In compliance with data protection regulations, RGPD (EU) 2016/679 of April 27 (RGPD) and LO 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPDYGDD), we inform you clearly and simply about the most relevant aspects of our privacy policy. However, if after reading this information you have any questions, do not hesitate to contact us.
The Data Controller, BODEGAS VINÍCOLA REAL, SL, Tax ID No.: B-26255661, Postal address: Ctra. de Nalda Km. 9 26120 – Albelda de Iregua (La Rioja) and Contact email: info@vinicolareal.com; informs you that the personal data that you provide to us through this website will be treated in accordance with current regulations on the protection of personal data in Spain and the European Union.
The data provided by the user must be accurate and truthfully reflect the current situation of the interested party. The user who enters the data is the sole and final party responsible for the veracity of the information provided on our website.
What personal data is collected on this website?
For the purposes set out in this Data Protection Policy, BODEGAS VINICOLA REAL collects and processes the Personal Data detailed below, which will depend on the different products or services you request on this Website:
Identification data: name and surname, ID.
Contact information: postal address, email, telephone number.
Contractual data: data on contractual transactions, NIF, purchased products, financial transactions, payment data.
Browsing data: IP address, device type and identification, browser type, domain through which you access the Website, browsing data, activity on the Website.
Purpose and legality of the treatment
I. Contact form and web contact email: we process the data you provide us to respond to the requested query. The legitimacy is the consent of the interested party, article 6.1.a) GDPR.
II. Purchase and sale of products and/or services: the purpose of data processing is the provision of the contracted products and/or services. The legitimacy is the execution of a contract to which the interested party is a party or for the application at the request of the latter of pre-contractual measures, article 6.1.b) GDPR.
III. Purchases made through our website: the purpose of data processing is the execution of a contract. The legitimacy is to execute a contract, article 6.1.b) GDPR.
IV. Commercial communications: the data is processed for the purpose of sending information of interest on viticulture and wine tourism products and/or services. The legitimacy is the explicit consent of the interested party for commercial communications by electronic means, article 6.1.a) RGPD, and the legitimate interest when applicable, article 21 of Law 34/2002, article 6.1. f) of the RGPD.
Automated decision-making or profiling is not planned.
How long do we retain personal data?
The data will be kept for the time necessary depending on the purpose for which they were provided or collected, without prejudice, where appropriate, to the exercise of your right to deletion, which will entail the blocking of the data for as long as the legal obligations persist, or where appropriate, until you object to continuing to receive information about our products and/or services.
We may retain personal data once any relationship with the interested party has ended in order to comply with legal obligations.
Recipients
The data may be communicated to the following recipients:
– To the Casa del Cofrade for the provision of the requested services.
– To banking entities for the collection of payments for products and/or services provided.
How do we protect your data?
The Data Controller adopts the necessary security measures to guarantee the confidentiality, integrity and availability of your data, adopting the necessary technical, organizational and legal measures to protect them from third parties.
Your data will only be processed by the parties strictly necessary for the processing of your data and will be stored on physical servers located in the European Union using an SSL certificate. The SSL certificate is a security protocol that ensures that data travels in an integral and secure manner, that is, the transmission of data between a server and a user, and in feedback, is fully encrypted.
What are your rights?
You may exercise, in accordance with the provisions of articles 15 to 22 of the GDPR 2016/679, before the Data Controller, through the postal and/or electronic addresses indicated in the contact details, the following rights:
· Right of access . Right to request access to your data to check what personal data is being processed, for what purpose and the retention period, among other information.
· Right of rectification. Right to request that your data be rectified when it is no longer accurate.
· Right to deletion or elimination. Right to request that your data stop being processed and be deleted.
· Right of limitation. Right to request limitation of data processing.
· Right to object. Right to object to the Data Controller continuing to process your data, in which case it may only retain your data for legitimate interest or the exercise or defence of possible claims.
· Right to portability. Right to receive the personal data concerning you, which you have provided to the Data Controller and to transmit them to another data controller.
Possibility of withdrawing consent: in the event that consent has been given for a specific purpose, the interested party has the right to withdraw consent at any time, without affecting the legality of the processing based on the consent prior to its withdrawal.
Complaint to the Control Authority: If you consider that the processing of your data infringes the applicable personal data protection regulations, you can file a complaint with the competent Control Authority, in Spain, the Spanish Data Protection Agency.
Current status and modification of this Privacy Policy
The information appearing on this website is current as of the date of its last update. The Data Controller reserves the right to modify this policy to adapt it to future legislative developments, as well as to future uses that it plans to make of your personal data. If such modification affects you in relation to the processing of your data, for example, because additional processing of the same is going to be carried out, not previously informed, we will proceed to notify you of this.
