1. USER INFORMATION
Who is the controller of your personal data?
BOUND 4 BLUE, S.L. is the CONTROLLER of the USER’s personal data and informs him/her that these data shall be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and the Organic Law 3/2018 of December 5, (LOPDGDD).
Why is personal data processed?
To maintain a commercial relationship with the user. The planned processing operations are:
- Sending commercial advertising communications by email, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that make it possible to carry out commercial communications. These communications will be made by the CONTROLLER and will be related to their products and services, or those of their partners or suppliers with whom they have reached a promotion agreement. In this case, the third parties will never have access to personal data.
- Conduct market research and statistical analysis.
- Processing orders, requests, responding to queries or any type of request made by the USER through any of the contact methods available at the CONTROLLER’s website.
- Send the online newsletter on news, offers and promotions in our activity.
Why can we process your personal data?
Because the processing is legitimized by article 6 of the GDPR as follows:
- With the USER’s consent: sending commercial communications and the newsletter.
- In the legitimate interest of the CONTROLLER: conduct market research, statistical analysis, etc. and process orders, requests, etc. at the request of the USER.
For how long will we keep your personal data?
Data shall be stored for no longer than is necessary to maintain the purpose of the processing or for as long as there are legal prescriptions dictating their custody, and when such purpose is no longer necessary the data shall be erased with appropriate security measures to ensure the anonymization of the data or their complete destruction.
¿To whom do we disclose your personal data?
No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our suppliers of services related to communications, with which the CONTROLLER has signed the confidentiality and data processor contracts required by current privacy regulations.
What are your rights?
Users who provide us with their data have the following rights in relation to their data:
- Right of access
- Right of rectification or erasure
- Right to restriction of processing
- Right to portability
- Right to object
- Right to withdraw consent
- Right of access: Any person has the right to obtain from the Data Controller confirmation as to whether or not personal data concerning him/her are being processed and, if so, the right of access to the personal data.
- Right of rectification: This is the right to obtain the rectification of personal data held by us concerning you.
- Right of erasure: This is the right to obtain the erasure of your personal data.
- Right to restriction of processing: This is the right for your data to cease to be subject to the relevant processing operations when any of the following conditions are met:
– When you have exercised your rights of rectification or opposition and the Controller is in the process of determining whether the request is admissible.
– If the data processing is unlawful, which implies the erasure of the data, but you do not want your data to be erased by the Data Controller.
– When the data are no longer necessary for processing, this means that the data are deleted, but you wish the data controller to limit the processing of the data and to keep them for the purpose of making, exercising or defending claims.
- Right to portability: This is the right to obtain from the Data Controller, in the event of automated processing of your data, a copy of your data in a structured, commonly used and machine-readable format or to have this copy transmitted directly to the Data Controller indicated by you. Please note that this right does not apply to:
– The data of third parties that you have provided to the Data Controller.
– The data which is its responsibility, but which has been provided to the Data Controller by third parties.
- Right to object: This is the right to object to the processing of your personal data. As far as the processing carried out by the Data Controller is concerned, you may object to the sending of commercial communications, both our own and those of third parties.
If you would like more information about your rights, we suggest that you visit the website of the Spanish Data Protection Agency, as well as the European Data Protection Regulation.
Additionally, we inform you about the possibility of filing a complaint with the competent Control Authority, in this case, the Spanish Data Protection Agency, especially in the event that you have not obtained satisfaction in the exercise of your rights. You can contact the Spanish Data Protection Agency by telephone on 901 100 099 and 912 663 517 or by visiting them at their address C/ Jorge Juan, 6. 28001 – Madrid.
2. COMPULSORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER
The USERS, by marking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or download forms, accept expressly and in a free and unequivocal way that their data are necessary for the supplier to meet their request, voluntarily providing their data in the remaining fields. The USER ensures that the personal data provided to the CONTROLLER is true and is responsible for communicating any changes to them.
The CONTROLLER informs that all data requested through the website is mandatory, as they are necessary for the provision of an optimal service to the USER. In the event that not all of the data is provided, there is no guarantee that the information and services provided will be completely adapted to the User’s needs.
3. SECURITY MEASURES
That in accordance with the provisions of the current regulations on the protection of personal data, the CONTROLLER is complying with all the provisions of the GDPR and LOPDGDD regulations for processing the personal data for which they are responsible, and is manifestly complying with the principles described in Article 5 of the GDPR, by which they are processed in a lawful, fair and transparent manner in relation to the data subject and appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER guarantees that all appropriate technical and organizational policies have been implemented to apply the security measures established by the GDPR and LOPDGDD in order to protect the rights and freedoms of USERS and has communicated the appropriate information for them to be able to exercise them.
For more information about privacy guarantees, you can contact the CONTROLLER through BOUND 4 BLUE, S.L. C/ Melampo, 2 2 4 – 39100 Santa Cruz de Bezona (Cantabria). E-mail: email@example.com
- Origin and veracity of the data
Likewise, the User undertakes to keep his/her data updated at all times, and to notify the Controller without delay of any significant modification, such as the change of ownership of his/her bank account, or the modification of his/her e-mail account provided through the relevant forms hosted on the website.
In this regard, the User shall be solely responsible for any failure to comply with the above, exonerating BOUND 4 BLUE from any liability with respect to such data that the User has not previously communicated to BOUND 4 BLUE.
ADVERTISEMENTS: In accordance with the provisions of Article 21 of Spanish Law 34/2002 on Services of the Information Society and E-Commerce (LSSICE) and the privacy regulations in force, we inform you that the data you provided will be processed in order to subscribe and to receive our newsletter.
Purposes and legitimacy of the processing: sending communications concerning products or services through the Newsletter to which you have subscribed (with the Data Subject’s consent, art. 6.1.a GDPR).
Data storage criteria: data shall be stored for no longer than is necessary to maintain the purpose of the processing or for as long as there are legal prescriptions dictating their custody, and, provided that the data subject does not revoke the consent given. When such purpose is no longer necessary the data shall be erased with appropriate security measures to ensure the anonymization of the data or their complete destruction.
Communication of data: data will not be disclosed to third parties, unless legally obliged to do so.
Rights of the Data Subject:
-Right to withdraw consent at any time.
– Right of access, rectification, portability and erasure of the data, and those of limitation or opposition to their processing.
– Right to submit a complaint to the Supervisory Authority (www.aepd.es) if they consider that the processing does not comply with current legislation.
- The right to file a complaint before the Spanish Data Protection Agency (AEPD).
Contact information to exercise their rights:
BOUND 4 BLUE, S... C/ Melampo, 2 2 4 – 39100 Santa Cruz de Bezona (Cantabria). E-mail: firstname.lastname@example.org