Last update: 08/26/2021.
Your privacy is important to us. In this privacy statement we would like to inform you about what personal data we collect on our website, www.attic27.com and how we use it.
Responsible for the treatment of your personal data
- Identity of the Responsible: María Lourdes Rodríguez Perona
- Company Name: María Lourdes Rodríguez Perona
- TAX ID: 52130157J
- Address: Calle Rey Juan Carlos 27, 3º door 1, 13320 Villanueva de los Infantes (Ciudad Real)
- E-mail: email@example.com
- Activity: Extra-hotel tourist accommodation
The RESPONSIBLE has implemented all the technical and organizational security measures established in the aforementioned General Data Protection Regulation, in order to guarantee and protect the confidentiality, integrity and availability of the data entered.
All personal data of the USER stored in the forms on the website will be stored in an automated file owned by Attic 27.
Data requested on the website and purpose of processing
To browse www.attic27.com it is not necessary to provide any personal data. However, there are cases in which you do provide your personal data, which are requested through the contact forms on the website.
The data requested in these forms are:
- Name, surname and email in the booking form: This information is intended to put USERS in direct contact with the RESPONSIBLE, to make a reservation, ask questions or request any information. This information is the minimum necessary in order to respond to USERS’ requests.
- Phone number in the WhatsApp button: This information is intended to put USERS in direct contact with the RESPONSIBLE through the WhatsApp platform, to raise doubts, request a service or any information. Such information is the minimum necessary in order to respond to USERS’ requests.
The data you provide through the contact form will be located on the servers of:
– Raiola Networks (web hosting provider), located within the EU. This web hosting service has its headquarters located at Avenida de Magoi 66, Semisótano Derecha, 27002 Lugo, Spain. You can see more information about their privacy and data protection policy at: https://raiolanetworks.es/aviso-legal/
The purpose of data processing by this website is to provide a quality service to the USER:
- Respond to queries made, reservation requests, or provide information explicitly requested by the USER.
- Ensure compliance with the conditions contained in the Legal Notice and applicable law. In order to ensure that this website guarantees the absolute confidentiality of the personal data collected, it may include the development of tools and algorithms that contribute to this purpose.
- To carry out the management of the services explicitly contracted by the USER.
- Improve the services offered by this website.
- Other non-identifying data are also collected through cookies that are downloaded to the user’s computer while browsing the web, and that we detail in our Cookies Policy page.
By completing the registration forms on the website www.attic27.com, the USER guarantees the veracity of the data and undertakes to communicate any changes that may occur in them.
The USER is solely responsible for the veracity and correctness of the data sent to this website, exonerating the RESPONSIBLE for any responsibility in this regard.
Rights of the user of the website regarding the processing of their data
According to current legislation, the USER has the right to obtain information about whether their personal data is being processed at www.attic27.com. They have the right to:
- Request access to stored data of a personal nature relating to the data subject.
- Request rectification or deletion of their data, in case they are not necessary for the purpose for which they were collected.
- Request the limitation of their processing, in which case we will only keep them for the exercise or defense of claims.
- Oppose the processing of this data.
- Request the portability of your data.
The USER can exercise their rights specified above by sending an email to firstname.lastname@example.org along with valid proof in law (such as a photocopy of ID or equivalent), in order to effectively exercise their rights of access, opposition, information, rectification or cancellation of their personal data.
The exercise of these rights is personal and must be executed personally by the USER, requesting it directly and explicitly to the CONTROLLER of the processing of your data on this website.
In accordance with this regulation, the USER is informed that he/she has the right to withdraw the consent given at any time, which will not affect the lawfulness of the processing carried out prior to the withdrawal of consent. The USER also has the right to file a complaint with the Spanish Data Protection Agency, if he/she considers that the processing of personal data concerning him/her infringes the Regulation.
Principles applied in data processing
In the processing of your personal data, I will apply the following principles that comply with the requirements of the new European data protection regulation:
- Principle of lawfulness, fairness and transparency: I will always require your consent for the processing of your personal data for one or more specific purposes about which we will inform you in advance with absolute transparency.
- Principle of data minimization: I will only ask you for data when they are strictly necessary in relation to the purposes for which I require them.
- Principle of limitation of the retention period: Data will be kept for no longer than is necessary for the purposes of the processing. I will inform you of the relevant retention period.
- Principle of integrity and confidentiality: Your data will be processed in such a way as to ensure adequate security of personal data and confidentiality. I take all necessary precautions to prevent unauthorized access or misuse of our users’ data by third parties.
It is the policy of this website not to collect, process or store personal data of persons under fourteen years of age. In the event that a person under this age provides their data to this website through the various contact forms specified above or through any other means, the RESPONSIBLE reserves the right to immediate destruction of such data.
My services are only available to those persons with legal capacity to contract them, so that those who do not meet the condition of age of majority should refrain from providing personal information through this website. However, they can do so through parents or legal guardians, in accordance with the provisions of the law.
The data provided by the USER will be treated as strictly confidential at all times, having adopted the technical and organizational measures to ensure such confidentiality by the RESPONSIBLE, in order to prevent alteration, loss, theft, treatment or unauthorized access to stored data.
Also, this website includes an SSL certificate. This is a security protocol that allows your data to be transmitted in an integral and secure way between a server and a web user, being the communication fully encrypted or encrypted.
However, the RESPONSIBLE cannot guarantee the absolute impregnability of the Internet network, and therefore, the violation of data through fraudulent access to them by third parties.
Legitimacy for the processing of stored data
The legal basis for the processing of personal data stored on this website is the express consent of the USER for the purposes previously detailed in this Personal Data Protection Policy.
Content from other websites
The pages of this website may include embedded content (e.g. links, images, videos, etc.) from other websites. If the USER follows links to other websites external to this website, he/she should be aware that the RESPONSIBLE is not responsible for the privacy practices and policies employed by other websites, so he/she should inform him/herself beforehand about the Privacy Policies of such websites.
You can consult all the information relating to the collection policy, the purpose and treatment of cookies on the Cookies Policy page.
Categories of personal data
The categories of personal data processed by the RESPONSIBLE are:
- Identifying data.
Retention of personal data
The personal data you provide to the RESPONSIBLE will be kept until you request its deletion, by sending an email to email@example.com together with a valid legal proof (such as a photocopy of your ID card or equivalent).
Recipients of your personal data
The RESPONSIBLE for this website needs the support of third parties in order to adequately offer its services, with whom it has entered into the appropriate confidentiality agreements and has verified that they comply with Spanish regulations on personal data protection.
The data provided to these third parties will not be used in any case for a purpose other than those authorized by the USER.
In compliance with the principles of information and transparency, it is communicated that these third parties are:
- Web platform: The WordPress Foundation, domiciled in the U.S. More information available at: https://wordpress.org The WordPress Foundation processes data in order to provide its web platform services to the RESPONSIBLE.
Attic 27 may modify at any time the conditions specified here to adapt it to new legislation or jurisprudence, as well as industry practices.
These Privacy Policies will be in force until they are modified by others duly published.
Applicable legislation and jurisdiction
The relationship between Attic 27 and the USER shall be governed by current Spanish legislation and any dispute shall be submitted to the Courts and Tribunals of the province of Ciudad Real, for professional clients, whether self-employed or companies. In case of individual customers (consumers and users), shall be subject to the Courts and Tribunals of the city of the individual.