Book your stay

Advantages of booking through this website:

Hotel Gran Bilbao

Privacy policy


1. General information

In compliance with the provisions set forth in Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce, website is the property of SEGURA HOSTELERÍA, S.A. (hereinafter, HOTEL GRAN BILBAO), registered in the Registro Mercantil de Vizcaya, Tomo 5676, Folio 59, Sec. 8, Hoja BI-69318 (Biscay Register of Companies, Volume 5676, File 59, Sec. 8, Page BI-69318), with address for notification purposes at Avda. Indalecio Prieto 1, 48004 Bilbao, NIF A09045980 and e-mail

2. Additional information to customers on data protection

As a guest at our hotels, please note that the personal data collected during your stay and/or the service provided shall be processed in accordance with regulations on the protection of personal data. In this respect, please take note of the following:

  • Data controller
  • Calle Indalecio Prieto 1, 48004 Bilbao
  • Phone: (+34) 944 328575
  • Email:

2.1. Purpose of processing your data

Client management, marketing and promotional actions for all products and services related to what you booked. You can oppose the latter by sending an email to the aforementioned address.

Your client profile will be created to notify you of services and offers from our hotels which we believe may be of your interest in the future.

Once you have made your booking and a few days before you arrive at our hotel, you may receive a message via email, SMS and/or WhatsApp to enable you to check in online, with information about your booking, the hotel and how to enhance your stay. You may also receive a message upon arrival to welcome you and inform you of the services available at the hotel and how you can enhance your stay. Once you have checked out, you may receive an email with a satisfaction questionnaire about your stay.

Lockup-desk is the company that manages the opening of doors from your mobile phone, which may contact you to send you, on our behalf, information for you to download your StayMyWay application and open our doors with your mobile phone.

For the client’s security, Hotel Gran Bilbao does not have access to the card details at any time.

2.2. Data retention period

For the time required to comply with the corresponding legal obligations.

Once the consent for sending commercial communications is withdrawn.

2.3. Lawful basis

For booking an accommodation in our hotels or the provision of a service and sending of promotional information in our legitimate interest authorised by regulations in force.

2.4. Recipients

Your data may be transferred to third parties without your consent, provided that this transfer responds to a need for the development, fulfilment and control of your relationship with the hotels and shall be limited to this purpose, as established in regulations on the protection of personal data (security forces and corps, tax agency, financial institutions, etc.).

2.5. Rights

Access to know whether we are processing your data or not, and which information in particular.

Rectification of your data if it is inaccurate or incomplete.

Deletion when – among other reasons – the data is no longer necessary for the purposes for which it was collected.

Limitation on the processing, in certain circumstances, in which case we shall only retain your data to file or defend claims. Suspension of the data processing or retention according to the scenarios considered.

Opposition to the processing, in specific cases and for reasons related to your particular situation, whereby we shall cease to process your data, except for compelling legitimate reasons, or for filing or defending possible claims.

Portability of your data for you to receive it in a specific format and transfer it to another controller, if possible.

Lodge a complaint to the Spanish Data Protection Agency (

3. Privacy

Hotel Gran Bilbao would like to inform you that all personal data received via the forms on this website will be processed with the strictest confidentiality in accordance with the company’s privacy and security policy, as well as with the data protection regulation.

The purposes in each case are the following:

  • Room bookings: to manage accommodation bookings made via this website or to send promotional messages if the corresponding box has been ticked.
  • Registration to the HGB Club: to send deals and promotions in relation to your membership of the Hotel Gran Bilbao Club.
  • Work with us: to manage recruitment processes carried out in the company.
  • Events: to manage events that take place in hotel lounges.
  • Restaurant bookings: to manage bookings at our restaurant.

The recipients of this information are all assigned users, registered users, managers and contributors of all the departments and associated divisions of the company, as well as all official bodies which may require the transfer by law.

By submitting the form, you agree to the automatic processing of the data included in our database, which is the legitimate basis of said data processing. You have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on consent prior to its withdrawal. Please note that we may share some of your personal data with third parties and that they may contact you by email for matters related to your stay, such as satisfaction surveys or feedback about your experience at the hotel. You may exercise your rights of access, rectification, erasure/to be forgotten, restriction of processing, portability and objection to the processing of your personal data by writing to the data controller indicated in the heading.

4. Selection processes

Pursuant to data protection regulations, we hereby notify you that your personal data will be processed in a file whose purpose is to manage your application in job selection processes we carry out in the future.

The data provided will be preserved for 2 years in accordance to our data protection policy. It will not be transferred to third parties unless we are legally required to.

In order to exercise your rights of access, modification, removal, process limitation, portability and/or opposal, please notify the file owner: Segura Hostelería S.A.,, where you will be provided with the relevant paperwork to exercise the aforementioned rights.

5. Social Network Privacy Policy

In compliance with the General Data Protection Regulation and Law 34/2002, of July 11, of Information Society Services and E-commerce (LSSI-CE), the company:

  • A09045980

Hereby notifies that it has proceeded to create a page on the following social networks: FACEBOOK, TWITTER, LINKEDIN and INSTAGRAM, with the objective of advertising.

The user, by joining our page, consents to the processing of his personal data published on his profile. The user can access the privacy policy of that particular social network at all times as well as configure his profile to guarantee privacy. SEGURA HOSTELERÍA S.A. has access and processes the user’s public information, in particular his contact name. This data is solely used within this particular social network and not transferred to any other file.

The user may exercise his rights of access, modification, cancellation and opposition to the aforementioned address. Also, the user must have knowledge of the characteristics of social media and the limitations of SEGURA HOSTELERÍA S.A. in regards to the application of rights of access, modification, cancellation and opposition. If the user has any questions regarding this matter, he may check the characteristics of the different social networks in their legal notice. The user is solely responsible of all content published on the social media pages of SEGURA HOSTELERÍA S.A. If the published content does not meet current legislation, its publication will be prohibited, with the user being solely responsible for it.

Please find below the link to our social network privacy policy and other regular social networks:

  • Facebook:
  • Twitter:
  • Linkedin:‐policy?trk=hb_ft_priv
  • Flickr:
  • Pinterest:
  • Instagram:
  • GooglePlus:
  • Youtube:


By the mere fact of visiting website, no personal data identifying a User is automatically registered. However, there is certain information of non personal nature and not identifiable with a specific User that can be collected and recorded on HOTEL GRAN BILBAO’s internet servers (for example, the User’s type of internet browser and operating system) with the aim of improving the User’s navigation and site’s management.

HOTEL GRAN BILBAO may require from Users certain data of a personal nature for the use of certain contents or services, complying at all times with Regulation (EU) 2016/679 and Organic Law 3/2018 of 5 December on the protection of personal data and the guarantee of digital rights.