Privacy Policy

Last update: 08/26/2021.

Your privacy is important to us. In this privacy statement we would like to inform you about what personal data we collect on our website, and how we use it.

Thus, in compliance with the provisions of Regulation (EU) 2016/679 of 27 April (RGPD) and the L.O. 3/2018, of 5 December, on data protection and guarantee of digital rights (LOPDGDD), we will treat your data as we reflect in this Privacy Policy.

We encourage you to read these terms carefully before providing your personal data on this website. The use of the Web site implies acceptance of this Privacy Policy as well as the conditions included in the Legal Notice.

Responsible for the treatment of your personal data

  • Identity of the Responsible: María Lourdes Rodríguez Perona
  • Company Name: María Lourdes Rodríguez Perona
  • TAX ID: 52130157J
  • Address: Calle Rey Juan Carlos 27, 3º door 1, 13320 Villanueva de los Infantes (Ciudad Real)
  • E-mail:
  • Activity: Extra-hotel tourist accommodation

The RESPONSIBLE has implemented all the technical and organizational security measures established in the aforementioned General Data Protection Regulation, in order to guarantee and protect the confidentiality, integrity and availability of the data entered.

All personal data of the USER stored in the forms on the website will be stored in an automated file owned by Attic 27.

Data requested on the website and purpose of processing

To browse it is not necessary to provide any personal data. However, there are cases in which you do provide your personal data, which are requested through the contact forms on the website.

The data requested in these forms are:

  • Name, surname and email in the booking form: This information is intended to put USERS in direct contact with the RESPONSIBLE, to make a reservation, ask questions or request any information. This information is the minimum necessary in order to respond to USERS’ requests.
  • Phone number in the WhatsApp button: This information is intended to put USERS in direct contact with the RESPONSIBLE through the WhatsApp platform, to raise doubts, request a service or any information. Such information is the minimum necessary in order to respond to USERS’ requests.

The data you provide through the contact form will be located on the servers of:

– Raiola Networks (web hosting provider), located within the EU. This web hosting service has its headquarters located at Avenida de Magoi 66, Semisótano Derecha, 27002 Lugo, Spain. You can see more information about their privacy and data protection policy at:

The purpose of data processing by this website is to provide a quality service to the USER:

  • Respond to queries made, reservation requests, or provide information explicitly requested by the USER.
  • Ensure compliance with the conditions contained in the Legal Notice and applicable law. In order to ensure that this website guarantees the absolute confidentiality of the personal data collected, it may include the development of tools and algorithms that contribute to this purpose.
  • To carry out the management of the services explicitly contracted by the USER.
  • Improve the services offered by this website.
  • Other non-identifying data are also collected through cookies that are downloaded to the user’s computer while browsing the web, and that we detail in our Cookies Policy page.

By completing the registration forms on the website, the USER guarantees the veracity of the data and undertakes to communicate any changes that may occur in them.

The USER is solely responsible for the veracity and correctness of the data sent to this website, exonerating the RESPONSIBLE for any responsibility in this regard.

Likewise, the USER declares to have read and accepted the Privacy Policy by filling in the forms, thus granting consent for the processing of their data exclusively for the purposes detailed above.

Rights of the user of the website regarding the processing of their data

According to current legislation, the USER has the right to obtain information about whether their personal data is being processed at They have the right to:

  • Request access to stored data of a personal nature relating to the data subject.
  • Request rectification or deletion of their data, in case they are not necessary for the purpose for which they were collected.
  • Request the limitation of their processing, in which case we will only keep them for the exercise or defense of claims.
  • Oppose the processing of this data.
  • Request the portability of your data.

The USER can exercise their rights specified above by sending an email to along with valid proof in law (such as a photocopy of ID or equivalent), in order to effectively exercise their rights of access, opposition, information, rectification or cancellation of their personal data.

The exercise of these rights is personal and must be executed personally by the USER, requesting it directly and explicitly to the CONTROLLER of the processing of your data on this website.

In accordance with this regulation, the USER is informed that he/she has the right to withdraw the consent given at any time, which will not affect the lawfulness of the processing carried out prior to the withdrawal of consent. The USER also has the right to file a complaint with the Spanish Data Protection Agency, if he/she considers that the processing of personal data concerning him/her infringes the Regulation.

Principles applied in data processing

In the processing of your personal data, I will apply the following principles that comply with the requirements of the new European data protection regulation:

  • Principle of lawfulness, fairness and transparency: I will always require your consent for the processing of your personal data for one or more specific purposes about which we will inform you in advance with absolute transparency.
  • Principle of data minimization: I will only ask you for data when they are strictly necessary in relation to the purposes for which I require them.
  • Principle of limitation of the retention period: Data will be kept for no longer than is necessary for the purposes of the processing. I will inform you of the relevant retention period.
  • Principle of integrity and confidentiality: Your data will be processed in such a way as to ensure adequate security of personal data and confidentiality. I take all necessary precautions to prevent unauthorized access or misuse of our users’ data by third parties.

Legal Age

It is the policy of this website not to collect, process or store personal data of persons under fourteen years of age. In the event that a person under this age provides their data to this website through the various contact forms specified above or through any other means, the RESPONSIBLE reserves the right to immediate destruction of such data.

My services are only available to those persons with legal capacity to contract them, so that those who do not meet the condition of age of majority should refrain from providing personal information through this website. However, they can do so through parents or legal guardians, in accordance with the provisions of the law.

Confidentiality Policy

The data provided by the USER will be treated as strictly confidential at all times, having adopted the technical and organizational measures to ensure such confidentiality by the RESPONSIBLE, in order to prevent alteration, loss, theft, treatment or unauthorized access to stored data.

The website is hosted by Raiola Networks. The security of your data is guaranteed, as they take all the necessary security measures to do so. You can consult their privacy policy here for more information.

Also, this website includes an SSL certificate. This is a security protocol that allows your data to be transmitted in an integral and secure way between a server and a web user, being the communication fully encrypted or encrypted.

However, the RESPONSIBLE cannot guarantee the absolute impregnability of the Internet network, and therefore, the violation of data through fraudulent access to them by third parties.

Legitimacy for the processing of stored data

The legal basis for the processing of personal data stored on this website is the express consent of the USER for the purposes previously detailed in this Personal Data Protection Policy.

To contact, fill out forms, subscribe to the newsletter or post a comment, consent to this privacy policy is required.

Content from other websites

The pages of this website may include embedded content (e.g. links, images, videos, etc.) from other websites. If the USER follows links to other websites external to this website, he/she should be aware that the RESPONSIBLE is not responsible for the privacy practices and policies employed by other websites, so he/she should inform him/herself beforehand about the Privacy Policies of such websites.

Cookies policy

To ensure the proper functioning of the website, it is necessary to use cookies, which is information that is stored in your browser.

You can consult all the information relating to the collection policy, the purpose and treatment of cookies on the Cookies Policy page.

Categories of personal data

The categories of personal data processed by the RESPONSIBLE are:

  • Identifying data.

Retention of personal data

The personal data you provide to the RESPONSIBLE will be kept until you request its deletion, by sending an email to together with a valid legal proof (such as a photocopy of your ID card or equivalent).

Recipients of your personal data

The RESPONSIBLE for this website needs the support of third parties in order to adequately offer its services, with whom it has entered into the appropriate confidentiality agreements and has verified that they comply with Spanish regulations on personal data protection.

The data provided to these third parties will not be used in any case for a purpose other than those authorized by the USER.

In compliance with the principles of information and transparency, it is communicated that these third parties are:

  • Hosting: Raiola Networks, with headquarters at Avenida de Mago, 66, Semisótano Derecha, 27002 Lugo, Spain, and domiciled in the EU. You can consult their privacy policy here for more information in this regard.
  • Web platform: The WordPress Foundation, domiciled in the U.S. More information available at: The WordPress Foundation processes data in order to provide its web platform services to the RESPONSIBLE.
  • Whatsapp: platform created for sending communications via cell phone. The entity providing the service within the EU and Switzerland is WhatsApp Ireland Limited, an entity established in Ireland and governed by the laws of that country, with registered office at 4 Grand Canal Square, Grand Canal Harbour Dublin 2, Ireland. You can consult its Privacy Policy here.
  • Microsoft Outlook: platform created for sending email communications. Microsoft adheres to the principles of the EU-U.S. and Swiss Privacy Shield frameworks, although Microsoft does not rely on the EU-U.S. Privacy Shield framework as a legal basis for the transfer of personal data under the judgment of the Court of Justice of the EU in case C-311/18. For more information. Your privacy policy can be found here. The contact details for its privacy delegation are: Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, U.S.A. Telephone: +1 (425) 882 8080.

Changes in the privacy policy

Attic 27 may modify at any time the conditions specified here to adapt it to new legislation or jurisprudence, as well as industry practices.

These Privacy Policies will be in force until they are modified by others duly published.

Applicable legislation and jurisdiction

The relationship between Attic 27 and the USER shall be governed by current Spanish legislation and any dispute shall be submitted to the Courts and Tribunals of the province of Ciudad Real, for professional clients, whether self-employed or companies. In case of individual customers (consumers and users), shall be subject to the Courts and Tribunals of the city of the individual.

Open chat
Hi! What can we do for you?