1. Identification of the Data Controller
ALEDA INVESTMENTS, SL is the entity responsible for the processing of the USER’S personal data (DATA CONTROLLER) and informs you that these data will be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and the Organic Law 3/2018 of 5 December (LOPDGDD).
You can contact the Data Controller at the email address info@mercadodesanmiguel.es .
The address for the purpose of complaints is identical to the company’s registered office.
2. Purposes of data processing
a) Answering queries that the User as data subject sends to the Data Controller.
Conservation period: The data will be kept until the issue raised by the User (data subject) has been resolved. Subsequently, if necessary, the information will be kept locked for the legally established periods.
Legal basis: Consent of the data subject.
b) Managing the publication of comments or opinions by users on the blog.
Conservation period: The data will be kept for the time necessary to adequately carry out this management. Subsequently, if necessary, the information will be kept locked for the legally established periods.
Legal basis: Consent of the data subject.
c) Managing the User’s request for free inspection.
Conservation period: The data will be kept for the duration of the inspection service and for as long as the User, as data subject, does not revoke the consent given. Subsequently, if necessary, the information will be kept locked for the legally established periods.
Legal basis: Consent of the data subject.
d) Processing orders, requests for products or services made by the User.
Conservation period: The data will be processed for as long as there is an interest on the part of the data subject, based on the existing contractual relationship. Subsequently, if necessary, the information will be kept locked for the legally established periods.
Legal basis: Contractual relationship.
e) Sending to the User commercial communications about our products that may be of interest (newsletter).
Conservation period: The data will be kept for as long as the data subject does not revoke the consent given.
Legal basis: Express consent of the User as data subject.
3. Recipients of your data
The Data Controller puts third parties in charge of the processing in order to provide its services. With the exception of these entities, your data will not be communicated to other third parties. If for any reason it is necessary to communicate such data to third parties, you will be informed in advance and, where appropriate, your consent will be requested and the purposes of the communication and the identity of the third party to whom it is to be communicated will be specified.
This is with the exception of cases in which a legal requirement necessitates the communication of such data to a third party.
4. Rights
Persons who provide us with their data have the following rights in relation to their data:
- Right of access
- Right of correction or deletion
- Right to limitation of processing
- Right to portability
- Right of opposition
- Right to revoke consent
If you would like more information about your rights, we suggest that you visit the website of the Spanish Data Protection Agency.
These rights can be exercised by sending an email to info@mercadodesanmiguel.es clearly indicating which right you wish to exercise and providing a copy of your identity card to prove your identity. You may also send a letter to the address of the Data Controller as per point 1 of this Privacy Policy.
In addition, we inform you about the possibility of filing a complaint with the competent Control Authority, in this case, the Spanish Data Protection Agency, in particular if you have not obtained satisfaction in the exercise of your rights. You can contact the Spanish Data Protection Agency by telephone on 901 100 099 and 912 663 517 or by visiting them at their address C/ Jorge Juan, 6. 28001 Madrid.
5. Security measures
The Data Controller guarantees the User that the processing carried out complies with all the provisions of the above-mentioned data protection regulations, GDPR and LOPDGDD, and that the data are processed in a lawful, fair and transparent manner in relation to the data subject and are adequate, relevant and limited to what is necessary for the purposes for which they are processed.
The Data Controller also guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD in order to protect the rights and freedoms of the Users and has communicated to them the appropriate information so that they can exercise those rights.
6. Origin of the data
All the data collected come from the User as data subject.