3. General information and mandatory information

Data Protection

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with the terms of statutory data protection regulations and this Data Protection Statement.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. The present privacy policy explains what data we collect and what we use it for. She also explains how and for what purpose it is done.

We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) may have security gaps. There is no complete protection of data from access by third parties possible.

Note on the data controller

The data controller for this website is:

Lucia Peinado Metsch
Phone: +34 642 1919 05
Email: lupeme2018@gmail.com

The data controller is the natural or legal person who, alone or jointly with others, decides the purposes and means of processing personal data (e.g. names, email addresses, etc.) decides.

Storage period

Unless a specific storage period has been specified in this Data Protection Statement, your personal data remain with us until the purpose of the data processing no longer applies. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted, unless we have other legally permissible reasons for storing your personal data (e.g. retention periods under tax or commercial law); in the latter case the data will be deleted after these reasons no longer apply.

Note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure under data protection law. With these tools in place, your personal data are transferred to these third countries and processed there. We wish to point out that no data protection level comparable to that in the EU can be guaranteed in these countries.

For example, US companies are required to surrender personal data to security authorities, without the  to surrender without you as the data subject being able to take legal action against this. Accordingly, we cannot rule out that US authorities (e.g. secret services) may access process, evaluate and permanently save your data on US servers for monitoring purposes. We have no influence over these activities.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You may revoke consent already given at any time. The legality of the processing of your data before your revocation remains unaffected.

Right to object to data collection in special cases and against direct mail (Art. 21 GDPR)

THE DATA SUBJECT SHALL HAVE THE RIGHT TO OBJECT, ON GROUNDS RELATING TO HIS OR HER PARTICULAR SITUATION, AT ANY TIME TO PROCESSING OF PERSONAL DATA CONCERNING HIM OR HER WHICH IS BASED ON POINT (E) OR (F) OF ARTICLE 6(1), INCLUDING PROFILING BASED ON THOSE PROVISIONS. THE CONTROLLER SHALL NO LONGER PROCESS THE PERSONAL DATA UNLESS THE CONTROLLER DEMONSTRATES COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE THE INTERESTS, RIGHTS AND FREEDOMS OF THE DATA SUBJECT OR FOR THE ESTABLISHMENT, EXERCISE OR DEFENCE OF LEGAL CLAIMS. (ART. 21. 1 GDPR).

WHERE PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, THE DATA SUBJECT SHALL HAVE THE RIGHT TO OBJECT AT ANY TIME TO PROCESSING OF PERSONAL DATA CONCERNING HIM OR HER FOR SUCH MARKETING, WHICH INCLUDES PROFILING TO THE EXTENT THAT IT IS RELATED TO SUCH DIRECT MARKETING. (ARTICLE. 21. 2 GDPR).

Right to lodge a complaint with a supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, your place of work or the location of the alleged violation. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to data portability

You have the right to data that we provide on the basis of your consent or in fulfillment of a contract process automatically, either to yourself or to a third party in a common, machine-readable format. In exercising your right to data portability, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as the for example, orders or inquiries that you send to us as the website operator, we apply SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, deletion and correction

You have the right, free of charge at any time within the framework of the applicable statutory provisions, to access information about your stored personal data, their origin and recipient and the purpose of data processing and, if applicable, the right to correct or delete this data. Feel free to contact us at any time if you have any further questions on the subject of personal data.

Right to restriction of processing

You have the right to request that the processing of your personal data be restricted. You can contact us at any time for this purpose. The right to restriction of processing operates as follows:

• If you dispute the accuracy of your personal data stored by us, we usually need time to check this out. Throughout the verification process, you have the right to request that the processing of your personal data be restricted.
• If the processing of your personal data happened / happens unlawfully, you may request if cookies are used by third-party companies or for analysis purposes, we will inform you about this provide separate information in the context of this Data Protection Statement and, if necessary, ask for consent.

Contact form

If you send us inquiries using the contact form, your details will be taken up, including the contact details you provide there for the purpose of processing the request and stored by us in the event of follow-up questions. We will not provide this data to anybody else without your further consent.

The processing of data takes place on the basis of Art. 6.1 (b): the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. In all other cases, processing is based on our legitimate interest in the effective processing of inquiries sent to us (Art. 6.1 (f) GDPR) or if your consent as been given (Art. 6.1 (a) GDPR).

The data you enter in the contact form will remain with us until you request us to delete it , revoke your consent to storage, or the purpose of data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

Inquiries by email, phone or fax

If you contact us by e-mail, phone or fax, your request will be inclusive of all of it resulting personal data (name, request) for the purpose of processing your request stored and processed by us. We do not pass on this data without your consent. The processing of this data takes place on the basis of Art. 6.1 (b) GDPR: for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries sent to us (Art. 6.1 (f) GDPR) or on your consent (Art. 6.1 (a) GDPR). The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to storage, or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – in particular statutory retention periods – remain unaffected.

5. Social media

Instagram plugin

Functions of the Instagram service are integrated on this website. These functions are offered by Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland.

If you are logged into your Instagram account, you can click the Instagram button to link to the content of this website. This allows Instagram to visit this assign the website to your user account. We point out that we as the provider of the pages do not obtain knowledge of the content of the transmitted data and their use by Instagram.

The storage and analysis of the data takes place on the basis of Art. 6.1 (f) GDPR., i.e. the legitimate interest of the website operator in the widest possible visibility of the social media. If consent has been requested, the processing takes place exclusively on the basis of Art. 6.1 (a) GDPR; consent can be revoked at any time.

Insofar as personal data is collected and sent on our website with the help of the tool described here Facebook or Instagram are forwarded, we and Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbor, Dublin 2, Ireland, are jointly responsible for this data processing (Art. 26 GDPR). The joint responsibility is limited exclusively to the recording of the data and its transfer to Facebook or Instagram. Any processing that takes place after forwarding by Facebook or Instagram is not part of the shared responsibility. 

Our respective resonsibilities are set out in a joint processing agreement made between us. The wording of this agreement can be found at: https://www.facebook.com/legal/controller_addendum. According to this agreement, we agree grant the data protection information when using the Facebook or Instagram tool and for the responsible for the implementation of the tool on our website in accordance with data protection law. Facebook is responsible for the data security of Facebook and Instagram products. Affected rights you can (e.g. request for information) with regard to the data processed on Facebook or Instagram claim directly on Facebook IDEM. If you assert your rights with us, we are obliged to forward this to Facebook.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum,
https://help.instagram.com/519522125107875 and
https://de-de.facebook.com/help/566994660333381.

You can find more information on this in Instagram’s privacy policy:

https://instagram.com/about/legal/privacy/.

Source:

https://www.e-recht24.de