This policy expresses, in detail, how your personal data and the information you provide to Nicolás Cunto, hereinafter "GORRION", are treated in order to protect your privacy in accordance with the provisions of Regulation (EU) 2016/ 679, General Data Protection -hereinafter, RGPD-.
This is the index, so that you can easily locate the different sections of this policy:
- ACCEPTANCE AND CONSENT
- WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?
- WHAT PERSONAL DATA IS COLLECTED ON THIS WEBSITE?
- HOW IS THIS PERSONAL DATA COLLECTED? CAPTURE SYSTEMS
- FOR WHAT PURPOSES ARE YOUR DATA PROCESSED?
- ON WHAT LEGAL BASIS IS THIS DATA PROCESSED?
- HOW LONG IS THE DATA KEPT?
- WHAT ARE YOUR RIGHTS REGARDING THE USE OF YOUR DATA? HOW CAN YOU EXERCISE THEM?
- TO WHICH RECIPIENTS WILL YOUR DATA BE COMMUNICATED?
- SEGMENTATION AND PROFILE PREPARATION
- SOCIAL PLUGINS
- INTERNATIONAL DATA TRANSFERS
- HOW DO WE PROTECT YOUR INFORMATION?
- CHANGES IN THE PRIVACY POLICY
ACCEPTANCE AND CONSENT
By accepting this Privacy Policy, you give your express, informed, free and unequivocal consent so that the Data you provide, and on which the security, technical and organizational measures provided for in current regulations are applied, are processed by GORRION. as responsible for the treatment.
Likewise, by providing your data through electronic channels, you guarantee that you are over 14 years of age and that the data provided is true, accurate, complete and updated. For these purposes, you confirm that you are responsible for the veracity of the data communicated and that you will keep said information conveniently updated so that it responds to your real situation, making you responsible for any false and inaccurate data that you may provide, as well as for damages, direct or indirect, that could arise.
WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA?
- Owner : Nicolás Cunto
- NIF : Z1040706F
- Address : Carrer de Còrsega 650, Àtic B, 08026, Barcelona, Spain.
- Email : info@soygorrion.com
- Website : www.soygorrion.com
WHAT PERSONAL DATA IS COLLECTED ON THIS WEBSITE?
In accordance with the RGPD, only those data that are appropriate, relevant and limited to what is necessary in relation to the purposes for which they are available may be processed, which in turn must be: determined, explicit and legitimate (these purposes are provides information later).
GORRION collects and processes the personal data detailed below, the collection of which will depend on the different services requested on this Website:
Identification data: name and surname and ID.
Contact information : email, address and telephone.
Contractual and billing data: contractual transaction data, purchased services, payment data.
Navigation data : IP address, device type and identification, browser type, domain through which you access the Website, navigation data, activity on the Website. To know clearly and precisely the cookies we use, you can consult the Cookies Policy .
HOW IS THIS PERSONAL DATA COLLECTED? CAPTURE SYSTEMS
GORRION collects your personal information through different forms (contact, comments on the blog, subscription and purchase), but you will always be informed at the time of collection, through information clauses, about the person responsible for the treatment, the purpose and legal basis thereof, the recipients of the data and the period of conservation of your information, as well as the way in which you can exercise the rights that assist you in terms of data protection.
In any case, in the next sections, reference is made to these elements.
Additionally, GORRION uses social networks to offer content and interact with you. The information collected through the messages and communications you post may contain personal information that is available online and accessible to the public. These social networks have their own privacy policies explaining how they use and share your information, so I recommend that you consult them before using them, to confirm that you agree with the way your information is collected. , treated and shared.
Through this website, GORRION collects personal information related to your browsing through the use of cookies . To know clearly and precisely the cookies it uses, what their purposes are and how you can configure or disable them, consult the Cookies Policy .
FOR WHAT PURPOSES ARE YOUR DATA PROCESSED?
After telling you what data is collected and through what means of capture, we detail the purpose for which said information is used.
First of all, this website has different forms. In each of them, the information collected will be used in the following way:
Contact form : for questions, suggestions or professional contact. In this case, the email address will be used to send the information that the user requires through the website.
Comment form , to be able to comment on the posts published on the blog. The name and email address will be required, although only the name will be published with the comment. These comments will be used exclusively for moderation and publication .
Subscription form for our Newsletter: where the email will be provided. These data will be used exclusively to send you the Newsletter and keep you updated on news and specific offers, exclusive for subscribers of www.soygorrion.com.
Purchase form : We also process data to manage the purchase of our products through the Website, including order management, payment and all operations related to the purchase of the chosen product. This includes sending follow-up emails, responses, invoices, receipts, etc. The data requested will be the name, surname, ID, address, email, telephone number and payment information.
ON WHAT LEGAL BASIS IS THIS DATA PROCESSED?
GORRION processes your personal data with the following legal bases:
- The execution of a contract with GORRION, for the contracting and management of products and/or services.
- The application of pre-contractual measures, to respond to your request for information or send commercial information that refers to products similar to those that were contracted; as well as manage your reservation for certain products that have this option enabled.
- The user's consent in relation to the sending of commercial communications (including the Newsletter); either via email or cookies.
- The legitimate interest of the person responsible for the treatment to be able to offer the customer service requested, and protect the Users of the website www.soygorrion.com from abuse and fraud in the use of my products and/or services.
-
HOW LONG IS THE DATA KEPT?
GORRION will only keep your information for the period of time necessary to fulfill the purpose for which it was collected, comply with the legal obligations imposed on it and address any possible responsibilities that may arise from compliance with the purpose for which the data was collected. were collected.
Specifically, the following deadlines are established depending on the type of data in question:
Customer Data: As a general rule, we will keep your personal information as long as there is a contractual relationship that binds us or you do not exercise your right to deletion and/or limit processing.
In any case, the information will be blocked without using it beyond its conservation, and only as long as it may be necessary for the exercise or defense of claims or some type of legal liability may arise that must be addressed. The most common legal deadlines are:
- 4 years: Law on Infringements and Sanctions in the Social Order (obligations regarding membership, registrations, cancellations, contributions, payment of salaries...); Arts. 66 et seq. General Tax Law (accounting books...).
- 5 years: Art. 1964 of the Civil Code (personal actions without special term).
- 6 years: Art. 30 of the Commercial Code (accounting books, invoices...).
- 10 years: Art. 25 of the Law on the Prevention of Money Laundering and Financing of Terrorism.
Subscriber data : From when the user subscribes until they unsubscribe.
Data of potential non-subscribing clients : the data will be kept in any case for the duration of the established commercial relationship and, once concluded, two years, and will be deleted after said period if a contractual relationship has not been formalized or at the time that you request it from us.
WHAT ARE YOUR RIGHTS REGARDING THE USE OF YOUR DATA? HOW CAN YOU EXERCISE THEM?
The Law grants you a series of rights as the owner of the personal data processed by GORRION, which are the following:
- Right of access to your personal data.
- Right to request rectification of inaccurate data.
- Right to request deletion when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
- Right to request the limitation of the processing of your data, in which case GORRION will only keep it for the exercise or defense of claims.
- Right to object to the processing of your data.
- Right to request the portability of your personal data to another controller when technically possible.
- Right not to be subject to automated individual decisions.
You also have the option to unsubscribe from any of the subscription services provided by GORRION.
These rights are characterized by the following:
- Its exercise is free, unless the requests are manifestly unfounded or excessive (e.g., repetitive), in which case I could charge a fee proportional to the administrative costs borne or refuse to act.
- You can exercise your rights directly or through your legal or voluntary representative.
- We must respond to your request within one month, although, taking into account the complexity and number of requests, the deadline can be extended by another two months.
- We have the obligation to inform you about the means to exercise these rights, which must be accessible and without being able to deny you the exercise of the right for the sole reason of choosing another means. If the request is submitted by electronic means, the information will be provided by these means when possible, unless you ask us to do otherwise.
- If we do not process the request, we will inform you, within one month at the latest, of the reasons for our failure to act and the possibility of complaining to a Control Authority.
In order to facilitate its exercise, we provide you with the link to the website of the Spanish Data Protection Agency where you can find additional information, as well as links to the application form for each of the rights: https://www.aepd.es/es/derechos-y-deberes/conoce-tus-derechos
Likewise, the consent given, both for the treatment and for the transfer of the data of the interested parties, is revocable at any time by communicating it to GORRION in the terms established in this section. This revocation will in no case be retroactive.
To exercise your rights, GORRION puts at your disposal the following means:
- By written and signed request addressed to Nicolás Cunto, Carrer de Còrsega 650, Àtic B, 08026, Barcelona (Spain), indicating as Ref. Exercise of Rights RGPD.
- Sending a scanned and signed form to the email address info@soygorrion.com, indicating in the subject Exercise of RGPD Rights.
In both cases, you must prove your identity by accompanying a copy of your ID or equivalent document, in order to verify that we only respond to the interested party. If you present your application through a legal representative, you must also provide a document proving the representation.
Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, we inform you that you can file a claim with the national control authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, for these purposes. 6 – 28001 Madrid.
TO WHICH RECIPIENTS WILL YOUR DATA BE COMMUNICATED?
In general, we do not share your personal information, except for those transfers that must be made based on imposed legal obligations. In the case of being transferred to a third party, you would be informed in advance and your consent would be requested.
Although this is not a transfer of data per se, in order to provide you with the requested service, it may be that third parties, which act as our suppliers, access your information to carry out the service that we have contracted from them (for example, development company and web maintenance, hosting company, payment processing services, order processing, analytics, marketing campaign management, website management, and email distribution and other similar service providers). These managers access your data following our instructions and without being able to use it for a different purpose and maintaining the strictest confidentiality.
Likewise, your personal information will be available to Public Administrations, Judges and Courts, for the attention of possible responsibilities arising from the treatment.
In compliance with the principles of information and transparency, we inform you of the third parties that can access your data as data processors :
BanaHosting – Provides web hosting and email provider services. It is run by the Banahosting group of companies, based in the United States, which has adopted standard data processing contractual clauses approved by the European Commission. You can consult their privacy policy at the following link: https://www.banahosting.com/es/privacy-policy
Shopify – provides the shopify.com web platform, being the data controller for Europe Shopify International Ltd. Attn: Data Protection Officer c/o Intertrust Ireland 2nd Floor 1-2 Victoria Buildings Haddington Road Dublin 4, D04 XN32 Ireland. Here you have access to its privacy policy: https://www.shopify.com/es/legal/privacidad
Microsoft corporation : provides e-mail provider services through the Microsoft Outlook tool. This company is located in Redmond, Washington, United States, and has adopted standard data processing clauses approved by the European Commission. You can consult their privacy policy at the following link: https://privacy.microsoft.com/en-us/privacystatement
Sendinblue , Simplified Joint Stock Company (Société par actions simplifiée): e-mail marketing provider registered in the Paris Commercial Registry under number 498 019 298 and with registered office at 55 rue d'Amsterdam, 75008 Paris, France. You can consult its privacy policy at https://es.sendinblue.com/legal/privacypolicy/
Paypal: online payment processing platform, used to charge for my services. This platform is operated by the company PayPal (Europe) S.à.rl et Cie, SCA, 22-24 Boulevard Royal L-2449, Luxembourg. You can consult their privacy policy here: https://www.paypal.com/es/webapps/mpp/ua/privacy-full?locale.x=es_ES#16
Google Drive : tool dedicated to storing a backup copy of files in the cloud and accessing them easily. This service is provided by the company Google, Inc., whose data controller in the European Economic Area and Switzerland is Google Ireland Limited, a company established and operating under the laws of Ireland (with registration number: 368047). You can consult their privacy policy here: https://policies.google.com/privacy?hl=es
Google Analytics: web analysis tool. This service is provided by the company Google, Inc., whose data controller in the European Economic Area and Switzerland is Google Ireland Limited, a company established and operating under the laws of Ireland (with registration number: 368047). You can consult their privacy policy here: https://policies.google.com/privacy?hl=es
Meta Pixel: tool used to obtain information from Website Users for marketing purposes. This service, in Europe, is provided by Meta Platforms Ireland Limited, 4 Grand Canal Square Grand Canal Harbor Dublin 2, Ireland. You can consult their privacy policy here https://www.facebook.com/privacy/policy?section_id=0-WhatIsThePrivacy
Seotronix : Web development provider agency , located at Calle Formosa 65, Mar del Plata, Buenos Aires, Argentina, a country declared to have an adequate level of data protection by the European Commission and with whom a contract for the processing of personal data has been signed in guarantee of compliance with European regulations on data protection (GDPR).
Administralia : Accounting and tax consultancy located in c/ Pau Claris 167, 2on 2a, A
08037 Barcelona, Spain. Responsible: Ermengol Sanmartí Giménez and with whom a contract for the processing of personal data has been signed to guarantee compliance with European regulations on data protection (GDPR).
SEGMENTATION AND PROFILE PREPARATION
The record of personal data provided at the time of subscription, interaction with the website and any other data provided during navigation, including the information provided by cookies in relation to browsing habits, will be used in order to be segmented or categorized. with the purpose of applying them to the activity related to the management of general administration, information, analysis of proposals requested by Users/clients, statistical study of the services and content used, tastes and preferences, and surveys or forms.
Profiling, through the analysis of your individual automated decisions, consists of the use of your Personal Data to evaluate certain personal aspects, such as the analysis and prediction of your economic situation, personal preferences, interests, behavior, location, movements and attitudes. . The logic applied to obtain these profiles is the use of statistical procedures and the consequences of this processing of your data by creating profiles are the sending of personalized communications of interest to you.
The legal basis for the processing of your data for the indicated purposes and the preparation of automated individual decisions by creating profiles, is the consent granted by checking the box “I agree to receive personalized commercial communications” on the subscription forms, or by expressly accepting cookies. advertising.
The data used in profiling and shown to advertisers is not data that allows Users to be identified, but only the type of audience, their age, country, gender, etc. will be shown in a graph.
SOCIAL PLUGINS
At www.soygorrion.com you have links to the social networks Instagram, Facebook and Twitter. If you click on them, you will be redirected to these applications, outside of our Website, so the privacy policies of these social networks will apply:
Instagram and Facebook (Meta): https://www.facebook.com/help/instagram/519522125107875
Twitter: https://twitter.com/es/privacy
HOW DO WE PROTECT YOUR INFORMATION?
GORRION is committed to protecting your personal information; for which it uses measures, controls and procedures of a physical, organizational and technological nature, reasonably reliable and effective, aimed at preserving the integrity and security of your data and guaranteeing your privacy.
In the case of the contracts we sign with suppliers, clauses are included in which they are required to maintain the duty of secrecy with respect to the personal data to which they have had access by virtue of the order made, as well as to implement security measures. technical and organizational security necessary to guarantee the confidentiality, integrity, availability and permanent resilience of the personal data processing systems and services.
This website includes an SSL certificate. This is a security protocol that ensures that your data travels completely and safely; That is, the transmission of data between a server and the web user, and in feedback is fully encrypted or encrypted.
However, absolute security cannot be guaranteed and there is no security system that is impenetrable, so, in the case of any information being processed and under our control that is compromised as a result of a security breach, we will take the necessary measures. appropriate measures to investigate the incident, notify the Control Authority and, where appropriate, those Users who may have been affected so that they can take appropriate measures.
CHANGES IN THE PRIVACY POLICY
GORRION reserves the right to modify this policy to adapt it to legislative or jurisprudential developments, as well as industry practices. In such cases, we will inform you through the website or through other means, so that you can learn about the new privacy conditions introduced.
This Privacy Policy was last updated on 01/30/2024.