For a limited time only! Book now!
The companies responsible for processing your personal data are Attractie- en Vakantiepark Slagharen B.V the company responsible for operating Slagharen (hereinafter, “Slagharen”), with registered office at Zwarte Dijk 37, 7776 PB Slagharen, the Netherlands, and Parques Reunidos Servicios Centrales, S.A., with registered office at Calle Federico Mompou 5, Parque Empresarial "Las Tablas", Edificio 1 - Planta 3ª, 28050, Madrid, Spain each acting individually as controllers and together as joint controllers (the "Controllers").
If you have any questions about the processing of your personal data or if you would like to ask for relevant parts of the Joint Controllers agreement, please contact the Data Protection Officer (DPO) of Slagharen by e-mail at privacy@slagharen.com.
The Controllers will process your personal data for the purposes set out below, and consistently with the purpose of the channel through which you may have provided your personal data:
If you purchase single day tickets through our online form or the account environment, we will process your personal data to process the purchase and payment of your single day ticket(s) and we will send you an email with the purchase confirmation, receipt, and ticket.
During the purchase process, we ask for your age (via birth date) to verify that you are of the right age to purchase this product, to give consent to the processing of your personal data (see Minors for more information) and – in case you have agreed to receive marketing communications – to send you special offers or messages on your birthday. We ask for country, from which the language preference will be derived, to ensure that all communications, where possible, are sent to you in this language.
In addition, we will process your personal data to handle your requests for information sent to processors and any incidents or claims relating to your purchased single day ticket (by email), as well as to reach you by email to inform you of any circumstances that may affect your visit (e.g. weather conditions, security, public health issues, etc.).
Type of personal data processed: first and last name, e-mail address, birth date, country, language; and information on the product/service that you purchased (the “transaction details of your purchase”).
Lawful basis: the basis for this processing is the performance of the contract concluded with you as a result of your purchase of the relevant product (terms and conditions of purchase). If you do not provide the required personal data, you will not be able to complete your purchase.
If you book lodging through our online form or the account environment, we will process your personal data to process the booking and payment of the lodging and we will send you an email with the purchase confirmation, receipt, and booking of the lodging. Your address details are processed in the accommodation booking contract.
During the purchase process, we ask for your age (via birth date) to verify that you are of the right age to purchase this product, to give consent to the processing of your personal data (see Minors for more information) and – in case you have agreed to receive marketing communications – to send you special offers or messages on your birthday. We ask for country, from which the language preference will be derived, to ensure that all communications, where possible, are sent to you in this language.
In addition, we will process your personal data to handle your requests for information sent to processors and any incidents or claims relating to your booked lodging (by phone or email), as well as to reach you by email, SMS or phone to inform you of any circumstances that may affect your visit (e.g. weather conditions, security, public health issues, etc.).
Type of personal data processed: first and last name, e-mail address, birth date, street and number, zip code, town, country telephone number, language; and transaction details of your booking.
Lawful basis: the basis for this processing is the performance of the contract concluded with you as a result of your purchase of the relevant product and/or service (terms and conditions of purchase). If you do not provide the required personal data, you will not be able to complete your purchase.
If you purchase an annual pass through our online form or the account environment, we will process your personal data to process the purchase and payment of your annual pass, and to identify you as the annual pass holder, and allow you to access and use your annual pass in Slagharen.
For the correct issuance of the (virtual) annual pass, we will request, in addition to the aforementioned data, other personal data, namely your image, during the purchase process. This personal data is necessary for the purpose of fraud detection and prevention, to which Slagharen has a legitimate interest (see purpose fraud detection and prevention for more information).
During the purchase process, we ask for your age (via birth date) to verify that you are of the right age to purchase this product, to give consent to the processing of your personal data (see Minors for more information) and – in case you have agreed to receive marketing communications – to send you special offers or messages on your birthday. We ask for country, from which the language preference will be derived, to ensure that all communications, where possible, are sent to you in this language.
If you decide to renew the annual pass through our account environment and you are entitled to benefit from a promotion or discount due to your former status as an annual pass holder, we may need personal data to verify this prior contractual relationship, namely the birth date and/or the first and last name of the former holder of the annual pass.
In addition, we will process your personal data to handle your requests for information sent to processors and any incidents or claims relating to your purchased product and/or service (by email), as well as to reach you by email to inform you of any circumstances that may affect the execution of the contracted service (e.g. weather conditions, security, public health issues, etc.).
Type of personal data processed: first and last name, e-mail address, birth date, country, language; and the transaction details of your purchase; image.
Lawful basis: the basis for this processing is the performance of the contract concluded with you as a result of your purchase of the relevant product and/or service (terms and conditions of purchase). If you do not provide the required personal data, you will not be able to complete your purchase. In addition, we have a legitimate interest (fraud detection and prevention) for which we process your image.
When you register to our account environments (via Vivaticket for annual passes, DruiD for lodging and single day tickets, and Constell for school and group visits), we will process your personal data to register you and to identify you as a Registered User, so you can access the different functionalities that are available for you.
We will inform you that the data we collect on your activity, obtained through the different account environments, which include your purchases/bookings, and permission on marketing communication (only applicable to the DruiD account environment), will remain linked to your account environments, therefore all the information can be accessed at once and, where necessary, modified. The Registered User will be able to view information about the product/service.
If in the DruiD account environment inactivity of you, as a Registered User, will be detected for an extended period of time, your e-mail address will be used to inform you of the expiry of your DruiD account due to inactivity after eighteen (18) consecutive months of inactivity, as well as the actions required to keep your account active.
Type of personal data processed: access credentials based on the combination of an identifier, an e-mail address, and a personal, non-transferable password.
Lawful basis: the basis for this processing is the performance of the contract in which you, as a Registered User, are a party (by accepting the Terms and Conditions provided at the time of registration in the account environment). The personal data is necessary for the execution of the terms that regulate the use of the account environment
We can contact you, the Registered User, by e-mail, so that, if desired, you can renew the previously purchased annual pass.
Type of personal data processed: first and last name and e-mail address.
Lawful basis: This processing is necessary to satisfy the legitimate interests pursued by the Controllers to maintain and strengthen the relationship with their clients. The Controllers understand that the processing and the interests pursued are legitimate and do not undermine the rights and freedoms of the data subjects. To process this personal data, a balancing of interests was carried out by the Controllers to carry out this processing.
If you send us (via any of the methods available for this purpose on our website) a request or question for specific information about any of our products, services or events (first communions, birthday parties, corporate events, weddings, etc.), a suggestion or a request for information about a claim or incident that may have arisen from the product, service or event purchased or booked by you, we will use your personal data and the information contained in your enquiry to respond to you via the chosen means of communication..
If your query relates to a product, service or event purchased by you, we may also ask you (as part of the customer care process) for specific details about your purchase/booking (the transaction details of your purchase or booking) to ensure that your query is answered correctly.
Type of personal data processed: your first name, surname, email address, and telephone number; transaction details of your purchase or booking.
Lawful basis: the basis for the processing is the performance of the contract concluded with you as a result of handling your question, request and/or suggestion. You may withdraw your consent at any time following the procedure described below in the section "What are my rights in relation to personal data?" of this Privacy Statement.
If you purchase any of our products or services, the Controllers may send you surveys electronically (e.g. e-mail). This is a valuable tool that enables us to find out our customers' degree of satisfaction whilst allowing them the opportunity to make suggestions. Your opinion will also enable the Controllers to improve their processes, and their range of products and services.
Type of personal data processed: your email, telephone, information related to your purchase or booking, your country (to ensure that the survey is sent in your chosen language) and any other non-personal information you provide on the surveys you chose to respond to.
Lawful basis: this processing is based on the Controllers' lawful interest in obtaining customer feedback related to the products and services purchased by them, their needs, and suggestions. The Controllers believe that no rights of their customers are infringed upon as a result of this processing. The Controllers also believe that a proper balance exists between their interests and those of their customers. Processing your personal data allows us to find out your opinion, which is necessary for us to improve our range of products and services and the park's operational processes for a better quality of our customers' experience. Additionally, due to the large number of visitors that may come to the park, sending surveys electronically is necessary for the purpose described and there is no other effective mechanism to achieve this purpose. Likewise, we understand that our customers may reasonably expect for their personal data to be processed based on their contractual relationship with us, on the specific information provided to them as part of the purchase or reservation process, and on the fact that this type of processing is customary in the services industry. Please note that only strictly necessary non-sensitive personal data is processed, that no surveys are sent to children under sixteen (16) years of age, and that we only contact our customers occasionally and for a limited period of time.
Customers may object, at any time, to the processing of their personal data or exercise any other rights under applicable data protection regulations in accordance with the procedure described below in What are my rights on my personal data provided to you?” of this Privacy Statement.
Only if you give us explicit consent to do so via any of the forms available on our website or in the account environments (e.g. the account registration form, online purchase form, contact or request for information form, event booking form, schools and groups visits booking form, newsletter subscription form etc.) we will process your personal data to send you (via email) marketing communications (this includes o. a. sending you newsletters with information about the parks, discounts and promotions, events and personalised offers based on the information collected in the purchasing process within the account environment (such as personalised discounts based on you birthdate), and surveys) relating to products and services of Slagharen and/or the Parques Reunidos Group. You can find a list of Parques Reunidos Group companies in the "Parques Reunidos Group companies in Europe" section of this Privacy Statement. To send you this information, the Controllers process your name, surname and your e-mail address provided by you to us.
In the case of signing up for the newsletter, the Controllers use a two-step verification process to ensure the quality of your personal data. If you give consent to the processing of your personal data for this purpose, you will receive an e-mail asking you to confirm your e-mail and that your data can be processed for this purpose.
The Controllers may use personal data to personalise certain marketing communications. Personalised marketing communications may include newsletters, discount offers, promotions, relevant or commercial information relating to your purchase history of single day tickets, annual passes and accommodation (in the account environments) or your birthdate. The Controllers do not share personal data with third parties for their own marketing purposes. The Controllers do not use algorithms or profiling to make automated decisions with legal implications for you or that will have a significant impact on you. The Controllers do not use or disclose sensitive personal data for purposes for which you would have to exercise a right to restrict processing, under Dutch law. Personal data will only be used for marketing purposes to send you personalised marketing communications about Slagharen and Parques Reunidos Group products, services, events or activities that we believe may be of interest to you, based on the criteria described above.
Type of personal data processed: we may collect your first and last name and e-mail address to send you direct marketing communications. In addition, birthdate and (previous) transaction details (in the account environments), are processed to ensure that you receive communications with commercial information, such as birthday discounts, that we consider to be relevant to you, based on this data.
Legal basis: we will only process your data if you give us your explicit consent to do so, by checking the box (opt-in consent), specifically for this purpose in the forms available on our website and account environments. Please note that you can withdraw your consent or exercise your rights at any time as described below in the "What are my rights in relation to personal data?" section of this Privacy Statement. In addition to the above methods, we would like to remind you that you can unsubscribe from these marketing communications according to the procedure made available to you for this purpose on any marketing communication you have explicitly allowed us to send to you. If you no longer wish to receive marketing communications from us, you can withdraw your consent by unchecking the box on the website or by clicking on the newsletter's 'unsubscribe' button.
We may receive information from social media channels – depending on the settings of your social networks. For example, when you contact or share content on social media networks and mention the user account of the Controllers we may collect your personal data in order to promote the image of the park and its services.
More information about collecting, and for what purposes, the personal data we receive from your social media network providers and how you can change the settings of your account can be found on the website and in the Privacy Statement of the social media network provider concerned.
Type of personal data processed: the User’s social media account including their contact information, interests and contacts.
Lawful basis: the basis for processing personal data is the unambiguous consent of you by responding affirmatively to the direct message of the social media networks.
The Controllers will disassociate your postal code and country as supplied by you on the forms available on this website and the account environments from any other personal data to produce quantitative and qualitative aggregated statistical reports for market analysis and research. This allows us to assess our market positioning based on the geographic area from which products and services are purchased and to make strategic business decisions (e.g. sales trends).
Type of personal data processed: your postal code and country information dissociated from any other personal data provided.
Lawful basis: this processing is required to satisfy our legitimate interests in knowing and understanding the geographical area from which our products and services are purchased. The Controllers believe that no rights of their customers are infringed upon as a result of this processing. The Controllers also believe that a proper balance exists between their interests and those of their customers. By processing our customers' personal data we are in a position to evaluate our positioning in the market, which in turn is necessary for us to make strategic business decisions and to improve our products, services and operational processes in our parks, resulting in a better quality experience for our customers. We also believe that there is no less invasive method to effectively achieve this purpose, as only basic, non-sensitive information (postcode and country) is used, as previously dissociated from any personal data that would allow the individual identification of customers. our customers may reasonably expect for their personal data to be processed based on their contractual relationship with us, on the specific information provided to them as part of the purchase or reservation process, and on the fact that this type of processing is customary in the services industry.
You can object at any time to the processing of your personal data or exercise the rest of your rights under data protection regulations by following the procedure described in the section “What are my rights on my personal data provided to you?” in this Privacy Statement.
Only if you provide your email and give your express consent through the pop-up that will appear during the online purchasing process in case of inactivity on your part, your personal data will be processed so that, if you do not complete the purchase or reservation of products and/or services previously selected by you, we may send you reminders by email to complete the purchase and/or reservation thereof. If you finally decide not to formalize the purchase or reservation of said products and/or services, a brief survey will be sent to you by email to find out the reason why you do not wish to formalize it, which will help us improve the web experience of our customers.
Type of personal data processed: email and any information related to the products in the shopping cart.
Lawful basis: this processing will only be carried out if you voluntarily give your express consent through the pop-up that will appear during the online purchase process in case of inactivity on your part. We remind you that, in addition to the rest of the rights granted to you by data protection regulations, at any time you can also withdraw your consent and request to unsubscribe from sending abandoned cart reminders in accordance with the provisions of the section “What are my rights in relation to my personal data?” that is included in this Privacy Statement.
Your personal data will be processed to allow us to comply with certain statutory duties imposed on us as a result of our relationship with you by European Union and/or domestic tax, personal data, business, consumer protection, information society services, e-commerce, civil and accounting regulations.
Type of personal data processed: your first name, surname, telephone number, e-mail address, an identity (National/Foreign Id. Card, Passport, Driving Licence), group membership, details about your purchase, where applicable, data collected by the use of cookies or similar technologies pursuant to the Cookies Policy of this website or any other necessary information that may be part of our compliance duties at the request of competent control authorities.
Lawful basis: compliance with legal duties applicable to Controllers under relevant European Union and/or domestic laws and regulations. Without your personal data, the Controllers would not be able to properly comply with such statutory duties or fulfil any statutory liabilities arising out of the relationship with you or the processing of your personal data.
Your personal data will be processed to put in place any measures as may be required to prevent and detect misuse of or potential fraud related to our website, account environments or (the purchase or booking of) products and services, involving the Controllers or their customers. By way of illustration, but not limited: (i) before entering the park, Slagharen staff may request an annual pass holder to also show an official identification document along with their annual pass to verify and accredit ownership of the annual pass, in case there is any doubt about this ownership (e.g. due to an unclear image on the annual pass); (ii) electronic records will be kept with the history of changes made by you to the personal data provided.
Where potentially fraudulent activity is detected, the Controllers may give details of the relevant transaction, including the customer’s identity, to the payment platform's owner and, where appropriate, to the competent authorities.
Type of personal data processed: information related to your purchases and bookings, your payment details and contact details provided in the course of potentially fraudulent purchases; first name, surname, e-mail address and image; navigation and/or connection data (IP address of the device).
Lawful basis: we require to process your personal data to satisfy our legitimate interests as Controllers. We believe that no rights of the customers are infringed upon as a result of this processing. We also believe that there is a right balance between our of legitimate interest to prevent and detect potentially fraudulent activity and the legitimate interests of our customers and website users, as it allows us to take the required measures to protect them from such unlawful activities such as attempted fraud. This processing is also beneficial for us, as it allows us to avoid misuse of our website, products and services and for society at large, ensuring that fraudulent activities are discouraged and detected when they do occur. This data processing affects only limited and necessary information and falls within a standard industry practice that data subjects can reasonably expect.
In any case, we remind you that, if you have any question about the processing of your personal data, or if you need more information about the weighing of interests carried out by the Controllers to carry out this processing, among others and should you wish to exercise your right to object, you can send your request to the DPO through any of the contact methods provided in this Privacy Statement.
We use proprietary and third-party cookies and similar technologies (HTTP Cookies, Pixel Tracker and Premises and Premises Shared) on our website. As a result, we process, store and share user information and personal data when you browse this website, in accordance with the purposes and settings made available to users at all times.
For more information on the use of cookies and similar technologies, the processing of personal data and on how to manage your consent, please visit our Cookies Policy.
Based on the purpose for which we process your personal data, different retention periods apply as follows:
Pursuant to European Union Law and/or domestic regulations Your personal data may be disclosed to the Public Authorities including, in particular, data protection authorities, the courts or the Public Prosecutor's Office to meet possible legal liabilities or to comply with statutory retention periods.
The Controllers rely on third party suppliers who may also process your personal data to provide services related to the purposes for which you are being informed, including, but not limited to, information security, customer relationship management (CRM), technology (such as the providers of the account environments), legal consulting, marketing, customer service, professional services, payment processors or getaways and IT companies. These providers will only access your personal data to perform their services on behalf of the Controllers, without ever being authorized to use such data for their own purposes and/or unauthorized purposes.
One of these providers is Salesforce, a global company which provides cloud marketing platform services. Salesforce will operate on our behalf, within the European Economic Area (EEA) and in compliance with applicable European data protection regulations. Exceptionally, for example, in the event of a disaster recovery situation (i.e. the process to recover data and functionalities lost in the event of an accidental or a man-made disaster), Salesforce may also provide its services through companies outside the EEA, for which your personal data may need to be processed in countries that do not offer a standard of protection commensurate with the level of protection offered by European data protection legislation (e.g. the USA). To address these situations, the Controllers have entered into binding contractual commitments with Salesforce that guarantee the implementation of appropriate security measures to ensure that your personal data are at all times processed with an adequate level of protection comparable to that required in the EEA (standard contractual clauses approved by the European Commission on data protection in accordance with the European Data Protection Regulation (GDPR), additional security measures in accordance with decision C-311/18 of the Court of Justice of the European Union and subject to certification mechanisms). For further information, please do not hesitate to contact the DPO at any of the addresses (postal or e-mail) indicated in the section “What are my rights on my personal data provided to you?” in this Privacy Statement.
If you expressly agree to receive marketing communications about any of the companies of the Parques Reunidos Group, please note that these are based in the European Union and are primarily engaged in the management and exploitation of theme parks, water parks, zoos, leisure centres and travel agency services (e.g. sale of ticket+hotel packages). The European companies of the Parques Reunidos Group are:
· Spanish companies of the Parques Reunidos Group: Parques Reunidos Servicios Centrales, S.A. (Bono Parques); Parque de Atracciones Madrid, S.A.U. (Parque de Atracciones Madrid); Madrid Theme Park Management, S.L.U. (Parque Warner y Parque Warner Beach); Gestión Parque de Animales Madrid, S.L.U. (Faunia); Zoos Ibericos, S.A. (Zoo Aquarium Madrid); Parques de la Naturaleza Selwo, S.L. (Selwo Aventura and Hotel Selwo Lodge); Aquópolis Cartaya, S.L.U. (Aquópolis Cartaya); Leisure Parks, S.A. (Aquópolis Villanueva de la Cañada, Aquópolis Costa Dorada - Salou, Selwo Marina, Aquópolis de Cullera, Aquópolis de Torrevieja, Teleférico de Benalmádena); Mall Entertainment Centre Acuario Arroyomolinos, S.L.U. (Atlantis Aquarium); Travelpark Viajes, S.L.U. (packages combining admission fees + hotel accommodation).
· Rest of European companies of the Parques Reunidos Group: Italy - Parco della Standiana S.R.L (Miraiblandia and Mirabilandia Beach) and Travelparks Italy, S.R.L.( admission+hotel packages); Norway - Tusenfryd A/S (Tusenfryd) and Bø Sommarland AS (Bo Sommarland); Belgium - Bobbejaanland, B.V. (Bobbejaanland); BonBon-Land A/S (BonBon -Land); Germany - Movie Park Germany GmbH y Movie Park Germany Services GmbH (Movie Park), Event Park GmbH (Belantis), Nature Park Germany GmbH (Vogelpark Walsrode), Tropical Island Management (Tropical Island) and TI Hotel Asset GmbH (Tropical Island Hotels); The Netherlands - Attractie- en Vakantiepark Slagharen B.V. (Slagharen and Slagharen Beach); France - Marineland SAS (Marineland, Aquaplash Marineland, Marineland Resort and Kids Island); UK - Grant Leisure Group LTD (Blackpool Zoo), Real Live Leisure Company LTD (The Bournemouth Aquarium and Aquarium of the lakes) and Lakeside Mall Entertainment Centre Limited (Nickelodeon Adventure-Lakeside).
You may exercise your right of access, rectification, objection, limited processing, portability, by sending your request by e-mail to the attention of the DPO of Slagharen at privacy@slagharen.com. For consent-based processing operations, please note that you can withdraw your consent or object at any time to the processing of your data following the procedure described in the previous paragraph.
If you have expressly authorized us to send to you commercial information or information about discounts and promotions, you may also unsubscribe from this type of communications by using the methods that will be made available to you for this purpose in each marketing communication that you will receive.
The Controllers may obtain your personal data in several ways: for example, on basis of your purchases, when you apply for a job, communicate with us via social media or register for our newsletter.
If you provide personal data of third parties, you agree to obtain their express and informed approval to provide their personal data to the Controllers in accordance with the provisions described in this Privacy Statement.
If information on allergies and/or intolerances must be provided to the Controllers (e.g. to design the menus that may be served during an event or reception), please remember that you must only provide the number of people and the type of allergy and/or intolerance and not personal data that would allow the person with such allergy and/or intolerance to be individually identified.
Under the Dutch implementation of the European data protection legislation, we require the consent of your parent/guardian, if you are not older than sixteen (16) years, to process your personal data if the processing of your personal data is based on consent. For the purchase or booking of some of our products and services, a minimum age of eighteen (18) may be required (see the Terms & Conditions).
However, if as a result of purchasing/booking any of our products, services or events available on this website and the account environments and, particularly following an event, you voluntarily decide to provide personal data of a child under sixteen (16) years of age, you will be deemed to have given your express and informed consent as father, mother or guardian to process the personal data as part of the contractual relationship arising from your purchase pursuant to the provisions of this Privacy Statement.
You may lodge a claim with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) or place of your habitual residence in the EU to protect your rights at any time you deem appropriate. However, we advise you to approach first our DPO via privacy@slagharen.com to seek assistance with your request and to resolve any incident related to the processing of your personal data.
This Privacy Statement was last updated in 31st January 2024