In this regard, the Owner guarantees compliance with the current regulations on personal data protection, reflected in the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD GDD). It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR).
Identity of the Person Responsible
- Responsible: ARAFRE S.A..
- VAT NO: A80296621
- Address: Avenida Ventisquero de la Condesa 50, Madrid - Spain.
- E-mail: firstname.lastname@example.org
- Web site: https://mountaintrailsbzm.com
Principles applied in data processing
In processing your personal data, the Data Controller shall apply the following principles which are in line with the requirements of the new European Data Protection Regulation (GDPR):
- Principle of lawfulness, fairness and transparency: The Data Controller will always require consent for the processing of personal data, which may be for one or more specific purposes about which the Data Controller will inform the User beforehand with absolute transparency.
- Principle of data minimisation: The Data Controller shall request only the data strictly necessary for the purpose(s) for which the data is requested.
Principle of limitation of the storage period: The Data Controller shall keep the personal data collected for the time strictly necessary for the purpose(s) of the processing. The Data Controller shall inform the User of the relevant retention period depending on the purpose.
In the case of subscriptions, the Data Controller shall periodically review the lists and delete those records that have been inactive for a considerable period of time.
Principle of integrity and confidentiality: The personal data collected will be treated in such a way that its security, confidentiality and integrity is guaranteed.
The Holder takes the necessary precautions to prevent unauthorized access or misuse of the data of its users by third parties.
Collection of personal data
You do not need to provide any personal data to browse the website.
The Data Subject informs you that he/she has the right to:
- Request access to stored data.
- Request a correction or deletion.
- Request the restriction of their processing.
- Opposing treatment.
You cannot exercise the right to data portability.
The exercise of these rights is personal and therefore must be exercised directly by the interested party, requesting it directly to the Data Controller, which means that any customer, subscriber or collaborator who has provided their data at any time, can contact the Data Controller and request information about the data stored and how it was obtained, request the rectification of the same, oppose the treatment, limit its use or request the deletion of such data in the files of the Data Controller.
To exercise your rights you must send your request together with a photocopy of your National Identity Card or equivalent to the e-mail address electrónico: email@example.com
The exercise of these rights does not include any data that the Data Controller is obliged to retain for administrative, legal or security purposes.
You have the right to effective judicial protection and to lodge a complaint with the supervisory authority, in this case the Spanish Data Protection Agency, if you consider that the processing of personal data concerning you is in breach of the Regulation.
Purpose of the processing of personal data
When you connect to the Website to send an email to the Owner, subscribe to its newsletter, you are providing personal information for which the Owner is responsible. This information may include personal data such as your IP address, first and last name, physical address, email address, telephone number, and other information. By providing this information, you consent to the collection, use, management and storage of your information by - Webempresa - only as described on the pages:
The personal data and the purpose of the processing by the Data Subject is different depending on the information capture system:
There are other purposes for which the Data Controller processes personal data:
- To ensure compliance with the conditions set out in the Legal Notice page and applicable law. This may include the development of tools and algorithms to help the Website ensure the confidentiality of the personal data it collects.
- To support and improve the services offered by this Website.
To manage social networks. The Data Controller has a presence on social networks. If you become a follower on the social networks of the Holder, the processing of personal data will be governed by this section, as well as by those conditions of use, privacy policies and access regulations that belong to the social network that applies in each case and that you have previously accepted.
You can consult the privacy policies of the main social networks in these links:
The Owner will process your personal data in order to properly manage your presence in the social network, inform you of its activities, as well as for any other purpose that the regulations of social networks allow.
Under no circumstances will the Data Controller use the profiles of followers on social networks to send advertising on an individual basis.
Security of personal data
To protect your personal data, the Data Controller takes all reasonable precautions and follows industry best practices to prevent the loss, misuse, improper access, disclosure, alteration or destruction of your personal data.
The Data Controller informs the User that their personal data will not be transferred to third party organisations, except when such transfer of data is covered by a legal obligation or when the provision of a service implies the need for a contractual relationship with a data processor. In the latter case, the transfer of data to the third party will only be carried out when the Data Controller has the express consent of the User.
However, in some cases, collaborations may be carried out with other professionals; in such cases, the User's consent will be required, informing the identity of the collaborator and the purpose of the collaboration. This will always be carried out with the strictest security standards.
Content from other websites
Pages on this website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in exactly the same way as if you had visited the other website.
You can consult all the information relating to the policy on the collection and processing of cookies on the Cookies Policy page.
Legitimation for data processing
The legal basis for the processing of your data is:
- The consent of the data subject.
Categories of personal data
The categories of personal data processed by the Data Controller are:
- Identifying data.
- No specially protected categories of data are processed.
Retention of personal data
Personal data provided to the Data Subject will be retained until such time as the Data Subject requests its deletion.
As you browse the Website, non-identifying data may be collected, which may include, IP address, geolocation, a record of how services and sites are used, browsing habits and other data that cannot be used to identify you.
The website uses the following third-party analysis services:
The Owner uses the information obtained to obtain statistical data, analyse trends, administer the site, study browsing patterns and to gather demographic information.
The Owner is not responsible for the processing of personal data by websites that you may access through the various links contained in the Website.
Accuracy and veracity of personal data
You undertake to ensure that the data provided to the Data Controller is correct, complete, accurate and up to date, as well as to keep it duly updated.
As a User of the Website, you are solely responsible for the veracity and correctness of the data submitted to the Website, exonerating the Owner from any liability in this regard.
Acceptance and consent
These policies shall remain in force until amended by other duly published policies.