In compliance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016 regarding the protection of natural persons with regard to the processing of personal data and the free circulation of these data (GDPR) and with the LOPDGDD 3/2018 and other current legislation on the protection of personal data we inform you of:
RESPONSIBLE: Who will process your data?
Identity: María José Feijoo Vidal (hereinafter “The Entity”)
CIF: 35443044K
Address: Rúa José Ángel Valente, 15 – 3ºA, 15706- Santiago de Compostela, A Coruña
E-mail: info@mariafeijoo.com
PURPOSE: For what purpose do we collect your data?:
Data collected through the web contact form: We treat the data provided in the web contact form in order to manage the queries made through said form and the administrative management derived from them.
We can also use the contact information provided to send information about services provided by the entity that may be of interest to you, always with prior consent requested directly on paper when contracting a service or making purchases in the physical store, through the online forms above. quoted or through consent request email.
LEGITIMATION (Legal basis):
1.- Consent of the interested party: GDPR: 6.1. a) the interested party or their parent/guardian (if they are under 14 years of age) gave their consent through the paper forms where the data is collected for the different services where we include the request for consent to send information that may be of interest to the interested party, through the different online forms on the website or through an email requesting consent.
2.- Execution of a contract: GDPR: 6.1.b) Necessary treatment for the execution of a contract in which the interested party is a party or for the application at the latter’s request of pre-contractual measures related to the contracted treatments.
3.- The satisfaction of a legitimate interest pursued by the data controller, such as maintaining a relationship with customers and being able to report incidents with the contracted service or product purchased, as stated in article 6.1.f) of the General Regulation of Personal data protection.
4.- Compliance with a legal obligation as stated in article 6.1.c) of the General Regulations for the Protection of personal data.
Obligation or not to provide data and consequences of not doing so: The requested data is necessary to be able to contract with the Entity. In the event that all the required information cannot be obtained, the contractual relationship with the Entity cannot be established. In this way, the client acknowledges having provided their data freely, voluntarily, and sincerely, taking responsibility for their content being consistent with reality. All the information you provide us will be treated confidentially.
RECIPIENTS: To whom do we communicate the data you provide us?
1.- To advice to comply with tax obligations.
2.- Corresponding bank when appropriate according to the payment method.
3.- The Public Administration and its different bodies if required by legal obligation.
4.- Email manager and Web hosting.
International transfers: No communications are made outside the EU.
CONSERVATION: For how long do we keep your data?
The data will be kept as long as the interested party does not request the cancellation and commercial relations continue to be maintained. Once the relationship ends or you request the cancellation, the data will be kept in a blocked way to attend to possible legal or administrative requirements until the prescription of the same (Minimum 5 years).
RIGHTS: What are your rights when you provide us with your data?
Access: The interested party has the right to know what data the ENTITY is processing about him.
Rectification: The interested party has the right to request the rectification of inaccurate data.
Deletion: The interested party has the right to request the deletion of their data when, among other reasons, the data is not necessary for the purposes for which it was collected.
Limitation of treatment: In certain circumstances, the interested party may request the limitation of the treatment of their data, in which case we will only keep them for the exercise or defense of claims.
Opposition: In certain circumstances the interested party may oppose the processing of their data. In this case, the ENTITY will stop processing your data, except for compelling legitimate reasons or the exercise or defense of possible claims.
Data portability: Only applicable to automated data and consists of passing the data from the ENTITY to another new DATA CONTROLLER (not to the interested party and at the request of the same).
You can exercise your rights, including the right to withdraw your consent (if it was granted) by sending a letter to the address indicated above or by sending an e-mail to info@mariafeijoo.com accompanied by a photocopy of your ID. You also have the right to complain to the Spanish Data Protection Agency, which is the Control Authority: https://sedeagpd.gob.es/sede-electronica-web/
AUTOMATED DECISIONS
There are no customer profiles or automated decision making.
SECURITY MEASURES
The entity has adopted both technical and organizational security measures resulting from the Risk Analysis and the Compliance Audit carried out on the RGPD and the LOPDGDD and the type of personal data managed.