Summary: Cool Sailing BCN only collects the personal data necessary to manage your booking and respond to your enquiries. We never sell your data to third parties. You can exercise your rights at any time by writing to info@coolsailingbcn.com.
1. Data Controller
Controller: Cool Sailing BCN
CIF: B-13751870
Address: Port Olímpic, Moll de Mestral, berth 1517, 08005 Barcelona, Spain
Telephone: +34 669 51 00 52
Email: info@coolsailingbcn.com
2. Data We Collect and How We Use It
The following table describes the categories of personal data we collect, the purpose for which they are processed, and the legal basis under the General Data Protection Regulation (GDPR):
| Data | Purpose | Legal basis |
|---|---|---|
| Name, telephone number, email address | Booking management, booking confirmation, pre-departure communications | Contract execution (Art. 6.1.b GDPR) |
| Payment data (processed by TuriTop / Stripe) | Payment processing for bookings | Contract execution (Art. 6.1.b GDPR) |
| Email address (voluntary subscription) | Sending offers, news and commercial communications | Consent (Art. 6.1.a GDPR) |
| Navigation data and cookies | Website analytics and usage statistics | Consent (Art. 6.1.a GDPR) |
| Messages sent via contact form or email | Customer service and response to enquiries | Legitimate interest (Art. 6.1.f GDPR) |
Cool Sailing BCN does not process special categories of personal data (health data, political opinions, etc.) and does not make automated individual decisions that produce legal effects.
3. Data Retention Periods
We retain your personal data only for as long as necessary for the purposes for which it was collected:
- Booking data: kept for 5 years from the date of the experience, in compliance with applicable tax and accounting obligations.
- Marketing communications: kept until you withdraw your consent. You may unsubscribe at any time by clicking the link in any of our emails or writing to us.
- Contact messages: kept for 1 year from the date of the last communication, unless a longer retention period is required.
- Navigation data: in accordance with the retention periods specified in our Cookie Policy.
4. Recipients and Data Transfers
Your data may be shared with the following third parties, solely to the extent necessary to provide the service:
- TuriTop: our booking management platform, which processes payment data through Stripe. TuriTop acts as a data processor and is bound by the corresponding data processing agreement. You can consult TuriTop's privacy policy at turitop.com.
- Google Analytics: web analytics service provided by Google LLC. IP addresses are anonymised before being stored. You can consult Google's privacy policy at policies.google.com/privacy.
- Public authorities: when legally required (e.g. tax inspection, judicial order).
We do not sell, rent or transfer your personal data to third parties for their own commercial purposes.
Some of the providers listed above may be located outside the European Economic Area. In such cases, the transfer is based on adequacy decisions or standard contractual clauses approved by the European Commission.
5. Your Rights
Under the GDPR and Organic Law 3/2018 on Personal Data Protection (LOPDGDD), you have the following rights:
- Access: to obtain confirmation of whether we are processing your personal data and, if so, to access it.
- Rectification: to request correction of inaccurate or incomplete data.
- Erasure ("right to be forgotten"): to request deletion of your data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.
- Restriction: to request restriction of processing under certain circumstances.
- Data portability: to receive your data in a structured, commonly used, machine-readable format.
- Objection: to object to processing based on legitimate interest or for direct marketing purposes.
- Withdrawal of consent: to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
To exercise any of these rights, please send a written request — including a copy of your ID or equivalent document — to info@coolsailingbcn.com. We will respond within one month.
You also have the right to lodge a complaint with the Spanish Data Protection Authority (AEPD) at www.aepd.es, if you consider that your data protection rights have been violated.
6. Security Measures
Cool Sailing BCN has implemented appropriate technical and organisational security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. All connections to our website use HTTPS encryption. Payment transactions are processed exclusively through TuriTop / Stripe's secure environment, which is PCI-DSS certified.
Despite these measures, no data transmission or storage system is completely secure. We cannot guarantee the absolute security of information transmitted over the internet.
7. Minors
Our website and services are not directed at children under the age of 14. We do not knowingly collect personal data from children under 14 without verified parental consent. If you believe we have inadvertently collected data from a minor, please contact us at info@coolsailingbcn.com and we will delete it immediately.
8. Modifications
Cool Sailing BCN reserves the right to modify this Privacy Policy at any time to adapt it to legislative or jurisprudential changes, or to changes in our data processing activities. Any changes will be published on this page. We recommend checking this policy periodically. The date of the last update is indicated at the bottom of this page.
Last updated: March 2026