PRIVACY AND DATA PROTECTION POLICY

This document can be printed using the print command in the settings of any browser.

Overview:

Personal Data processed for the following purposes and using the following services:

Contacting the User to provide the requested information or the previously requested contact, management of the relationship and billing in accordance with fiscal and legal obligations the service provided to the customer.

Method of data collection: Contact form.
Personal Data requested in the Contact Form: name, email, confirmation of reading the Privacy Policy, authorization to send commercial communications.

I. Contact information of the Data Controller

Name: Miriam Bertolini – NIF: Y6805606N 

Address: C/ de Provença, 552Sant Martí, 08026 Barcelona

Mobile: 644219984 – Email: miriamsheilabertolini@gmail.com

Duration of data storage: 2 years, after which the data will be deleted.

We process the information you provide in order to provide the requested service and perform billing. The data provided will be kept as long as the business relationship is maintained or for the time necessary to comply with legal obligations and meet the possible responsibilities that may arise from the fulfillment of the purpose for which the data were collected. The data will not be transferred to third parties except in cases where there is a legal obligation. You have the right to obtain information about whether we are processing your personal data, so you can exercise your rights of access, rectification, deletion and portability of data and opposition and limitation to their treatment before Miriam Bertolini, C/ de Provença, 552Sant Martí, 08026 Barcelona or at the email address miriamsheilabertolini@gmail.com, sufficiently identifying yourself in your request by electronic means or, failing that, by a duly signed request. However, if the data controller has reasonable doubts as to the identity of the natural person submitting the request, he/she may request that additional information necessary to confirm his/her identity be provided. Likewise, and especially if you consider that you have not obtained full satisfaction in the exercise of your rights, you may file a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, 6 - 28001 Madrid.

Type of Data collected

Among the Personal Data collected by this Application, either autonomously or through third parties, are: name, e-mail.

Full details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific informative texts displayed prior to the collection of such Data.

Personal Data may be freely provided by the User or, in the case of User Data, collected automatically during the use of this Application.

Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to communicate them, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its operation.

Users who are in doubt as to which Data are mandatory are advised to contact the Data Controller.

Navigation data

During their normal operation, the computer systems and software procedures used to operate this site acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes the following:

- IP addresses of devices used by users

- date and time of receipt of application

- the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources

- the numerical code indicating the status of the response given by the server (successful, error, etc.)

- the size in bytes of the response;

- URI/URL address of the source page (referrer);

- browser identification string (user agent).

These data are not kept for more than 15 days, after which time they are automatically deleted (without prejudice to any criminal offences that may be established by the judicial authority). In addition, the data necessary for the use of the web services are processed anonymously in order to check the correct functioning of the services offered.

Purpose of data collected

User Data is collected so that the Data Controller can provide the Service, comply with legal obligations, respond to requests or coercive actions, protect its rights and interests (or those of Users or third parties), detect possible fraudulent or malicious activities, as well as for the following purposes: Contacting the User.

For detailed information on the purposes of the processing and the Personal Data processed for each purpose, the User may consult the section “Details of the processing of Personal Data”.

The person responsible for the processing of personal data collected at Centro Ka is: Miriam Bertolini, NIF: Y6805606N (hereinafter, Data Controller). Her contact details are as follows:

Mobile: 644219984

Email: miriamsheilabertolini@gmail.com

More information for users

Legal basis for processing data

The Controller processes Personal Data relating to the User if one of the following conditions is met

- the User has given consent for one or more specific purposes.

- the processing is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures;

- the processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

- the processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.

However, it is always possible to ask the controller to clarify the specific legal basis for each processing operation and, in particular, to specify whether the processing is based on law, required by contract or necessary to conclude a contract.

Principles applicable to the processing of personal data

The processing of the User's personal data will be subject to the following principles.

Principle of lawfulness, fairness and transparency: the consent of the User will be required at all times after fully transparent information of the purposes for which personal data are collected.

Purpose limitation principle: personal data will be collected for specified, explicit and legitimate purposes.

Principle of data minimization: the personal data collected will be only those strictly necessary in relation to the purposes for which they are processed.

Principle of accuracy: personal data must be accurate and always up to date.

Principle of limitation of the storage period: personal data will only be kept in a form that allows the identification of the User for the time necessary for the purposes of their processing.

Principle of integrity and confidentiality: personal data will be treated in a way that guarantees its security and confidentiality.

Principle of proactive responsibility: the Controller shall be responsible for ensuring that the above principles are complied with.

Categories of personal data

The categories of data processed by Centro Ka are solely identification data. In no case are special categories of personal data processed within the meaning of Article 9 of the GDPR.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is consent. Centro Ka undertakes to obtain the express and verifiable consent of the User for the processing of their personal data for one or more specific purposes.

The User shall have the right to withdraw consent at any time. It shall be as easy to withdraw consent as it is to give it. As a general rule, the withdrawal of consent shall not condition the use of the Website.

In the occasions in which the User must or may provide his/her data through forms to make inquiries, request information or for reasons related to the content of the Website, he/she will be informed in case the completion of any of them is mandatory because they are essential for the proper development of the operation carried out.

Personal data will only be retained for the minimum time necessary for the purposes of its processing and, in any case, only for the following period: 24 months, or until the User requests its deletion.

The User's personal data will not be shared with third parties.

Personal data of minors

Respecting the provisions of Articles 8 of the RGPD and 7 of the Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and guarantee of digital rights, only those over 14 years of age may give their consent to the processing of their personal data in a lawful manner by Centro Ka. In the case of a minor under 14 years of age, the consent of the parents or guardians will be required for the processing, and this will only be considered lawful to the extent that they have authorized it.

Method and place of processing of the collected Data

- Treatment modalities

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The processing is carried out by means of computer and/or telematic tools, with organizational and logical methods strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this Application (administrative, trainee, commercial, marketing, legal staff, system administrators) or external subjects (such as third party technical service providers, couriers, hosting providers, IT companies, communication agencies) also designated, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.

- Place

The data is processed at the headquarters of the Data Controller and at any other location where the parties involved in the processing are located. For further information, please contact the Data Controller.

The User's Personal Data may be transferred to a country other than the one in which the User is located. You may refer to the section on details of the processing of Personal Data for more information on the location of the processing. Conservation period

Unless otherwise stated in this document, Personal Data is processed and stored for two years.

Personal data will be treated as confidential by the Data Controller, who undertakes to inform and to ensure by means of a legal or contractual obligation that such confidentiality is respected by its employees, associates, and any person to whom it makes the information accessible.

Additional information on conservation

Unless otherwise stated herein, Personal Data is processed and stored for the time required for the purpose for which it was collected and may be stored for a longer period due to any legal obligation or based on the consent of the Users, but not for a period longer than two years.

Thus:

- Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the end of the performance of such contract.

- Personal Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. You can obtain more information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.

In addition, the Controller may be required to retain Personal Data for a longer period in order to comply with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this period, the rights of access, deletion, rectification and data portability can no longer be exercised.

User Rights under the General Data Protection Regulation (GDPR)

Users may exercise certain rights with reference to the Data processed by the Data Controller.

In particular, within the limits provided by law, the User has the right to:

- revoke consent at any time. The User may revoke the consent to the processing of his Personal Data previously expressed.

- object to the processing of your Data. The User may object to the processing of his/her Data when it is carried out on a legal basis other than consent. Form for the exercise of the right of opposition

- access to their Data. The User has the right to obtain information about the Data processed by the Controller, about certain aspects of the processing and to receive a copy of the processed Data. Form for the exercise of the right of access.

- verify and request rectification. The User may verify the accuracy of his Data and request its update or rectification. Form for the exercise of the right of rectification

- obtain the limitation of the processing. The User may request the limitation of the processing of his/her Data. In this case, the Data Controller will not process the Data for purposes other than its storage. Form for the exercise of the limitation of processing

- obtain the deletion or elimination of their Personal Data. The User may request the deletion of his or her Personal Data by the Data Controller. Form for exercising the right to suppression

- receive your Data or have it transferred to another data controller. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without hindrance to another data controller. Form for the exercise of data portability

- propose a complaint. The User may file a complaint with the competent data protection supervisory authority or take legal action.

Users have the right to obtain information about the legal basis for the transfer of Data abroad, including any international organization governed by international law or formed by two or more countries, such as the UN, as well as about the security measures adopted by the Data Controller to protect their Data.

How to exercise your rights

Any request to exercise the User's rights may be addressed to the Data Controller using the contact details provided in this document. The request is free of charge and the Data Controller will respond as soon as possible, in any case within one month, providing the User with all the information required by law. Any rectification, erasure or restriction of processing shall be communicated by the Data Controller to each of the recipients, if any, to whom the Personal Data has been transmitted, unless this proves impossible or requires a disproportionate effort. The Controller shall inform the User of such recipients upon request.

Thus, the User may also exercise his/her rights by means of a written communication addressed to the Data Controller with the reference “RGPD-www.centroka.space”, specifying:

Name, surname of the User and copy of the ID card. In cases where representation is admitted, it will also be necessary the identification by the same means of the person representing the User, as well as the document proving the representation. The photocopy of the DNI may be replaced by any other means valid in law that proves the identity.

Request with the specific reasons for the request or information to be accessed.

Address for notification purposes.

Date and signature.

Todo documento que acredite la petición que formula.

Esta solicitud y todo otro documento adjunto podrá enviarse al correo electrónico arriba mencionado.

Links to third party websites

The Web Site may include hyperlinks or links that allow access to third party websites other than Centro Ka, and therefore are not operated by Centro Ka. The owners of such websites will have their own data protection policies, being themselves, in each case, responsible for their own files and their own privacy practices.

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

It is necessary that the User has read and agrees with the conditions on the protection of personal data contained in this Privacy Policy, as well as to accept the processing of their personal data so that the Data Controller can proceed in the manner, during the periods and for the purposes indicated. The use of the Website will imply the acceptance of the Privacy Policy of the same.

Centro Ka reserves the right to modify its Privacy Policy, according to its own criteria, or motivated by a legislative, jurisprudential or doctrinal change of the Spanish Data Protection Agency. Changes or updates to this Privacy Policy will not be explicitly notified to the User. The User is recommended to consult this page periodically to be aware of the latest changes or updates.

III. Additional information

Defense in court

The User's Personal Data may be used by the Data Controller in legal proceedings or in the preparatory stages of such proceedings to defend against abuses in the use of this Application or related Services by the User.

The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of public authorities.

IV. Social Media

For official pages, Facebook and Instagram offer a number of analytical tools from which you can get aggregate data that helps you understand how people interact. 

Meta Platforms Ireland Limited, the company that provides Facebook and Instagram services 

therefore receives data from people who view Centro Ka's Facebook pages that 

otherwise they would not interact with the Social Media. 

With regard to the processing of statistical data from Facebook and Instagram pages, 

Centro Ka is a co-owner with Meta Platforms Ireland Limited (“Meta”). 

Similarly, with respect to the inclusion on the pages of the site of the 

Facebook “Like” button that allows users to share their preferences on the social network 

Centro Ka and Meta Platforms Ireland Limited are to be considered as 

“co-processors” for data collection operations, not for processing operations subsequent to data collection 

on Meta's side. 

In the link https://www.facebook.com/legal/terms/page_controller_addendum you can 

see the appendix on the data controller, which indicates the distribution of 

responsibilities between Meta and Centro Ka. 

The following link https://www.facebook.com/about/privacy/update provides access to 

Meta's privacy policy and find, among others, the following information: 

– What type of information Meta collects; 

– How it uses such information; 

– How this information is shared; 

– The legal bases for data processing; 

– How to exercise your rights under the GDPR; 

– Meta Platforms Ireland Limited contact details for Data protection matters 

in relation to their usage; 

– The contact details of the data protection officer of Meta Platforms Ireland 

Limited; 

– Facebook and Intagram visitor rights under the GDPR; 

– The data conservation period; 

On this page (https://www.facebook.com/policies/cookies/) you can consult the 

Meta cookie policy.