ASSOCIACIÓ RUTA DEL VI DE LLEIDA informs users of the website about its policy regarding the processing and protection of the personal data of users and clients.

And guarantees at all times the full and complete compliance with the obligations established by the data protection and information society services regulations: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), the legislation Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD), and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSICE).

DATA CONTROLLER

ASSOCIACIÓ RUTA DEL VI DE LLEIDA

C.I.F.: G25715905

Address: CAPARRELLA COMPLEX – 25192 LLEIDA.

Registry data: XXXX

Phone: 973 264 583

Email: info@rutadelvidelleida.com

PURPOSES OF DATA PROCESSING

The data provided by the User are used for various purposes, which are listed below:

Purpose of data processingLegal basis for processing
Managing inquiries submitted through web forms.Legitimate interest of the Company to respond to information requests through the website. Express consent provided at the time of data collection through web forms.
Sending newsletters, commercial communications, and promotions.Express consent provided at the time of data collection through web forms.
Managing incidents and website maintenance.Legitimate interest of the Company.

DATA RETENTION PERIOD

Purpose of the processingData retention period
Managing inquiries submitted through web forms.We will process your data for as long as necessary to address your request or inquiry.
Sending newsletters, commercial communications, and promotions.We will process your data until you unsubscribe.
Managing incidents and website maintenance.We will process your data for the time necessary to comply with the legal prescription periods applicable to you.

DATA RECIPIENTS

To fulfill the purposes outlined in this Privacy Policy, it is necessary for us to grant access to your personal data to third parties who support us in the services we offer you (Data Processors).

The data processors for the execution of a contract or provision of a service to the Controller, therefore, follow its instructions at all times and ensure the same levels of security.

USER RIGHTS

The user has the right to:

• Request access to their personal data being processed and receive this information in writing through the requested means.

• Request the rectification of inaccurate personal data or, if applicable, request their deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.

• Request the limitation of the processing of their data.

• Oppose the processing of their personal data when applicable; in this case, their data will cease to be processed except for legitimate reasons.

• Right to data portability. The data subject has the right to receive their personal data if they have been provided in a structured, commonly used, and machine-readable format, and to transmit them to another controller, if the following requirements are met:

1. The processing is based on consent or a contract.

2. The processing is based on consent or a contract.

The processing is based on consent or a contract.

• Right to lodge a complaint with the Spanish Data Protection Agency.

The User can exercise the aforementioned rights at the postal or email address of the Controller, by accrediting their identity with a scanned copy of their ID card or equivalent document, and specifying the right they wish to exercise.

DATA SOURCE

Personal data must be provided by the interested party voluntarily. The lack of some data or the failure to respond to questions that may be asked to the interested party in registration processes or through electronic forms may result in the inability to access certain services for which it is essential to have this personal data. In this case, the Data Controller must inform the mandatory or necessary nature of providing personal data for the operation of the service.

The Controller ensures the confidentiality of your personal data and guarantees their security by adopting the necessary measures to prevent their alteration, loss, unauthorized processing, or access.

INFORMATION PROVIDED BY THE INTERESTED PARTY

Individuals under the age of 18 cannot provide their personal data without the prior consent of their parent(s) and/or legal guardians.

The interested party, by entering their data in the contact forms or provided in download forms, expressly and freely and unequivocally accepts that their data are necessary for the Controller to address their request, and the inclusion of data in the remaining fields is voluntary.

The interested party guarantees that the personal data provided to the provider are truthful and is responsible for communicating any changes to them.

All data requested through the website are necessary for the provision of an optimal service to the interested party. In case not all data are provided, it is not guaranteed that the information and services provided by the Controller will be fully tailored to their needs.

SECURITY MEASURES

In accordance with the provisions of the current regulations on the protection of personal data, the Controller is complying with all provisions of the GDPR and LOPDGDD for the processing of personal data under its responsibility, and explicitly with the principles described in Article 5 of the GDPR and Article 4 of the LOPDGDD, by which they are processed lawfully, fairly, and transparently in relation to the data subject, and are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. The Controller ensures that appropriate technical and organizational policies have been implemented to apply the security measures established by the GDPR and the LOPDGDD to protect the rights and freedoms of the data subject, and has provided them with adequate information so that they can exercise them.

SECURITY BREACHES

The Controller will report any security breach affecting the database used by this website, or affecting any of our third-party services, to each and every individual whose data may have been affected, as well as to the authorities, within 72 hours of detecting the breach.

APPLICABLE LEGISLATION AND JURISDICTION

Reserves the right to take civil or criminal action it deems necessary for the improper use of the Website and Contents.

The relationship between the User and the Controller shall be governed by the current laws and regulations applicable in Spanish territory. In the event of any dispute concerning the interpretation and/or application, the parties shall submit their conflicts to the ordinary jurisdiction, submitting to the courts and tribunals as provided by law.