In this regard, NEXLEVO guarantees compliance with current personal data protection regulations, reflected in the Organic Law 3/2018 of December 5, 2018, for the Protection of Personal Data and Guarantee of Digital Rights (LOPD GDD). It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 regarding the protection of natural persons (GDPR).
OWNERSHIP OF THE WEBSITE
- Owner: Cristina Iglesias Suárez
- Address: C/ Paseo Licenciado Vidriera, 2, Portal 15, 2ºA (28906 – Getafe) Madrid
- E-mail: email@example.com
- Telephone: +34 634 488 481
- Tax Identification Number: 71644607K
BASIC RULES OF THE WEBSITE
- Prohibition of sending unsolicited emails (spam). This Website does not send unsolicited or unauthorized commercial e-mail.
- Transparency with the Website users. Any User will have access, at any time, to the data of the person responsible for the Website and for the management of the information concerning him/her, the purpose for which the data will be processed, the consent of the User being required for their processing and the latter being able to revoke at any time the prior consent given.
- User data will not be shared. No data obtained through this Website will be transferred to third parties unless the Users have been previously informed and have given their express authorization.
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals regarding the processing of personal data and the free circulation of such data and abrogating Directive 95/46/EC (General Data Protection Regulation).
- Organic Law on Protection of Personal Data and Guarantee of Digital Rights (LOPDGDD) 3/2018 adapts Spanish law to the model established by the General Data Protection Regulation (GDPR).
- Act 34/2002, of July 11, on Services of the Information Society and Electronic Commerce. Regulates economic transactions through electronic means.
COLLECTION OF PERSONAL DATA
This Website uses different systems to obtain personal data. The prior consent of the Users is essential to process their personal data for the indicated purposes.
The user of the Website will always have the right to revoke prior consent at any time.
However, to navigate this Website, you do not need to provide any personal information.
The cases in which you do provide your personal data are the following:
- Content subscription forms: there are several forms on the website to activate the subscription. The data provided will be used exclusively to send the newsletter and keep you updated on news and offers. The User will be able to register in a subscription form that the Owner manages with Active Campaign.
- Contact form: there is a contact form on the website for queries, suggestions or professional contact. In this case, the email address will be used to respond to them and send the information that the user requires through the Website.
- Session or appointment reservation forms: There are several forms on the website to book a session or an appointment through a schedule that the Owner manages with the Calendly platform. The data provided will be used exclusively to organise and manage the meeting.
LEGITIMACY FOR THE PROCESSING OF YOUR DATA
The consent is the legal basis for the processing of your data.
PERSONAL DATA CATEGORIES
The categories of personal data processed by the Owner are:
- Identification data.
- No specially protected categories of data are processed.
PERSONAL DATA RETENTION
The data processed will be kept until the legal periods established for data retention expire, if there is a legal obligation to keep them, or, if there is no such legal period, until the data subject requests their deletion or revokes the consent granted.
Therefore, Personal data provided will be stored:
- For as long as the commercial relationship lasts.
- Until the data subject requests its deletion.
- For a period of 2 years, counting from your last confirmation of interest.
RECIPIENTS OF PERSONAL DATA
- ActiveCampaign, ActiveCampaign LLC with registered office located at 1 N Dearborn St. 5th Floor Chicago, IL 60602. Sydney Opera House.
More information at activecampaign.com
The data is processed by ActiveCampaign to provide solutions for sending emails, transactional SMS and marketing SMS to the Owner.
- Calendly, Calendly LLC with registered office at 271 17th St NW, Atlanta, GA 30363, United States. More information at: calendly.com/pages/privacy Calendly processes the data in order to manage appointments or meetings between the User and the Owner of the Website.
ACCURACY AND VERACITY OF PERSONAL DATA
You undertake to ensure that the data provided to the Data Controller is correct, complete, accurate and up to date, as well as to keep it duly updated.
As a User of the Website, you are solely responsible for the veracity and correction of the data submitted to the Website, exonerating NEXLEVO from any liability in this regard.
ACCEPTANCE AND CONSENT
To exercise your rights of access, rectification, erasure, portability and objection, please send an email to firstname.lastname@example.org along with valid legal proof of your identity, such as a photocopy of your ID card or equivalent.
The exercise of these rights does not include any data which NEXLEVO is obliged to keep for administrative, legal or security-related purposes.
These policies will remain in force until they are modified by others duly published.
Please note that this policy may vary depending on legislative or self-regulatory requirements, so users are advised to review it periodically.
Minors under the age of thirteen may not register on the Website without the consent of their parents or guardians for the processing of their personal data.
In no case shall data on the minor concerning the professional or financial situation or the privacy of the other members of the family be collected without their consent.
PRINCIPLES TO APPLY TO THE PERSONAL INFORMATION COLLECTED
In processing the personal data of any user who registers on our Website, the following principles apply, which are in line with the requirements of the new European data protection regulation:
- Principle of lawfulness, fairness and transparency: The user’s consent will be required for the processing of his/her personal data for one or more specific purposes, of which he/she will be informed in advance, with absolute transparency.
- Data minimisation principle: Only data that are strictly necessary for the purposes for which they are required are requested. They will always be as few as possible.
- Principle of limitation of the storage period: Data will be kept for no longer than is necessary for the purposes of the processing, depending on the purpose. The relevant retention period shall be notified. In the case of subscribers, the lists will be reviewed periodically and inactive records will be eliminated for a period of more than one year.
- Principle of integrity and confidentiality: Personal data shall be processed in such a way as to ensure adequate security of the data and to guarantee confidentiality. Likewise, all necessary precautions will be taken to prevent unauthorised access or misuse of our users’ data by third parties.
RIGHTS OF THE USER WHEN PROVIDING THEIR DATA
Anyone has the right to obtain confirmation as to whether we are processing personal data on him/her or not.
Interested parties have the right to:
- Request access to personal data concerning the interested party.
- Request correction or deletion of the data.
- Request the restriction of data processing.
- Oppose the data processing.
- Request the transfer of the data
Data subjects may access their personal data, as well as request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected. In certain circumstances, data subjects may request the limitation of the processing of their data, in which case I will only keep them for the purpose of exercising or defending claims.
In certain circumstances and on grounds relating to your own situation, you may object to the processing of your data. Cristina Iglesias Suárez will cease to process the data, except for imperative legitimate reasons, or the exercise or defence of possible claims. As a data subject, you have the right to receive the personal data concerning you that you have provided in a structured, commonly used and machine-readable format and to transfer it to another data controller when:
- The processing is based on consent
- The data has been provided by the person concerned.
- The processing is carried out by automated means.
When exercising your right to data portability, you have the right for personal data to be transferred directly from data controller to data controller where technically feasible.
Data subjects also have the right to effective judicial protection and the right to lodge a complaint with the supervisory authority, in this case the Spanish Data Protection Agency, if they consider that the processing of personal data concerning them is in breach of the Regulation.
Posted on April 18, 2021.