- Identity of the party responsible for processing personal data
The party responsible for processing the personal data collected: PRODUCTS VELARTE, SL
Tax ID Number: B-46,281,267
From now on, Data Processing Controller.
Whose data are the following:
Address: CALLE 42, S/N, POLIGONO INDUSTRIAL EL BONY – 46470 – CATARROJA (VALENCIA)
Contact telephone number +34 96 126 71 32
Email address: firstname.lastname@example.org
- Data Protection Officer (DPO)
The Data Protection Officer (DPO) is responsible for ensuring compliance with the data protection regulations to which he/she is subject. PRODUCTOS VELARTE, SL, according to current legislation, does not require such a role.
- Personal Data Registration
The personal data collected by PRODUCTOS VELARTE, SL, by means of the forms made available in its pages, will be entered into an automated file under the responsibility of the data processing controller, and duly declared and inscribed in the General Registry of the Agency of Protection of Data that can be consulted on the web site of the Spanish Agency of Protection of Data (http://.agpd.es) in order to facilitate, expedite and fulfil the commitments established between PRODUCTOS VELARTE, SL, and the user, or the maintenance of the relationship that is established in the forms that the user fills, or to address a request or query of the same.
- PERSONAL DATA CATEGORIES
The categories of data processed in PRODUCTOS VELARTE, SL, are only identifying data. It does not deal with special categories of personal data within the meaning of Article 9 of the GDPR.
2.1 Principles applicable to the processing of personal data
The processing of the user’s personal data shall be subject to the following principles set out in Article 5 of the GDPR:
- Principle of legality, loyalty and transparency: the consent of the User will be required at all times, prior information complements the transparency of the purposes for which the personal data are collected.
- Purpose limitation principle: personal data will be collected for specific, explicit and legitimate purposes.
- Principle of data minimisation: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.
- Principle of accuracy: personal data must be accurate and always up to date.
- Principle of limitation of the storage period: personal data will only be kept in such a way as to allow identification of the User for the time necessary for the purposes of its processing.
- Principle of integration and confidentiality: personal data will be treated in such a way as to guarantee their security and confidentiality.
- Principle of proactive responsibility: The data processing controller shall be responsible for ensuring that the above principles are complied with.
2.2 Legal basis for the processing of personal data
The legal basis for the processing of personal data is unequivocal and express consent, and undertakes to obtain such consent by verifying the user for the processing of their personal data for one or more specific purposes.
The user has the right to withdraw consent at any time. It will be as easy to withdraw consent as it is to give it. As a general rule, withdrawal of consent will not restrict your use of the website.
On occasions when the user can or must provide their data through forms to make queries, request information or for reasons related to the content of the Web site, he/she will be informed if the completion of any of them is mandatory because they are essential for the proper conduct of the operation.
2.3 Personal data retention periods
Personal data will only be retained for the minimum time necessary for the purposes of processing, or until the User requests its deletion.
At the time of collection of the personal data, the User will be informed about the period during which the personal data will be stored, or where this is not possible, the criteria used to determine this period.
- Recipients of personal data
In order to properly manage the service provided and the personal data of its users, PRODUCTOS VELARTE, SL will have the collaboration of third party service providers who may have access to your personal data on behalf of PRODUCTOS VELARTE, SL as a result of its provision of services. PRODUCTOS VELARTE, SL undertakes to enter into the corresponding data processing contract, by means of which it will impose the following obligations, among others: to apply appropriate technical and organisational measures; to process personal data for the agreed purposes and attending only to the documented instructions of PRODUCTOS VELARTE, SL; and to delete or return the data to PRODUCTOS VELARTE, SL once the services have been rendered.
Where the data processing controller intends to transfer personal data to a third country or international organisation, the user shall, at the time the personal data are collected, be informed of the third country or international organisation to which the data are intended to be transferred, as well as of the existence or absence of an adequacy decision of the Commission.
2.5 Personal data of minors
Respecting what is established in articles 8 of the GDPR and 13 of the RDLOPD, only those over 16 years of age may lawfully give their consent for the processing of their personal data. If the child is under 16 years of age, the consent of the parents or guardians will be necessary for the processing, and this is only considered lawful to the extent that the parents or guardians have authorised it.
2.6 Secrecy and security of personal data
PRODUCTOS VELARTE, SL undertakes to adopt the necessary technical and organised measures, according to the level of security appropriate to the risk of the data collected, in such a way as to guarantee the security of personal data and to avoid the accidental or unlawful destruction, loss or alteration of all personal data transmitted, stored or otherwise processed, or the unauthorised communication of or access to said data.
However, due to the fact that PRODUCTOS VELARTE, SL cannot guarantee the security of the Internet nor the total absence of hackers or others who fraudulently access personal data, the controller undertakes to inform the User without undue delay when a breach of the security of personal data occurs that is likely to involve a high risk to the rights and freedoms of natural persons. Pursuant to Article 4 of the RGPD, a breach of the security of personal data is any breach of security that results in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or in the unauthorised communication of or access to such data.
Personal data will be treated as confidential by the data processing controller, who undertakes to inform and guarantee by means of a legal or contractual obligation that this confidentiality will be respected by his/her employees, partners, and any person to whom he makes the information accessible.
III RIGHTS DERIVING FROM THE PROCESSING OF PERSONAL DATA
The User may exercise at any time against the data processing controller the following rights recognised in the GDPR:
- Rights of access: It is the right of the User to obtain confirmation as to whether PRODUCTOS VELARTE, SL is processing their personal data or not and, if so, to obtain information on their specific personal data and the treatment that PRODUCTOS VELARTE, SL has carried out or is carrying out, as well as, among others, the available information on the origin of said data and the addressees of the communications carried out or planned for them.
- Rights of rectification: It is the User’s right to have his/her personal data modified if they prove them to be inaccurate, taking into account the purposes of the treatment or incomplete.
- Rights of deletion (” the right to be forgotten”): It is the right of the User, provided that current legislation does not state otherwise, to obtain the deletion of his/her personal data when they are no longer necessary for the purposes for which they were collected or processed; the User has withdrawn his/her consent to the processing and the processing has no other legal basis; the User objects to the processing and there is no other legitimate reason to continue with it; the personal data have been processed unlawfully; the personal data must be deleted in compliance with a legal obligation; or the personal data have been obtained as a result of a direct offer from social services of a child under 16 years of age. In addition to deleting the data, the controller, taking into account the available technology and the cost of its implementation, shall take reasonable steps to inform the controllers processing the personal data of the data subject’s request for deletion of any link to such personal data.
- Rights to limitation of processing: It is the User’s right to limit the processing of their personal data. The User has the right to obtain the limitation of the processing when he/she challenges the accuracy of his/her personal data; the processing is unlawful; the Controller no longer needs the personal data, but the User needs it to make claims; and when the User has opposed the processing.
- Right to data portability: In the event that the processing is carried out by automated means, the User shall have the right to receive from the Controller his/her personal data in a structured format, for common use and machine readable, and to transmit them to another controller. Whenever technically possible, the data controller will transmit the data directly to that other controller.
- Right to object: It is the right of the user not to carry out the processing of their personal data or cease the processing of them by PRODUCTOS VELARTE, SL
- The right not to be the subject of a decision based solely on automated processing, including profiling: It is the right of the User not to be the object of an individualised decision based solely on the automated processing of their personal data, including the development of profiles, unless current legislation provides otherwise.
Thus, the user may exercise their rights by written communication addressed to the controller, PRODUCTOS VELARTE, SL, specifying:
- Name, surname of the user and copy of their ID document. In cases where representation is allowed, it will also be necessary to identify by the same means the person representing the User, as well as the document accrediting the representation. The photocopy of the ID document may be replaced by any other means valid in law that proves identity.
- Petition with the specific reasons for the request or information to be accessed.
- Address for notification purposes.
- Date and signature of the applicant.
- Any document that accredits the request that it formulates.
This application and any other attached documents may be sent to the following address and/or e-mail:
Mailing address: CALLE 42, S/N, POLIGONO INDUSTRIAL EL BONY – 46470 – CATARROJA (VALENCIA)
3.1 Links to third party websites.
The Web site may include hyperlinks or links that allow access to websites of third parties other than PRODUCTOS VELARTE, SL, and therefore are not operated by PRODUCTOS VELARTE, SL The owners of such Web sites will have their own data protection policies and who, in each case, are responsible for their own files and their own privacy practices.
3.2 Complaints to the supervisory authority.
In the event that the User considers that there is a problem or infringement of the regulations in force in the way in which their personal data are being processed, they shall be entitled to effective judicial protection and to lodge a complaint with a control authority, in particular, in the State in which they have their habitual residence, place of work or place of the alleged infringement. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (http://www.agpd.es).