Additional information about data protection
Who is responsible for this website?
- Owner : Montserrat Estañol
- Commercial name: Dandelium Studio
- NIF/CIF: 47271597L
- Address: Apartado de correos 23 – 08320 El Masnou (Barcelona) – Spain
- E-mail: firstname.lastname@example.org
- Activity: Creation and implementation of websites using WordPress
- Contact details of the person in charge or representative, and of the data protection delegate in the latter case: Apartado de correos 23 – 08320 El Masnou (Barcelona) – Spain, email@example.com.
What personal data is collected on this website?
- Identification data: name, last name.
- Contact details: e-mail
- Navigation data: domain through which you access this website, visited pages
On what legal basis are these data processed?
We treat your personal data based on the following legal bases:
- The user’s consent in relation to contact, subscription to content and the sending of commercial communications, via mail, cookies or messaging systems.
- The legitimate interest of the data controller to protect the users of the Dandelium Studio website from abuse and fraud in the use of our services.
For what purpose will we treat your data?
There are different forms on this website. In each of them, the information we collect will be used as follows:
Comments form: Any personal data entered in the form to submit a comment will be used to exclusively moderate and publish them.
Contact form: There is also a contact form for questions, suggestions or professional contact. In this case, the email address will be used to respond to them and send the information that the user requires through the web.
Retention time of personal data
Client Data: The retention period of personal data will vary depending on the service that the client receives. In any case, it will be the minimum necessary, and may be kept for the specified periods of time. Note that all the articles refer to the Spanish Law:
- 4 years: Law on Infractions and Sanctions in the Social Order (obligations in terms of affiliation, registrations, cancellations, contributions, payment of salaries…); Arts. 66 et seq. General Tax Law (accounting books…).
- 5 years: Art. 1964 of the Civil Code (personal actions without special term).
- 6 years: Art. 30 of the Commercial Code (accounting books, invoices…).
- 10 years: Art. 25 of the Law on Prevention of Money Laundering and Financing of Terrorism.
Potential Client’s Data: The data will be kept during the validity of the established commercial relationship and, once concluded, for two more years, unless the user requests its deletion first.
What are your rights regarding the use of your data?
Anyone has the right to obtain confirmation on whether Dandelium Studio is processing personal data that concerns them.
Interested parties have the right to:
- Request access to personal data relating to the interested party.
- Request its rectification or deletion.
- Request its cancellation.
- Request the limitation of the data’s treatment.
- Oppose the treatment of said data.
- Request data portability.
If you have given your consent for a specific purpose, you have the right to withdraw your consent at any time, without affecting the legality of the treatment based on the consent prior to its withdrawal.
To exercise these rights, you can send an e-mail to firstname.lastname@example.org
In the event that you feel your rights have been violated with regard to the protection of your personal data, especially when you have not obtained satisfaction in the exercise of your rights, you can file a claim with the competent Data Protection Control Authority through their website: https://www.aepd.es/es
There is a form to exercise your rights, you can request it by e-mail or, if you prefer, you can use those prepared by the Spanish Agency for Data Protection or third parties. This form must be signed electronically or include a copy of an ID, such as a Passport or DNI (Documento Nacional de Identidad). If someone represents you, you must attach a copy of their ID, or it must be signed with their electronic signature.
The forms can be submitted in person, sent by letter or by e-mail to the address of the person in charge that appears at the beginning of this text (email@example.com).
Notification of security breaches
At Dandelium Studio (Montserrat Estañol) we apply security measures to the data, with goal of protecting personal information against loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of personal information. However, if Montserrat Estañol determines that your service data has been misappropriated (even by an employee of Montserrat Estañol), they have been exposed due to a security breach or acquired incorrectly by a third party, Montserrat Estañol will inform you immediately of said breach of security, appropriation or improper acquisition.
To which recipients will your data be communicated?
Many tools used in this website to manage data are provided by third parties. To provide services that are strictly necessary for the development of the activity, Montserrat Estañol shares data with the following providers under their corresponding privacy conditions:
Third-party service providers (for example, payment processing services, order processing, analytics, marketing campaign management, website management, and email distribution and other similar service providers) in order for them to perform commercial functions on behalf of Montserrat Estañol.
The web development and maintenance company, or the hosting company, may occasionally have access to this website. They have signed a contract for the provision of services that obliges them to maintain the same level of privacy that is applied to the treatments carried out on this website.
Any international transfer of data derived from the use of tools or service providers will be adhered to the Privacy Shield agreement, which guarantees that American software companies comply with European data protection policies regarding privacy, secrecy and data security; or it will comply with the legality set out in the General Data Protection Regulation (GDPR).
More specifically, we use the following tools and services:
- Software web: WordPress. WordPress is open-source software. Its updated regularly and its used by Dandelium Studio to run this website.
Secrecy and data security
dandelium.studio is committed to the use and treatment of their users’ personal data, respecting their confidentiality, and in accordance to the purpose for which they were collected; as well as to comply with its obligation to save them and adopt all measures to avoid alteration, loss, treatment or unauthorized access, in accordance with the provisions of current data protection regulations.
As a result, this website uses an SSL certificate. SSL certificates allow the use of a security protocol to ensure data integrity and their security. This means that the communication of data between the user and the server (and the other way around) is encrypted and secure.
Note, however, that dandelium.studio cannot guarantee the absolute impregnability of the Internet network, nor, therefore, the violation of data through fraudulent access to them by third parties.
Regarding the confidentiality of the processing, Montserrat Estañol will ensure that any person who is authorized by Montserrat Estañol to process the client’s data (including its staff, collaborators and providers), will be under the appropriate obligation of confidentiality (either a duty contractual or statutory).
When a security incident takes place, Montserrat Estañol must notify the Client without undue delay upon realizing the incident, and must provide timely information related to the Security Incident as it is known, or when the client reasonably requests it.
Accuracy and veracity of the data
As a user, you are solely responsible for the veracity and accuracy of the data you send to dandelium.studio, exonerating Montserrat Estañol (Dandelium Studio) from any responsibility in this regard. Users guarantee and are responsible, in any case, for the accuracy, validity and authenticity of the personal data provided, and undertake to keep them duly updated. The user agrees to provide complete and correct information in the contact or subscription form.
Any given consent, be if for the treatment or the transfer of data of the interested parties (i.e. the users), can be can be revoked at any time by notifying Montserrat Estañol (Dandelium Studio) in the terms established in this Policy for the exercise of ARCO rights. This revocation will in no case be retroactive.
Montserrat Estañol reserves the right to modify this policy to adapt it to new legislation or jurisprudence, as well as to industry practices. In such cases, she will announce the changes introduced on this page with reasonable anticipation of their implementation.
Last update: May 26th, 2023