TERMS AND CONDITIONS

Last Modification

November 6, 2023

This document is a contract between you and Golubo S.L. regarding the services you have contracted from the so-called NAMTIA HOTEL SUITE, which includes a range of software-based services currently named: Raportia, Dediting, Opinasi, Anaclic, Tecnihotel, Minimiso, Conectyc, Islabooking, Hoturo, Markitea, Nolubi, and Glutinia.

This agreement is structured in the following CLAUSES that both parties must comply with:

FIRST. SERVICE USE AGREEMENT

We appreciate that you have decided to use the services of Golubo S.L.

By using this site and/or downloading any material, you agree to be bound by this Agreement. This agreement applies to you and, if you are using this website on behalf of your client or a company, to you, all your clients, and your company. We reserve the right to modify this agreement at any time. We reserve the right to update and/or change our pricing structure as necessary.

If you disagree with anything stated in this document, please discontinue your use of our services and delete all data you have downloaded. This agreement may be translated from Spanish to other languages, however, if there is any contradiction between the Spanish version and its translation into a different language, then the Spanish version will take precedence.

SECOND. ACCESS REGISTRATION

You should know that Golubo S.L. strives to offer quality services but in the development and pursuit of new technologies and functionalities, you may also receive experimental services. This means that the services may not be available or may provide inaccurate or even erroneous data.

If you are not willing to accept service interruptions and/or the reception of inaccurate or erroneous data, we advise you not to use our services. If you are willing to accept inaccurate and/or erroneous data, we inform you that we cannot be held responsible for the consequences thereof, and therefore it is your responsibility and that of your users to question and validate the data returned by our applications and services.

To help you better understand this situation, we inform you that sometimes data errors come from the data source, not from the processes carried out by Golubo S.L., and there are also errors in how the data is interpreted by one party or another. All of the above makes the data environment an uncertain place, where the end user must decide whether or not to use the data they receive. We greatly appreciate your understanding. If you are willing to take responsibility for validating and verifying the accuracy of the data before using it, thereby assuming responsibility for it, we invite you to begin your interaction with our systems.

Otherwise, please desist from the registration process and do not access our software tools, infrastructures, or services.

To access our services, you must be over 18 years old and capable of forming a binding contract with Golubo S.L. If you are using the services on behalf of a company, you accept the terms on your behalf and on behalf of the company, for which you must have authorization to accept the terms on behalf of your company. If you register on behalf of a company, it means you have the authorization to do so. Otherwise, desist from the registration process.

You must provide accurate and truthful information to register an account. This information is of a legal nature.

You cannot make your credentials or access data of your account available to other people. You are responsible for all activities conducted using your access data.

THIRD. USE REQUIREMENTS

A. USE OF THE SERVICES

Golubo S.L. grants you the non-exclusive right to temporarily use the services you have contracted in accordance with these terms. The right to use is linked to the payment of the fees stipulated at any time by Golubo S.L.

Golubo S.L. owns all rights, titles, interests, intellectual, industrial, and commercial property of the services to which we offer you access. Occasionally, we may use third-party services to facilitate the services for you.

B. MODIFICATION OR IMPROVEMENT PROPOSALS

We appreciate that you request modifications or improvements to the services we provide. We are in a position to continuously improve our services. We will try to address all the contributions you make to our team.

When you register for any of our services, you agree to transfer the commercial rights and intellectual property of any idea you propose to us as a service improvement. We do not want you to feel this condition is abusive, but the truth is that most of the time, customer proposals are already on our development and improvement roadmap, or have even been dismissed because we consider that customers will not use them. Additionally, we inform you that developing an idea has great technical difficulty and requires significant investment.

Therefore, we greatly appreciate your understanding in this regard, and we clarify that we do not wish to appropriate any idea, we only want to clarify that everything developed on our platform by our developers is the property of Golubo S.L.

For our part, we strive to improve our services to meet your needs.

C. RESTRICTIONS

You cannot use the services in a way that improperly appropriates or violates the intellectual property rights of Golubo S.L. or any of its tools or services, whether proprietary or third-party.

You are not allowed to perform reverse engineering, nor can you copy or use the designs of our tools. You cannot use our tools to provide services to third parties. And you cannot use our tools or third-party services we facilitate access to, to compete technologically or commercially with Golubo S.L.

D. THIRD-PARTY SERVICES

In an environment with such technical and technological complexity, Golubo S.L. relies on third-party services that allow us to provide you with better service. Any third-party software, services, or other products used in this relationship are subject to their own terms and we are not responsible for third-party products.

FOURTH. SERVICE COSTS AND PAYMENTS

A. PAYMENTS AND INVOICES

You will pay all invoices for services you have access to on a monthly basis. The amount of the invoices will be related to the range of services you contract access to and the prices that will be provided to you in writing in advance. In case of issuing invoices with erroneous prices, this agreement grants us the right to correct and modify the invoice amounts.

Billing information must be provided by you or the company you work for in a concise and sufficient manner.

The corresponding amount for each service period, for example, the monthly period, must be paid in advance of access to the services. The Fees are payable in euros and are due upon issuance of the invoice, and payments are non-refundable.

We will charge your payment method on an agreed periodic basis, but we may reasonably change the date the charge is recorded or likewise modify the payment method by mutual agreement and in writing.

B. TAXES

Our fees do not include taxes or any kind of levies. You are responsible for all taxes and levies associated with the costs of our services, so our price list represents the amount of our services without including taxes.

You agree to pay such taxes and also to provide documentation that proves their payment.

GOLUBO S.L. uses the data you provided during registration for tax purposes, so you must keep this information accurate and up-to-date.

C. PRICE CHANGES

In the normal course of service over time, there are price changes for various reasons. GOLUBO S.L. may change the prices of the services provided at any time. To do so, it will publish a notice on the service website and/or in your account. Price changes will take effect 15 days from the date of publication, except in cases where the motivation is legal, in which case they will take effect immediately.

D. NON-PAYMENT

Non-payment for the services results in the immediate deactivation of your access to our services, and the subsequent termination of the contracted services and the consequent termination of the contract. Before the final termination of the contract, you will be notified in writing, to the email provided in your account's contact information, to address the outstanding payments. If not addressed within 24 hours, the contract will be terminated.

If the contact information provided does not correspond to a valid communication address, or if this address does not respond to communications, both parties agree to terminate this contract 24 hours after sending to the referred contact address.

E. FREE ACCESS

Sometimes we may provide our customers with free access to one or more of our services. This free access is temporary and may be terminated unilaterally by GOLUBO S.L. at any time without prior notice.

Free access does not grant you any rights, especially no right of access or claim. If you use free access, you agree to waive any right to claim and also agree that the services may end at any time without prior notice.

You must still comply with all the conditions set out in this contract.

PERSONAL DATA PROCESSING AGREEMENT

FIRST. - PURPOSE OF THE PROCESSING AGREEMENT.

The main purpose of this agreement is the processing of personal data (hereinafter data) necessary for the provision of the service.

Through these clauses, the PROCESSOR (hereinafter GOLUBO S.L.) is authorized to process on behalf of the CONTROLLER (hereinafter App User) the personal data necessary derived from the provision of the software service belonging to the NAMTIA HOTEL SUITE, including but not limited to the applications Raportia, Dediting, Opinasi, Anaclic, Tecnihotel, Minimiso, Conectyc (or Conectapms), Islabooking, Hoturo, Goinprice, Markitea, and Glutinia.

The processing will consist of storing data from third parties who use the subscriber's APP, with the specific processing activities being:

Collection, recording, consultation, comparison, storage for the period necessary for the provision of the service and compliance with corresponding legal obligations, communication by transmission, interconnection, restriction, erasure, destruction, and communication.

SECOND. - IDENTIFICATION OF THE AFFECTED INFORMATION.

To execute the provisions derived from fulfilling the purpose of this agreement, the CONTROLLER makes the following information available to the PROCESSOR:

  • Email address
  • Nationality
  • Age

THIRD. - FORM OF ACCESS.

The PROCESSOR will access the personal data for which the CONTROLLER is responsible as follows.

The CONTROLLER will communicate the data to the PROCESSOR. The data processing will be carried out by the PROCESSOR at its own premises, separate from those of the CONTROLLER, who must incorporate this processing into its record of processing activities, including the security measures to be implemented in relation to it.

FOURTH. - DURATION OF THE CONTRACT.

The contract will enter into force from the date of its signing and will remain in effect until the date of termination of the commercial service provision relationship between the CONTROLLER and the PROCESSOR.

FIFTH. - OBLIGATIONS OF THE DATA PROCESSOR.

The PROCESSOR and all its personnel commit to processing the personal data for which the CONTROLLER is responsible according to the latter's instructions and not to apply or use them for purposes other than the agreed service provision.

If the PROCESSOR considers that any of the instructions violate the GDPR or any other data protection provision of the Union or the Member States, the PROCESSOR will immediately inform the CONTROLLER.

5.1.- SPECIFIC PURPOSE.

The PROCESSOR commits to using the personal data subject to processing, or those collected for inclusion, only for the purpose described in the first clause of this contract. Under no circumstances may the data be used for the PROCESSOR's own purposes.

5.2.- RECORD OF ACTIVITIES.

The PROCESSOR commits to documenting a record of all categories of processing activities carried out on behalf of the CONTROLLER, which contains:

1. The name and contact details of the PROCESSOR and each controller on whose behalf the PROCESSOR acts and, where applicable, the representative of the controller or the processor and the data protection officer.

2. The categories of processing carried out on behalf of the CONTROLLER.

3. Where applicable, transfers of personal data to a third country or international organization, including the identification of such third country or international organization and, in the case of transfers indicated in Article 49(1), second paragraph of the GDPR, the documentation of appropriate safeguards.

4. A general description of the technical and organizational security measures related to:

  • Pseudonymization and encryption of personal data.
  • The ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
  • The ability to restore the availability and access to personal data quickly in the event of a physical or technical incident.
  • A process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures to ensure processing security.
5.3.- COMMUNICATIONS TO THIRD PARTIES.

The PROCESSOR may communicate the data for processing to companies within the business group to which it belongs, for the purpose of maintaining centralized business coordination management, with the authorization of the CONTROLLER, in legally permissible cases.

The PROCESSOR may communicate the data to other processors of the same CONTROLLER, according to the CONTROLLER's instructions. In this case, the CONTROLLER will identify, in advance and in writing, the entity to which the data should be communicated, the data to be communicated, and the security measures to be applied to proceed with the communication.

If the PROCESSOR must transfer personal data to a third country or an international organization, by virtue of Union or Member State law applicable to the PROCESSOR, it will inform the CONTROLLER of that legal requirement beforehand, unless such law prohibits it on important grounds of public interest.

5.4.- SUBCONTRACTING.

If it is necessary to subcontract any processing of personal data, this must be communicated in advance and in writing to the CONTROLLER, indicating the processing to be subcontracted and clearly and unequivocally identifying the subcontracting company and its contact details. Subcontracting may take place if the CONTROLLER does not express opposition within the established period.

The subcontractor, who will also have the status of processor, will also be obliged to comply with the obligations established in this document for the PROCESSOR and the instructions issued by the CONTROLLER. It is the responsibility of the initial PROCESSOR to regulate the new relationship so that the new processor is subject to the same conditions (instructions, obligations, security measures...) and with the same formal requirements as the initial PROCESSOR, regarding the proper processing of personal data and guaranteeing the rights of the affected individuals. In the event of non-compliance by the sub-processor, the initial PROCESSOR will remain fully responsible to the CONTROLLER for compliance with the obligations.

5.5.- CONFIDENTIALITY.

The PROCESSOR undertakes to maintain the duty of confidentiality regarding the personal data to which it has had access by virtue of this assignment, even after its purpose has ended.

5.6.- PERSONNEL WITH ACCESS.

The PROCESSOR must ensure that persons authorized to process personal data expressly and in writing commit to respecting confidentiality and complying with the corresponding security measures, which must be properly communicated to them.

It must also keep available to the CONTROLLER the documentation proving compliance with the obligation established in the previous paragraph.

5.7.- ASSISTANCE IN THE EXERCISE OF RIGHTS.

The PROCESSOR undertakes to assist the CONTROLLER in responding to the exercise of the following rights:

  • Access, rectification, erasure, and objection
  • Restriction of processing
  • Data portability
  • Not to be subject to automated individual decisions (including profiling).

When the affected individuals exercise their rights of access, rectification, erasure, and objection, restriction of processing, data portability, and not to be subject to automated individual decisions, before the PROCESSOR, the latter must notify the CONTROLLER in writing so that the latter can resolve the request. The communication must be made without delay and, where appropriate, together with other information that may be relevant to resolve the request. Any change in contact details of the Parties must be notified to the other party immediately and by means that guarantee receipt of the message.

5.8.- DUTY OF INFORMATION.

It is the responsibility of the CONTROLLER to provide the right of information at the time of data collection.

5.9.- SECURITY BREACHES.

The PROCESSOR will notify the CONTROLLER without delay of any personal data security breaches in its charge that it becomes aware of, as well as all relevant information for documenting and communicating the incident. Any change in contact details of the Parties must be notified to the other party immediately and by means that guarantee receipt of the message.

Notification will not be necessary when it is unlikely that such a security breach constitutes a risk to the rights and freedoms of natural persons.

In this notification, the following information will be provided, if available:

  • Description of the nature of the personal data security breach, including, where possible, the categories and approximate number of affected data subjects, and the categories and approximate number of affected personal data records.
  • The name and contact details of the data protection officer or other contact point where more information can be obtained.
  • Description of the possible consequences of the personal data security breach.
  • Description of the measures taken or proposed to address the personal data security breach, including, where appropriate, measures to mitigate any possible adverse effects.

If it is not possible to provide the information simultaneously, and to the extent that it is not, the information will be provided gradually without undue delay.

5.10.- COOPERATION WITH THE CONTROLLER.

The PROCESSOR undertakes to make available to the CONTROLLER all the information necessary to demonstrate compliance with its obligations, as well as to carry out audits or inspections conducted by the CONTROLLER or another auditor authorized by the CONTROLLER. Provide support to the CONTROLLER, where appropriate:

  • In carrying out data protection impact assessments.
  • In conducting prior consultations with the supervisory authority.
5.11.- SECURITY MEASURES.

The PROCESSOR must implement security measures applicable to the automated and non-automated processing of personal data.

Regarding the necessary security measures, the PROCESSOR must implement mechanisms to:

  • Ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
  • Restore the availability and access to personal data quickly in the event of a physical or technical incident.
  • Regularly test, assess, and evaluate the effectiveness of the technical and organizational measures implemented to ensure the security of processing.
  • Pseudonymize and encrypt personal data, where appropriate.
5.12.- RETENTION OF PERSONAL DATA.

Once the contractual service has been fulfilled, the PROCESSOR must return to the CONTROLLER the personal data to which it has had access as part of the commercial service provision relationship, as well as any media or documents containing any personal data for which the CONTROLLER is responsible. The return must involve the total deletion of the data existing in the computer systems used by the PROCESSOR. However, the PROCESSOR may retain the data, duly blocked, as long as liabilities could arise from its relationship with the CONTROLLER.

SIXTH. - OBLIGATIONS OF THE DATA CONTROLLER.

The CONTROLLER is responsible for:

  • Providing the PROCESSOR with the data referred to in the second stipulation of this document.
  • If applicable, conducting an impact assessment on the protection of personal data for the processing operations to be performed by the PROCESSOR.
  • Carrying out the necessary prior consultations.
  • Ensuring compliance with the GDPR by the PROCESSOR prior to and throughout the processing period.
  • Supervising the PROCESSOR's processing.

SEVENTH. - APPLICABLE LAW AND JURISDICTION.

This contract shall be governed by and interpreted in accordance with Spanish law insofar as it is not expressly regulated. If any of the stipulations or conditions of this contract is null, invalid, or ineffective and cannot take effect due to any cause of the applicable law, such nullity, invalidity, or ineffectiveness shall not affect the remaining stipulations or conditions.

The parties submit to the jurisdiction of the courts of Las Palmas de Gran Canaria for any disputes that may arise in connection with this contract, waiving any other forum that may correspond to them.