Privacy Policy

Privacy Policy

With this privacy policy we inform you of the treatment that we do of the personal data that you provide or will facilitate in your browsing, in case you continue browsing. Likewise, it includes our data protection policy, for cases in which an express reference is made to it.


The person in charge of the treatment and the entity that owns the domain (hereinafter, the Website), is Gran Hotel Monachil, SL with address at AVDA. MARIBEL, 10 CP: 18196 MONACHIL -GRANADA (SPAIN), with CIF nº: B18615534.

Contact details:

o Telephone: (+34) 958 481 450
o Email:


The data you provide us is intended to:
• The data that you provide us through the contact sections made available to you on the Website, will be treated in order to resolve your queries or requests and provide the services requested by you. The basis of legitimation is the consent given.

• "Reservations": The personal data provided in this section will be processed for the purpose of managing the reservations requested by you. In all cases, the data provided may be processed for the purpose of preparing internal statistics to improve our services. The personal data provided will only be kept as long as our commercial relationship is maintained, and will be blocked once it has expired, during the period established by the legal prescriptions, available only to Courts and Tribunals to deal with possible claims, after which, said data will be canceled. The legal basis for the treatment of your data is the fulfillment of the contractual obligations assumed by you when requesting our services. We inform you that the personal data provided may be processed in order to send you informative and other communications (offers, events,) for which you have to check the box enabled for this purpose and give us your consent. The data provided will be kept for this purpose as long as you do not request the cessation of advertising shipments. You will have the right to withdraw your consent at any time. The withdrawal of consent will not affect the legality of the treatment based on the consent prior to its withdrawal.

• Respond to the queries you make in relation to the exercise of the rights about which we inform you later. The basis of legitimacy is the fulfillment of legal obligations on our part.

In complying with these obligations, we may communicate your data to Public Administrations and courts, provided that such information is required in accordance with established legal processes.

• By submitting your resume you authorize us to analyze the data and documents contained therein. They will be kept for a maximum period of six months, unless you tell us otherwise. The basis of legitimation is the consent given.

• The data collected through the forms included in the Website are intended to be the one explicitly stated in them, such as sending advertising about our offers and promotions, reserving ski passes, classes, equipment, transfers and excursions as well as the Gestion of reservs. The basis of legitimation is the consent given.

• If you expressly authorize us, we may send you information related to our activity, through any electronic means, including sending a newsletter. This information will be kept as long as you do not request its deletion. The basis of legitimation is the consent given.

• Registration of visits to the Website: At each access to the server, the IP address from which the User navigates will be collected and it will be recorded, as well as the pages that GHM Hotels visits. These data will be stored in a LOG file for statistical purposes and to determine the number of page views.

• In case of existence of services or applications, these will contain their particular conditions with specific provisions regarding the protection of personal data. It is essential to read and accept it prior to requesting the service in question.


The User must provide truthful information when filling in the forms contained in the Website with their personal data and keep them updated at all times so that it responds to their real situation.

The user will be solely responsible for any false or inaccurate statements made and for the damages caused to The Provider or Third Parties due to the information provided. Likewise, the user must be duly authorized to provide data from third parties. Only if he has the consent of future guests, the user may provide the Borrower with said data. Therefore, it implies, under your sole responsibility, the assumption of the duty to inform those of the content of our Privacy Policy prior to the offering of personal information.

The data you provide us will be kept as long as there is a mutual interest to maintain the end of the treatment. They will be blocked when they are no longer necessary for the purpose for which they were collected or when you have exercised your right to suppress, cancel and / or limit the treatment. After this period, the data will be deleted in accordance with the provisions of the data protection regulations, which implies its blocking. They will remain at the exclusive disposal of Judges and Courts, the Public Prosecutor's Office and the competent Administrations, in particular that of Data Protection for the attention of responsibilities arising from the treatment, during the limitation period of these. Once the indicated period has elapsed, they will be destroyed with the appropriate security measures to guarantee the pseudonymization or total destruction of the same.

In addition to the general treatment of the previous point, the conservation period of four years will be observed (Art. 66 and following of the General Tax Law), and six on the accounting books and invoices (Art. 30 of the Commercial Code).


The data protection regulations grant you the following rights in relation to the processing of personal data:

Right of access: right of access to your personal data to know which are being processed and the processing operations carried out with them.

Right of rectification: To be able to request the modification of your data for being inaccurate or not truthful.

Right of portability: To be able to obtain a copy in an interoperable format of the data that is being processed.

Right to limitation of treatment: In certain circumstances, the interested parties may request the limitation of the processing of their data, in which case we will only keep them for the exercise or defense of claims.

Right of deletion: Request the deletion of your data when the treatment is no longer necessary.

Right of opposition: Request the cessation of sending commercial communications in the indicated terms.

• Right to revoke the consent given.

To exercise these rights, you must send an express request, along with a copy of your ID or equivalent and valid supporting document, through the following means:

EMAIL addressed to the address with subject Data Protection. This submission must be made from the email address you included in the form. Otherwise, they will not be shown to you, as your identity is not considered sufficiently proven.

BY POSTAL MAIL: Directed to the address AVDA. MARIBEL, 10 CP: 18196 MONACHIL - GRANADA (SPAIN)

If you do not receive a response in time and form from the Provider, or if you do not find it satisfactory, it is reported that the competent control authority is the Spanish Agency for Data Protection ( ). On their website you can find a series of models that will help you in exercising your rights.


Users are expressly informed that their personal data will not be transferred in any case to third parties, except legal obligation. Any exception to this rule will require your prior express, informed, and unequivocal consent.


In accordance with the provisions of current regulations on personal data protection (Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 and Organic Law 3/2018, of December 5, on Data Protection Personal Data and Guarantee of Digital Rights), the Provider complies with all the provisions of the RGPD and LOPDGDD regulations for the processing of personal data under its responsibility, and manifestly with the principles described in article 5 of the RGPD, for which they are treated in a lawful, loyal and transparent manner in relation to the interested party and adequate, pertinent and limited to what is necessary in relation to the purposes for which they are processed.

Appropriate technical and organizational policies are in place in order to protect your rights and freedoms, providing you with all the necessary information so that you can exercise the rights that assist you. However, you must be aware that Internet security measures are not impregnable.


Access and use of the portal to minors (14 years old) is prohibited. They may not use the services available through the Website without the prior authorization of their parents, guardians or legal representatives, who will be solely responsible for all acts carried out through the Website by minors in their charge, including the Completion of the forms with the personal data of said minors and the marking, where appropriate, of the boxes that accompany them. We are not responsible for the veracity and accuracy of the data you fill in. If you have minors under your care, it will be your sole responsibility to determine what services and / or content are or are not appropriate for the age of the latter.


The Provider reserves the right to modify this Privacy Policy, totally or partially, by publishing the changes on the Website. Likewise, the contents and services provided, as well as the way in which they are presented, may be changed, deleted or added without prior notice. Consequently, the Policies that are published at the time you access will be understood as current, so you should read it periodically.

Regardless of the provisions, access to the contents of the Website may be terminated, suspended or interrupted, at any time without prior notice, without the User being able to demand any compensation.