In this regard, the Holder guarantees compliance with current legislation on the protection of personal data, reflected in the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD GDD). It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR).
Identity of the Responsible
- Titular: Bona Fide Costa S.L.
- NIF: B92086008
Inscrita en el registro mercantil de Málaga, tomo 2438, libro 1351, sección 8, folio 106, hoja MA39310, inscripción 1.
- Domicilio: Calle Cártama 25, 29649, La Cala de Mijas, Málaga – España.
- Correo electrónico: email@example.com
- Teléfono de contacto: 623063303
- Sitio Web: https://bonafidecosta.com
Principles applied in the processing of data
In the processing of your personal data, the Data Controller will apply the following principles which are in accordance with the requirements of the new European Data Protection Regulation (GDPR):
Principle of lawfulness, fairness and transparency: the Data Controller will always require consent for the processing of personal data which may be for one or more specific purposes about which the Data Controller will inform the User beforehand with absolute transparency.
Principle of data minimisation: The Data Controller shall request only the data strictly necessary for the purpose or purposes for which it is requested.
Principle of limitation of the storage period: The Data Controller shall keep the personal data collected for the time strictly necessary for the purpose or purposes of the processing. The Data Controller shall inform the User of the relevant retention period according to the purpose.
In the case of subscriptions, the Data Controller shall periodically review the lists and delete those records that have been inactive for a considerable period of time.
Principle of integrity and confidentiality: The personal data collected will be treated in such a way that their security, confidentiality and integrity is guaranteed.
The Data Controller takes the necessary precautions to prevent unauthorised access or misuse of its users’ data by third parties.
Collection of personal data
To browse the website it is not necessary to provide any personal data.
The cases in which you do provide your personal data are the following:
When contacting through the contact forms or sending an email.
The Data Controller informs you that you have the right to:
- Request access to stored data.
- Request rectification or deletion.
- Request the restriction of their processing.
- Object to the processing.
- You may not exercise the right to data portability.
The exercise of these rights is personal and therefore must be exercised directly by the interested party, requesting it directly from the Data Controller, which means that any customer, subscriber or collaborator who has provided their data at any time may contact the Data Controller and request information about the data stored and how it was obtained, request rectification of the data, oppose its processing, limit its use or request the deletion of such data from the files of the Data Controller.
To exercise your rights you must send your request together with a photocopy of your National Identity Document or equivalent to the following e-mail address: firstname.lastname@example.org.
The exercise of these rights does not include any data that the Data Controller is obliged to keep for administrative, legal or security purposes.
You have the right to effective judicial protection and to lodge a complaint with the supervisory authority, in this case, the Spanish Data Protection Agency, if you consider that the processing of personal data concerning you is in breach of the Regulation.
Purpose of the processing of personal data
When you connect to the Website to send an email to the Data Controller, subscribe to its newsletter, you are providing personal information for which the Data Controller is responsible.
This information may include personal data such as your IP address, first and last name, physical address, email address, telephone number, and other information.
By providing this information, you consent to your information being collected, used, managed and stored by – SERED – only as described on the pages:
The personal data and the purpose of the processing by the Data Controller is different depending on the information capture system:
Contact forms: the Holder requests personal data among which may be: name and surname, email address, telephone number and website address for the purpose of answering Users’ queries.
For example, the Holder uses these data to respond to messages, doubts, complaints, comments or concerns that Users may have regarding the information included on the Website, the processing of personal data, questions concerning the legal texts included on the Website, as well as any other query that the User may have and which is not subject to the conditions of the Website.
There are other purposes for which the Owner processes personal data:
To ensure compliance with the conditions set out in the Legal Notice page and applicable law. This may include the development
To ensure compliance with the conditions set out in the Legal Notice page and applicable law. This may include the development of tools and algorithms to help the Website ensure the confidentiality of the personal data it collects.
To support and improve the services offered by this Website.
To manage social networks. The Owner has a presence on social networks. If you become a follower on the social networks of the Holder, the processing of personal data will be governed by this section, as well as by those conditions of use, privacy policies and access regulations that belong to the social network that applies in each case and that you have previously accepted.
You can consult the privacy policies of the main social networks by clicking on these links:
The Holder will process your personal data in order to correctly manage your presence on the social network, inform you of its activities, as well as for any other purpose that the regulations of the social networks allow.
Under no circumstances will the Data Controller use the profiles of followers on social networks to send advertising on an individual basis.
Security of personal data
To protect your personal data, the Data Controller takes all reasonable precautions and follows industry best practices to prevent the loss, misuse, improper access, disclosure, alteration or destruction of your personal data.
The Owner informs the User that their personal data will not be transferred to third party organisations, except when such transfer of data is covered by a legal obligation or when the provision of a service implies the need for a contractual relationship with a data processor. In the latter case, the transfer of data to the third party will only take place when the Data Controller has the express consent of the User.
However, in some cases, collaborations may be carried out with other professionals; in such cases, the consent of the User will be required, informing them of the identity of the collaborator and the purpose of the collaboration. This will always be carried out with the strictest security standards.
Content of other websites
The pages of this website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in exactly the same way as if it had been visited.
You can consult all the information relating to the policy of collection and treatment of cookies on the Cookies Policy page.
Legitimation for data processing
The legal basis for the processing of your data is:
The consent of the data subject.
Categories of personal data
The categories of personal data processed by the Data Controller are:
No specially protected categories of data are processed.
Retention of personal data
Personal data provided to the Data Controller will be retained until such time as the Data Controller requests its deletion.
Recipients of personal data
Google Analytics is a web analytics service provided by Google, Inc., a Delaware company headquartered at 1600 Amphitheatre Parkway, Mountain View (California), CA 94043, United States (“Google”).
Google Analytics uses “cookies”, which are text files placed on your computer, to help the Website Owner analyse how users use the Website. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
More information can be found at: https://analytics.google.com
You can also see a list of the types of cookies used by Google and its partners and information about their use of advertising cookies at:
When browsing the Website, non-identifying data may be collected, which may include, IP address, geolocation, a record of how services and sites are used, browsing habits and other data that cannot be used to identify you.
The website uses the following third party analytics services:
- Google Analytics.
The Holder uses the information obtained to obtain statistical data, analyse trends, administer the site, study browsing patterns and to gather demographic information.
The Owner is not responsible for the processing of personal data by websites that you may access through the various links contained on the Website.
Accuracy and veracity of personal data
You undertake to ensure that the data provided to the Data Controller is correct, complete, accurate and up to date, as well as to keep it duly updated.
As User of the Website, you are solely responsible for the veracity and accuracy of the data submitted to the Website, exonerating the Owner from any liability in this regard.
Acceptance and consent
These policies will remain in force until they are modified by other duly published policies.