1. WHO PROCESSES YOUR DATA?
Parco della Standiana S.r.l. having its registered office in Savio 48125 (RA) - I - Strada Statale 16 Adriatica
Km 162 and Parques Reunidos Servicios Centrales S.A., having its registered office in Madrid, Paseo de la
Castellana, 216, as Joint Data Controllers
Other subjects to which your data may be communicated
Your data can be shared with:
1. people authorized by Joint Data Controllers who have committed themselves to confidentiality or are
under a statutory obligation of confidentiality;
2. Other companies of Parques Reunidos group, subjects that are delegated and/or appointed by Joint
Data Controllers to carry out activities that are strictly related to the achievement of the above-mentioned
purposes (including technical maintenance actions on the systems), duly appointed as Data Processors;
3. individuals, companies or professional firms that provide support and advice services to the Data
Controller, duly appointed as Data Processors;
4. subjects, bodies or authorities to which your personal data must be communicated owing to legal
provisions or orders issued by the relevant authorities;
Your personal data shall not be transferred outside the European Economic Area.
2. WHAT TYPES OF DATA DO WE COLLECT?
We process two types of data:
data provided by the user
data collected automatically
Data provided by the user
These are, for example, the data we request from you:
Name and surname
Date of birth
If you decide to provide third-party data, make sure that those subjects have been previously and suitably
informed about the processing methods and purposes stated herein. In this event, you will act as an
autonomous Data Controller, assuming all obligations and responsibilities under the law.
Data of minors under 16
In this respect, we inform you that if you are under 16 you cannot provide any personal data to us, and in
any case, we shall not accept any responsibility for false information provided by you. If we become aware
of the existence of false statements, we will immediately delete all personal data acquired.
Data collected automatically
We collect the following data through the services you are using:
technical data: This data category includes the IP addresses or domain names of the computers used by
users that connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources,
the time of the request, the method used to submit the request to the server, the size of the file received in
response, the numerical code stating the status of the server's response (successful outcome, error, etc.),
and other parameters about the operating system and the user's IT environment. These data are used for
statistical information only (therefore they are anonymous) and to control the correct operation of the site
and they are deleted immediately after processing. The data may be used for the purposes of ascertaining
responsibility in the event of hypothetical IT crimes jeopardising the site security: with the exception of this
case, data on website contacts are not maintained for more than 7 days.
data collected through cookies and similar technologies: for any further information, we invite you to visit
the "Cookie" section.
3. FOR WHICH PURPOSES DO WE PROCESS YOUR DATA?
For purposes related to the provision of requested services:
We use your data to make sure that you can access our services and their provision, such as:
Assistance by phone and/or email for the purchase of services offered through the site and Apps;
Purchase of services offered through the site and the App;
Communications related to the provision of the service;
Activities of administrative, financial or accounting nature;
Fulfilment of legal obligations, regulations and Community rules.
Data processing for the purposes above is necessary for the performance of any contract or pre-contract
measures adopted upon your request. The provision of your personal data for this purpose is optional but
please note that your refusal will not allow us to provide you with the service.
To keep you updated about our latest novelties
If you gave us your consent, we will use your data to carry out direct marketing activities.
In particular, we will use them to:
communicate promotional, commercial and advertising activities on events, initiatives or partnerships of
Mirabilandia and Mirabeach and of other parks owned by the Parques Reunidos group by means of paper-
based mail, telephone contacts through an operator ("traditional methods"), email, texting, push
notifications ("automated methods").
carry out analysis and reporting activities related to promotional communication systems, such as detecting
the number of opened emails, of clicks made on the links included in the communication, the type of device
used to read the communication and the related operating system or the list of users who decided to stop
receiving the newsletter.
The provision of your personal data for this purpose is entirely optional.
4. HOW LONG DO WE STORE YOUR DATA?
Personal data will be stored in paper and/or electronic format and for the time strictly necessary to achieve
the purposes stated in Point 3.
If the purchase of services offered is completed through the site and/or the App, the invoices, accounting
documents and data related to transactions will be stored for 11 years as provided by the law (including tax
If the purchase of services offered is not completed through the site, your personal data will be stored for a
maximum period of 12 months.
For direct marketing purposes, pursuant to what is provided for in applicable rules, we store your data for a
maximum period of 24 months.
Finally, we inform you that, in compliance with counter-terrorism requirements introduced by Art. 24 of
Law 167/2017, transposing the EU Directive 2017/541, we will store data related to electronic traffic,
excluded the contents of communications, for a maximum period of 72 months since the communication
5. HOW CAN YOU WITHDRAW CONSENT OR EXERT YOUR RIGHTS?
Withdrawal of consent
In order to withdraw the consent given for direct marketing purposes you only have to press the
Unsubscribe button at the bottom of all our communications or, if you find it more convenient, write
Exercise of your rights
In line with what is provided under GDPR, you have the right to request to the Joint Data Controllers, at any
time, access to your personal data, their rectification or erasure or to object data processing. Moreover, the
law allows you to exert the right to request the restriction of processing in the cases envisaged by Art. 18 of
GDPR, as well as to obtain your data in a structured, commonly used and machine-readable format, in the
cases envisaged by Art. 20 of GDPR.
Requests can be sent to this email address: firstname.lastname@example.org.
Finally, we inform you that you always have the right to lodge a complaint to the relevant supervisory
authority (Privacy Guarantor), within the meaning of Art. 77 of GDPR, if you believe that processing of your
data infringes the rules in force.
6. HOW DO WE GUARANTEE PERSONAL DATA PROTECTION?
Your personal data are processed by the subjects stated in point 1, in compliance with what is provided in
the applicable rules. In particular, in order to guarantee the security of your data taking into account the
state-of-the-art and implementation costs, as well as the nature, subject, context and the purposes of
processing, and risks with a varying likelihood and severity degree for the rights and freedom of our users,
we adopted suitable technical and organizational measures to guarantee a security level that is appropriate
to the risk.
If you decide to use the Mirabilandia App by enabling the detection of your location, please note that we
could process information about your current (approximate) location. Those data are processed
anonymously, in a format that does not allow us to detect the personal identity of the user and they are
only used to optimize some location-based functionalities of the service.
At any rate, please note that you can enable/disable the location-based services accessing the settings of
your browser and/or of your device as follows:
Go to Chrome settings: chrome://settings/content/location and remove Mirabilandia from the list
Run Firefox and go to the address about:preferences#privacy, search “Permission” > “Location” > “Settings”
and remove Mirabilandia from the list
open Internet Explorer, click on the settings icon and select “Internet options” in the privacy tab, go to
"Location" and press the "Clear Site" button
“Preferences” > “Web site” > “Location” and remove Mirabilandia from the list
“Settings”> “Privacy” > “Location services” > “Mirabilandia” > “Never”
“Settings”> “Advanced settings” > “Location-based services”> “Disable”
connection with the coming into force of new sector regulations, the updating or provision of new services
or the introduction of technological innovation. In this case, the Joint Data Controllers will inform you giving
evidence of those updates.