Customer data processing
Data of the data controller:
Identity: Silvana Alice Bendahan Gloria - NIF: Z0669049F
Postal address: Nuestra Señora de Gracia 6, Valencia
Telephone: 34 603 801 250 - Email: silvana.mediterranea.inmo@gmail.com
At Silvana Alice Bendahan Gloria, we process the information you provide in order to provide you with the requested service or send you the required information. The data provided will be kept until you request that we cease processing it. The data will not be transferred to third parties except where there is a legal obligation to do so. You have the right to obtain information about whether Silvana Alice Bendahan Gloria is processing your personal data. Therefore, you can exercise your rights of access, rectification, erasure, data portability, and objection and restriction of processing by contacting Silvana Alice Bendahan Gloria at Nuestra Señora de Gracia 6, Valencia, or by email at silvana.mediterranea.inmo@gmail.com. You must sufficiently identify yourself in your request, either electronically or, failing that, by submitting a duly signed request. However, if the data controller has reasonable doubts regarding the identity of the individual making the request, they may request additional information necessary to confirm their identity. Furthermore, and especially if you believe that you have not obtained full satisfaction in the exercise of your rights, you may file a complaint with the national supervisory authority by contacting the Spanish Data Protection Agency, C/ Jorge Juan, 6 – 28001 Madrid.
We also request your authorization to send you advertising related to our products and services by any means (mail, email or telephone) and to invite you to events organized by the company.
Record of treatment activities
| a) Data controller | Identity: Silvana Alice Bendahan Gloria - NIF: Z0669049F Postal address: Nuestra Señora de Gracia 6, Valencia Email: silvana.mediterranea.inmo@gmail.com Telephone: 34603801250 |
|---|---|
| b) Purpose of the treatment | Managing relationships with potential customers |
| c) Categories of interested parties | Potential customers: People with whom we seek to maintain a business relationship as clients |
| d) Data categories | The information necessary for the company's commercial promotion. Identification (name, surname, postal address, telephone, email) |
| e) Categories of recipients | I do not share the personal data of my potential clients |
| f) International transfers | International transfers are not planned |
| g) Deletion period | One year since first contact |
| h) Security measures | Those reflected in the SECURITY MEASURES ANNEX |
INFORMATION OF GENERAL INTEREST
This document has been designed for low-risk personal data processing, which means it cannot be used for personal data processing that includes personal data relating to ethnic or racial origin, political, religious or philosophical ideology, trade union membership, genetic and biometric data, health data, and data concerning a person's sexual orientation, as well as any other data processing that entails a high risk to the rights and freedoms of individuals.
Article 5.1.f of the General Data Protection Regulation (hereinafter, GDPR) establishes the need to implement appropriate security measures against unauthorized or unlawful processing, loss of personal data, accidental destruction, or damage. This entails the implementation of technical and organizational measures to ensure the integrity and confidentiality of personal data and the ability to demonstrate, as established in Article 5.2, that these measures have been put in place (proactive accountability).
In addition, it must establish visible, accessible and simple mechanisms for the exercise of rights and have defined internal procedures to guarantee the effective handling of requests received.
Right of access
The right of access entitles data subjects to a copy of their personal data held, along with the purpose for which it was collected, the identity of the recipients, the envisaged retention periods or the criteria used to determine them, the existence of the right to request rectification or erasure of personal data, as well as the restriction or objection to its processing, the right to lodge a complaint with the Spanish Data Protection Agency, and, if the data was not obtained from the data subject, any available information as to its source. The right to obtain a copy of the data may not adversely affect the rights and freedoms of other data subjects.
Form for exercising the right of access.
Right of rectification
The right to rectification allows for the modification of inaccurate or incomplete personal data of data subjects, taking into account the purposes of the processing. The data subject must specify in the request which data is being rectified and the correction to be made, providing, where necessary, supporting documentation demonstrating the inaccuracy or incompleteness of the data being processed. If the data has been communicated by the controller to other controllers, the controller must notify them of the rectification unless this is impossible or involves a disproportionate effort, providing the data subject with information about these recipients upon request.
Form for exercising the right of rectification
Right of erasure
The right to erasure allows for the deletion of data subjects' personal data when they object to its processing and there is no legal basis preventing it, the data is no longer necessary for the purposes for which it was collected, they withdraw their consent, and there is no other legal basis legitimizing the processing or the processing is unlawful. If the erasure stems from the data subject's exercise of their right to object to the processing of their data for marketing purposes, the data subject's identifying information may be retained to prevent future processing. If the data has been communicated by the controller to other controllers, the controller must notify them of the erasure unless this proves impossible or involves a disproportionate effort, and must provide the data subject with information about these recipients upon request.
Form for exercising the right to erasure
Right to object
In the case of the right to object, when data subjects express their refusal to the processing of their personal data to the controller, the controller will cease processing it unless there is a legal obligation preventing it. When the processing is based on a task carried out in the public interest or on the legitimate interests of the controller, upon a request to exercise the right to object, the controller will cease processing the data unless compelling legitimate grounds are demonstrated which override the interests, rights and freedoms of the data subject or the processing is necessary for the establishment, exercise or defense of legal claims. If the data subject objects to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.
Form for exercising the right to object
Right to portability
Under the right to data portability, if the processing is carried out by automated means and is based on consent or within the framework of a contract, data subjects may request to receive a copy of their personal data in a structured, commonly used, and machine-readable format. They also have the right to request that their data be transmitted directly to a new controller, whose identity must be disclosed, where technically feasible.
Form for exercising the right to data portability
Right to restriction of processing
Under the right to restriction of processing, data subjects may request the suspension of the processing of their data to contest its accuracy while the controller carries out the necessary verifications, or if the processing is based on the controller's legitimate interests or is carried out in the public interest, while it is verified whether these grounds override the data subject's interests, rights, and freedoms. Data subjects may also request the retention of their data if they consider the processing unlawful and, instead of erasure, request restriction of processing, or if, even though the controller no longer needs the data for the purposes for which it was collected, the data subject requires it for the establishment, exercise, or defense of legal claims. The fact that the processing of the data subject's data is restricted must be clearly indicated in the controller's systems. If the data has been disclosed by the controller to other controllers, the controller must notify them of the restriction of processing unless this proves impossible or involves disproportionate effort, providing the data subject with information about those recipients upon request.
Form for exercising the right to limit processing
If the data subject's request is not processed, the controller shall inform him, without delay and no later than one month after receipt of the request, of the reasons for not acting and of the possibility of filing a complaint with the Spanish Data Protection Agency and of exercising legal action.
