Legal
Privacy Policy
Last updated: May 2026
1. Who we are
CourtSide Padel Retreats ("we", "us", "our") operates the website menorca.courtsidepadel.com and organises luxury padel retreats.
Data Controller:
CourtSide Padel Retreats
[DATO PENDIENTE: company registration number]
[DATO PENDIENTE: registered address]
Email: [DATO PENDIENTE: privacy contact email]
2. What personal data we collect
We may collect the following categories of personal data:
- Contact details: name, email address, phone number
- Booking information: group size, preferred dates, accommodation type, special dietary or accessibility requirements
- Payment details: processed securely via our payment provider — we do not store full card numbers
- Communications: enquiries, emails, or messages sent to us
- Technical data: IP address, browser type, and pages visited, collected via server logs
3. How we use your data
| Purpose | Legal basis (UK/EU GDPR) |
|---|---|
| Respond to enquiries and manage bookings | Contract / Legitimate interest |
| Process payments and issue confirmations | Contract |
| Send retreat-related updates (itinerary changes, reminders) | Contract |
| Marketing communications (only with your consent) | Consent |
| Comply with legal obligations | Legal obligation |
| Improve our website and services | Legitimate interest |
4. Who we share your data with
We share your data only where necessary:
- Service providers: accommodation partners, transport providers, and activity operators involved in delivering your retreat
- Payment processor: [DATO PENDIENTE: payment processor name] — subject to their own privacy policy
- Legal or regulatory authorities: where required by law
We do not sell your personal data to third parties.
5. International transfers
Our retreat takes place in Spain (EU). Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place (Standard Contractual Clauses or adequacy decisions).
6. How long we keep your data
- Booking records: 7 years (UK tax / legal requirement)
- Enquiries that did not become bookings: 12 months
- Marketing consent: until you withdraw consent
7. Your rights
Under UK GDPR and EU GDPR you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data
- Erase your data ("right to be forgotten"), subject to legal retention requirements
- Restrict processing in certain circumstances
- Object to processing based on legitimate interest
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time where processing is based on consent
To exercise any of these rights, contact us at [DATO PENDIENTE: privacy contact email]. We will respond within one calendar month.
You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or the relevant supervisory authority in your EU member state.
8. Cookies
This website uses essential cookies only. For full details see our Cookie Policy.
9. Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. Our website is served over HTTPS with security headers including CSP, HSTS, and X-Frame-Options.
10. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. Continued use of our website after changes are published constitutes acceptance of the revised policy.
11. Contact
For any privacy-related queries, contact us at:
[DATO PENDIENTE: privacy contact email]