DISCEFA S.L.U (hereinafter, Discefa) informs users of the website about its policy regarding the processing and protection of personal data of users and customers which may be collected by browsing, purchasing products, or contracting services through their website. In this sense, DISCEFA guarantees compliance with current regulations on the protection of personal data, reflected in Organic Law 15/1999 of December 13, on Personal Data Protection and in Royal Decree 1720/2007, of December 21, approving the Development Regulations of the Organic Law on Data Protection, and the General Data Protection Regulation (GDPR) (EU) 2016/679.
In compliance with current legislation on data protection, users are informed that, in DISCEFA, technical and organizational measures have been adopted in accordance with the provisions of the aforementioned regulations. The personal data that is included in the forms is subject to processing only by DISCEFA personnel or the Data Processors established herein. Adequate security measures have been adopted for the data provided and, in addition, all the means and technical measures at its disposal have been installed to prevent the loss, misuse, alteration, unauthorized access, and theft of the data that is provided to us.
The Client or User declares that all the data provided by him or her is true and correct and undertakes to keep them updated, communicating any change thereof to DISCEFA. The user will be liable for the accuracy of their data and will be solely responsible for any conflicts or litigation that may result from their falsehood. It is important that, in order for us to keep personal data updated, the user informs DISCEFA whenever there has been any change to it. Otherwise, we cannot respond to its accuracy.
DISCEFA has the duty to inform the users of its website about any collection of personal data that may occur, either by sending email or by filling in the forms included on the website. In this sense, DISCEFA will be considered responsible for the data collected through the means described above.
In turn, DISCEFA informs users that the purpose of processing the data collected includes addressing requests made by users, inclusion in the contact list, the provision of products or services, and the management of the business relationship. The operations, arrangements, and technical procedures that are carried out in an automated or non-automated way and which make it possible to collect, store, modify, transfer, and perform other actions concerning personal data, are considered Personal Data Processing.
DISCEFA makes available to users a series of telematic mechanisms for the collection and processing of their personal data, for the purposes set out above. The personal data provided electronically, either through email, the contact forms on this website, or online contracts will be used for the commercial and administrative management of the clients and users of the company. This data will be processed through servers managed by https://www.arsys.es/, which is also the company that provides e-mail services, and which will be considered the Data Processor. As established in the Law on Information Society Services and Electronic Commerce, DISCEFA undertakes to not send commercial communications without identifying them as such. For these purposes, the information sent to clients for the maintenance of the existing contractual relationship will not be considered commercial communication.
In any case, data will only be obtained as needed to be able to perform the contracted service, or to be able to respond adequately to the request for information made by the user.
Sometimes personal data will be provided through links to third party websites. In this case, at no time will DISCEFA staff have access to the personal data that the Client provides to said third parties.
The Organic Law on Data Protection and the GDPR gives the data subjects the possibility of exercising a series of rights related to the processing of their personal data. As long as the user’s data is processed by DISCEFA, they may exercise their rights. To that end, the user shall make contact, providing documentation proving their identity (National ID card or passport), via email to firstname.lastname@example.org, or through written communication to the address that appears in our legal notice. Said communication shall reflect the following information:
Name and surnames of the user, the request, address and accrediting data. The exercise of rights must be carried out by the user themselves. Nevertheless, they may be exercised by an authorized person as a legal representative of the user. In this case, documentation must be providing proving the representation of the data subject.
The user shall request the exercise of the following rights:
DISCEFA will not transfer or communicate your data to any third party, except in the cases provided by law or when the rendering of a service implies the need for a contractual relationship with a data processor, and always in accordance with the general conditions approved by the user prior to the contracting of the same. Thus, when contracting our services, the user accepts that some of them may be, totally or partially, subcontracted to other people or companies, which will be considered Data Managers, with whom the corresponding confidentiality contract has been agreed, or adhered to their privacy policies, established on their respective websites. They also accept that some of the personal data collected be provided to these Data Processors, when necessary for the effective performance of the contracted service. The user may refuse the transfer of their data to the Data Processors, by written request, by any of the aforementioned means.
The information provided by the client will, in any case, be considered confidential, without it being used for purposes other than those related to the contracted services or products purchased from DISCEFA. The company undertakes not to disclose or reveal information about the client’s claims, the reasons for the advice requested, or the duration of its relationship with the client.
This privacy and data protection policy has been drawn up by EXPERTOS LOPD®, a data protection company, as of May 16, 2018, and may vary depending on changes in regulations and case law that may occur, the data owner being responsible for reading the updated document, in order to know their rights and obligations in this regard at all times.