LEGITIMACY FOR DATA PROCESSING AND APPLICABLE REGULATIONS
VESPAMÁLAGA commits to obtain free, express, unequivocal and verifiable user consent as legitimacy to data processing of his/her data. These data will be exclusively used to purposes indicated in this text.
VESPAMÁLAGA accepts responsibility for adopting all organizational and technical measures that are necessary and/or appropriate for compliance with the legal regulation.
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and the free movement of such data (GDPR).
- Spanish Organic Law 3/2018 of 5 December on the Protection of Personal Data and guarantee of Digital Rights (Ley Orgánica de Protección de Datos y garantía de los derechos digitales (LOPD-GDD), in Spanish).
- Law 34/2002, of 11 July on Services of the Information Society and Electronic Commerce (Servicios de la Sociedad de la Información y Comercio Electrónico (LSSI-CE), in Spanish)
IDENTITY OF THE DATA PROTECTION OFFICER AND DELEGATE
Personal data that may come directly from the user will be handled confidentially by the Responsible for data protection, whose contact details are:
Calle Salitre, 45, 29002 - Málaga
Also, the ownership of the Data Protection Officer (DPO) corresponds to VESPAMÁLAGA SA, who may be contacted regarding the user data protection at the following email address: firstname.lastname@example.org.
PURPOSE AND MOTIVATION FOR DATA PROCESSING
Personal data collected by VESPAMÁLAGA will be stored and processed for the achievement of organizational objectives, whose purpose will be the one applicable to each specific case.
However, the common purpose of all procedures will be to handle the service provided by VESPAMÁLAGA, within the framework of the potential commercial relationship that united them. This relationship is necessary to send information, advertising, sales, promotions, suggestions, etc. and also to collect data with statistics and marketing purposes.
Contact between VESPAMÁLAGA and the user will be the result of the explicit and unequivocal content of the user. This contact will take place by phone, email, SMS, or any electronic or physical means that make possible trade relations.
Personal data collected will be stored during all necessary time to accomplish the purpose for what they were intended and the potential responsibilities derived from this purpose, besides periods established by the law and files and documentation. And, as far as the law allows until the user requests its removal.
Generally, personal data will not be spread with thirds parties, unless this fact arises from the accomplishment of legal obligations.
Personal data will be treated as confidential by the Data Protection Officer, who undertakes to ensure by legal or contractual means that such confidentiality is respected by his employees, associates and any person to whom the information can be accessible.
All users may exercise their rights to access, rectification, suppression, portability of their data, limitation, and opposition to their processing, besides the right not to be subject to decisions only based on the automatic treatment of their data.
This rights may be exercised by written communication directed towards data processing responsible, specifying:
- Full name and ID copy of the applicant.
- Full name and ID copy of the representative, if applicable.
- Reasons why the claim take place.
- Postal address to receive notifications.
- Date and signature of the applicant.
- Any other document that completes the application.
To be taken into account, this information must be sent by physical or electronic means to:
- Postal address: Calle Salitre, 45, 29002 - Málaga
- Email address: email@example.com
VESPAMÁLAGA commits to adopt the necessary technical and organizational security measures, that are appropriate and proportionate to the level of risk involved in the information stored; so a to ensure data security and prevent from accidental or unauthorized destruction, loss or variation of personal data transmitted, stored or otherwise processed, or unauthorized communication of or access to such data.