Privacy Policy

This legal text gives you details of how we collect and process your personal data through the use of our website, including any information that you can provide us through the site when you sign up for a service, register with us newsletter or provide your contact information through the form enabled for this purpose.

By providing the data, you guarantee that you are over 18 years old.

1. Responsible for the treatment

Contact details of the person in charge: CASTLE BEACH S.L. with registered address at Avenida de la Encarnación núm. 2, Fuengirola, Málaga, C.P. 29.640 . Telephone: 951062700. E-mail and CIF B-92.076.595

CASTLE BEACH S.L. , is responsible for your data. (Hereinafter us or ours).

2. What data do we collect?

According to the General Regulation of Data Protection 679/2016 / UE (RGPD), in its article 4, personal data is all information about an identified or identifiable (interested) natural person, that is, all the information capable of identifying a person. This would not include anonymous data.

We may process certain types of personal data, which may include:

We do not collect any data related to special categories of personal data (those that reveal their ethnic or racial origin, political opinions, religious or philosophical convictions, union affiliation and information about their health, genetic or biometric data).

In case you are requested to collect personal data by law or according to the terms of contract between us and you refuse to provide them, we may not be able to make such a contract or provide the service, and must notify us in advance.

3. What data do we collect?

The means we use to collect personal data are:

4. Purpose and legitimacy for the use of your data

The most common uses of your personal data are:

· For the formalization of a contract between CASTLE BEACH S.L. and you.
· When you give your consent in the processing of your data
· When we need them to comply with a legal or regulatory obligation
· When necessary for our legitimate interest or that of a third party.

The User may revoke the consent given at any time by sending an email to or by consulting the section on exercise of rights below.

Below we attach a table in which you can consult the ways in which we will use your personal data and the legitimacy for its use, as well as knowing what kind of personal data we are going to deal with. We can process some personal data for some additional legal reason, so if you need details about it you can send an email to

Purpose Type of data Legitimacy for your treatment
To request information through the
Contact Form
· First name
· Surnames
· Email
Consent of the interested party
To register you as a client
in the Web page
· User
Contract formalization
To manage our relationship
with you
· First name
· Surnames
· Email
· Home
· Phone
· Company or Autonomous
Contract formalization
To make commercial communications,
delivering relevant content and
that may be of interest
· First name
· Surnames
· Email
Consent of the interested party
To manage and protect our business and
our website
· Technical data
· First name
· Surnames
· Email
Legitimate interest
To lend you the service or product contract · First name
· Surnames
· Address
· Email
· Phone
· Bank data
Contract formalization
Commercial communications: you will only receive communications if

We obtain your express consent before sending any communication, being able to request at any time that we stop sending you communications in the email

When you choose to stop receiving our communications, your personal data will remain stored as a result of the contract made by you to comply with legal requirements.

Purpose: we will only use your data for the purposes for which we collect it, unless we reasonably believe that we must use it for another reason, notifying you in advance so that you are informed of the legal reason for processing it and provided the purpose is compatible with the purpose original.

Term of conservation: The period of conservation of the personal data will vary according to the service that the Client contracts, being the minimum necessary, being able to stay:

Subscriber data by e-mail or form: From the moment the user subscribes until they unsubscribe.

Data of the users uploaded by CASTLE BEACH, SL to their Social Networks or pages: Since the user gives his consent until he withdraws it.

5. Your Rights in Data Protection

How to exercise these rights? Users can send a communication to the registered office of CASTLE BEACH S.L. or email address , including in both cases a photocopy of your ID or other similar identification document, to request the exercise of the following rights:

You can use the models placed at your disposal by the Spanish Agency for Data Protection, to exercise your previous rights: Here

Claim before the AEPD: if you consider that there is a problem with the way in which CASTLE BEACH S.L. is treating your data, you can direct your claims to the corresponding control authority, being in Spain, competent for this: Spanish Protection Agency of data.

We may have to request specific information to help us confirm your identity and guarantee your right to access your personal data (or exercise any of the other rights mentioned above). This is a security measure to ensure that personal information is not disclosed to any person who does not have the right to receive it.

All the requests are solved within the legal term indicated 1 month. However, it can take more than a month if your request is particularly complex, or if you have already performed a series of actions previously. In this case, we will notify you and keep you updated.

6. Transfer of personal data

It is possible that, in the performance of our work, we should transfer your data to third parties:

All these assignments will be previously communicated to you and we declare that we require all those in charge of treatment to whom we transfer your data respect the security of your personal data and treat them according to the RGPD. We only allow such managers to process your data for certain purposes and in accordance with our instructions.

7. Data Security

We have implemented the appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized manner, modified or disclosed. In addition, we limit the access to your personal data to those employees, contractors and other third parties who have a commercial need to know such data. They will only process your personal data according to our instructions and will be subject to a duty of confidentiality.

We have implemented procedures to deal with any suspicion of violation of your personal data and we will notify you and the Control Authority in case it happens, as it is regulated in the RGPD in its articles 33 and 34, a security breach.

8. International transfers

Countries outside the European Economic Area (EEA) do not always offer the same levels of protection for their personal data, which is why European legislation has prohibited the transfer of personal data outside the EEA unless the transfer meets certain requirements.

Some of our external service providers are outside the European Economic Area (EEA), so the processing of your personal data will involve a transfer of data outside the EEA.

- Social Networks: CASTLE BEACH S.L. makes use of the social networks Facebook , Instagram , LinkedIn and Twitter , all in the USA.

- Email: The email service of CASTLE BEACH S.L. is provided using the services of MICROSOFT.

If you need an extension with respect to the specific mechanism used by us when transferring your data outside the EEA, you can contact us through our email

Update: May 2018