A.- User Information
GESTIÓ I SERVEIS TRADE CENTER S.A. (hereinafter GISTC) informs users of the website about its policy concerning the processing and protection of personal data of users and customers that may be collected while browsing its website. This website does not collect personal data from users if they do not fill in the corresponding form and explicitly accept the data protection policy beyond the cookies that may be collected. For more information about this policy, please refer to the Cookies Policy.
GISTC is the Data Controller of the personal data of the User and it informs the User that these data will be treated in accordance with the provisions of the current regulations regarding the protection of personal data.
It is informed that, in accordance with these regulations, the data subject is guaranteed the exercise of the rights of access, rectification, cancellation and opposition of the data relating to them. To do this, please submit a written communication to the following email address: firstname.lastname@example.org. The owner of the data is informed and consents, where appropriate, to the communication and processing of its personal data under the proper security and professional secrecy conditions for the period necessary for the purpose for which the data are collected, processed and assigned, and under the conditions indicated below.
B.- Processing of information
According to the provisions of the EU General Data Protection Regulation, the user must receive timely and specific information from the Data Controller and uses and purposes thereof. For this, the following information is indicated:
1. Basic information on the protection of personal data
1.1.- Data Controller: GESTIÓ I SERVEIS TRADE CENTER SA (GISTC)
a) In case of having contracted a service provision with GISTC, the necessary treatments for the correct rendering of services. The data will be kept for X years after the completion of the provision of services.
b) In case of contacting GISTC, respond to the query raised by the client. The data will be deleted once the purpose has been fulfilled
c) If you expressly consent or subscribe to the newsletter, periodically inform you of the offers, promotions, contests and services of the company GISTC. Your data will be kept as long as the subscription is not canceled, as long as they are not treated for another of the purposes indicated here, in which case the superior will prevail.
a) If you have contracted a service with GISTC, the processing of your data is legitimized by the relationship between you and GISTC
b) In case of contacting GISTC for information, GISTC the treatment of your data is legitimized by your express consent
c) If you subscribe to the GISTC newsletter, the processing of your data is legitimized by your express consent
1.4.- Recipients: The data are not transferred to third parties
1.5.- Rights: The data subject is protected by the rights of access, rectification, cancellation, opposition, portability, oblivion and limitation, as detailed in the additional information.
The indicated information is set out below.
2. Additional information regarding the protection of personal data
2.1.- Data Controller
Identity: GESTIÓ I SERVEIS TRADE CENTER SA
Mailing address: Moll de Barcelona s/n Edificio Este, 1a planta, 08039 Barcelona
2.2.- Purpose of the processing
In GESTIO I SERVEIS TRADE CENTER SA we treat the information that the interested persons provide us with the purpose of:
a) If you have contracted a service provision with GISTC, your data will be processed to adequately provide the contracted services. The data will be kept for X years after the completion of the provision of services.
b) If you have contacted GISTC through the contact form, your data will be processed to respond to your message. Your data will be deleted once the purpose has been fulfilled.
c) If you have subscribed to the GISTC Newsletter, your information will be processed to inform you periodically of the offers, promotions, contests and services of the GISTC company. Your data will be kept as long as the subscription is not canceled.
In the event that the data are processed for more than one purpose, the term of conservation of the same will be the superior.
2.3.- Legitimacy of the processing
In case you have contracted a service provision with GISTC, the treatment of your data is legitimized by the relationship between you and GISTC, being the necessary treatment for the correct provision of the service.
In case you have contacted GISTC to obtain information, GISTC is legitimated to deal with your data by expressing your express consent to do so, and the processing thereof is necessary to repudiate your request.
2.4.- Recipients of assignments or transfers
Your data will not be subject to assignment.
2.5.- Rights of the data subjects
All data subjects have the right to obtain confirmation about whether or not GESTIÓ I SERVEIS TRADE CENTER SA is processing personal data that concerns them. Data subjects have the right to access their personal data, as well as request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected. In certain circumstances, the data subjects may request the limitation of the processing of their data and, at any time, oppose to the processing of their data.
In order to exercise the recognised rights, the data subject may get in touch by using the email address or mailing address set out in the first paragraph.
Finally, you, especially when you are not satisfied in the exercise of your rights, have the right to file a claim before the national supervisory authority. In order to do so, you should contact the SPANISH DATA PROTECTION AGENCY.
C.- Security measures
That in accordance with the provisions of the current regulations on the protection of personal data, the provider is complying with all the obligations established for the processing of personal data under its responsibility, being treated in a lawful, fair and transparent manner in relation to the data subjects and adequate, relevant and limited to what is necessary in relation to the purposes for which the data are treated.
The provider guarantees that it has implemented appropriate technical and organisational measures to apply the security measures established by the GDPR and current regulations regarding the protection of personal data in order to protect the rights and freedoms of Users and has communicated the appropriate information so they can exercise these.