Cookies policy

The AEPD Guide of July 2023, incorporating information and criteria from the European Data Protection Board (EDPB), the GDPR-EU-2016/679 (Articles 5, 6, 7, and 13), and the LOPDGDD-3/2018 (Article 6), must be interpreted to mean that consent is only valid if it is explicit.

CONSENT OF THE DATA SUBJECT: To process your personal data with privacy and security, your consent is required in compliance with GDPR-EU-2016/679, Articles 5, 6, 7, and 13, as well as LOPDGDD-3/2018, Title II. By accepting through a check box or button labeled “I accept,” the user of this website/App provides explicit consent for the processing of personal data and information collected via cookies on their device.

By using a check box or button labeled “Reject,” the user refuses cookies, except those exempted from the consent requirement, such as essential or session cookies.

A check box or button for “More Information” allows access to this Cookie Policy.

Consent of Minors: GDPR-EU-2016/679, Article 8, sets conditions for child consent in relation to information society services:

When Article 6(1)(a) applies in relation to offering information society services directly to children, processing the personal data of a child is lawful if the child is at least 16 years old. If the child is under 16, such processing is only lawful if consent is given or authorized by the holder of parental responsibility, and only to the extent authorized.

The data controller must make reasonable efforts to verify that consent was given or authorized by the holder of parental responsibility, considering available technology.

The data subject may exercise the rights of access, portability, restriction, objection, rectification, and deletion of data, and may file a complaint with the competent supervisory authority.

Cookies are small data files received by your device from the visited website and are used to record certain interactions on a website by storing data that can be updated and retrieved. These files are stored on the user’s device and contain anonymous data that is not harmful to the device. Cookies are used to remember user preferences such as selected language, login data, or web/App personalization.

Traditionally, cookies or storage devices were associated with websites, but they are now used on other platforms and applications (e.g., smartphone and tablet apps). Cookies can also record anonymous information about how a visitor uses a site, such as which website/App they accessed it from, or whether they used an advertising banner to reach it. Information society services may be provided by the publisher through a platform, software application, or website/App accessed by the user from their device.

We use first-party and third-party cookies to analyze website usage and display advertising based on user profiles created from browsing habits.

CITYTRIP BARCELONA, SL uses technical and analytical cookies on our website to enable secure areas, personalized options, etc. In addition, we use cookies to collect data for web usage analysis to improve service, measure performance, and personalize the website/App.

Google Analytics Cookie: Google Analytics is a free service by Google Inc. that collects information about visited web pages, time of access, browser used, etc., which is subsequently sent to Google Inc. servers.

By purpose:

Technical Cookies: Allow users to navigate a website, platform, or app and use different options or services. Examples include session maintenance, response time management, security features, or content sharing.

Preference or Personalization Cookies: Remember user preferences to provide a customized experience, such as language selection, number of search results, service appearance depending on browser type, or region.

Analytics/Measurement Cookies: Allow the site owner to monitor and analyze user behavior on the website/App, including advertisement impact. Information collected is used to measure site activity and improve the service.

Advertising Cookies: Managed by the App owner or third parties, these cookies analyze browsing habits to display ads relevant to the user’s profile. They store information about users’ behavior to develop targeted advertising.

By duration:

Session Cookies: Designed to collect and store data only while the user accesses a website/App. They disappear at the end of the session.

Persistent Cookies: Stored on the device and can be accessed and processed for a defined period, from minutes to years. Their necessity should be evaluated, and the duration minimized according to purpose.

Legal obligations include transparency and obtaining explicit user consent. Businesses are advised to periodically review cookies to identify first-party vs. third-party cookies, session vs. persistent, and their purpose, ensuring compliance with Article 22.2 of the LSSI.

Information on cookie management (including revocation of consent and deletion) should always be accessible via the website, app, or online service.

Compliance is achieved when the cookie management system (configuration panel or CMP) is integrated into the cookie policy, or a link is provided to the management system.

AEPD Guide 3.2.10 – Denying access in case of cookie refusal: Users may be prevented from accessing the website or using the service partially or fully if they refuse cookies, provided they are properly informed and an alternative access method is offered, not necessarily free.

These cookies comply with GDPR-EU-2016/679, LOPDGDD-3/2018, LSSI-CE-34/2002 (updated 09/05/2023), and the AEPD Cookie Guide (July 2023) incorporating EDPB criteria.