THIRD PARTIES

We do share your information with trusted third parties who assist us in operating our website, conducting our business and servicing clients and visitors. These trusted third parties agree to keep this information confidential. For instance, visitor comments may be checked through an automated spam detection service.

We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

Your personal information will never be shared with, transferred, sold or traded to unrelated third parties.

Please note that there is no technology available yet that can 100% guarantee that online communications won’t be intercepted and used by third parties, with or without yours and our consent. This is why you are are revealing your personal and travel data under your own responsibility.

However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

The Site may contain links to third party websites. Except as otherwise discussed in this Privacy Policy, this document only addresses the use and disclosure of information we collect from you on our Site. Other sites accessible through our site via links or otherwise have their own policies in regard to privacy. We are not responsible for the privacy policies or practices of third parties.

By using / buying / booking our Services or browsing our Website, you authorize ForeverBarcelona to share your data with our trusted parties.

FREELANCE COLLABORATORS AND EMPLOYEES

ForeverBarcelona uses trusted freelance collaborators and employees to help running the business and who might access the data you sent to complete their tasks. They are committed to treat it with total confidentiality, and will cease having access to it when their professional relationship with ForeverBarcelona ends.

SITE GROUND

Our website is hosted in a server located in Amsterdam, Holland, managed by  SiteGround Spain S.L. Such company acts only as a hosting provider, storing but not processing your personal data nor store it for their own use.  SiteGround Spain S.L. complies with the U.S.-EU Safe Harbor Framework. You can learn more about their privacy policy here. They work with two server and data center providers: Softlayer and SingleHop.

DROPBOX

We store some of our files containing personal data on Dropbox, a service provided by Dropbox, Inc (San Francisco, CA, USA), so they can be accessed remotely by our workers and freelance assistants. They store our files, but do not collect your personal information in them for their own use. More about their privacy policy here.

GOOGLE APPS

Our e-mail service is managed via Gmail by Google Inc (Santa Clara, CA, USA). They store all our e-mails, and therefore any personal data sent by you to us via e-mail. They act as a platform to process, send, receive and store e-mails, but they don’t collect data from the content of the emails for their own use. Google Google adheres to the U.S. Safe Harbor Privacy Principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement. Check their privacy policy here.

BANCO SANTANDER / REDSYS

Our money transactions are currently processed via  a virtual POS provided by Banco Santander (Santander, Spain), that works with Redsys Procesamientos de Servicio (Madrid, Spain), an international online payment gateway.

Banco Santander and Redsys comply with the current European Data Protection Laws, December 13). You’ll find Banco Santanderprivacy policy here and Redsys here.

Banco Santander and Redsys share with us personal data entered by you such as Name, Last Name, Address, Phone Number, Type of Credit Card used for payment. We DO NOT have access to your Credit Card Number, Expiration Date, CSC / CVV or Pin Number entered by you in our website to complete a payment.

When orders are made by phone, we will not store your credit card information in our files, but it will still be processed via Banco Santander and Realex.

When orders are made online, we might use third party apps or plugins to connect with Banco Santander and Redsys. Such third parties don’t have access to your credit card information either, but might collect personal and travel data and request you to accept our Terms & Conditions, if applicable, on our behalf.

STRIPE

Our online booking system Turitop is also connected to Stripe, Inc. (San Francisco, CA, USA) to collect payments as a payment gateway. You can find their privacy policy here.

PAYPAL

We might occasionally (upon customer request or if other payment systems are temporarily down) use PayPal Pte. Ltd (San José, CA, USA) to process money transactions. In such case, we send the client a Money Request in which Paypal handles the payment card information on our behalf complying with PCI DSS. Client must have a Paypal account to send the payment, therefore it is Paypal who is handling their credit card and personal data, not us. Paypal shares with us only personal information relevant for our invoicing and booking, but not any kind of credit card information. Learn more about their privacy policy here.

BOOKING ENGINES

In order to allow visitors to book online in real time without having to even contact us, we use booking engines provided by third parties. After many years of relying on Bookeo Pty Ltd, in 2020 we switched to Turitop, located in Tenerife (Spain) and therefore adhering to all the EU data protection laws. They collect personal and travel information related to the tour/services booked. They are connected to Stripe and Redsys to collect payments, so they don’t have access to your credit card details when you booked through them. More about their privacy policy here.

MAILCHIMP

Our e-mail subscription and newsletter system is run by Mailchimp (Rocket Science Group, LLC d/b/a MailChimp), from Georgia, USA. Mailchimp has TRUSTe’s Privacy Seal and complies with the Safe Harbor Framework, therefore offering an adequate level of data protection according to the LOPD. More about their privacy policy here.

TRIPADVISOR

We might share your email with TripAdvisor LLC (Newton, MA, USA) to use the Tripadvisor Review Express service to send our tour clients an email and possibly a reminder after their tour is over, asking them to write a review about their tour. The addresses remain stored in a TripAdvisor server, for campaign tracking and proper filtering of future email campaign lists. Addresses are stored separately and securely, and access is limited to specific people on the TripAdvisor team. Tripadvisor doesn’t use those e-mail addresses for any other purpose, and no Tripadvisor membership will be automatically created for Review Express recipients. More about their privacy policy here.

IMPORTANT

Tripadvisor does not adhere to the EU-US Safe Harbor List. This is why in compliance with the LOPD we inform you that by booking a tour with us and accepting our Terms & Conditions, you are giving ForeverBarcelona unequivocal, explicit and expressed consent to share your e-mail with TripAdvisor LLC.

ANTI-SPAM BEE

We use this plugin to control spam in the comments in our blog. It is fully GPDR compliant as it does not save private user data. We have it configured to check the language of the comment as an extra measure, and even in that case, only the comment is sent (via https) to the external service they use, but no other data is shared.

OTHER WEBSITE PLUGINS

We may use third party plugins to create contact forms and opt-ins, and back up data and other actions that might involve collecting and storing personal or travel information willingly submitted by you. Such plugins only process and/or store your personal data but do not collect or store it for their own use.

They might however install cookies in your browser to collect information about how you interact with the site and these plugins. Learn more about our Cookie Policy here.

Scroll to Top