PRIVACY AND DATA PROTECTION POLICY
The commitments that entrancesatualcance.com acquires with the users which access the website (assummerstory.com), are in full compliance with the current legislation on the Data Protection of personal data as well as the confidentiality complements entailed by the current activity of online sale.
In compliance with Regulation (EU) 2016/679, of the European Parliament and of the Council, of April 27, 2016 (hereinafter RGPD), Disorder Events S.L. highlights this Policy regarding the treatment and protection of personal data.
Data of the data controller
Disorder Events S.L.
Registered office: C / Sierra de Albarracín, 61
Contact information of the Data Protection Delegate: email@example.com
Area of application
This Policy will be applicable:
To those who visit the Disorder Events S.L. website, www.asummerstory.com
To those who voluntarily contact Disorder Events S.L. by email or by completing any of the data collection forms published on the Disorder Events S.L. website.
To those who request information about the Disorder Events S.L. products and services or who request to participate in any of the commercial actions of Disorder Events S.L ..
To those who formalize a contractual relationship with Disorder Events S.L. by hiring their products and services.
To those who use any other service present on the website that involves the communication of data to Disorder Events S.L. or access to data by Disorder Events S.L. for the provision of its services.
To any others who, directly or indirectly, have given their express consent for their data to be processed by Disorder Events S.L. for any of the purposes set out in this Policy.
The use of the products and Disorder Events S.L. services requires the express acceptance of this Policy.
Disorder Events S.L. warns that, except for the existence of a legally constituted representation, no user and/or client can use the identity of another person and communicate their personal data, so that the data provided to Disorder Events S.L. They must be personal data, corresponding to their own identity, adequate, relevant, current, accurate and true. In this sense, the user and/or client will be solely responsible for any direct or indirect damage caused to third parties or to Disorder Events S.L. for the use of another person’s data or their own data when they are false, erroneous, not current, inadequate or not relevant. Likewise, the user and/or client that communicates the personal data of a third party will be responsible for having obtained the corresponding authorization of the interested party, as well as its consequences otherwise.
Similarly, the user and/or client that communicates personal data to Disorder Events S.L. declares to be of legal age, in accordance with the provisions of Spanish legislation, abstaining otherwise from providing data to Disorder Events S.L. Any information provided on a minor will require the prior consent or authorization of their parents, guardians or legal representatives, who will be held responsible for the data provided by the minors in their care.
This Policy will be of subsidiary application with respect to those other conditions that on personal data protection are established with special character and are communicated, without limitation, through the registration forms, contracts and/or conditions of the particular services, being by both this policy complementary to those mentioned in that not expressly provided therein.
Purposes of the collection and processing of personal data
Disorder Events S.L., in its capacity as responsible for data processing, informs users of the existence of various treatments and files in which the personal data communicated to Disorder Events S.L. is collected and stored.
The purposes of such collection and processing of personal data are the following:
In relation to the “cookies” that Disorder Events S.L. used in navigation through its website (https://www.asummerstory.com), are stored on the user’s terminal equipment (computer or mobile device) and collect information when visiting these websites, in order to improve the usability of the same, to know the browsing habits or needs of the users to be able to adapt to them, as well as obtain information for statistical purposes. In the case of those users who are already customers of Disorder Events S.L., the information collected with cookies will also serve for their identification when accessing the different tools that Disorder Events S.L. puts at your disposal for the management of services. In any case, users can configure their browser, so that the reception of all or some of the cookies are disabled or blocked. The fact of not wishing to receive these cookies does not constitute an impediment to access the information on the websites of Disorder Events S.L. although the use of some services may be limited. If once the consent for the reception of cookies is granted, it is desired to withdraw it, those stored on the user’s computer must be deleted, through the options of the different browsers.
All information about the cookies used by Disorder Events S.L., is published in its Cookies Policy, available for consultation at https://asummerstory.com/politica-de-cookies/
In the case of sending an email to Disorder Events S.L. or a communication of personal data through any other means, such as a contact form, the purpose of the collection and processing of such data by Disorder Events S.L. is the attention of the queries and requests for information that are raised about the products and services of Disorder Events S.L ..
In the case of sending an email to Disorder Events S.L. related to your job offers, such data will be processed to participate in the personnel selection procedures.
In the case of Disorder Events S.L. that those interested fill in to participate in any of the commercial actions of Disorder Events SL, the purpose will be to enable such participation, as well as the sending of commercial and advertising communications about the services of Disorder Events SL, unless the interested party expressly states opposition at the same time of the collection of your data. Notwithstanding the foregoing, the interested party may modify his decision at any time, as many times as he wishes, through the means provided by Disorder Events S.L. for that end.
When contracting the services offered by Disorder Events SL, only those personal data that were necessary to establish the contractual relationship and enable the provision of services and remuneration thereof by customers will be collected, said data being collected and processed with the following purposes:
The main purpose will be to maintain the contractual relationship established with the client, in accordance with the nature and characteristics of the contracted services, by Disorder Events S.L. contacting the client through the e-mail address, telephone or other means indicated by the latter.
For the sending of documentation and information related to the contracted services, as well as for the sending of commercial and advertising communications about them or similar by Disorder Events SL, by postal mail, e-mail, telephone, SMS or other means indicated by the client, unless he expressly expresses his opposition at the same time of the contract. Regardless of whether the client has chosen to receive or not receive commercial information from Disorder Events S.L., the client may modify his decision at any time, as many times as he wishes, through the specific section available for it.
For the maintenance of historical records of the commercial relations during the legally established terms.
In those cases in which Disorder Events S.L. must access and/or process personal data for which the client had the status of responsible or responsible for the processing, Disorder Events S.L. will process said data as the entity in charge of the treatment in accordance with the provisions of article 28 of the GDPR and according to what is indicated in the section called “Disorder Events S.L. as the entity in charge of the treatment ”, included in this Policy.
In compliance with the provisions of Law 25/2007, of October 18, on the preservation of data related to electronic communications and public communications networks, Disorder Events S.L. informs the user that certain traffic data generated during the development of communications will be retained and saved, as well as, where appropriate, to communicate said data to the competent bodies whenever the legal circumstances provided for in said Law concur.
For all other purposes, which are expressly included in the Specific Conditions that are applicable to the corresponding product or service contracted by the customer and expressly accepted by it.
Term of conservation of personal data
Disorder Events S.L. will save personal data for the time strictly necessary for the fulfillment of the purposes detailed above. Disorder Events S.L. may keep these data duly blocked during the period in which responsibilities could be derived from your relationship with the client.
In the case of the data subject to conservation on the occasion of Law 25/2007, of October 18, on the conservation of data related to electronic communications and public communications networks, the period of conservation thereof will be detailed in said regulations.
Recipients of personal data
The recipients of personal data collected by Disorder Events S.L. will be the following:
The employees of Disorder Events S.L. in fulfilling its functions.
The suppliers of Disorder Events S.L. that intervene in the provision of services; in the event that this is necessary for the provision of the said.
The companies of the Group of Companies of which Disorder Events S.L. forms part, understood in the sense of article 42 of the Commercial Code, whose activity is the commercialization of services of identical or analogous nature offered by Disorder Events S.L.
The judicial or administrative organs, as well as the State Security Forces and Bodies, in the event that Disorder Events S.L. was required in accordance with current legislation to provide information related to its clients and their services.
Any others that due to the nature of the service must access the data provided with it, as detailed in the Specific Conditions that are applicable to the corresponding product or service contracted by the customer and expressly accepted by it.
User rights and their exercise
Users may at any time exercise the following rights recognized by the GDPR:
Right of access.
Users have the right to obtain Disorder Events S.L. information about whether personal data concerning them are being processed, to access them and to obtain information about the treatment performed.
Right to obtain a copy of your personal data.
Right of rectification.
Users have the right to have Disorder Events S.L. rectify their personal data if they are inaccurate or incomplete.
Right of suppression.
Users have the right to proceed to the deletion of the data when they are no longer necessary for the purpose for which they were provided or when the rest of the circumstances are legally provided.
Right to limit treatment.
Users have the right to request a limitation in the processing of their personal data, so that the processing operations that must correspond in each case, in those cases provided for in art.18 of the GDPR.
Right to portability.
Users have the right to receive the personal data that concerns them in a structured format, provided that such data rests exclusively with the user and has been provided by the user.
Users may exercise these rights in the following ways:
Whether they are customers of Disorder Events S.L. or if they are not, users can exercise their rights by sending a communication by e-mail to the address: firstname.lastname@example.org or by sending a request attaching their ID or valid document in law that proves their identity, addressed to Disorder Events S.L., C / Sierra de Albarracín, 61-63 Arganda del Rey (Madrid), for the attention of the Department of Communication, specifying the right they wish to exercise.
In cases of manifestly unfounded or excessive applications due to its repetitive nature, Disorder Events S.L. reserves the right to charge a fee for the administrative costs that are derived or the right to refuse to act on them, in accordance with the provisions of art. 12.5 GDPR.
Users and/or customers may contact the appropriate local authority if they consider that the processing carried out regarding their personal data has not been carried out in accordance with current legislation.
The data protection control authority in Spain is the Spanish Agency for Data Protection, whose contact details are available on its website, specifically at http://www.agpd.es/portalwebAGPD/CanalDelCiudadano/contacteciudadano/ index-ides-idphp.php.
International data transfers
In those products and services of Disorder Events S.L. in which international transfers are required to enable them to be provided, said circumstance will be included in the Specific Conditions that are applicable to the corresponding product or service contracted by the client and expressly accepted by the client prior to them.
Disorder Events S.L. as processing manager
According to article 28 GDPR and concordant, Disorder Events S.L. will treat the personal data of which the client will be agree as responsible to the processing and responsibility for the treatment, when this is necessary for the adequate provision of the contracted services. In that case, Disorder Events S.L. will act as the person in charge of the treatment, in accordance with the terms indicated below:
Disorder Events S.L. It will only process the data in accordance with the instructions of the client responsible or in charge of the processing, not using them for a purpose other than that contained in this Data Protection Policy and/or in the contractual conditions that are applicable.
Once the provision of the services that motivate the processing of personal data has been completed, these will be destroyed, as will any support or documents that contain any personal data or any type of information that has been generated during, for and/or for the provision of the services subject to the corresponding Conditions. Notwithstanding the foregoing, Disorder Events S.L. may keep the aforementioned data duly blocked during the period in which responsibilities may arise from your relationship with the client.
In the event that Disorder Events S.L. allocate the data for another purpose or communicate or use it in breach of this Data Protection Policy and/or the corresponding Terms of Service, it will also be held responsible for the processing.
Disorder Events S.L. undertakes, in accordance with Article 28 of the GDPR, to maintain due professional secrecy regarding the personal data to which it must access and/or treat in order to comply in each case with the object of the Terms of Service that are applicable, both during and after the termination of the same, committing to use such information only for the purpose provided in each case and to demand the same level of commitment to any person who within the organization participate in any phase of the treatment of Personal data customer responsibility.
The access and/or treatment of the data by Disorder Events SL, without prejudice to the specific legal or regulatory provisions that may be applicable in each case or those that on its own initiative are adopted voluntarily by Disorder Events SL, will be subject to security measures necessary to:
Ensure the confidentiality, integrity, availability and permanent resilience of treatment systems and services.
Pseudonymize and encrypt personal data, if applicable.
The client authorizes Disorder Events SL, as the entity in charge of the data processing, to subcontract with third parties, in the name and on behalf of the client, the storage services, custody of the backup copies of data and security, and those that were necessary to enable the provision of contracted services, respecting in any case the obligations imposed by the GDPR and its development regulations. At any time, the client may contact Disorder Events S.L. to know the identity of the subcontracted entities for the provision of the indicated services, which will act in accordance with the terms provided in this document and prior formalization with Disorder Events S.L. of a data processing contract in accordance with art. 28.4 of the GDPR.
The client authorizes Disorder Events S.L. to perform the actions indicated below, provided they are necessary for the execution of the provision of services. This authorization is limited to the action(s) necessary for the provision of each service and with a maximum duration linked to the validity of the applicable Contractual Conditions:
To carry out the processing of personal data on portable devices only by users or user profiles assigned to the provision of services.
To carry out the treatment outside the premises of the client or Disorder Events S.L., only by users or user profiles assigned to the provision of services.
The entry and exit of media and documents containing personal data, including those included and/or outside an email, outside the premises under the control of the client responsible for the processing.
The execution of the data recovery procedures that Disorder Events S.L. may be obliged to perform.
Disorder Events S.L. is not responsible for the breach of the obligations arising from the GDPR or the corresponding regulations regarding data protection by the user and/or client in what corresponds to their activity and that is related to the execution of the contract or business relationships that join Disorder Events SL. Each party must face the responsibility arising from its own breach of contractual obligations and the regulations.