Last Updated: June 30, 2025

1.0 Introduction: Your Privacy is Our Priority

Welcome to www.mallorcaunlocked.com. Your trust and the protection of your personal data are of fundamental importance to us. This privacy policy has been written to explain in a clear, simple, and transparent way what personal data we collect, for what purposes we use it, how we protect it, and what your rights are. We are committed to processing your information in full compliance with the General Data Protection Regulation (GDPR - EU Reg. 2016/679) and the applicable Spanish data protection regulations.

We have designed our services and systems from the outset following the principles of 'Privacy by Design' and 'Privacy by Default'. This proactive approach means we implement technical and organizational measures to ensure that, by default, only the personal data strictly necessary for each specific purpose is processed. In practice, this means we collect the minimum amount of information necessary to provide you with the service you have requested and we do not subscribe you to marketing communications or other non-essential activities without your explicit and informed consent.

2.0 The Data We Collect to Provide Our Services

To offer you access to the best events in Majorca, we collect different categories of data, always limited to what is strictly necessary.

2.1 Data You Provide Directly to Us

• Purchase and Contact Data: When you buy a ticket, a pass, or a presale, we ask you to provide your Name, Surname, Email Address, and Phone Number. This information is essential to issue the ticket in your name, send you the voucher or access code via email or through messaging apps like WhatsApp, and to contact you for crucial service communications (e.g., a change in schedule or an event cancellation).
  
  

• Customer Support Data: If you contact us for support via email, phone, or our social media channels, we will process the information you provide to answer your questions and resolve your issues.
  
  

2.2 Data We Collect Automatically During Navigation

• Browse and Device Data: We collect technical information such as your IP address (anonymized or truncated where possible), the type and version of the browser you use, your operating system, the pages you visit on our site, access times, and the referring URL. This data helps us ensure the security and proper functioning of the site, diagnose technical problems, and understand how our users interact with the platform to improve it. Part of this collection is done through the use of cookies and similar technologies.
  
  

2.3 Data We Receive from Third Parties

• Payment Data: It is crucial to clarify that we never collect, view, or store the full details of your credit card or PayPal account. When you make a payment, you are securely redirected to the portals of our partners (e.g., Stripe or PayPal) who manage the transaction. The only information they provide us is the outcome of the transaction (confirmed or failed) and the necessary billing information, but never your sensitive financial data.
  
  

• Data from Marketing Platforms: If you interact with our advertising campaigns on external platforms (like Facebook, Instagram, or Google), we may receive aggregated and anonymous statistical data from these platforms about the effectiveness of our ads, only if you have previously consented to the use of marketing cookies.

3.0 Why We Use Your Data and on What Legal Basis

The GDPR states that all processing of personal data must be justified by a specific "legal basis". The following table explains in detail for what purposes we use your data and on what legal foundation we rely.

4.0 How We Protect and Share Your Data

The security and confidentiality of your data are our priority.

4.1 Security Measures We adopt appropriate technical and organizational security measures to protect your data, including SSL encryption, firewalls, and access procedures limited to authorized personnel.

4.2 Data Sharing (Recipients) We do not sell or rent your personal data to third parties for their marketing purposes. Your data is shared only when strictly necessary with:

• Payment service providers (e.g., Stripe, PayPal) to process your payment.
  
  

• Event organizers (clubs, boat parties, etc.) to verify your ticket at the entrance.
  
  

• Technical service providers (hosting, email services) who act as our "Data Processors".
  
  

• Marketing and analytics platforms (Google, Meta), only with your explicit consent.
  
  

• Legal authorities, if required by law.
  
  

4.3 International Data Transfers Some of our service providers may be based outside the European Economic Area (EEA). In these cases, the transfer is carried out only under adequate safeguards that ensure a level of protection equivalent to that provided by European regulations (e.g., Standard Contractual Clauses).

5.0 How Long We Keep Your Data

We keep your data only for the time strictly necessary. In particular, fiscal and commercial data related to transactions are kept for 6 years, as required by the Spanish Commercial Code, to comply with our legal obligations. Data used for marketing is kept until you withdraw your consent.

7.0 Your Privacy Rights (GDPR)

The GDPR grants you full control over your data. You can exercise the following rights at any time, free of charge, by contacting us at privacy@mallorcaunlocked.com:

• Right of Access: To request a copy of your personal data.
  
  

• Right to Rectification: To request the correction of inaccurate data.
  
  

• Right to Erasure ("Right to be Forgotten"): To request the deletion of your data (note: we cannot delete data that we are legally obliged to keep, such as transaction records).
  
  

• Right to Restrict Processing: To request the "freezing" of the use of your data in certain circumstances.
  
  

• Right to Data Portability: To receive your data in a readable format and transfer it to another service.
  
  

• Right to Object: To object to the use of your data for direct marketing purposes (an absolute right) or based on our legitimate interest.
  
  

• Right to Withdraw Consent: To withdraw your consent at any time as easily as you gave it.
  
  

• Right to Lodge a Complaint: If you believe your rights have been violated, you can file a complaint with the competent supervisory authority, which for our activity is the Spanish Data Protection Agency (Agencia Española de Protección de Datos - AEPD).

  
  

8.0 Cookie Policy

Our website uses cookies. We use non-essential cookies (analytical and marketing) only after obtaining your explicit consent through the cookie banner. For detailed information on which cookies we use, for what purposes, and how you can manage them, please consult our dedicated page: https://mallorcaunlocked.com/en/cookie-policy

9.0 Changes to this Privacy Policy

We may update this privacy policy periodically. The date of the last update will always be indicated at the top of this document. In case of substantial changes, we will inform you with adequate notice.

10.0 Contact

For any questions or to exercise your rights, the fastest way is to write to us at mallorcaunlocked@gmail.com. We are committed to responding to all requests promptly and completely.