1. INFORMATION FOR USERS
GESTIÓ CULTURAL TRANSVERSAL, S.L., hereinafter the CONTROLLER, is the Controller for the processing of Users’ personal data and Users are informed that these data will be processed in accordance with that established by current data protection regulations, Regulation (EU) 2016/679 of 27 April 2016 (GDPR) on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. Users are therefore provided with the following information regarding such processing:
Purpose of the processing: to maintain commercial relations with Users.
The following operations are likely to be carried out:
- Sending commercial and advertising communication by email, fax, SMS, MMS, social communities or any other electronic or physical medium, present or future, that allows commercial communication to be carried out, provided these have been previously authorised. Such communication will be carried out by the CONTROLLER and related to its products and services, or to those of its collaborators or suppliers with which it has reached a promotional agreement. In this case, third parties will never have access to the personal data.
- Carrying out statistical studies.
- Processing requests for orders or any kind of request made by Users via any of the means of contact available to them.
- Sending the website newsletter.
Criteria for storing data: the data will be stored while there is mutual interest in continuing the purpose for data processing and, once it is not necessary for such purpose, the data will be erased using appropriate security measures to guarantee the pseudonymisation of the data or their total destruction.
Communication of the data: Data will not be passed on to third parties except when legally obliged to do so.
Users are entitled to the following rights:
- Right to withdraw consent at any time.
- Right of access, rectification, portability and erasure of their data and the restriction of and opposition to their processing.
- Right to file a complaint before the supervisory authority (www.aepd.es) when it is believed that processing has not been in line with the legislation in force.
Contact details to exercise rights:
GESTIÓ CULTURAL TRANSVERSAL, S.L.
Postal address: C/ Pica d’Estats, 21, 08272, Sant Fruitós de Bages, Barcelona, Spain.
2. OBLIGATORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY USERS
By marking the corresponding boxes and entering data in the fields marked with an asterisk (*) in the contact form or those present in downloaded forms, Users expressly, freely and unequivocally accept that their data are necessary for the service provider to attend to their request, the entering of data in the remaining fields being voluntary. Users guarantee that the personal data given to the CONTROLLER are true and accept responsibility for notifying any modification thereof.
The CONTROLLER expressly states and guarantees Users that their personal data will not be passed on to third parties in any case and that, should any personal data be passed on, Users will previously be asked to provide their specific, informed and unequivocal consent. All the data requested through the website are obligatory as they are required to provide Users with the best possible service. Should all the data not be provided, it cannot be guaranteed that the information and services provided are entirely in line with Users’ needs.
3. SECURITY MEASURES
In accordance with that established by the legislation in force on the protection of personal data, the CONTROLLER declares that it complies with all GDPR provisions regarding the processing of personal data under its responsibility and manifestly with the principles described in article 5 of the GDPR, ensuring such data are processed lawfully, faithfully and transparently in relation with the subject and are adequate, appropriate and limited to the data required concerning the purposes for which they are processed.
The CONTROLLER guarantees that it has implemented the appropriate technical and organisational policies to apply the security measures established by the GDPR in order to protect the rights and freedoms of Users and has provided the latter with adequate information so that they may exercise such rights and freedoms.