Privacy Policy

This privacy statement was last updated on 28. March 2026 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via https://tenerife-diving.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

• we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
• we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
• we first request your explicit consent to process your personal data in cases requiring your consent;
• we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
• we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)

1.1 Contact - Through phone, mail, email and/or webforms

For this purpose we use the following data:

• A first and last name
• An email address

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We retain this data until the service is terminated.

1.2 To be able to comply with legal obligations

For this purpose we use the following data:

• A first and last name
• An email address

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We retain this data until the service is terminated.

1.3 Compiling and analyzing statistics for website improvement.

For this purpose we use the following data:

• An email address
• IP Address
• Geolocation data
• Sex

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We retain this data until the service is terminated.

2. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy. 

3. Disclosure practices

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

4. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

• Login Security
• DKIM, SPF, DMARC and other specific DNS settings

5. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

6. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

7. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

• You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
• Right of access: You have the right to access your personal data that is known to us.
• Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
• If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
• Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
• Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

8. Submitting a complaint

If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.

9. Contact details

Gema Cebolla Madrigal
Calle Valencia, Centro Costa
Playa de las Americas – Torviscas
38660 Costa Adeje – Tenerife
Spain
Website: https://tenerife-diving.com
Email: oceantrek.tenerife@ex.comgmail.com
Phone number: +34 922 75 34 72

10. Data Requests

For the most frequently submitted requests, we also offer you the possibility to use our data request form

Name

Name

Email

Submit a request for access to the data we process about you.

Submit a request for deletion of the data if it is no longer relevant.

Submit a request to receive an export file of the data we process about you.

Annex

Complianz

This website uses Complianz's Privacy Suite for WordPress to collect and record browser- and device-based consent. For this feature, your IP address is anonymized and stored in our database. This service does not process any personally identifiable information and does not share any data with the service provider. For more information, please see the Complianz Privacy Policy.

 

Anti-Spam Protection Measures

To protect our website and web forms from spam, abusive submissions, and automated attacks, we use the security plugin FormGuard Anti-Spam. Depending on the activated protection features, form-related and technical information is processed to evaluate incoming submissions from a security perspective and to ensure the reliable operation of our forms.

 

Legal Basis

Processing is carried out on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in protecting our website against abusive use and in ensuring the uninterrupted operation of our web forms. For users residing in Switzerland, processing is additionally based on Art. 31 DSG.

 

Delimitation of Responsibility

All data processed by FormGuard Anti-Spam remains exclusively within the hosting infrastructure of the respective website operator. The developers of FormGuard do not have access to this data at any time. No transmission to the plugin developer, to third parties, or to external servers takes place. FormGuard Anti-Spam processes the data collected solely within the scope of the protection features activated by the website operator and not for its own purposes - in particular not for marketing or profiling.

 

Logging of Form Events

To detect and trace abuse attempts, form events are logged. This involves processing form metadata, submission timestamps, technical accompanying information, and the respective security check result. When full logging is enabled, submitted form contents are additionally stored in the log. All data is processed exclusively within the hosting infrastructure of the website operator and is not transmitted to third parties.

 

Client-Side Security Check

To distinguish between human users and automated submissions, FormGuard performs a technical security check in the browser during form interaction. The signals collected in this process are processed exclusively locally in the browser and are not stored. Only the derived check result is transmitted to the server for evaluation of the specific form submission.

 

IP Addresses and Location-Based Security Measures

To defend against abusive access, FormGuard processes IP-related information. On this basis, security-relevant measures can be triggered to detect and prevent abusive access.

 

Email Blocklist

To defend against recurring spam submissions, email addresses or patterns can be maintained in a blocklist. This data is processed exclusively within the hosting infrastructure of the website operator and serves solely to detect and block abusive form submissions.

 

Content-Based Security Check

Form contents are automatically checked for security-relevant characteristics. If a characteristic applies, a configurable protective response is triggered. No profiling within the meaning of Art. 22 GDPR takes place.

 

Retention Period

Security and log data is stored only for as long as necessary for the stated purposes. Retention duration and maximum data volume are configurable; upon expiry of the defined periods or upon reaching the limits, data is automatically deleted or overwritten (Art. 5(1)(e) GDPR; Art. 6(4) DSG).

 

Loco Translate

This plugin does not collect any data from visitors to this website. Administrators and auditors can view the Loco Translate plugin privacy policy.

 

Google Analytics 4

We use Google Analytics to measure and analyze the use of our online offer based on a pseudonymous user identification number. This identification number does not contain unique data such as names or email addresses. It serves to assign analysis information to an end device in order to recognize which content users have accessed within one or several usage processes, which search terms they used, accessed them again, or interacted with our online offer. Likewise, the time of use and its duration are stored, as well as the sources of the users who refer to our online offer and technical aspects of their devices and browsers. Pseudonymous profiles of users are created with information from the use of various devices, and cookies may be used. Google Analytics does not log or store individual IP addresses for EU users. However, Analytics provides rough geographical location data by deriving the following metadata from IP addresses: city (and the derived latitude and longitude of the city), continent, country, region, subcontinent (and ID-based counterparts). For EU data traffic, IP address data is used exclusively for this derivation of geolocation data before being immediately deleted. They are not logged, are not accessible, and are not used for further purposes. When Google Analytics collects measurement data, all IP queries are performed on EU-based servers before the traffic is forwarded to Analytics servers for processing:

 

• Service Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland Legal Basis: Legitimate Interests (Art. 6 Abs. 1 S. 1 lit. f) GDPR)
• Website: https://marketingplatform.google.com/intl/en/about/analytics/
• Privacy Policy: https://policies.google.com/privacy
• Data Processing Agreement: https://business.safety.google/adsprocessorterms/
• Basis for Third Country Transfer: EU-US Data Privacy Framework (DPF), Standard Contractual Clauses (https://business.safety.google/adsprocessorterms)
• Further Information: https://business.safety.google/adsservices/ (Types of processing as well as data)