1. Identification of the Data Controller
COMERCIAL GRUPO FREIXENET, S.A. is the entity responsible for the processing of the USER'S personal data (DATA CONTROLLER) and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and the Organic Law 3/2018 of 5 December (LOPDGDD).
Please inform the Data Controller immediately of any changes to your personal data so that the information contained in the files of the Data Controller is always up to date and free of errors.
You can contact the Data Controller at the email address firstname.lastname@example.org.
The address for the purpose of complaints is identical to the Owner’s registered office.
2. Purposes of data processing
Answering queries that the User as data subject sends to the Data Controller.
Conservation period: The data will be kept until the issue raised by the User (data subject) has been resolved. Subsequently, if necessary, the information will be kept locked for the legally established periods.
Legal basis: Legitimate Interest of the Controller and Consent of the data Subject.
Sending to the User commercial communications about our products that may be of interest (newsletter).
Conservation period: The data will be kept for as long as the data subject does not revoke the consent given.
Legal basis: Express consent of the User as data subject.
3. Recipients of your data
The Data Controller puts third parties in charge of the processing in order to provide its services. With the exception of these entities, your data will not be communicated to other third parties. If for any reason it is necessary to communicate such data to third parties, you will be informed in advance and, where appropriate, your consent will be requested and the purposes of the communication and the identity of the third party to whom it is to be communicated will be specified.
This is with the exception of cases in which a legal requirement necessitates the communication of such data to a third party.
Persons who provide us with their data have the following rights in relation to their data:
- a. Right of access
- b. Right of correction or deletion
- c. Right to limitation of processing
- d. Right to portability
- e. Right of opposition
- f. Right to revoke consent
- a. Right of access: Any person has the right to obtain from the Controller confirmation of whether or not personal data concerning him/her are being processed and, if so, the right of access to personal data.
- b. Right of correction: This is the right to obtain rectification of personal data held by us concerning him/her.
- c. Right of deletion: This is the right to obtain the deletion of your personal data.
- d. Right to limitation of processing: This is the right to have your data cease to be subject to the corresponding processing operations when any of the following conditions are met
- When you have exercised the rights of rectification or opposition and the Controller is in the process of determining whether the request proceeds.
- If the data processing is unlawful, which implies the deletion of the data, but you do not want your data to be deleted by the Controller.
- When the data is no longer necessary for the processing, which implies the deletion of the data, but you want the Controller to limit the processing of the data and to keep them in order to formulate, exercise or defend claims.
- e. Right to portability: This is the right to obtain from the Data Controller, in the event of automated processing of your data, a copy of the data in a structured, commonly used and machine-readable format or to have such copy transmitted directly to the Data Controller indicated by you. Please note that this right does not apply to:
- The data of third parties that you have provided to the Controller.
- The data concerning you, but which have been provided to the Controller by third parties.
- f. Right of opposition: This is the right to object to your personal data being processed. As far as the processing carried out by the Controller is concerned, you may object to the sending of commercial communications both own and third parties.
If you would like more information about your rights, we suggest that you visit the website of the Spanish Data Protection Agency.
In addition, we inform you about the possibility of filing a complaint with the competent Control Authority, in this case, the Spanish Data Protection Agency, in particular if you have not obtained satisfaction in the exercise of your rights. You can contact the Spanish Data Protection Agency by telephone on 901 100 099 and 912 663 517 or by visiting them at their address C/ Jorge Juan, 6. 28001 Madrid.
5. Security measures
The Data Controller guarantees the User that the processing carried out complies with all the provisions of the above-mentioned data protection regulations, GDPR and LOPDGDD, and that the data are processed in a lawful, fair and transparent manner in relation to the data subject and are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
The Data Controller also guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the Users and has communicated to them the appropriate information so that they can exercise those rights.
6. Origin and veracity of the data
Likewise, the User undertakes to keep his/her data updated at all times, and to communicate without delay to the Responsible Party any significant modification, such as the change of ownership of his/her bank account, or the modification of his/her e-mail account provided through the relevant forms hosted on the FREIXENET website.
In this sense, the User shall be solely responsible for the breach of the above, exonerating FREIXENET from any liability with respect to such data that the User has not previously communicated.