Art.1 Confidentiality rules
The general data protection regulation of April 27, 2016 (“RGPD” hereinafter GDPR, which means the General Data Protection Regulation) applies from May 25, 2018. It imposes strict rules and conditions for companies, within the scope of processing personal data of your customers and prospects, and this in order to protect your privacy.
For this reason, we intend to provide you with clear and precise information about the processing of your personal data.
Art.2 The person responsible for the treatment
Juan Manuel Rodríguez Ruano, responsible for the processing of his personal data, is the person in charge of the website that he used and to whom he communicated the data.
Art.3 Legal basis of data processing and its use
We can only use your personal data for legitimate and necessary purposes (Article 6 of the GDPR): This means in practice that we process your personal data, whether in electronic form or not, for legitimate purposes in the context of the contractual, commercial relationship and security. These purposes include, among others, the following:
• Communication of information, offers and prospects
• Communications in connection with the execution of a contract.
Art.4 What does a personal data represent?
The personal data includes all the information that concerns you and on the basis of which you can be identified. Anonymous data, which does not identify it, is not considered personal data. Your personal data may, therefore, include:
– Data related to your identity (surname, name, address, NIF, etc);
– Data related to your person (phone number, personal email, etc);
– Financial data (bank account number, billing details, etc);
– Data related to the execution of the contract concluded with us (object of the contract, billing address, professional data, etc);
– Data related to the use of electronic equipment, such as computers (password, registration data, electronic identification data, billing details, etc.);
Within the framework of the services provided by the “Responsible for Treatment”, the treatment of “Data of a sensitive nature” or requiring a “special level of protection” will not be carried out.
How do we use your information?
Your personal data will be used by the “Responsible for the processing” to maintain contact, for the management and maintenance of the contractual relationship and / or for the achievement of legitimate purposes in the context of the relationship maintained.
With whom do we share your information?
Your personal data will not be transferred to third parties, except to third party service providers and / or to public bodies by virtue of fulfilling a legal obligation.
Your personal data will not be subject to international transfers outside the European Economic Area.
Where appropriate, third-party providers may access your personal data in order to perform certain functions (technical maintenance, administration or processing of data) on behalf of and on behalf of the “Responsible for Processing”. In such cases, said suppliers will be considered “Treatment Managers” who will have access only to their personal information necessary to perform such functions, but may not use it for other purposes, but will act in accordance with the applicable law, respecting confidentiality, privacy and data security.
The instructions and guidelines that these suppliers will have to follow will be included in a “Treatment Order” contract, as well as the rest of the obligations attributable to them, in accordance with the applicable legislation on data protection. third party services are required for technical maintenance, administration or data processing, they will access personal data only to the extent necessary to guarantee [a safe technical treatment of the website / database / tool] and in accordance with the applicable law, respecting the confidentiality, privacy and security of the data.
Art.5 Source and origin of personal data
The personal data collected from this website come directly from the interested party, personal data is not obtained from external sources.
Art.6 Access to personal data
Your data is mainly for internal use. For certain legitimate reasons, your personal data may be disclosed or even processed by third parties.
However, we will ensure compliance with the GDPR standards by our suppliers. The processing of data by the latter will be regulated in the terms indicated in the applicable regulations.
Art.7 Duration of conservation of data
Your personal data only during the existence of the relationship maintained with the “Responsible for the treatment” and, after the expiration of the same, during the period required by the applicable regulations for compliance with legal obligations.
Art.8 What are your rights?
We inform you that you will have the possibility of exercising your rights of access, rectification, opposition, deletion, portability and limitation of the processing of your personal data through the following email: onixleather@gmail.com.
To do this, you must send such written communication indicating the request or right exercised, name and surname, address for the purposes of notifications, along with a copy of your ID or valid document proving your identity (photocopy of the passport). In the case of representation, it must be proved by a valid document.
In addition to the foregoing rights, you will have the right to withdraw, if applicable, the consent granted at any time through the procedure described above, without this withdrawal of consent affecting the lawfulness of the treatment prior to its withdrawal.
We remind you that you also have the right to file a claim with the Spanish Data Protection Agency. (https://www.agpd.es/portalwebAGPD/index-ides-idphp.php)
Art.9. Our commitment
Our goal is to implement security processes to protect stored data against unauthorized access, misuse, manipulation, illegal or accidental destruction and accidental loss.
Art.10 Procedure in case of violation
It is always possible that personal data processed in the context of the contractual relationship fall into the wrong hands as a result of human error, computer error, etc. When the violation poses a high risk to the rights and freedoms of the people, we will inform you immediately about the facts and the measures considered. We will ensure that the Spanish Data Protection Agency is notified within 72 hours after notification of the violation in question, unless the violation does not pose a high risk to the rights and freedoms of individuals. (Article 32-34 of the GDPR).
Your acceptance:
Art. 11. Consent
In the cases in which the regulations so require, you give your express and unequivocal consent for the processing of personal data as described in this Privacy Policy. You have the right to withdraw your consent at any time upon written request.
We reserve the right to modify this Privacy Policy.