The way in which personal data is collected. All information capable of identifying the user is considered personal data. It is particularly about the first and last name, age, postal address, email, location of the user or his IP address.
What are the rights of users in relation to this data.
Who is responsible for the treatment of the personal data collected and processed.
To whom is this data transmitted.
Where appropriate, the policy regarding "cookies" files.
GENERAL PRINCIPLES REGARDING DATA COLLECTION AND PROCESSING
In accordance with the provisions of article 5 of European Regulation 2016/679, the collection and processing of user data respect the following principles:
Legality, loyalty and transparency: data can be collected and processed only with the consent of the user who owns said data. Each time that personal data is collected, the user will be informed that it is collected, and the reasons why such data is collected.
Limited purposes: the collection and processing of data are carried out to meet one or more objectives determined in these general conditions of use.
Minimization of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the website will be collected.
Data retention reduced in time: the data will be kept for a limited time, of which the user is informed.
Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.
In order to be lawful, and in accordance with the requirements of article 6 of European Regulation 2016/679, the collection and processing of personal data may not take place if they do not respect at least one of the listed conditions:
The user has expressly consented to its treatment.
The treatment is necessary for the proper execution of the contract.
The treatment responds to a legal obligation.
The treatment is explained by a need to safeguard the vital interests of the person concerned or of a natural person.
The treatment can be explained by a need to carry out a mission of public interest or that comes from the exercise of public authority.
The treatment and collection of personal data are necessary for the purposes of legitimate and private interests pursued by the person responsible for the treatment or by third parties.
PERSONAL DATA COLLECTED AND PROCESSED IN THE FRAMEWORK OF THE NAVIGATION OF THIS PAGE
Data collected and processed and method of collection
The personal data collected on the website www.sagardoa.eus are the following:
This data is collected when the user performs one of the following operations on the page:
When the user hires a service through the website.
On the other hand, on the occasion of a payment on the page, a proof of the transaction containing the order form and the invoice will be kept in the computer systems of the page editor.
The person in charge of the treatment will keep in their computer systems of the website and in reasonable security conditions the set of data collected for a duration of: 2 months.
The collection and processing of data respond to the following purposes:
Data transmission to third parties
The personal data collected by the website will not be transmitted to third parties, and will only be processed by the editor of the website.
The website https://www.sagardoa.eus is hosted by: Sagardoa Route, whose registered office is at: Nabarra Oñatz, 7 bajo. 20,115 Astigarraga.
Contact number: 943 336 811
The data collected and processed by the website will be transferred to the following countries: Spain.
DATA CONTROLLER AND DATA PROTECTION MANAGER
Responsible for data processing
The person responsible for the processing of personal data is: Amaia Zubeldia.
He can be contacted by mail: firstname.lastname@example.org.
The person responsible for data processing is in charge of determining the purposes and means at the service of processing personal data.
Obligations of the data controller
The person in charge of the treatment undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which these data have been collected.
The website has an SSL certificate in order to guarantee that the information and the transmission of data that circulate on the page are secure.
An SSL certificate ("Secure Socket Layer" Certificate) guarantees the security of the data exchanged between the user and the website.
Likewise, the person responsible for data processing undertakes to notify the user of any rectification or deletion of the data, unless this involves disproportionate formalities, costs or procedures.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the data controller undertakes to inform the user by all means.
Data protection officer
On the other hand, the user is informed that the person designated as the Data Protection Officer is: Amaia Zubeldia
The function of the Data Protection Officer is to ensure compliance with national and supranational provisions relating to the collection and processing of personal data. She can be named (Data Protection Officer).
The data protection officer can be contacted by mail: email@example.com.
In accordance with the regulations regarding the processing of personal data, the user has the rights listed below.
In order for the data controller to access her request, the user must communicate her name and surname, and her email address.
The data controller has the obligation to respond to the user within a maximum period of 30 days.
Presentation of the user's rights regarding data collection and processing:
a. Rights of access, rectification and deletion
The user can know, update, modify or request the deletion of data about him by following the following procedure:
b. Right of data portability
The user may request the portability of their personal data, in possession of the website, to another page, following the following procedure:
c. Right of limitation and opposition to data processing
The user can request the limitation or oppose the processing of their personal data by the website, without this being able to refuse, unless it demonstrates the existence of legitimate and compelling reasons, which may prevail over the interests, rights and freedoms of the user.
To request the limitation of the processing of your data or formulate an opposition to the processing of your data, the user must follow the following procedure:
d. Right not to be the subject of a decision based exclusively on an automated procedure
In accordance with the provisions of Regulation 2016/679, the user has the right not to be the subject of a decision based exclusively on an automated procedure in the event that the decision could produce legal effects that concern him, or significantly affect him.
e. Right to determine the destination of the data after death
The user is reminded that they can organize the destination of their data collected and processed in the event of death.
f. Right to appeal to a competent supervisory authority
In the event that the data controller decides not to respond to the user's request, and that the user wishes to question that decision, or if he thinks that one of his rights listed above has been violated, he will have the right to resort to the Spanish Data Protection Agency or any competent judge.
g. Personal data of minors
In accordance with the provisions of article 8 of European Regulation 2016/679, only those over 15 years of age or older can consent to the processing of personal data.
If the user is a minor under 15 years of age, the consent of a legal representative will be mandatory so that personal data can be collected and processed.
The editor of the page reserves the right to verify by all means that the user is over 15 years old, or that he has obtained the consent of a legal representative before browsing the website.
The editor of the website reserves the right to modify it in order to guarantee its compliance with the regulations in force.
Its last update took place on: April 16, 2021.