Privacy policy | belivehotels.com

Date of publication of this Policy: 09/07/2025

Click here to view the Policy in effect until: 09/07/2025

DATA CONTROLLER

Details of the Controller: BE LIVE HOTELS, S.L.U., with VAT B38674792 and with registered office located at C/Aguilar y Quesada, 1 - 38400 Santa Cruz de Tenerife - Tenerife - Spain. (hereinafter BE LIVE).

Contact: consult here https://www.belivehotels.com/en/general-information/contact/

Contact details of the Data Protection Officer: you can contact us at the postal address indicated above and/or by email: delegadopd@belivehotels.com.

SCOPE OF THE POLICY

This Policy is drafted in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016 (GDPR) and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD as per Spanish acronym).

When you access and use this website, participate in the blog or our Social Networks, contact our hotels by telephone, book our services through third parties (travel agencies or tour operators) or any other means that involve the processing of personal data by BE LIVE, you agree to accept this Privacy Policy, as well as the provisions contained in the Legal Conditions and the Cookies Policy.

At BE LIVE we provide you all the necessary information so that, once you have filled in your personal data, you can easily access the Privacy Policy and any other relevant information on Data Protection.

PERSONAL DATA PROCESSED

Data Identification and contact details

When you book, whether by your own or on behalf of others (whether in the case of minors or other people, including travel agencies) the following identification and contact details of the client/guest will be requested: name and surname, gender, telephone, email and voice (if you call us at our Call Center).

The customer's payment data will also be collected, such as bank card (card number, holder, CVV/CVC/CID, expiry date).

Data required by the Spanish Authorities in case of accommodation in our hotels in Spain

According to Spanish Royal Decree 933/2021, which came into force on 2 December 2024, the data that BE LIVE must collect and report to the authorities includes:

Basic Personal Data: Name, surname, gender, date of birth, country of nationality, identity document number, type of document and date of issue.
Contact Details: Full address, telephone number (landline and mobile), and email.
Stay Data: Date and time of check-in and check-out, number of rooms booked, and details of the accommodation contract.
Payment Data: Means of payment used, including the cardholder and expiry date. In some cases, the IBAN of the bank account may also be required.
Additional Data: Relationship of kinship between travellers if there are minors, and specific details of transactions made during the stay.

This data must be registered on the Authority's digital platform and kept for a period of three years.

Sensitive data

On certain occasions, and in order to adapt our service to your needs, you or a third party (travel agency) must provide us with data considered sensitive by the regulations, which need additional protection.

Some of these occasions may occur when requiring specific assistance needs (wheelchair, oxygen), or requesting food preferences, being able to provide, indirectly, indications on ethnic origin, religious beliefs or state of health (allergies, diabetes, pregnancy, etc.), as set out in Article 9 of the GDPR.

This data is only collected with your consent – when you request these services when you make the booking – and is used only to offer you the requested service during your stay. You can object to the collection of this data, but this could make it impossible to meet your requirements.

Newsletter registration data

If you subscribe to our newsletter, the data requested in the form (name and email) will be collected, as well as the data associated with the language and market through the website.

Data collected during your web browsing

When you enter our websites, BE LIVE will collect data related to the device you are using, such as IP address, browser, operating system, and web/app behavior/usage, all of which are collected using cookies and similar technologies. The user may consent to the use of geolocation data or other data that we request, and the refusal to use them will not affect in any way the provision of the service.

Communications with BE LIVE

If you communicate, through any of the enabled channels (forms, emails, telephone channel, social networks), the data provided in these communications will be kept for as long as your request is responded to and up to a maximum of 2 years depending on the means selected.

This includes recording phone calls (voice) if you go to the Customer Service Center (phone).

In the same way, the communications we make for the purpose of notifying the reservation or changes that occur related to the flight will be stored.

PURPOSES OF DATA PROCESSING

BE LIVE processes your personal data for the following purposes:

Management of individual or group bookings (more than 20 people or more than 10 rooms).
Management of the services contracted during the accommodation (SPA, activities, special requests, etc.).
Management of queries, complaints/incidents, claims and requests made by the client, as well as any other communication.
Management of the membership program, among which the sending of commercial communications stands out.
Newsletter management.
Management of Price Match requests for your stay, based on our "Best Online Price Guaranteed" policy.
Management of analytical tasks and market research, through cookies, and other similar technologies and tools.
Managing the tracking of customers who use the Web, to identify ways to improve the browsing experience.
Management of personal data communications to suppliers and/or collaborators that it additionally hires.
Management of emergency situations, catastrophes or in general force majeure.
Website, app, social media and blog management.
Fraud management and prevention, as well as compliance with legal obligations.
Service quality management through online surveys or similar services.

DATA PROCESSING LEGITIMACY

Data protection regulations (articles 6 and 9 GDPR) contemplate enabling cases for which personal data may be processed. BE LIVE legitimises the processing it carries out on the basis of:

Pre-contractual measures and/or contractual performance

To communicate, via email or SMS, all matters related to the accommodation (new reservations, status updates and service or operational communications, check-in process), and, in general, the provision of the service contracted by the client himself; Understanding that this information is essential for the correct execution of our services, but that in no case will it be considered advertising communication.
For the management of queries, complaints/incidents, claims and requests made by the customer and/or passenger, as well as any other communication.
Conducting satisfaction surveys with the service.
For the management of complementary services to the accommodation (SPA, activities, special requests, etc.).

Legal obligation

The communication of data to the competent authorities ("Recipients" section).
When the data subject exercises their data protection rights.
For the exercise of legal actions brought by or directed against BE LIVE.
To manage emergency situations, catastrophes or in general force majeure.

Legitimate interest (BE LIVE)

For the investigation, prevention and detection of fraud against BE LIVE.
To offer and provide services that fit the needs of the client, providing a more personalized treatment.
To conduct analytical and market studies.
To send commercial communications of products or services similar to those contracted by the customer by electronic means (email, SMS, etc.) and/or telephone.

Consent

To send commercial communications from BE LIVE and other third parties when subscribing to our newsletter.
To transfer personal data to some of our suppliers and/or collaborators.
To process sensitive data (health, beliefs or biometrics) provided by the customer.
To accept cookies and other similar technologies and tools on the website.
To interact on our social networks, including subscribing to the newsletter.

Failure to provide the requested personal data or not accepting this Privacy Policy means that it is impossible to subscribe to and enjoy the services we offer.

HOW LONG WILL WE KEEP YOUR DATA FOR?

The period of storage of personal data will vary depending on the service you may contract. In any case, your data will be kept for the duration of the contractual relationship. Once this has ended, we will keep your data blocked for the limitation periods of the obligations that may have arisen from the processing and/or the applicable legal periods, remaining at the disposal of the competent authorities, for the attention of the possible responsibilities arising from the processing, and subsequently, they will be deleted.

In the same way, your data will be kept as long as you do not object to the processing or revoke your consent (previously granted), as well as when there is no commercial need or legitimate interest, being able to (i) anonymise them, to process them for statistical purposes allowing us to better understand our customers, as well as their preferences or needs; (ii) block them, remaining at the disposal of the competent authorities, during the legally established limitation periods to deal with any possible liabilities arising from the processing of their data; or (iii) delete them.

RECIPIENTS

Who do we transfer your data to?

Competent Public Bodies, State Security Forces and Bodies, Judges and Courts, when BE LIVE has the legal obligation to provide them.
Companies that own hotels under the BE LIVE brand. This communication may mean, depending on the contracted destination, the carrying out of an international transfer of data. They will only receive the personal data necessary to manage the booking or any request made by the user.
Online payment service providers whose systems are connected to our website, in order to charge for contracted services and any additional charges.
We will communicate your data to those entities that you have used to obtain information about our hotels or service offers (e.g. offer metasearch engines or travel agencies) to manage the relationship between BE LIVE and these entities (e.g. accrual of conversion commissions on purchase) and always ensuring that the personal information is as low as necessary.
In addition, BE LIVE has service providers who have access to your personal data and who process the data in the name and on behalf of BE LIVE as a result of its provision of services (processors and sub processors). Specifically, and by way of example and without limitation, the aforementioned providers carry out their services in the following sectors: logistics services, agencies, fraud prevention, commercial communications, offer bookings, legal advice, multidisciplinary professional services companies, technology service providers, physical security companies and call centre service companies.

INTERNATIONAL DATA TRANSFERS

We inform you that some of our hotels, as well as those of the above-mentioned service providers, as well as some partners, are located in territories outside the European Economic Area and sometimes in territories that do not provide a level of data protection comparable to that of the European Union.

In such cases, BE LIVE carries out these international data transfers based on an adequacy decision or with adequate safeguards (standard contractual clauses). In the absence of adequate guarantees, it will be carried out with the explicit consent of the user or under the protection of the need to execute the contract established with the user.

DATA PROTECTION RIGHTS

What rights do I have and how can I exercise them?

The regulations grant you a series of rights regarding the personal data that you provide to BE LIVE. These rights are:

Right of access. You authorise us to contact us to find out if your data is being processed and, if it is being processed, to obtain information on this matter.
Right of rectification. You can request the rectification of any data you consider inaccurate, and we will proceed to correct it with the new data you provide us with.
Right to object. Whenever the processing is covered by a public or legitimate interest, profiles are created or the processing is intended for direct marketing, you may oppose it. BE LIVE (except for direct marketing) may prove reasons that prevail over this right.
Right of withdrawal. You can request the deletion of the data provided that the causes stipulated by the regulations are met (see article 17 GDPR).
Right to request the limitation of processing. This is an auxiliary right whereby, while you have requested the deletion, rectification or opposition to the processing, BE LIVE will block the data until your complaint has been resolved.
Law on data portability. You may request, when the processing is carried out by automated means, the transfer of your data to another company, provided that the processing is legitimate, based on the consent or in the framework of the execution of a contract.
Right not to be subject to a decision based solely on automated means. This right aims to ensure that you are not the subject of a decision based solely on the processing of your data, including the creation of profiles, if the decision produces legal effects concerning you or significantly affects you in a similar way.

You can exercise your rights quickly and easily by completing the following form.

In any case, you can send a letter to the registered address of BE LIVE or by email to our Data Protection Officer to request the exercise of your rights.

How can I file a complaint with the Control Authority?

If a user thinks that there is a problem with the way in which BE LIVE is managing his/her data, they can direct their complaints to our Data Protection Officer or to the corresponding Data Protection Control Authority, the Spanish Data Protection Agency the relevant authority in Spain.

SECURITY

At BE LIVE we maintain the highest levels of security required by law to protect your personal data against accidental loss and unauthorised access, processing or disclosure, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed. When we receive your data, we use rigorous procedures and security features to prevent any unauthorized access.

The actions described in this section and aimed at ensuring an adequate level of security for the identified risk shall include, if necessary, the following measures:

Pseudonymization and encryption of personal data.
Measures capable of guaranteeing the permanent confidentiality, integrity, availability and resilience of processing systems and services.
Measures capable of restoring the availability and access to personal data quickly in the event of a physical or technical incident.
Existence of a process of regular verification, evaluation and assessment of the effectiveness of technical and organisational measures to guarantee the security of the processing.
Periodic assessment of the risk of accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorised communication of or access to such data.
Measures to ensure that any person acting under the authority of BE LIVE and having access to personal data can only process such data on instructions from BE LIVE.

CONFIDENTIALITY

The personal data that may be collected will be treated with absolute confidentiality, undertaking to maintain secrecy with respect to them and guaranteeing the duty to keep them by adopting all the necessary measures to prevent their alteration, loss and unauthorised processing or access, in accordance with the provisions of the applicable legislation.

COOKIES

Our website uses "cookies" to collect information about how you use the Website. For more detailed information on how BE LIVE uses cookies, please see the Cookie Policy.

UPDATE TO PRIVACY POLICY

BE LIVE may modify this privacy policy because of legislative changes, jurisprudential doctrine and opinions of the AEPD that are of direct, indirect or sectoral application.

Any changes, modifications or amendments we make to our Privacy Policy will be posted on this page.

Date of publication of this Policy: 09/07/2025

System	Name	Expiration	Functionality
belivehotels.com	BELIVEHOTELS	30 minutes	Required to identify the user's session in order to be able to carry out the booking process and the proper performance of the website in general
belivehotels.com	lskjer83k403f	1 year	Used to identify the logged-in member account
belivehotels.com	C_PC	1 year	Cookie used to remember consent to process information for preferences or customisation
belivehotels.com	C_PM	1 year	Cookie used to remember consent to process information for analysis or statistics
belivehotels.com	C_PA	1 year	Cookie used to remember consent to process information for advertising
belivehotels.com	C_PBA	1 year	Cookie used to remember consent to process information for behavioural advertising

System	Name	Expiration	Functionality
The Hotel Networks	thn_id	2 years	This cookie is created to identify users with a unique ID composed of a hexadecimal character carriage. This cookie is used to identify the user during his/her next visit to the hotel's website or other hotels in the network. This cookie allows for an analysis of the user experience.
Pushtech	psh_ctid	Session	Used to link the browser to a contact on the PUSHTech platform
Pushtech	psh_cpid	Session	Used to link the current page to an open campaign on the PUSHTech platform

System	Name	Expiration	Functionality
Google Analytics	_ga	2 years	Used to distinguish users.
Google Analytics	_gid	24 hours	Used to distinguish users.
Google Analytics	_gat	1 minute	Used to limit the percentage of applications. If Google Analytics has been set up through Google Tag Manager, this cookie will be called _dc_gtm_..
Google Analytics	AMP_TOKEN	From 30 seconds to 1 year	It includes a token that can be used to retrieve a customer ID from the AMP Client ID service. Other possible values indicate disqualifications, ongoing requests or errors obtained when retrieving an ID from the AMP Client ID service.
Google Analytics	_gac_"property-id"	90 days	Includes campaign information relating to the user.
Google Analytics	__utma	2 years from the configuration or update	Used to distinguish between users and sessions. The cookie is created when the JavaScript library is executed and there are no __utma cookies. The cookie is updated every time data is sent to Google Analytics.
Google Analytics	__utmt	10 minutes	Used to limit the percentage of applications.
Google Analytics	__utmb	30 minutes from the configuration or update	Used to determine new sessions or visits. The cookie is created when the JavaScript library is executed and there are no __utmb cookies. The cookie is updated every time data is sent to Google Analytics.
Google Analytics	__utmc	End of the browser session	Not used on ga.js. Configured to interact with urchin.js. Previously, this cookie worked with the __utmb cookie to determine whether the user was in a new session or visit.
Google Analytics	__utmz	6 months from the configuration or update	Stores the traffic source or campaign that explains how the user has arrived on the website. The cookie is created when the JavaScript library is run and is updated each time data is sent to Google Analytics.
Google Analytics	__utmv	2 years from the configuration or update	It is used to store custom variable data at the visitor level. This cookie is created when a programmer uses the _ setCustomVar method with a custom variable at the visitor level. It was also used for the_setVar method, which is no longer available. The cookie is updated every time data is sent to Google Analytics.
Google Analytics	__utmx	18 months	It is used to determine the user's inclusion in an experiment.
Google Analytics	__utmxx	8 months	It is used to determine the expiration of the experiments that a user has been included in.
Google Analytics	_gaexp	It depends on the duration of the experiment, but it usually takes 90 days	It is used to determine the inclusion of a user in an experiment and the expiration of the experiments that he/she participates in.
Google Optimize	_opt_awcid	24 hours	It is used for campaigns associated with Google Ads Customer IDs.
Google Optimize	_opt_awmid	24 hours	It is used for campaigns associated with Google Ads Campaign IDs.
Google Optimize	_opt_awgid	24 hours	It is used for campaigns associated with Google Ads ad group IDs.
Google Optimize	_opt_awkid	24 hours	It is used for campaigns associated with Google Ads Criteria IDs.
Google Optimize	_opt_utmc	24 hours	Stores the latest utm_campaign query parameter.

System	Name	Expiration	Functionality
Google Adwords	AdWords	30 days	Monitor sales and other advertisement conversions
Facebook	_fbc	2 years	Advertising features (such as audiences, conversions, targeting and optimisation) and Facebook Analytics data.
Facebook	_fbp	3 months	Analytics: track sales and other ad conversions.

System	Name	Expiration	Functionality
Affilired	aw8062	30 days	.awin1.com Coverage: Sales confirmation page You can collect anonymised information on the displayed banners, including the display page, as well as on purchases or transactions made.
Affilired	CT	28 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages It identifies the last click of 3os pixels on the pages of the advertiser
Affilired	EBFC	7 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages It identifies the daily frequency limit for expandable banners
Affilired	SR	1 day	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages Sequential information - contains total impressions, daily impressions, total clicks, daily clicks and the date of the last impression
Affilired	DATA34018	30 days	.shareasale.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	MERCHANT34018	30 days	.shareasale.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	__tdat5595	30 days	.tradetracker.net Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	pi	7 days	.tradetracker.net Coverage: Sales confirmation page You can collect anonymised information on the displayed banners, including the display page, as well as on purchases or transactions made.
Affilired	__tdat32266	30 days	.tradetracker.net Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	__tdat7344	30 days	.tradetracker.net Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	__tdat5699	30 days	.tradetracker.net Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	data	14 days	dc.flxads.com Coverage: All pages This cookie is used by the 3os platform for creating dynamic content. It contains the data of the products last displayed to the user.
Affilired	Ans3, check, dbm1, r	2 days	go.flx1.com Coverage: All pages This cookie is used by a 3os data management platform. It contains information on the synchronisation status of the ID cookie. Synchronising this ID allows our data management platform to use your data outside of our operations platform.
Affilired	id	2 years	go.flx1.com Coverage: All pages This cookie is used by a 3os data management platform. It contains the ID of a cookie used by this platform. Synchronising this ID allows our data management platform to use your data outside of our operations platform.
Affilired	acb	90 days	.adnxs.com Coverage: All pages Cookies that begin with acb contain a unique value for a particular ad, and are used to tell the platform which ad to display and mark that it has been displayed, for reporting and billing purposes.
Affilired	anj	90 days	.adnxs.com Coverage: All pages This cookie contains information on whether the cookie ID is synchronised with our partners. Synchronising IDs allows our partners to use their data outside of the Platform.
Affilired	icu	90 days	.adnxs.com Coverage: All pages This cookie is used to select ads and limit the number of times the user sees a particular one. It contains information such as the number of times an ad has been viewed, how recent it has been seen and how many ads have been viewed in total.
Affilired	"journey ID"	Session	.adnxs.com Coverage: All pages This cookie is used to anonymously identify a user's browser session
Affilired	uuid2	90 days	.adnxs.com Coverage: All pages This cookie contains a unique random number that allows the platform to recognise the browser and device. It is compared with certain data – such as interest segments and advertising history shown in the browser or device – provided by customers or third parties and stored in the Platform. This information is used to select ads to be displayed by the Platform, to measure their performance and to allocate payment for these ads. In addition, to allow customers to use non-PII (Personal Intent Information) data that is collected outside of the platform or acquired by third parties, this cookie is sometimes paired with customers or other third-party cookies that contain such non-PII data.
Affilired	_ngid	1 year	adgenie.co.uk Coverage: All pages This cookie contains an anonymous numerical identifier. It is used to link the anonymous product code in DB with the anonymous user to suggest products of interest. It does not collect identifiable personal information.
Affilired	wgc	30 days	.webgains.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	wgs	Session	.webgains.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	wgdc	Session	.webgains.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	wgi	30 days	.webgains.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	5596.sol	30 days	.webgains.com Coverage: Sales confirmation page You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Afilired	TPV_4006	2 days	.affilired.com Coverage: Sales confirmation page You can collect anonymised information on the displayed banners, including the display page, as well as on purchases or transactions made.
Afilired	4006_stat	60 seconds	.affilired.com Coverage: All pages Identify the user for a short period (1 minute) to avoid duplication in the registration of visits from the same device.
Afilired	TPC	14 days	.adform.net .adformdsp.net Coverage: All pages It identifies whether the user accepts third-party cookies 1 - Accepted cookies 3 - Opt-out
Afilired	uid	60 days	.adform.net .adformdsp.net Coverage: All pages Unique identifier
Afilired	C	60 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net Coverage: All pages It identifies whether the user accepts cookies. 1 - Accepted cookies 3 - Opt-out
Afilired	token	Session	.adform.net .adformdsp.net Coverage: All pages Opt-out security token
Afilired	cid	60 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages Coolie id (legacy) – same as uid.
Afilired	GCM	1 day	.adform.net .adformdsp.net Coverage: All pages It identifies whether it is necessary to check the existence of a match with the partner's cookie 1 - Accepted cookies 3 - Opt-out
Afilired	ACD	540 days	.affilired.com Coverage: All pages Identify the user in a deterministic way between multiple devices
Afilired	sess	Session	.adnxs.com Coverage: All pages This session cookie contains a non-unique numerical value: '1'. It is used by the Platform to verify whether the browser accepts AppNexus cookies.
Afilired	_afflrdmlc4006	30 days	Your domains Coverage: All pages You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	4006	30 days	.affilired.com Coverage: All pages You can collect anonymous information about browsing, including the origin of the visit, as well as purchases or transactions made.
Affilired	EBFCD	7 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages Identify the daily frequency limit for expandable banners
Affilired	otsid	Indefinite	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages Specific Opt-out of the Advertiser
Affilired	CFFC	7 days	track.adform.net server.adform.net adx.adform.net server.adformdsp. net .adformdsp.net Coverage: All pages Frequency limit for composite banners