Data Subject Rights
Last updated: March 2026
Important context
Due to SES Peregrino's zero-knowledge architecture, Wise Pilgrim SL stores guest records as encrypted blobs it cannot decrypt without the owner's password. To exercise your rights regarding the underlying personal data, contact the accommodation establishment that performed the registration or the Ministry of Interior.
Your Rights Under GDPR and LOPDGDD
The General Data Protection Regulation (GDPR) and Organic Law 3/2018 (LOPDGDD) grant you the following rights:
Right of Access (Art. 15 GDPR)
You have the right to obtain confirmation of whether your personal data is being processed and, if so, to access it along with information about the purposes, categories of data, recipients, and retention period.
How this applies in SES Peregrino:
Your pilgrim profile data is on your device — you can view it directly in the app. For albergue data stored on our server, email us.
Right to Rectification (Art. 16 GDPR)
You have the right to obtain the rectification of inaccurate personal data or to have incomplete data completed.
How this applies in SES Peregrino:
You can edit your data directly in the app at any time. For albergue data on our server, email us.
Right to Erasure (Art. 17 GDPR)
You have the right to request the erasure of your personal data when it is no longer necessary, you withdraw consent, you object to processing, or data has been processed unlawfully.
How this applies in SES Peregrino:
You can delete all local data by uninstalling the app. Encrypted guest records are automatically deleted after 3 years — they cannot be erased sooner (legal obligation under Royal Decree 933/2021). For your albergue profile data on our server, request deletion by email or deactivate your account.
Right to Restriction of Processing (Art. 18 GDPR)
You have the right to request restriction of processing when you contest data accuracy, processing is unlawful, we no longer need the data but you need it for claims, or you have objected to processing.
Right to Data Portability (Art. 20 GDPR)
You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another controller.
How this applies in SES Peregrino:
Your pilgrim data is already on your device and portable by nature — the QR you generate contains your data in compressed format.
Right to Object (Art. 21 GDPR)
You have the right to object to the processing of your personal data based on legitimate or public interest, including profiling.
Automated Decision-Making (Art. 22 GDPR)
SES Peregrino does not perform automated decision-making or profiling with your personal data.
How to Exercise Your Rights
To exercise any of these rights, send an email to:
Your request must include:
- Your full name
- The right you wish to exercise
- The email associated with your albergue account (if applicable)
We will never ask you to send copies of identity documents by email. We will verify your identity through your registered account information.
We will respond within one month of receiving your request. In complex cases, this period may be extended by two additional months, with prior notification.
For Guest Data
If you are a guest and want to exercise your rights regarding data submitted to the Ministry of Interior:
- Contact the accommodation establishment that performed your registration. They are the data controllers for your guest data.
- Contact the Ministry of Interior for data already submitted to the SES.HOSPEDAJES system.
Wise Pilgrim SL stores encrypted guest records but cannot decrypt them. We can delete encrypted records on request, but we cannot provide access to or rectify the underlying personal data. Contact the accommodation establishment or the Ministry of Interior for those rights.
Supervisory Authority
If you are not satisfied with our response or believe the processing of your data does not comply with regulations, you can file a complaint with the Spanish Data Protection Agency (AEPD):
- Web: www.aepd.es
- Phone: 901 100 099
- Address: C/ Jorge Juan 6, 28001 Madrid