Thus, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, or GDPR); in Organic Law 3/2018, of 5 December, on Data Protection and guaranteeing the digital rights (LOPD); along with other applicable national and European legislation, offering the following information:
1. DETAILS OF THE DATA CONTROLLER
Marcos Llorente Moreno.
2. PURPOSE OF PROCESSING
a. To receive, manage and respond to requests for contact received by MARCOS LLORENTE.
b. To manage the participation dynamics, games, draws and competitions that MARCOS LLORENTE may host through official social media profiles.
d. To communicate data to competent public authorities, in the event the owner were compelled to do so.
In some cases, the Data Controller shall process their data after registering the consent of the user. In other cases, they may do so to satisfy a legitimate interest. Finally, the Data Controller may also process data in order to comply with a legal obligation.
4. CATEGORIES OF DATA
The Data Controller shall only process the personal data essential for the aforementioned purposes. Specifically, only the name, surnames, DNI (National Identification Number), postal address, email address and phone number shall be processed (although not in all cases, this is a list of all possible data and not compulsory). It is possible that, in accordance with the provisions established in the Cookies Policy, in some cases may be compiled and process along with the user’s IP address.
5. ASSIGNMENT OF DATA
Furthermore, the Data Controller shall not conduct international assignment of data.
6. RETENTION OF THE DATA
The Data Controller shall retain the personal data from the appropriate registration of the consent of the user, or the confirmation of appropriate legitimacy to do so, until such consent is revoked, or until such time the user requests the limitation of processing or the cessation of the relationship the is the source of legitimacy.
Furthermore, the Data Controller shall retain the data in all cases where necessary in accordance with potential civil, contractual or any other responsibility required by law.
7. SECURITY MEASURES
The Data Controller assumes the commitment to guarantee the security and confidentiality of personal data. In this regard, the data controllers wishes to inform the user that the technical and organisational measures necessary to guarantee the security of the personal data and prevent the alteration, loss or unauthorised processing thereof have been adopted, in view of the state of the technology, the nature of the data stored and the risks to which they are exposed, in accordance with Article 32 of GDPR EU 679/2016.
8. RIGHTS OF THE USER
Any data subject has the right to obtain confirmation of whether the Data Controller is processing their personal data or not. The data subject has the right to access their personal data, as well as the right to request the rectification of inaccurate data or, where applicable, the deletion of such data when, among other reasons, they are no longer necessary for the purposes for which they were collected. In certain circumstances, the data subject may request the restriction of the processing of their data, in which case they shall only be retained for the purpose of exercising or defending claims. For reasons relating to their particular case, the data subject may oppose the processing of their data. The Data Controller shall cease processing of the data, except for compelling legitimate reasons, or the exercise or defence of potential complaints.
Finally, the data subject may exercise any rights recognised in the applicable legislation, free of charge and based on the definition of a procedure for the exercise of same that is not disadvantageous to the data subject.
To exercise your rights, you can send an email to the following address: firstname.lastname@example.org, requesting the corresponding form for the exercise of the right in question. They also have the option of contacting the competent Supervisory Authority to obtain further information in relation their rights: www.aepd.es.
For the exercise of any rights recognised in the legislation, they need only enclose in said communication a copy of their identification document (national identification document or passport), specifying the right or rights they wish to exercise.
The Data Controller commits to responding to the user within a maximum term of two weeks to provide the corresponding form so that they may exercise the corresponding rights. It is possible that they may request some additional information. They will also be informed of the next steps to proceed with the exercise of the right(s).