- Who is responsible for the processing of your data.
- For what purposes we collect the data we request.
- What is the legitimacy for its treatment.
- For how long we keep them.
- To which recipients your data is communicated.
- What are your rights.
1. Controller of the processing of personal data
The person responsible for the processing of personal data collected in www.remediosrubiales.com is: Remedios Rubiales Domínguez with NIF: 76086193P (hereinafter, also Responsible for the processing). The contact details are as follows: Avenida Los Callejones, 23, 11600, Ubrique (Cádiz). E-mail: email@example.com
2. Purpose of the requested data
The personal data collected by the owner, through the forms on its pages, will be entered into an automated file under the responsibility of the controller.
The website processes the information provided by the user in order to respond to requests of various kinds made by the user. Depending on the nature of the request, the purpose may be:
- Management of queries, proposals, resolution of doubts and informative communications.
- Participation through comments in the blog or news section.
- Subscription to electronic mailing lists.
- Requests for web registrations.
- Web analytics.
- Embedded content from other websites.
The Website may elaborate a commercial profile, based on the information provided. The owner assumes the commitment to guarantee the user’s privacy at all times and not to collect unnecessary information. The categories of data processed on our website are only identification data. Under no circumstances are special categories of personal data processed within the meaning of Article 9 of the GDPR.
At the time the personal data is obtained, the user will be informed about the specific purpose(s) of the processing for which the personal data will be used, i.e. the use(s) to which the collected information will be put. All data provided by the user will be legitimized by his or her consent.
In the event that the user registers on the website through social networks, only the user’s personal data for which he/she has given his/her consent during the configuration of the access of the social network in question will be accessed. Any information provided in connection with such social applications may be accessed by members of the relevant social network, such interactions will be governed by the privacy policies of the entities providing the services. The website has no control over or responsibility for such entities or their use of user information.
3. Principles applicable to the processing of personal data
The processing of the User’s personal data shall be subject to the following principles set out in Article 5 of the RGPD:
- Principle of lawfulness, fairness and transparency: the consent of the User will be required at all times after fully transparent information of the purposes for which the personal data is collected.
- Purpose limitation principle: personal data will be collected for specified, explicit and legitimate purposes.
- Principle of data minimization: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.
- Accuracy principle: personal data must be accurate and always up to date.
- Principle of limitation of the storage period: personal data shall only be kept in such a way as to allow the identification of the User for the time necessary for the purposes of their processing.
- Principle of integrity and confidentiality: personal data will be processed in such a way as to ensure their security and confidentiality.
- Principle of proactive responsibility: the controller shall be responsible for ensuring that the above principles are complied with.
4. Legitimation for the processing of personal data
The legal basis for the processing of personal data is consent. The owner of the website undertakes to obtain the user’s express and verifiable consent to the processing of his personal data for one or more specific purposes.
The user will have the right to withdraw his consent at any time. It will be as easy to withdraw consent as it is to give it. As a general rule, withdrawal of consent will not condition the use of the Website.
On the occasions when the user must or may provide their data through forms to make inquiries, request information or for reasons related to the content of the Website, you will be informed if the completion of any of them is mandatory because they are essential for the proper conduct of the operation performed.
5. Periods of conservation of personal data
Personal data will only be retained for the minimum time necessary for the purposes of its processing and, in any case, only for the following period: 5 years, or until the user requests its deletion.
After the legal deadlines have elapsed, the personal data will be deleted by adopting appropriate security measures to ensure their total destruction.
6. Recipients of personal data
The owner undertakes that personal data will not be shared or disclosed to third parties without the express consent of the users. The provision of certain services, however, may require transfers of data to third countries or entities for the management of infrastructures or the provision of services, such as, for example, the management of electronic newsletters. In these cases, it is guaranteed to be hosted in countries within the European Union (and therefore in compliance with the European General Data Protection Regulation) or that are covered by the EU-US Privacy Shield agreement, approved by the European Data Protection Committee (see information here: https://www.privacyshield.gov/list).
Visitor comments may be reviewed by an automatic spam detection service.
In any case, at the time the personal data is obtained, the User will be informed about the recipients or categories of recipients of the personal data.
7. Secrecy and security of personal data
The owner of the website undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, so as to ensure the security of personal data and prevent the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or unauthorized communication or access to such data.
8. Rights arising from the processing of personal data
The User may exercise against the data controller the following rights recognized in the RGPD:
- Right of access: this is the User’s right to obtain confirmation of whether or not their personal data is being processed and, if so, to obtain information about their specific personal data and the processing that has been or is being carried out, as well as, among other things, the information available on the origin of such data and the recipients of the communications made or planned for such data.
- Right of rectification: This is the right of the user to have his or her personal data that proves to be inaccurate or, taking into account the purposes of the processing, incomplete, amended.
- Right of erasure (“the right to be forgotten”): This is the right of the user to obtain the deletion of his or her personal data when it is no longer necessary for the purposes for which it was collected or processed;
- Right to limitation of processing: This is the user’s right to limit the processing of his or her personal data.
- Right to data portability: In the event that the processing is carried out by automated means, the user shall have the right to receive from the controller his or her personal data in a structured, commonly used and machine-readable format and to transmit it to another controller.
- Right to object: This is the user’s right not to have his or her personal data processed or to cease the processing of such data by the website owner.
11. Basic data protection information
Responsible: Remedios Rubiales Domínguez
Purpose: Information, sending e-mails, answering queries, as well as other requests of various kinds.
Legitimation: Consent of the user
Recipients: Public or private entities related to the service, and other necessary entities under the EU-US Privacy Shield agreement.
Rights: Access, rectify and delete the data, as well as other rights, as explained in the additional information.
Additional information: You can consult additional and detailed information on Data Protection on our website.