Privacy policy: We protect your information at Kikoto

1. Data of the person responsible for the treatment

In accordance with Regulation 2016/679, of April 27, on the Protection of Personal Data and Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights, the basic data of the Data Controller are as follows:

  • Data controller: Inversiones Turísticas del Estrecho S.L.
  • NIF: B-51041689
  • Mailing address: C. Delgado Serrano 1 3 C, 51001 Ceuta, Spain
  • Email: contacto@kikoto.es
  • Registered trademark: Kikoto

2. Personal data

Access to this website is free and unrestricted. The completion of personal data will be treated with the utmost confidentiality. The data provided by the user will be included in our automated records of personal data processing and processed in accordance with Regulation 2016/679, of April 27, on the Protection of Personal Data, and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights.

3. Purpose of the data

In accordance with data protection regulations, the data collected in Kikoto will only be collected, processed, and used for lawful and legitimate purposes, which we inform you about.

The collection of this personal data is intended, in the event of contracting the services offered in relation to telematic sales services for national and international ferry ticket reservations, to maintain the contractual relationship, as well as the management, administration, information, provision and improvement of the service through our website.

4. Security measures

Kikoto undertakes to comply with the duty of secrecy of such data, as well as to treat them with confidentiality, assuming the necessary measures to prevent their alteration, loss, treatment, or unauthorized access, as provided for in Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and in Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights.

5. Data retention period

The data processing will be maintained for the time necessary to fulfill contractual and legal obligations, or until the right to erasure and/or limitation of data processing is exercised. In any case, they may remain closed and blocked indefinitely.

6. Exercise of rights

In accordance with the provisions of the GDPR (EU) 2016/679, you can exercise your rights of access, rectification, erasure, restriction, portability, and objection before the entity, and even, if necessary, before a Supervisory Authority (in this case, the Spanish Data Protection Agency, as the Lead Authority):

  • Right of access (Art. 15 GDPR): "The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed (...)"
  • Right to rectification (Art. 16 GDPR): "The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement"
  • Right to erasure or "right to be forgotten" (Art. 17 GDPR): "The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay (...)"
  • Right to restriction of processing (Art. 18 GDPR): "The data subject shall have the right to obtain from the controller restriction of processing where one of the following applies (...)"
  • Right to data portability (Art. 20 GDPR): "The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided (...)"
  • Right to object (Art. 21 GDPR): "The data subject shall have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her (...)"

7. Applicable regulations

The basic regulations to be taken into account by service providers through websites are as follows:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
  • Organic Law on the Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) adapts Spanish law to the model established by the General Data Protection Regulation (GDPR), introducing innovations through the development of matters contained therein.

8. Conflict resolution platform

In accordance with art. 14.1. of Regulation (EU) 524/213 of the European Parliament and of the Council, of May 21, 2013, on online dispute resolution in consumer matters and amending Regulation (EC) 2006/2004 and Directive 2009/22/EC (Regulation on online dispute resolution in consumer matters), the website makes available to consumers, if necessary, the online dispute resolution platform: https://ec.europa.eu/consumers/odr.

9. Applicable law and jurisdiction

The applicable law in the event of a dispute or conflict of interpretation of the terms that make up this privacy policy and legal notice, as well as any matter related to the services of this website, shall be Spanish law. The parties, in accordance with Royal Legislative Decree 1/2007, of 16 November, approving the revised text of the General Law for the Defence of Consumers and Users and other complementary laws, submit to the Courts and Tribunals of the consumer's place of residence.

10. Modifications to the privacy policy

Kikoto reserves the right to modify its data protection policy in accordance with its criteria, or due to a legislative change, case law or business practice. If Kikoto introduces a modification, the new text will be published on this website, where the user can become aware of the data protection policy. In any case, the relationship with the users will be governed by the rules provided at the precise moment when the Website is accessed.

11. Questions about the privacy policy

If you have any questions or concerns about our Privacy Policy or want to exercise any right or action regarding your personal data, please contact us through the following email address contacto@kikoto.es.

How to ensure the security of your account

We periodically review accounts to ensure they are as secure as possible. We will also contact you if we can do anything else to increase the security of your account.

For more information, please review the Terms and Conditions.

Need help?

Customer service

Visit our customer service page to find useful information about ferry travel, our frequently asked questions, and how to contact us for help with your reservation.