Privacy Policy
- USER INFORMATION
Who is responsible for the processing of your personal data?
Óscar Tomás Del Sol Alonso is responsible for the processing of the user’s personal data and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679, of 27 April (GDPR), and Organic Law 3/2018, of 5 December (LOPDGDD).
What types of data do we request and process from you?
Depending on the form or method of obtaining your data, we always ask for the minimum necessary to comply with the purposes detailed in each case.
What do we process your personal data for and why do we do it?
Depending on the form where we have obtained your personal data, we will treat it confidentially in order to achieve the following purposes:
In the Contact form
- Respond to queries or any type of request made by the user through any of the contact forms made available on the website of the responsible party.
(for the legitimate interest of the controller, Art. 6.1.f GDPR) - Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that make it possible to carry out commercial communications. These communications will be made by the responsible party and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR) - Perform statistical analysis and market research.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
In the Newsletter form
- Send newsletters, news, offers and online promotions. (by consent of the data subject, 6.1.a GDPR)
In the Request a quote form
- Send commercial quotes on products and services.
(for the performance of a contract or pre-contract, 6.1.b GDPR) - Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that make it possible to carry out commercial communications. These communications will be made by the responsible party and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR)
In the Resume form
- Involve the interested party in the personnel selection processes and analyze the applicant’s profile with the aim of selecting a candidate for the manager’s vacant position.
(by consent of the data subject, 6.1.a GDPR)
On the Testimonial form
- Moderate and publish on the website the user’s experiences, opinions and suggestions about a product or service. (by consent of the data subject, 6.1.a GDPR)
On the form Ethics or Whistleblowing Channel
- Properly manage the ethics channel, processing the corresponding irregularities reported through it, and deciding on the appropriateness of initiating an investigation, in order to detect possible crimes and prevent the imposition of any type of liability, as well as to avoid any type of conduct contrary to the internal or external regulations of the entity.
(for compliance with a legal obligation, 6.1.c GDPR)
In the User registration form
- Manage the user’s account in order to provide them with personalized access to the website and the interactive services it offers.
(by consent of the data subject, 6.1.a GDPR)
In the Bookings form
- Make reservations at the property of the person in charge.
(for the performance of a contract or pre-contract, 6.1.b GDPR) - Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which makes it possible to carry out commercial communications referring to products or services that are similar to those that were initially contracted with the customer (art. 21.2 LSSI).
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
In the Appointments form
- Schedule appointments and meetings with the person in charge.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
Social Media
- Contact through Social Networks in order to maintain a relationship between the User and the Data Controller, which may include the following operations: – To process your requests and queries. – Inform about activities and events. – Inform about products and/or services. – Interact through official profiles. The user has a profile on the same social network and has decided to join the social network of the Data Controller, thus showing their interest in the information published therein, therefore at the time of requesting to follow our official page, they provide us with their consent for the processing of their data. The User can access the privacy policies of the social network itself at any time, as well as configure their profile to guarantee their privacy. Once the User is a follower or has joined the Controller’s social network, he/she may publish comments, links, images, photographs or any other type of content supported by it. The User, in all cases, must be the owner of the published content, enjoy copyright and intellectual property rights or have the consent of the affected third parties. – Sending commercial communications related to the activities of the companies of the Group, as well as companies external to it, with which commercial collaboration or intermediation agreements have been established.
(by consent of the data subject, 6.1.a GDPR)
Instant messaging
- Schedule appointments and meetings with the person in charge.
(for the legitimate interest of the controller, Art. 6.1.f GDPR) - Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, to customers, which makes it possible to carry out commercial communications referring to products or services that are similar to those that were initially contracted with the customer (art. 21.2 LSSI).
(for the legitimate interest of the controller, Art. 6.1.f GDPR) - Manage, maintain, improve or develop the services provided.
(for the performance of a contract or pre-contract, 6.1.b GDPR) - Manage your online purchase or order, process the payment and proceed with the shipment or activation of the same, based on the general terms and conditions of contract.
(for the performance of a contract or pre-contract, 6.1.b GDPR) - Send commercial quotes on products and services.
(for the performance of a contract or pre-contract, 6.1.b GDPR) - Send commercial advertising communications by e-mail, fax, SMS, MMS, social networks or any other electronic or physical means, present or future, that make it possible to carry out commercial communications. These communications will be made by the responsible party and will be related to its products and services, or those of its collaborators or suppliers, with whom it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
(by consent of the data subject, 6.1.a GDPR) - Respond to queries or any type of request made by the user through any of the contact forms made available on the website of the responsible party.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
Video surveillance
- Purpose Security and access control, labour and internal activity control Legitimacy Public interest in security and access control and Legitimate interest of the Data Controller based on Art. 20.3 of the Workers’ Statute Conservation A maximum of 30 days
(by the consent of the interested party, 6.1.a GDPR)
Images & Recordings
- File with static and/or dynamic images. It includes publication in the media of the data controller or third parties.
(by consent of the data subject, 6.1.a GDPR)
Customers & Suppliers
- Commercial management with customers and suppliers
(for the legitimate interest of the controller, art. 6.1.f GDPR)
Advertising Opt-Out
- Data management to prevent the sending of commercial communications to those who have expressed their refusal or opposition to receiving them.
(for compliance with a legal obligation, 6.1.c GDPR)
Commercial Advertising
- Advertising management and commercial prospecting. It includes data from legitimate, publicly accessible sources.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
Rights of data subjects
- Respond to citizens’ requests in the exercise of the rights established by the GDPR
(for compliance with a legal obligation, 6.1.c GDPR)
Users of the Controller’s Web, App and Other Platforms
- Identification data of users who access the corporate website.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
Training, courses, workshops, activities or similar
- Management of the conditions of access and use.
(for the legitimate interest of the controller, Art. 6.1.f GDPR)
Data of minors or vulnerable people
- The responsible party will not collect or process the personal data of minors under fourteen years of age, without fully complying with the requirements established in the applicable data protection regulations, in relation to compliance with the duty to inform and obtaining any necessary consents. The data collected will be processed for the management of the purposes informed. The controller has the appropriate security measures in place for the security of this data.
(by consent of the data subject, 6.1.a GDPR)
Legal representatives and contact persons
- In the event that you are the legal representative or contact person of any of the entities or persons with whom the Foundation has a relationship, the responsible party will process your data to control the development of the intended relationship.
(by consent of the data subject, 6.1.a GDPR)
How long will we keep your personal data?
They will be kept for no longer than is necessary to maintain the purpose of the processing or there are legal prescriptions that dictate their custody and when it is no longer necessary to do so, they will be deleted with appropriate security measures to guarantee the anonymisation of the data or the total destruction of the same.
To whom do we provide your personal data?
No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our service providers related to communications, with whom the responsible party has signed the confidentiality and data processor agreements required by current privacy regulations.
Do we make international transfers?
In accordance with Article 44 of the GDPR, the authorisation for the international transfer of data to a country that has not been declared as a country with an adequate level of protection may only be granted if sufficient guarantees are obtained. Thus, it may be granted if the data controller provides a written contract, concluded between the exporter and the importer of data, which sets out the necessary guarantees of respect for the protection of data subjects and guarantees the exercise of their rights.
It is possible that the controller relies on the services of suppliers that have servers or headquarters in other locations and, therefore, these transfers are made. To consult the updated list of suppliers, please consult the responsible party or through oscardelsolsatelite@gmail.com
What are your rights?
The user’s rights are:
- Right to withdraw consent at any time.
- Right of access, rectification, portability and deletion of your data, and of limitation or opposition to its processing.
- The right to lodge a complaint with the supervisory authority (www.aepd.es) if you consider that the processing does not comply with the regulations in force.
Contact details to exercise your rights:
Óscar Tomás Del Sol Alonso. C/ Gaspar Sabater,, Local 4 , – 07010 Palma (Illes Balears). E-mail: oscardelsolsatelite@gmail.com
- MANDATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER
Users, by ticking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or presented in download forms, expressly and freely and unequivocally accept that their data is necessary to attend to their request, by the provider, and the inclusion of data in the remaining fields is voluntary. The user guarantees that the personal data provided to the responsible party is truthful and is responsible for communicating any modification thereof.
The responsible party informs that all data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the user. In the event that not all data is provided, there is no guarantee that the information and services provided will be completely tailored to your needs. If, by any means, you provide us with personal data of other people, the responsible party warns that you must do so with your consent and have previously informed us of the points contained in this Privacy Policy.
Likewise, the responsible party undertakes to provide any third party whose data it provides us with the relevant information, in accordance with the provisions of article 14 of the General Regulations.
- SECURITY MEASURES
That in accordance with the provisions of the current regulations on the protection of personal data, the responsible party is complying with all the provisions of the GDPR and LOPDGDD regulations for the processing of personal data for which it is responsible, and manifestly with the principles described in article 5 of the GDPR, by which they are processed lawfully, fair and transparent in relation to the data subject and adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The controller guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of users and has communicated to them the appropriate information so that they can exercise them.
For more information on privacy guarantees, you can contact the controller through Óscar Tomás Del Sol Alonso. C/Gaspar Sabater,, Local 4 , – 07010 Palma (Illes Balears). E-mail: oscardelsolsatelite@gmail.com
- TERM
This privacy policy is effective as of 23/10/2023
The Data Controller reserves the right to modify this policy in order to adapt it to future legislative or jurisprudential updates that may be applicable, or for other technical, operational, commercial, corporate reasons, etc. If, as a result of the changes, the rights of the users are affected, the responsible party undertakes to inform them of the reasons.