The website has always complied with the valid Data Protection legislation, originally with the Organic Law on Data Protection in Spain. On 25 May 2018 this law was replaced by the General Data Protection Regulation (GDPR) of the European Union.
With this policy, the Website affirms its commitment to maintaining and guaranteeing the commercial relationships with the User in a secure manner through the protection of their personal data and guaranteeing their right to privacy.
PERSONAL DATA THAT THE WEBSITE REQUIRES
To be able to our services we need certain identifying data according to the service that the Website provides:
FOR THE CONTACT FORM:
- Name and surnames: to be able to answer the query.
- Telephone number: to be able to answer the query.
- Email address: to be able to answer the query.
We can process your data through your consent. This is a mandatory requisite for the User to be able to access the Website's services correctly.
The User has the right to be forgotten whenever they want all the data to be erased from our database.
The data that the Website collects are not considered sensitive or protected data.
According to article 9.1 of the new General Data Protection Regulation (GDPR) certain types of data are considered sensitive or protected if they reveal:
- Ethnic or racial origin.
- Political opinions.
- Religious or philosophical beliefs.
- Union membership.
- Genetic data processing.
- Biometric data intended to unequivocally identify a natural person.
- Data concerning health.
- Data related to the sexual life or sexual orientations of a physical person.
We only work with the minimal identifying details to carry out our work: name, surnames, address, telephone, email, Tax Identification Number.
DATA STORAGE PERIODS
The client data: name, telephone, postal address, email, etc. will remain in our system which legally and technically are required for the normal operations of the Website, unless the User exercises their right to erasure or updates.
As of 25 May 2018, the Website has been governed by the General Data Protection Regulation (GDPR) of the European Union.
The Website is hosted in the systems operated by OVH HISPANO S.L.U., hereinafter OVH. They have implemented the technical security and organisational measures necessary to ensure the security of the Users' personal data and to thus prevent their alteration, loss, and unauthorised processing and/or access. This takes into account the state of the technology, the nature of the stored data and the risks to which they are exposed, whether they come from human action or from the physical or natural environment. All of this is in accordance with what is set forth in the GDPR.
Furthermore, OVH has established additional measures in order to reinforce the confidentiality and integrity of the information on this Website. OVH continually maintains supervision, control, and evaluation of the processes to ensure the respect for the privacy of the data.
Specifically, the measures that OVH adopts are:
- Connection with SSL certificate on the Website.
- Encryption of the keys and passwords using standard cryptographic algorithms.
- Protection of servers using firewalls, process isolation, and other standard security measures.
- Daily security copies distributed geographically to ensure the continuity of the service in case of an incident.
Users who have provided their data to the Website may address the website holder in order to be able to freely exercise their rights to access, rectification or restriction, limitation and objection concerning the data incorporated in its files.
The method that the User must use to communicate with the Website will be via their email account registered on our web service or in writing.
The User can exercise their rights by written notification addressed to the Website with the reference “Data Protection”, specifying their data, proving their identity and the reasons for their request at the following email address:
Any information that we need to store by virtue of a legal, fiscal, or contractual obligation will be blocked and only used for these purposes instead of being erased.
DATA CONTROLLER AND DATA PROCESSOR
The data controller is the owner of the Website.
SERVICES OFFERED BY THIRD PARTIES
To provide strictly necessary services so that it may operate correctly, the Website uses the following service providers under their corresponding privacy policies:
SOCIAL MEDIA PLUGINS
On our website we offer links and services related with different social networks. If the User is a member of a social network and clicks on the corresponding link, the provider of the social network can link their profile data with the information of their visit to the Website.
Therefore, the User must be informed about the functions and policies about the processing of their personal data from the respective social network. This is applicable both whether the User accesses one of our websites with any of their profiles on social networks or shares information through them.
The User can access the privacy policies of the different social networks at any time, as well as to configure their profile to guarantee their privacy.
ACCEPTANCE, CONSENT AND REVOCABILITY
The User declares to have been informed of these conditions about personal data protection, accepting and consenting to the processing of the data by the Website in the form and for the purposes indicated in the Legal Notice.
The User may withdraw their consent to the processing of their data at any moment, but this will not affect actions already carried out in the past. That is to say, this action is not retroactive.