Respecting the provisions established in the current legislation, [Company/Person Name] (hereinafter also referred to as the Website) commits to adopting the necessary technical and organizational measures according to the appropriate security level for the risk of the data collected.
Laws Incorporated in This Privacy Policy
This privacy policy is adapted to the current Spanish and European regulations regarding the protection of personal data on the internet. Specifically, it complies with the following regulations:
Identity of the Data Controller
The data controller responsible for the personal data collected by [Company/Person Name] is: Nicolás Bosch Cascales , with tax ID number (NIF): 48670277T (hereinafter, Data Controller).
Their contact details are as follows:
Address: Calle Doctor Gadea nº19 –
03550 – Sant Joan D’Alacant – Alicante
Contact phone: 693838451
Contact email: impermetec@gmail.com
Personal Data Registration
In compliance with the GDPR and LOPD-GDD, we inform you that the personal data collected by [Company/Person Name] through the forms on its pages will be incorporated and processed in our file to facilitate, expedite, and fulfill the commitments established between [Company/Person Name] and the User or to maintain the relationship established via the forms filled out by the User or to address any request or inquiry.
Furthermore, in accordance with the GDPR and LOPD-GDD, unless the exception in article 30.5 of the GDPR applies, a record of processing activities is maintained specifying, according to their purposes, the processing activities carried out and other circumstances established by the GDPR.
Principles Applicable to Personal Data Processing
The processing of the User’s personal data will be subject to the following principles set forth in article 5 of the GDPR and articles 4 and following of Organic Law 3/2018:
Lawfulness, fairness, and transparency: User consent will always be required after fully transparent information on the purposes for which the personal data are collected.
Purpose limitation: Personal data will be collected for specific, explicit, and legitimate purposes.
Data minimization: Only personal data strictly necessary for the purposes will be collected.
Accuracy: Personal data must be accurate and kept up to date.
Storage limitation: Personal data will be kept only as long as necessary to allow User identification for the purposes of processing.
Integrity and confidentiality: Personal data will be processed ensuring its security and confidentiality.
Accountability: The Data Controller is responsible for ensuring compliance with these principles.
Categories of Personal Data
The categories of data processed by [Company/Person Name] are solely identifying data. No special categories of personal data within the meaning of article 9 of the GDPR are processed.
Legal Basis for Processing Personal Data
The legal basis for processing personal data is consent. [Company/Person Name] undertakes to obtain the User’s explicit and verifiable consent for processing their personal data for one or more specific purposes.
Users have the right to withdraw their consent at any time. Withdrawing consent will be as easy as giving it. Generally, withdrawing consent will not affect the use of the Website.
When Users must provide their data via forms for inquiries, information requests, or content-related reasons, they will be informed if any field is mandatory because it is essential for correctly completing the transaction.
Purposes of Processing Personal Data
Personal data are collected and managed by [Company/Person Name] to facilitate, expedite, and fulfill the commitments established between the Website and the User or to maintain the relationship established through the forms filled out by the User or to attend to any request or inquiry.
Additionally, data may be used for commercial purposes such as personalization, operational and statistical activities, and activities related to [Company/Person Name]’s business objectives, as well as data extraction, storage, and marketing studies to tailor the offered content to the User and improve the Website’s quality, functionality, and navigation.
At the time personal data are obtained, the User will be informed about the specific purpose(s) for which the data will be processed.
Retention Periods of Personal Data
Personal data will only be retained for the minimum necessary period for the processing purposes and, in any case, only for the following period: [insert period], or until the User requests deletion.
Users will be informed at the time of data collection about the retention period or, when not possible, the criteria used to determine such period.
Recipients of Personal Data
Users’ personal data will not be shared with third parties.
In any case, at the time personal data are obtained, the User will be informed about the recipients or categories of recipients of their personal data.
Personal Data of Minors
Respecting the provisions of articles 8 of the GDPR and 7 of Organic Law 3/2018, only persons over 14 years old may lawfully consent to the processing of their personal data by [Company/Person Name]. For minors under 14, parental or guardian consent is required, and the processing will only be lawful to the extent authorized by them.
Confidentiality and Security of Personal Data
[Company/Person Name] commits to adopting the necessary technical and organizational measures appropriate to the security risk of the data collected to guarantee the security of personal data and prevent accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
The Website uses an SSL (Secure Socket Layer) certificate to ensure personal data is transmitted securely and confidentially by encrypting the data exchange between the server and the User.
However, since [Company/Person Name] cannot guarantee absolute internet security or the total absence of hackers or unauthorized access, the Data Controller commits to promptly notifying the User of any personal data security breach likely to pose a high risk to individuals’ rights and freedoms, as defined in article 4 of the GDPR.
Personal data will be treated confidentially by the Data Controller, who ensures that this confidentiality is respected by employees, associates, and any other persons with access to the information under legal or contractual obligation.
Rights Derived from the Processing of Personal Data
Users have the following rights under the GDPR and Organic Law 3/2018, which they may exercise against [Company/Person Name], the Data Controller:
Users can exercise their rights by sending a written communication to the Data Controller with the reference “GDPR-www.test.com,” specifying:
Requests can be sent to:
Postal address: Calle Doctor Gadea nº19 –
03550 – Sant Joan D’Alacant – Alicante
Email address: impermetec@gmail.com
Links to Third-Party Websites
The Website may contain hyperlinks to third-party websites not operated by [Company/Person Name]. Those third-party websites have their own privacy policies and are responsible for their own data files and privacy practices.
Complaints to Supervisory Authority
If the User believes there is an issue or breach of data protection regulations regarding their personal data, they have the right to effective judicial protection and to file a complaint with a supervisory authority, particularly in the state of their habitual residence, workplace, or where the alleged infringement occurred. In Spain, the supervisory authority is the Spanish Data Protection Agency (https://www.aepd.es/).
It is necessary that the User has read and agrees with the personal data protection terms contained in this Privacy Policy, as well as accepts the processing of their personal data so that the Data Controller can proceed accordingly, within the indicated timeframes and for the stated purposes. The use of the Website implies acceptance of its Privacy Policy.
[Company/Person Name] reserves the right to modify its Privacy Policy at its own discretion or due to legislative, jurisprudential, or doctrinal changes from the Spanish Data Protection Agency. Changes or updates to this Privacy Policy will not be explicitly notified to the User. It is recommended that the User periodically review this page to stay informed about the latest changes or updates.
This Privacy Policy has been updated to comply with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (GDPR), and Organic Law 3/2018, of December 5, on Personal Data Protection and Guarantee of Digital Rights.
This Website Privacy Policy document was created using a free online web privacy policy generator on 02/18/2024.
