Casa Nokiate

Privacy Policy

1. Data Controller

Controller: IBELAFUSION S.L.
VAT number: B21966817
Address: C/ San Bartolomé 14, 28004 Madrid (Spain)
Contact email: administracion.madrid@nokiate.com

2. Scope of Application

This policy applies to the processing of personal data carried out through the website nokiate.com, and related communications (phone, email, WhatsApp) when used for reservations, inquiries, or customer service.

3. Applicable Law

Personal data processing is governed by the Regulation (EU) 2016/679 (GDPR) and Spanish Organic Law 3/2018 (LOPDGDD).
The website also falls under Law 34/2002 (LSSI-CE).

4. What Data We Process

Depending on your use of the website and our channels, we may process:

A) Data you provide

  • Contact: name (if provided), email, phone.
  • Reservation/service: date/time, number of guests, preferences, and comments.
  • Content of communications: text of your email or messages (including WhatsApp).

B) Technical data

  • Navigation and security data: IP address, device/browser identifiers, logs required for security, fraud prevention, and website operation.

C) Third-party data (when leaving the website)

  • If you interact with links to WhatsApp, Instagram, Linktree, or Google, these third parties may collect data according to their policies.

5. Purposes, Legal Basis, and Retention

5.1. Handling Inquiries

  • Purpose: respond to inquiries via email/phone/WhatsApp.
  • Legal basis: legitimate interest (user support) and/or pre-contractual measures.
  • Retention: while managing the inquiry and thereafter for the time necessary for any potential liability.

5.2. Reservation Management and Service Provision

  • Purpose: manage reservations, changes, confirmations, and incidents.
  • Legal basis: execution of a contract or pre-contractual measures (managing your reservation request).
  • Retention: during reservation management and a reasonable period afterwards; and legal periods if applicable.

5.3. Legal Obligations

  • Purpose: compliance with administrative, fiscal/accounting, or other legal obligations.
  • Legal basis: legal obligation.
  • Retention: during the applicable legal retention periods.

5.4. Website Security

  • Purpose: ensure website security, prevent abuse, manage technical issues.
  • Legal basis: legitimate interest.
  • Retention: strictly the time necessary (according to log rotation and security needs).

5.5. Commercial Communications (if enabled)

  • Purpose: sending information/promotions if you subscribe or consent.
  • Legal basis: consent.
  • Retention: until consent is withdrawn or you unsubscribe.

6. Recipients and Data Processors

We do not sell personal data to third parties.

Personal data may be accessed, when necessary, by:

  • Service providers (e.g., web hosting, maintenance, email, backups), acting as data processors under contract.
  • Authorities and administrations when legally required.

7. Third-Party Links and External Services

The website includes links to third-party services (e.g., WhatsApp, Instagram, Linktree, Google). By clicking, you leave nokiate.com and data processing is governed by the third party’s policies.

8. International Data Transfers

Using third-party services (e.g., WhatsApp/Meta or other external platforms) may involve international data transfers according to their terms and legal mechanisms. We recommend reviewing their policies before use.

9. User Rights

You can exercise the following rights:

  • Access, rectification, deletion
  • Objection
  • Restriction of processing
  • Portability
  • Withdrawal of consent (where applicable)

To exercise them, write to administracion.madrid@nokiate.com, indicating the right you wish to exercise and proving your identity if necessary.

10. Complaints to the AEPD

If you consider your rights have not been properly attended, you can file a complaint with the Spanish Data Protection Agency (AEPD).

11. Cookies

This site may use cookies and similar technologies for operation, security, and, where applicable, measurement/analytics. Where legally required, your consent will be requested via the banner/settings panel.

Practical recommendation: also publish a detailed Cookie Policy (cookie name, provider, duration, and purpose) aligned with the consent manager.

12. Comments on the Site (if enabled)

If comments are enabled, visitor-submitted comments will collect the data shown in the form, as well as IP and browser user agent for spam detection. Comments and their metadata may be retained indefinitely to facilitate moderation and approval of future comments.

13. Registered Users (if any)

If the site allows registration, the information provided will be stored in the user profile. Users may view, edit, or delete their personal information (except username). Site administrators can also view and edit this information.

14. Security

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure.

15. Changes to this Policy

We may update this Privacy Policy to reflect legal or technical changes. The current version will always be published on the site.

Last update: 22/01/2026