Privacy Policy

This Privacy Policy explains how Diving Centre Tarraco (hereinafter, “we”) collects and processes the personal data of users of the website divingcentretarraco.com (hereinafter, the “Website”), in accordance with Regulation (EU) 2016/679 (GDPR) and the applicable Spanish legislation.

Data Controller

Controller:DIVING CENTRE TARRACO S.L.
Registered address:  Port Esportiu de Tarragona, Local B8, Tarragona, Spain
Email: info@divingcentertarraco.com
Phone: +34 622 43 35 39

What personal data do we process?

Depending on how you use the Website, we may process the following categories of data:

  • Identification and contact data: first name, last name, email address, phone number.
  • Browsing data: IP address, cookie identifiers, device information, and Website usage data (only if you authorize it in the cookie panel).
  • Booking and service management data: information required to manage bookings, courses, outings, or requests (for example, date, activity preference, level, observations).
  • Billing data (if applicable): name or business name, tax ID number, address, and information required to issue an invoice.
  • Data you send us via forms or email: the content of the message.
  • Important note regarding health data (diving): if at any time health-related data is requested or you provide information about your health status (for example, a medical questionnaire or certificate), such data will be processed with enhanced security measures and solely for safety and service management purposes, in accordance with the applicable legal basis.


How do we obtain your data?


  • When you fill in a form on the Website.
  • When you contact us by email or phone.
  • When you request or contract services (bookings, courses, outings).
  • When you browse the Website (cookies and similar technologies, according to your settings).


Purposes and legal basis for data processing

We process your data for the following purposes, based on the following legal grounds:

1.Responding to inquiries and requests

  • Purpose: to handle messages sent via forms, email, or phone.
  • Legal basis: consent and/or the application of pre-contractual measures at the request of the data subject.

2.Managing bookings, courses, and service provision

  • Purpose: to organize activities, confirm availability, manage changes, and handle operational coordination.
  • Legal basis: performance of a contract or pre-contractual measures.

3.Administrative management and billing

  • Purpose: to issue invoices, manage accounting, and comply with tax obligations.
  • Legal basis: compliance with legal obligations.

4.Website security and proper functioning

  • Purpose: to maintain Website security and prevent abuse or misuse.
  • Legal basis: legitimate interest.

5.Sending commercial communications or newsletters (if applicable)

  • Purpose: to send you information about activities, courses, offers, or news.
  • Legal basis: consent (you may unsubscribe at any time).

6.Analytics and measurement (if analytical cookies are used)

  • Purpose: to measure and improve the Website (for example, visit statistics).
  • Legal basis: consent through the cookie banner or panel.

Recipients of the data

Your data may be disclosed to:

  • Service providers that support us (web hosting, email services, booking tools, maintenance, analytics, etc.), who will act as data processors under a contractual agreement.
  • Public authorities and administrations when there is a legal obligation.

We do not sell your data to third parties.

International data transfers

As a general rule, we ensure that service providers process data within the European Economic Area. If any provider processes data outside the EEA, this will be done with appropriate safeguards as required by law, such as standard contractual clauses or other recognized mechanisms.

Data retention periods

We will retain the data for the time necessary according to the purpose:

  • Inquiries: for the time strictly necessary to handle and close the request and, thereafter, for the applicable liability periods.
  • Bookings and services: for the duration of the relationship and, thereafter, for the legally required liability periods.
  • Billing: for the periods required by tax and accounting regulations.
  • Newsletter: until you withdraw your consent or unsubscribe.
  • Health data (if processed): for the minimum time necessary to manage safety and service provision, with restricted access.


Rights of individuals

You may exercise the following rights:

  • Access, rectification, and erasure.
  • Objection to and restriction of processing.
  • Data portability.
  • Withdrawal of consent at any time when processing is based on consent.

To exercise these rights, please send a request to: [PRIVACY EMAIL OR CONTACT EMAIL], indicating the right you wish to exercise. We may request additional information to verify your identity if necessary.
If you believe that we have not properly addressed your rights, you may file a complaint with the Spanish Data Protection Agency (AEPD).


Data of minors

If services or forms are addressed to minors, where applicable, the consent of the parent or legal guardian will be required in accordance with the applicable regulations.

Security measures

We apply reasonable technical and organizational measures to protect your data and prevent unauthorized access, loss, alteration, or improper disclosure, taking into account the nature of the data and the associated risks.

Cookies and similar technologies

The Website may use cookies and similar technologies. You can manage your consent through the Website’s cookie banner or configuration panel.

Changes to this policy

We may update this Privacy Policy to adapt it to legal or technical changes. The updated version will be published on this page, indicating the date of the last update.