1.MAIN PREMISES RESPECT FOR USER PRIVACY AND DATA PROTECTION
For us, the privacy of users and the protection of their data are considered human rights.
We have a duty to treat individuals within our data with care.
Data is a liability and should only be collected and processed when absolutely necessary.
We do not like spam. Therefore, we will never sell, rent, distribute or publish your personal information.
2.RESPONSIBLE FOR DATA PROCESSING
Identity: Ca l’Ubú, S.L
Postal address: C/ Migdia 8, Sant Martí de Tous – 08712 Barcelona
Telephone: +34 93 809 67 96
Data protection and privacy contact: email@example.com
3.1 For what purpose do we process your personal data?
At Ca l’Ubú, S.L. we process the information provided by interested parties for the following purposes:
Like most websites, we use Google Analytics (GA4) to track user interaction. We use this data to determine the number of people using our website and to better understand how they find and use our sections within the website.
Although GA4 records data such as geographical location, device, Internet browser and operating system, this information is not used by Ca l’Ubú, S.L. for profiling or any other processing. We are not able to use this data to personally identify the user. GA4 also saves the user’s IP, data with which we could identify the user personally, but Google does not give us access to it.
Ca l’Ubú, S.L. considers GA4 to be a third party data processor (see Section 5).
Requests for information or queries should be made by sending an e-mail to: firstname.lastname@example.org.
The data will be received in an email account of Ca l’Ubú, S.L. and will be stored, and may be used to provide answers to queries, information on services, budgets and/or commercial actions. These emails and the data they contain will not be passed on to third parties.
NOTE: As a user, avoid entering personal or sensitive data in the text field, as it is not a field designed for this purpose and Ca l’Ubú, S.L., does not have the means to verify them in this regard.
3.2 How long will we keep your data?
The personal data provided will be retained until such time as the data subject requests its deletion by exercising his or her rights over the data.
In accordance with our business and IT systems, this website is designed to comply with the following national and international laws regarding data protection and user privacy:
EU General Date Protection Regulation 2018 (GDPR) EU 2016/679.
This website’s compliance with the above legislation means that it is also likely to be compliant with data protection laws and user privacy legislation established in many other countries and territories. If you are unsure whether this website complies with the specific data protection and user privacy legislation of your country of residence, you should contact our data protection and privacy officer (details under heading 2) for clarification.
We use a third party service (Amazon Web Services, Inc. through its subsidiaries and affiliates in the European Union) to process or store data on our behalf. This third party service acts in these cases as a data processor.
The service has been carefully chosen by Ca l’Ubú, S.L. according to its degree of maturity in complying with the standards specified in section 4. The service used is located in the USA and currently complies with the EU-US Privacy Shield agreement.
6.1 What are your rights when you provide us with your data?
Any person has the right to obtain confirmation as to whether or not Ca l’Ubú, S.L. is processing personal data concerning them.
Interested parties have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, to request its suspension when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
In certain circumstances, data subjects may request that we restrict the processing of their data. In this case, we will only retain them for the exercise or defence of claims.
In certain circumstances and for reasons related to their particular situation, data subjects may object to the processing of their data. Ca l’Ubú, S.L. will stop processing the data, except for imperious legitimate reasons, or the exercise or defence of possible claims.
6.2 How can you contact us to exercise your rights?
There are several methods of contact for users to exercise their rights regarding Ca l’Ubú, S.L.’s processing of their personal data. A request can be made in writing, in person or by email to email@example.com.
You can also make a request to exercise your rights of access, rectification, cancellation or opposition (ARCO) using the contact form that Ca l’Ubú, S.L. has at the disposal of interested parties. In order to exercise the rights of access, rectification, cancellation or opposition (ARCO), the interested party who contacts Ca l’Ubú, S.L. must be able to prove their identity so that the data controller can verify them according to the data stored. As the party responsible for the processing of the data provided in forms on this website, in the event of any notification by the user with the aim of exercising any of the rights of access, rectification, cancellation or opposition regarding their personal data, Ca l’Ubú, S.L. will inform the interested party of the actions derived from their request within a maximum period of one month (this may be extended for a further two months in the case of particularly complex requests, informing them of this extension in the first month).
All data are collected directly from the website and always after the interested party provides them through the forms provided for such use. They are not acquired by any other means.
Ca l’Ubú, S.L. will inform any security breach that affects the database used by this website, or that affects any of our third-party services, to each and every person, data of those who may have been affected, and authorities, within 72 hours following the detection of the breach.
In accordance with the provisions of the regulations in force on personal data protection, the RESPONSIBLE is complying with all the provisions of the regulations for the processing of personal data under its responsibility, and manifestly with the principles described in Article 5 of the GDPR, whereby they are processed lawfully, fairly and transparently in relation to the data subject and in a manner that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER guarantees that it has implemented appropriate technical and organisational policies to apply the security measures established by the GDPR to protect the rights and freedoms of the Users and that it has communicated the appropriate information to them so that they can exercise them.