VERSION NOV. 2020.
Who is responsible for processing your data?
- Mara Pasquini
- C/ Colombia, 20, 1D, 35010 Las Palmas de Gran Canaria, Spain
- NIF: Y4779643G
- Mail: firstname.lastname@example.org
You can contact us by telephone, letter or in person at the above address. In any case, you will be forwarded to the person responsible for the privacy area established in order to deal with any possible requests you may make.
What are the categories of data that we process through our website?
1. Registered user data:
- Basic category data (identification such as name, surname, email, nickname)
- Navigation data – IP, navigation frequency, product preferences
- Bank details
2. Data of non-registered users/navigators:
- Navigation data.
For what purposes are we going to process your personal data?
We inform you that your data will be process for the following purposes:
- Basic category data (name, surname, e-mail, nickname) that are collected through the forms, will be process in order to provide our Web service that is requested through registration in it.
- The bank details will be used for the execution of the service you request through our website, such as payment for a product/service.
- The navigation data that will be collected through cookies (click here to consult our Cookies Policy) will be used to establish a navigator profile to know your preferences for use of the Web, the problems you may present when navigating or possible tastes you have regarding the choice of certain sections located on our Web. This will help us to improve your browsing in the future or offer products according to your profile through advertising located in certain areas of the Internet or through the mail you provide.
What is the legitimacy of the processing of your data?
The legal basis of the data process for the REGISTERED USERS is:
- As for the use of the identification data collected through the forms (name, ID, e-mail, bank data) the legitimacy for the processing of it, is the execution of service or contract that mediates between you and our entity. Also, such data will be used in order to provide advertising to offer products related to the activity we develop, the legal basis is the legitimate interest of the Controller. You may always unsubscribe from the same through the link or other means that we provide in such advertising.
The legal basis of process for non-registered users is:
As for the use of navigation data in order to establish your profile of usage preferences and products, the legitimacy for the treatment of them is your consent that will be expressed through the acceptance of our cookie policies.
For the sending of advertising about our products by means of electronic mail the legal basis is your consent that will be understood as express by the introduction of your email and the acceptance of sending the Newsletter through the box enabled for this purpose.
How are my data protected?
We have adopted an optimal level of protection of the Personal Data that we process, and we have installed all the means and technical measures at our disposal according to the state of technology to avoid the loss, misuse, alteration, unauthorized access and theft of Personal Data.
To which addressees will your data be communicated?
Your data will not be transferred to third parties, unless there is a legal obligation to do so. Specifically, the data may be communicated to the State Tax Administration Agency, banks and financial institutions for the collection of the service provided or product purchased. In addition, there may be third parties who may access your data, on behalf of the data controller and under his instructions, also keeping the appropriate security measures as well as the duty of confidentiality with respect to them, and for the sole purpose of carrying out the purpose for which they were collected.
Are there international data transfers?
Some of our suppliers may be established outside the EEA, such as web hosting services or data storage, advertising referral or product transport companies, which we need for proper data processing. In these cases, the data controller undertakes that these transfers ensure an adequate level or an equivalent level of data protection, to that offered by the guarantees of European legislation. The providers will be subject to:
- International agreements with destination countries such as the Privacy Shield in the case of transfers made to the USA.
- Standard clauses drawn up within the European Commission that oblige providers to comply with fundamental guarantees for the holders of rights recognised by data protection legislation.
- Adherence to Codes of Conduct that guarantee compliance with data protection regulations
What rights do you have regarding to data protection?
European legislation recognises the following rights for data subjects:
- RIGHT OF ACCESS: you have the right to access to your personal data, which implies a duty for the person responsible to provide you, without undue delay and within a maximum period of 30 days all the information you have about yourself as well as the sources from which this information was obtained. For reasons of complexity or the number of requests, this period may be extended by up to 2 months longer than the normal time limit.
- RIGHT OF RECTIFICATION: you have the right to rectify data that are inaccurate and to complete data that you consider incomplete or insufficient. This implies a duty on the Controller to correct or complete the data in order to keep it up to date at all times.
- RIGHT TO ERASE THE DATA: if the data are no longer necessary for the purposes for which they were collected or if you simply decide to withdraw the consent you gave us for the processing of the same, which you can do at any time, your data will be placed in a state of blocking and will be permanently deleted after the period of blocking.
- RIGHT TO RESTRICTION OF PROCESING: you have the right to limit the use of the data available to us to specific purposes, while we process your requests for access, rectification, opposition or deletion. In the event that this limitation is lifted, the interested party will be previously informed of this.
- RIGHT TO PORTABILITY: you have the right to take with you a digital copy of your data which will be provided to you in a compatible format for reproduction on different devices. You may also request that we transfer the data to another Data Controller who designates us for this purpose.
- RIGHT TO REVOCATE THE CONSENT for any treatment for which you have consented, at any time.
- RIGHT TO SUBMIT A CLAIM to the Data Protection Authority or another competent control authority in different European communities or authorities, for any complaint or dispute that you have regarding the attention of their rights. To do so, you can go to the following address: aepd.es
How can I exercise my right?
- We have forms for the exercise of all the rights of the previous section. It is enough that you download them from our website or, if you prefer, send us an email. We will send you any form you request. You can also use forms provided by the Data Protection Authority or others that fit your request.
- These forms must be signed electronically or be accompanied by a photocopy of the ID.
- If someone represents you, you must attach a copy of your ID, or have them sign it with their electronic signature.
- The forms can be sent in person, sent by letter or e-mail where you will be attended by the person responsible for the privacy area. The data for the submission of applications are listed at the beginning of this policy.