Basic Information on Data Protection
Data Controller
PLAÇA DEL VI 7, S.L. (hereinafter VII)
Purpose
Provision of online services
Management of web users
Commercial communications related to our services.
Legal Basis
Explicit consent and legitimate interest
Recipients
No data is transferred to third parties, except as required by law.
Rights
Access, rectify, and delete data, as well as other rights as explained in the additional information.
Additional Information
You can consult the detailed and additional information on Data Protection in the annexed clauses available at https://viigirona.com/politica-de-privacitat/.
At PLAÇA DEL VI 7, S.L. (hereinafter VII), we work to provide you with the best possible experience through our products and services. In some cases, it is necessary to collect information to achieve this. We care about your privacy and believe in transparency.
Therefore, and for the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (hereinafter “GDPR”) regarding the protection of individuals with regard to the processing of personal data and the free movement of such data, and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (hereinafter “LSSI”), VII informs the user that, as the data controller, it will include the personal data provided by users in an automated file.
Our commitment begins with explaining the following:
– We collect your data to improve the user experience, addressing your interests and needs.
– We are transparent regarding the data we obtain about you and the reason we do so.
– Our intention is to offer you the best possible experience. Therefore, when we use your personal information, we will always comply with the regulations and, when necessary, we will request your consent.
– We understand that your data belongs to you. Therefore, if you decide not to authorize us to process it, you may request that we stop processing it.
– Our priority is to ensure your security and process your data in accordance with European regulations.
If you wish to obtain more information about the processing of your data, please consult the different sections of the privacy policy below:
Who is responsible for processing your personal data?
Company name: PLAÇA DEL VI 7, S.L.
Trade name: VII
Registered address: PLAÇA DEL VI 7, 17600 – GIRONA
NIF: B55120596
Email: info@viigirona.com
VII has appointed an internal contact person as the coordinator of adaptation within its organization. If you have any queries regarding the processing of your personal data, you can contact them via email at info@viigirona.com.
What personal data do we collect?
The personal data that users may provide includes:
– Name, address, and date of birth.
– Phone number and email address.
– Location.
– Payment and refund information.
– IP address, date and time of access to our services, internet browser used, and data about the device’s operating system.
– Any other information or data you choose to share with us.
In some cases, completing the registration form is mandatory to access and enjoy certain services offered on the website; likewise, failure to provide the requested personal data or not accepting this data protection policy may result in the inability to subscribe, register, or participate in any promotions requiring personal data.
Why and for what purpose do we process your data?
At VII, we process the information provided by interested parties for the following purposes:
– Manage orders or contract any of our services, whether online or in physical stores.
– Manage the sending of information requested.
– Develop commercial actions and maintain and manage the relationship with the user, as well as manage the services offered through the website and information tasks, including automated assessments, profile creation, and customer segmentation to personalize processing according to their characteristics and needs, and enhance the online customer experience.
– Develop and manage contests, sweepstakes, or other promotional activities that may be organized.
In some cases, it will be necessary to provide information to Authorities or third-party companies for audit purposes, as well as to handle personal data from invoices, contracts, and documents to respond to customer or public administration claims.
We inform you that the personal data obtained as a result of your registration as a user will be part of the Activities and Processing Operations Register (RAT), which will be updated periodically in accordance with the GDPR.
What is the legal basis for processing your data?
The processing of your data may be based on the following legal grounds:
– Consent of the data subject for the provision of services and products, contact forms, information requests, or newsletter subscriptions.
– Legitimate interest in processing our customers’ data for direct marketing actions and explicit consent for all matters related to automated assessments and profile creation.
– Compliance with legal obligations for fraud prevention, communication with public authorities, and third-party claims.
How long do we keep your data?
The processing of data for the described purposes will be maintained for the time necessary to fulfill the purpose of its collection (e.g., while the commercial relationship lasts), as well as for compliance with legal obligations arising from the data processing.
To whom is your data communicated?
In some cases, only when necessary, VII will provide user data to third parties. However, data will never be sold to third parties. External service providers (e.g., payment providers or delivery companies with whom VII works) may use the data to provide the corresponding services, but they will not use the information for their own purposes or for transfer to third parties.
VII ensures the security of personal data when sent outside the company and ensures that third-party service providers respect confidentiality and have adequate measures to protect personal data. These third parties are obliged to ensure that the information is processed in compliance with data privacy regulations.
In some cases, the law may require the disclosure of personal data to public bodies or other parties; only the strictly necessary data will be disclosed for compliance with these legal obligations.
The obtained personal data may also be shared with other companies in the group.
Where is your data stored?
Generally, data is stored within the EU. Data sent to third parties outside the EU will be ensured to offer a sufficient level of protection, either because they have Binding Corporate Rules (BCR) or have adhered to the “Privacy Shield.”
What rights do you have and how can you exercise them?
You can direct your communications and exercise your rights by making a request to the following email: info@viigirona.com
Under the GDPR, you may request:
– Right of access: request information on the personal data we hold about you.
– Right of rectification: communicate any changes to your personal data.
– Right of deletion and to be forgotten: request the deletion, after blocking, of personal data.
– Right of restriction of processing: restrict the processing of personal data.
– Right to object: withdraw consent for data processing, objecting to further processing.
– Right to data portability: in some cases, request a copy of personal data in a structured, commonly used, and machine-readable format for transmission to another controller.
– Right not to be subject to automated decisions: request not to be subject to decisions based solely on automated processing, including profile creation, which produce legal effects or significantly affect the data subject.
In some cases, requests may be rejected if they involve the deletion of data necessary for legal obligations.
Additionally, if you have any complaints about the processing of data, you can file a complaint with the data protection authority.
Who is responsible for the accuracy and truthfulness of the provided data?
The user is solely responsible for the accuracy and correctness of the data provided, exempting VII from any responsibility in this regard. Users guarantee and are responsible for the accuracy, validity, and authenticity of the personal data provided and undertake to keep it duly updated. The user agrees to provide complete and correct information in the registration or subscription form. VII reserves the right to terminate the contracted services if the data provided is false, incomplete, inaccurate, or not updated.
VII is not responsible for the accuracy of information not created by itself and indicated with another source, and therefore does not assume any responsibility for hypothetical damages that could arise from the use of this information.
VII reserves the right to update, modify, or delete the information contained on its websites, and may even limit or deny access to this information. VII is not responsible for any damage or harm that the user may suffer as a result of errors, defects, or omissions in the information provided by VII, provided that it comes from sources external to it.
Additionally, the user certifies that they are over 14 years old and have the legal capacity necessary to consent to the processing of their personal data.
How do we handle the personal data of minors?
In principle, our services are not specifically aimed at minors. However, if any of them are directed at minors under fourteen years old, in accordance with Article 8 of the GDPR and Article 7 of Law 3/2018, of December 5 (LOPDGDD), VII will require valid, free, unequivocal, specific, and informed consent from legal guardians to process the personal data of minors. In this case, the DNI or other identification form of the person giving consent will be required.
For individuals over fourteen years old, data processing may proceed with the user’s consent, except in cases where the law requires the assistance of the holders of parental authority or guardianship.
What security measures do we apply to protect your personal data?
VII has adopted the legally required levels of security protection for personal data and strives to implement additional technical measures to prevent loss, misuse, alteration, unauthorized access, and theft of the personal data provided to VII.
VII is not responsible for hypothetical damages that could arise from interferences, omissions, interruptions, computer viruses, telephone failures, or disconnections in the operational functioning of this electronic system, caused by factors beyond VII’s control; delays or blocks in the use of the electronic system caused by deficiencies or overloads of telephone lines, data processing centers, internet systems, or other electronic systems, as well as damages caused by third parties through illegitimate intrusions beyond VII’s control. However, users should be aware that internet security measures are not impregnable.
Links to Other Websites
The website www.viigirona.com may contain links to other websites. By clicking on one of these links and accessing an external website, the visit will be subject to the privacy policy of that website, and VII will be disassociated from any responsibility regarding its privacy policy.
How do we use cookies?
The VII website uses cookies to optimize and personalize your navigation. Cookies are physical files of information stored on the user’s device; the information collected through cookies helps facilitate the user’s navigation and enhance their browsing experience. The data collected through cookies may be shared with the creators of these cookies, but in no case will the information obtained be associated with personal data or data that can identify the user.
However, if the user does not wish to have cookies installed on their hard drive, they have the option to configure their browser to prevent the installation of these files. For more information, consult our Cookie Policy https://viigirona.com/politica-de-privacitat/.
Can the privacy policy be modified?
This privacy policy may be modified. We recommend that you review the privacy policy periodically.