In accordance with the provisions of arts. 13 and 14 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, “GDPR”), and articles 6 and 11 of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (hereinafter, “LOPDGDD”), which regulates the right to information in data collection, we inform you of the following:
Who is responsible for processing your personal data?
The personal data that you have provided us through the website and in any other communications with you will be subject to the Register of Treatment Activities owned by THE COMPANY (David García Moreno) with registered office at Avda. del Peñoncillo, 15. 29793-Torrox Costa- Málaga (Spain), with CIF 52588138H.
What social media presence does it have?
THE COMPANY has the following profiles on the main social networks on the Internet (Facebook, Twitter, Youtube, Instagram, and Newsletter).
It is recognized as responsible for the processing of the data of its users, followers, or people who make comments through them. Likewise, in accordance with the Law on information society services and electronic commerce, THE COMPANY is exempt from any responsibility arising from comments by users and followers on its social networks.
THE COMPANY may use the profiles described above to inform its users of topics that it considers of interest.
What personal data do we collect?
The personal data that the user may provide:
Identification data: name, surname, position, role, email, and/or telephone number.
Accounting data: account number, bank card, etc.
Why and for what purpose do we process your data?
Depending on the purposes, we will need to process certain data or others, which in general will be, as the case may be, the following:
The website is purely informative about the educational platform services offered by THE COMPANY. The data may be processed to respond to requests for information about these services.
The collection and automated processing of data carried out through the form on the website to request information is collected in order to study the possibility of contacting us.
The website provides information through identifying videos.
The website has a blog to upload and share stories of interest to users.
To manage and maintain your application for a position in THE COMPANY, when you send us your application to participate in a selection process. This processing is based on the consent of the User and the legitimate and mutual interest of THE COMPANY and the User, as indicated in the privacy information that the User must accept prior to submitting his/her application.
The personal data obtained through any of the channels of the website will be part of the Register of Treatment Activities (RAT) owned by THE COMPANY. This will be updated periodically in accordance with the GDPR and the LOPDGDD, which is why THE COMPANY has adopted all the relevant security measures in this regard.
The user is informed of the possibility of withdrawing his/her consent in the event that it has been granted for a specific purpose, without affecting the lawfulness of the preceding processing based on the prior consent.
What is the legitimacy for the processing of your data?
The processing of your data may be based on the following legal bases:
Express consent by users in completing the forms to receive commercial communications from THE COMPANY.
Legitimate interest: it consists of being able to guarantee that our website remains secure, as well as helping us to understand the needs, expectations and the level of satisfaction of the users and, therefore, to improve our services. All actions are carried out in order to improve the level of user satisfaction and ensure a unique browsing experience and eventual contracting.
Compliance with legal obligations for fraud prevention, collaboration with Public Authorities and/or eventual claims from third parties.
How long do we keep your data?
The processing of the data for the purposes described will be maintained for the time necessary to fulfill the purpose of its collection, as well as to comply with the legal obligations arising from the processing of the data. Without prejudice to the fact that conservation is necessary for the formulation, exercise or defense of potential claims; whenever permitted by applicable law.
THE COMPANY undertakes to cease the processing of personal data when the conservation period has ended, as well as to duly block them in our databases.
To which recipients are your data communicated?
In general, THE COMPANY will not transfer personal data to third parties, except in those situations in which they can be transferred to collaborators who provide services to THE COMPANY, in order to manage the provision of services, the contractual relationship and/or or pre-contractual with the interested parties or process requests made by them.
In these cases, we make sure that recipients respect confidentiality and have adequate measures in place to protect personal data. THE COMPANY tries to guarantee the security of personal data when it is sent outside the company. The Third parties with whom THE COMPANY contracts have the obligation to guarantee that the information is treated in accordance with current data protection regulations.
In those cases where the law may require the disclosure of personal data to public bodies or other parties, disclosure will only be strictly necessary to comply with such legal obligations.
THE COMPANY communicates data to external providers, such as treatment managers, to carry out certain services:
What rights do you have and how can you exercise them?
You can direct your communications and exercise your rights by writing to the following email: firstname.lastname@example.org.
By virtue of what is established in the data protection regulations, you can request:
Right of access: you can request information about the personal data that we have about you.
Right of rectification: you can communicate any change in your personal data.
Right of deletion and to be forgotten: you can request the deletion after blocking the personal data.
Right to limit processing: involves the restriction of the processing of personal data.
Right of opposition: you can withdraw your consent to the processing of the data, opposing its further processing.
Right to portability: in some cases, you can request a copy of the personal data in a structured, commonly used and machine-readable format for transmission to another controller.
Right not to be subject to individualized decisions: you can request that decisions not be made that are based solely on automated processing, including profiling, that produces legal effects or significantly affects the interested party.
In some cases, the request may be denied if you request that data necessary to comply with legal obligations be deleted. Likewise, if you have any complaint about the processing of your data, you can submit a claim to the competent data protection authority.
Who is responsible for the accuracy and veracity of the data provided?
The user is solely responsible for the veracity and correctness of the data provided through any of the forms incorporated into the web, exonerating THE COMPANY of any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the forms they fill out.
THE COMPANY is not responsible for the veracity of the information that is not of its own elaboration and for which another source is indicated, for which reason it does not assume any responsibility regarding hypothetical damages that could be caused by the use of said information.
THE COMPANY is exonerated from responsibility for any damage or harm that the user may suffer as a result of errors, defects or omissions, in the information provided by THE COMPANY provided that it comes from sources unrelated to it.
What security measures do we apply to protect your personal data?
THE COMPANY has adopted the security levels for the protection of personal data legally required, and tries to install those additional technical means and measures at its disposal to prevent the loss, misuse, alteration, unauthorized access and theft of personal data provided to THE COMPANY. However, the user must be aware that Internet security measures are not impregnable.
Therefore, THE COMPANY is not responsible for hypothetical damages or losses that could be derived from interferences, omissions, interruptions, computer viruses, telephone breakdowns or disconnections in the operational functioning of this electronic system, motivated by causes beyond THE COMPANY of delays or blockages in the use of this electronic system caused by deficiencies or overloads of telephone lines or overloads in the Data Processing Center, in the Internet system or in other electronic systems, as well as damages that may be caused by third parties through illegal interference beyond the control of THE COMPANY
How do we treat the data of minors?
As a general rule, THE COMPANY will process the data of minors for the storage and maintenance of said data in the educational platform for which it is Responsible for the Treatment. Signing the contracts of treatment managers necessary with the educational centers to guarantee the protection and security of this data.
Internal security policy
Security breaches can be caused by workers, third parties, or computer errors. For this reason, we are legally obliged to notify the interested parties if their personal data has been seriously affected within a maximum period of 72 hours. Also, users will be notified as soon as the security breach is resolved.