Reservar
logo-outline

Política de privacidad

Effective Date: 14.02.205

At Alostazia, your privacy matters. This policy explains how your personal data is collected, used, and protected in line with the General Data Protection Regulation (GDPR).

alostazia

Carrer del Marésme 122
08019 Barcelona, Spain
Email: gdpr[at]alostazia.com

1. What Data We Collect

We collect the following personal information:

  • First name and last name (required)
  • Email address (required)
  • Phone number (optional)
  • Payment information (processed securely via Stripe through the Amelia plugin)

 

We do not collect any sensitive personal data (such as health, medical, racial, or religious information) through website forms. However, in the context of consultations, such information may arise, and we treat it with strict confidentiality and in line with GDPR safeguards.

2. How We Collect Data

  • When you book a session using our Amelia booking form
  • When you subscribe to our newsletter (via Mailchimp)
  • When you browse our site (via Google Analytics and Hotjar cookies)

3. Why We Collect Data

We collect your data for the following purposes:

  • To manage and confirm bookings
  • To communicate with you about sessions
  • To send newsletters and updates with your consent
  • To analyse website activity and improve user experience

4. Legal Basis for Processing

We process your data based on:

  • Your explicit consent (e.g. newsletter subscription, cookies)
  • Performance of a contract (e.g. session booking and communication)
  • Legitimate interests (e.g. analytics to improve service quality)

5. Data Retention

We retain personal data only as long as necessary for the purposes outlined:

  • Booking and communication data: retained for up to 2 years after your last interaction
  • Analytics data: anonymised and aggregated where possible; retained for up to 14 months
  • Newsletter subscriptions: until you unsubscribe

We regularly review stored data and delete it when it is no longer needed.

6. Third-Party Services

We use the following third-party tools to operate our services. Each acts as a data processor or sub-processor and adheres to GDPR or equivalent data protection frameworks:

  • Stripe – payment processing; we do not store card details
  • Amelia – booking management and confirmations
  • Mailchimp – newsletter subscription and distribution
  • Google Analytics & Hotjar – user behavior and experience tracking (cookie-based)

7. Cookies and Tracking

Our website uses cookies to enhance user experience and collect anonymous analytics. These include cookies from Google Analytics and Hotjar. You will be prompted to accept or manage cookies when visiting our site. You may opt out at any time via your browser settings or our cookie management tool.

8. Your Rights Under GDPR

You have the right to:

  • Access the personal data we hold about you
  • Correct any inaccurate or incomplete data
  • Request deletion of your personal data («right to be forgotten»)
  • Withdraw consent at any time
  • Restrict or object to certain types of processing
  • Data portability
  • Lodge a complaint with the Spanish Data Protection Authority (Agencia Española de Protección de Datos) or your local supervisory authority


To exercise your rights, email us at: gdpr@alostazia.com

9. Data Security

We implement appropriate technical and organizational safeguards to protect your data, including:

  • SSL encryption across the website
  • Secure hosting and form handling
  • Limited access to personal data within our systems
  • Regular audits and updates of third-party integrations

10. Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or operational changes. The most recent version will always be published on our website, with the effective date clearly stated.
If you have any questions or concerns about how your data is handled, contact us at gdpr[at]alostazia.com.