related to the provision of the services requested by the user


The personal data of the users are treated by Stayforlong with the following purposes:


-The provision of Web services requested or contracted by users, in accordance with the General Conditions of Use and Contracting;


-Manage and control reservations made by Users through the Web;


-Provide any information requested by the User by email or telephone;


-The management and control of your account on the Web;


-The management and control of user participation in any of the sweepstakes, contests or promotions organized by Stayforlong;


Certain services provided through the Web, such as sweepstakes or contests, may contain legal bases with specific provisions regarding the protection of personal data. It is essential to read these legal bases and their acceptance prior to the request of the service in question.


-The management and control of compliance by the user with the General Conditions of Use and Contracting, the Privacy Policy and the Cookies Policy of the Web;


-The detection and investigation of fraud, as well as other illegal activities or that violate the General Conditions of Use and Contracting;


-The realization of statistical studies in order to improve the services offered on the Web, according to the preferences of the users;


-The sending of communications relative to the status of reservations or transactions made by users through the Web;


3.2 Purposes consented by the user

We can only offer you certain travel services if we collect and process some personal data about you. For example, we need your name and contact information to process a booking.


We use your personal data for various purposes, including:


Marketing Activities

We use your information for marketing-related purposes, including:


- Sending you personalized marketing messages (such as push notifications, emails, or in-app messages) based on your contact details and your interactions with our platform (such as previous bookings and browsing behavior, including data collected through cookies and similar technologies). These messages may include promotions, surveys, travel experiences, and updates about our products and services. You can easily unsubscribe at any time by clicking the "Unsubscribe" link in any email or by managing your preferences in your account settings.


-Showing you personalized promotional content based on your interactions with our platform, including past bookings and browsing behavior, on our website, in our apps, or on third-party websites/apps. These recommendations may be based on data collected across different visits or from different devices, even if you’re not logged in.


-We may contact you with information about additional products or services that might interest you, such as travel-related insurance.


-We may also organize promotional activities and, based on information we have already collected, invite you and other travelers to participate.


For all these activities, we use personal data such as your contact and account information, browsing data, location, preferences, and searches and bookings made across different devices.

Users may exercise their right of opposition to their data being processed for the purpose of sending commercial communications by email to  legal@stayforlong.com  or by clicking on the option enabled for this purpose in each commercial communication sent.


Under no circumstances will Stayforlong use the personal data of users for purposes other than those mentioned above, unless prior notification to the user, giving a reasonable period for the user’s opposition to it.

We use third-party tools like Google, Meta, and others that use cookies to improve your experience on our website. These cookies help personalise content and ads based on your interests, measure campaign performance, and optimise navigation. By continuing to use our site, you consent to the use of these technologies to tailor your experience. You can find more information about Google’s business safety and privacy here: https://business.safety.google/privacy/

4- How Long Is Your Data Stored?

The personal data provided will be kept as long as the user remains registered on the Website and does not exercise his right of withdrawal.


In case of withdrawing the consent or opposing the treatment, the data will be blocked and will stop being treated, and will be kept for a period of legal prescription in order to be able to claim or defend us from possible claims.


4.1 Account Deletion Request


If you wish to delete your Stayforlong account and associated personal data (whether created via the Stayforlong website or mobile app), please follow the steps below:

· Send an email to legal@stayforlong.com from the email address associated with your Stayforlong account.

· In the email, clearly request the deletion of your account and personal data.

· Our team will process your request and confirm once the deletion is completed.


4.2 Data Deleted and Retained


When you request account deletion for your Stayforlong website or app account:

· We will delete all personal data associated with your account (such as your name, email address, and contact details).

· However, certain transactional records (including bookings and past transactions) will be retained as required for legal, regulatory, and legitimate business purposes.

· These retained records will be kept securely and only for as long as necessary to comply with applicable laws.

5- Transfer of personal data

The data of the users of the Web will not be transmitted to any third party except that (i) it is strictly necessary for the provision of the services requested, in case Stayforlong collaborates with third parties (ii) when Stayforlong has express and unequivocal authorization for part of the user and (iii) when requested by the competent authority in the exercise of its functions (to investigate, prevent or take actions related to illegal actions) or (iv) finally, if required by law.

5.1 Assignment for the correct provision of services

In order to provide the services requested by users, Stayforlong will share certain personal data of users with:


-Tour operators: Stayforlong may share certain user information, such as first and last name and email address, as well as the data of the reservations made through the website (name of the owner of the reservation and the accompanying persons) , check-in and check-out date, lodging regime, amount of the reservation, cancellation policy and room type) with the tour operators that manage the tourist services hired by the users through the Web, with the sole purpose of facilitate reservations.


-Hotels in which the user has made a reservation: Stayforlong may share certain user information, such as their first and last name and their email address, as well as the data of the reservations they have made through the Web (name of the user). holder of the reservation and of the companions, date of check in and check out, accommodation regime, amount of the reservation, cancellation policy and type of room) with the hotels in which the user has made a reservation, with the only purpose of facilitating the reservation.


-Payment gateway: the credit / debit card data of the users (cardholder, number, expiration date and type of card) are stored by the payment service provider, Ingenico ePayments, whose security measures are high. is PC1 Compliant according to the Data Security Standard for the Payment Card Industry or PCI DSS (see certificate here https://payment-services.ingenico.com/es/es/ogone/ support/products/pci#). If the user asks Stayforlong to delete the data from their credit / debit cards, the third payment service provider will delete said data from their servers.


-Hosting services: Hosting services providers, where appropriate, will have access to personal data of users for the sole purpose of providing the hosting service of such data to Stayforlong.


-Mailing service providers: the third-party providers of emailing campaign management services, designing and sending commercial communications and managing transactional emails.


-Prevention and anti-fraud services: user data may be communicated to the company Ingenico e-Commerce Solutions SPRL, holder of the “Fraud Expert” solution, necessary for the correct development of the payment process and the operation of the services offered by Stayforlong. «Fraud Expert» is a tool aimed at preventing and combating fraud (determining the level of risk associated with a transaction, detecting and managing the resulting resulting alerts, informing merchants so that they can make decisions, perform a “human” verification of transactions that present a certain level of risk and develop scoring models).

Also, a fraud committed by a user may lead to the registration of some of your personal data in a specific file created by Ingenico e-Commerce Solutions SPRL; The purpose of this file is to keep a trail of previous frauds. The registration of a user in this file could also lead to an aggravated risk in a future order placed on a merchant in the same sector of activity that has chosen the Fraud Expert solution and, therefore, that the user’s order is rejected.


Likewise, user data may be communicated to the company Sift Science Inc., a provider of anti-fraud and prevention services to verify the legality of transactions made by users on the Web.


All information provided by users directly to such providers beyond the control of Stayforlong, will not be covered by this Privacy Policy.


Stayforlong guarantees that all commercial partners, technicians, suppliers, or independent third parties to whom data are communicated, in accordance with the provisions herein, are linked to Stayforlong by means of a binding contract or legal act to process the personal data of the users, in accordance with the applicable legislation on the protection of personal data.


In the event that suppliers are located outside the European Economic Area, Stayforlong will communicate the data through systems enabled by the European Commission and the Regulation, to countries that have an adequate level of protection of personal data or through approved contracts. the European Commission by which the rights of the interested parties are established and guaranteed and will be communicated once the approval of the relevant control authority is obtained.


5.2 Assignment expressly consented by the user


The user will be informed in the event that any information about it is brought to the attention of third parties with a different nature to the purposes set out in this document or in the General Terms of Use, in order to have the opportunity to give their consent or oppose such transfer prior.

5.3 Assignment requested by a competent authority for the exercise of its functions



Stayforlong may transfer user data to security companies and Security Forces when it believes that its disclosure is necessary for compliance with the law, to enforce or apply the General Conditions of Use and Contracting or to protect rights, the property or security of Stayforlong, its users or third parties. The foregoing includes, therefore, the exchange of information with other companies and organizations as well as with security forces and bodies for the protection against fraud and the reduction of credit risk.


5.4 Assignment prior legal requirement


Upon legal request, Stayforlong may share information with agencies of executive authorities and / or third parties regarding requests for information regarding criminal investigations and alleged illegal activities.


6- Security Measures

Stayforlong undertakes to adopt the technical and organizational measures established by regulations that guarantee the security of users’ personal data and avoid their alteration, loss, treatment or unauthorized access, taking into account the state of the technology, the nature of stored data and the risks to which they are exposed, all in accordance with the applicable legislation on data protection.


Notwithstanding the foregoing, it is the responsibility of the users to duly safeguard the passwords and passwords that they provide for their access as registered users on the Web, preventing the improper use thereof by third parties. Stayforlong is not responsible for the misuse of passwords and access codes that users carry out.


7- Exercise of rights


At any time users can exercise their rights of access, rectification, deletion, limitation of their treatment, opposition, and portability, by means of a written communication addressed to Stayforlong, with address at Ronda Sant Pere 17 3º 4ª, 08010, Barcelona; or by email to legal@stayforlong.com. In both cases the interested user must accompany a copy of their national identity document, passport or other valid document that identifies them.


The users understand and accept that the withdrawal of consent and / or the exercise of the right of withdrawal will imply that Stayforlong can no longer provide the services of the Web.


Likewise, users will have the possibility, at any time, to withdraw the consent in the case that they have granted it for a specific purpose (without affecting the legality of the treatment based on the consent prior to its withdrawal), and, in particular, to exercise your right to object to your data being processed for the purpose of sending commercial communications by email to legal@stayforlong.com or by clicking on the option enabled for this purpose in each commercial communication sent.


Apart from the exercise of the rights described above, users have the right to file a claim with the corresponding control authority, with the Spanish Data Protection Agency being the one indicated in the case of Spain.

8- Changes in our privacy policy

Stayforlong may update or modify this Privacy Policy. An updated version of this Privacy Policy will always be available on the Web.


Stayforlong will send users notifications about substantial changes and modifications of this document through email or any other means that ensures receipt of them.


9- Translation

The original version of this Privacy Policy is in Spanish and has been translated into other languages. In case of contradiction on the content or interpretation of this Privacy Policy, as well as in the case of conflicts, contradictions or discrepancies between the Spanish version and the rest of the translated versions, the Spanish version of this Privacy Policy it will prevail and be conclusive to the extent that the law allows it. Users can consult the Spanish version of this Privacy Policy on the Web, by selecting said language, or by email to legal@stayforlong.com.

10- Disability

When by judicial provision or of any other nature, any clause of this Privacy Policy is declared invalid or ineffective, in whole or in part, such invalidity or ineffectiveness shall not be extended to the rest of the clauses herein provided, which shall remain in force. The invalid or ineffective provision, for the purposes of the provisions herein, will be replaced by another valid and effective clause, trying that the effect of the latter be as similar as possible to that of the first.

World Travel Awards 2026 - Nominee: Europe's Leading Online Travel Agency
  • © 2026 Stayforlong.com. Todos los derechos reservados.