PRIVACY POLICY
Company name: Oriol Calvet (hereinafter, the Controller)
Trade name: Oriol Calvet
Tax ID (NIF):
Address:
Email:
In compliance with current legislation, the Controller undertakes to adopt the necessary technical and organizational measures according to the appropriate level of security for the risk of the data collected.
Applicable Laws to This Privacy Policy
This privacy policy complies with current Spanish and European regulations on the protection of personal data online, specifically:
Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR).
Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
Royal Decree 1720/2007, of December 21, approving the implementing regulation of the former Data Protection Law.
Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).
Personal Data Registration
In compliance with the GDPR and the LOPD-GDD, we inform you that the personal data collected by the Controller through forms on this website will be incorporated into a file owned and processed by the Controller in order to facilitate, expedite, and fulfill the commitments between the Controller and the User, or to maintain the relationship established in such forms or respond to a request or inquiry.
Unless the exception provided in Article 30.5 of the GDPR applies, a record of processing activities is maintained, detailing the processing purposes and other relevant circumstances.
Principles Applicable to the Processing of Personal Data
The processing of the User’s personal data shall comply with the principles set out in Article 5 of the GDPR and Articles 4 et seq. of Organic Law 3/2018:
Lawfulness, fairness, and transparency: User consent will be required with prior, transparent information on the purposes of data collection.
Purpose limitation: Data will be collected for specific, explicit, and legitimate purposes.
Data minimization: Only strictly necessary data will be collected.
Accuracy: Personal data must be accurate and kept up to date.
Storage limitation: Data will be kept only as long as necessary for processing purposes.
Integrity and confidentiality: Data will be processed securely and confidentially.
Accountability: The Controller is responsible for ensuring compliance with the above principles.
Categories of Personal Data
Only identifying data are processed on this website. No special categories of data (as defined in Article 9 of the GDPR) are processed.
Legal Basis for Processing Personal Data
The legal basis for the processing of personal data is consent. The Controller commits to obtaining express and verifiable consent from the User for one or more specific purposes.
Users have the right to withdraw their consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent prior to withdrawal.
Users will be informed when data collection via forms is required for essential functionality.
Purposes of Processing
Personal data are collected and processed to:
Facilitate, manage, and fulfill commitments between the website and the User.
Respond to inquiries or requests submitted through forms.
Carry out personalized marketing, operational and statistical analysis, and business activities.
Improve website functionality, content, and user navigation.
Users will be informed at the time of data collection about the specific purposes of processing.
Retention Periods
Data will be retained only as long as necessary for the purposes of processing or until the User requests deletion. In general, data will not be kept longer than 18 months.
At the time of collection, the User will be informed of the retention period or, if not possible, the criteria used to determine it.
Data Recipients
User data will not be shared with third parties.
Users will be informed at the time of collection if data are to be shared with recipients or categories of recipients.
Personal Data of Minors
Only individuals over 14 years old may give lawful consent to data processing. For minors under 14, parental or guardian consent is required.
Confidentiality and Data Security
The Controller will adopt necessary technical and organizational measures to ensure the security of personal data and prevent destruction, loss, unauthorized access, or alteration.
However, due to the nature of the internet, the Controller cannot guarantee absolute invulnerability and undertakes to notify the User without undue delay in case of a personal data breach likely to result in a high risk to the User’s rights and freedoms.
All personal data will be treated as confidential, and the Controller will ensure this confidentiality is respected by employees, partners, or any individual granted access.
User Rights
Users have the following rights under the GDPR and Organic Law 3/2018:
Right of access: To know if their data is being processed and obtain a copy.
Right to rectification: To correct inaccurate or incomplete data.
Right to erasure (“right to be forgotten”): To delete data when it is no longer needed or when consent is withdrawn.
Right to restriction of processing: To limit processing under certain conditions.
Right to data portability: To receive and transfer data in a structured, commonly used, machine-readable format.
Right to object: To object to the processing of their personal data.
Right not to be subject to automated decisions, including profiling.
To exercise these rights, Users may submit a written request to the Controller, specifying:
Full name and a copy of ID (or a legal representative with documentation)
Reason for the request
Notification address
Date and signature
Supporting documents
Links to Third-Party Websites
The Website may contain links to external websites not operated by the Controller. Each external site has its own privacy policy and is responsible for its own data practices.
Complaints to the Supervisory Authority
Users may file a complaint with the appropriate Data Protection Authority if they believe their data is being improperly processed. In Spain, this is the Agencia Española de Protección de Datos: https://www.aepd.es
II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY
By using the Website, the User confirms they have read and agree to this Privacy Policy and consent to the processing of their personal data as described herein.
The Controller reserves the right to modify this Privacy Policy based on legal, jurisprudential, or regulatory changes, without explicit prior notice. Users are advised to consult this policy regularly.
This Privacy Policy was last updated to comply with Regulation (EU) 2016/679 and Organic Law 3/2018.
