Privacy Policy
In compliance with data protection regulations, RGPD (EU) 2016/679 of April 27 (RGPD) and LO 3/2018 of December 5, Protection of Personal Data and guarantee of digital rights (LOPDYGDD), we inform you of clear and simple way about the most relevant aspects of our privacy policy. However, if you have any questions after reading this information, do not hesitate to contact us.
The person responsible for the treatment, BODEGAS VINÍCOLA REAL, SL, NIF Nº: B-26255661, Postal address at Ctra. de Nalda Km. 9 26120 – Albelda de Iregua (La Rioja) and Contact email: info@vinicolareal.com; informs you that the personal data that you provide us through this website will be treated in accordance with current regulations on the protection of personal data in Spain and the European Union.
The data that the user provides must be exact and truthfully respond to the current situation of the interested party. The user who enters the data is solely and ultimately responsible for the veracity of the information provided on our website.
What personal data is collected on this website?
For the purposes established in this Data Protection Policy, BODEGAS VINICOLA REAL, collects and processes the Personal Data detailed below, which will depend on the different products or services you request on this Website:
Identification data: name and surname, ID.
Contact information: postal address, email, telephone number.
Contractual data: contractual transaction data, NIF, purchased products, financial transactions, payment data.
Navigation data: IP address, device type and identification, browser type, domain through which you access the Website, navigation data, activity on the Website.
Purpose and legality of the treatment
I. Contact form and web contact email: we process the data you provide us to respond to the requested query. The legitimation is the consent of the interested party, article 6.1.a) RGPD.
II. Purchase and sale of products and/or services: the purpose of data processing is the provision of the contracted products and/or services. Legitimation is the execution of a contract in which the interested party is a party or for the application at the request of the interested party of pre-contractual measures, article 6.1.b) RGPD.
III. Purchases and sales made through our website: the purpose of data processing is the execution of a contract. Legitimation is to execute a contract, article 6.1.b) RGPD.
IV. Commercial communications: the data is processed to send information of interest about viticulture and wine tourism products and/or services. Legitimation is the explicit consent of the interested party for commercial communications by electronic means article 6.1.a) RGPD, and the legitimate interest when art. 21 of Law 34/2002, article 6.1. f) of the GDPR.
Automated decision making or profiling is not planned.
How long do we keep personal data?
The data will be kept for the time necessary depending on the purpose for which it was provided or collected, without prejudice, where appropriate, to the exercise of your right to deletion, which will entail the blocking of the data for as long as the data persist. legal obligations, or, where applicable, until you object to continuing to receive information about our products and/or services.
We may retain personal data once any relationship with the interested party has ended for compliance with legal obligations.
Recipients
The data may be communicated to the following recipients:
– To the Casa del Cofrade for the provision of the requested services.
– To banking entities for collection of products and/or services provided.
How do we protect your data?
The Data Controller adopts the necessary security measures to guarantee the confidentiality, integrity and availability of your data, adopting the necessary technical, organizational and legal measures to protect it from third parties.
Your data will only be processed by the parties strictly necessary for the processing of your data and will be stored on physical servers located in the European Union using an SSL certificate. The SSL certificate is a security protocol that makes data travel completely and securely, that is, the transmission of data between a server and user, and in feedback, is fully encrypted or encrypted.
What are your rights?
You can exercise, in accordance with the provisions of articles 15 to 22 of the RGPD 2016/679, before the Data Controller, through the postal and/or electronic addresses indicated in the contact details, the following rights:
· Right of access . Right to request access to your data to check what personal data is being processed, for what purpose and the retention period, among other information.
· Right to rectification. Right to request that your data be rectified when it is no longer accurate.
· Right of deletion or elimination. Right to request that your data stop being processed and be deleted.
· Right of limitation. Right to request limitation of data processing.
· Right of opposition. Right to object to the Data Controller continuing to process your data, in which case it may only maintain your data for legitimate interest or the exercise or defense of possible claims.
· Right of portability. Right to receive the personal data that concerns you, that you have provided to the Data Controller and to transmit it to another data controller.
Possibility of withdrawing consent: in the event that consent has been granted for a specific purpose, the interested party has the right to withdraw consent at any time, without affecting the legality of the treatment based on consent prior to its withdrawal. .
Complaint to the Control Authority: If you consider that the processing of your data violates the applicable personal data protection regulations, you can file a complaint with the competent Control Authority, in Spain, the Spanish Data Protection Agency.
Update and modification of this Privacy Policy
The information that appears on this website is current as of the date of its last update. The Data Controller reserves the right to modify this policy to adapt it to future legislative developments, as well as future uses that it plans to make of your personal data. In the event that said modification affects you in relation to the processing of your data, for example, because some additional processing is going to be carried out, not previously informed, we would proceed to notify you of this.
