New data protection law, information treatment law 2018, data protection regulation

PRIVACY POLICY

Responsible party's identification:

· Identity: SERVITORO, S.L. (from now on, “SERVITORO”).

· NIF/CIF (Tax ID No.): B86380672.

· Address: Paseo de la Castellana 90, 1º, 28046 Madrid.

· E-mail: servitoro@servitoro.com.

· Website: https://www.servitoro.com (hereinafter the “Website”).

SERVITORO informs you about its Privacy Policy regarding the personal data processing and protection of users and clients' personal data that may be collected by browsing or contracting services through the Website www.servitoro.com.

Accordingly, SERVITORO guarantees compliance with current legislation on the protection of personal data, reflected in the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (LOPD GDD). It also complies with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons (GDPR).

The use of the Website implies acceptance of this Privacy Policy, as well as the conditions included in the Legal Notice.

Information and acceptance

As a User of the Website, you declare that you have been informed of the conditions regarding the protection of personal data, and that the personal data that you provide through the Website will be processed by SERVITORO for the purposes described in this Privacy Policy.

The user should carefully read this Privacy Policy, which has been written in a clear and simple manner, to facilitate its understanding, freely and voluntarily determining whether they wish to provide their personal data to SERVITORO.

Obligation to provide personal data

The data requested in the forms on the Website are, in general, compulsory (unless otherwise specified in the required field) in order to comply with the established purposes.

Therefore, if the same are not provided or are not provided correctly, they cannot be fulfilled, without prejudice to the fact that you may freely view the content of the Website.

Purpose and legal grounds for personal data processing

The personal data provided through the Website or other means made available to users will be processed by SERVITORO in accordance with the following purposes: Data provided for the purchase of tickets and/or bullfighting articles: the data provided for this purpose will be processed to enable the purchase of tickets for bullfighting events, as well as bullfighting articles offered on the Website by the user and to process the purchase, delivering the purchased goods to the user.

The basis of legitimacy of the processing of data for this purpose will be the execution of the contractual relationship between SERVITORO and the user.

Data provided for registration and login as a user: the data provided for this purpose will be processed to allow the registration and login of the user on the Website, thus granting access to your private area within the Website.

The basis of legitimacy of the processing of data for this purpose will be the execution of the contractual relationship between SERVITORO and the user.

Data provided in the information request form: the data provided for this purpose will be processed to allow the user to formulate their request for information in relation to reservations and the purchase of bullfighting tickets, as well as proceeding to the attention of their request, responding to it.

The legal grounds for data processing with this aim is the attention of your request (execution of the contractual relationship), as well as the application of pre-contractual measures with the user by SERVITORO.

Data provided in the contact methods: the data provided for this purpose will be processed in order to provide our customer service, including the web contact form, telephone support and WhatsApp support.

The legal grounds for data processing for this purpose is the consent of the user.

Data provided for the sending of SERVITORO communications: provided for this purpose will be processed to enable the management of the sending of commercial communications with relevant information about SERVITORO services and/or events that may be of interest to you.

The legal grounds for data processing for this purpose is the consent of the user.

Data provided for subscription to the newsletter: the data provided for this purpose will be processed to allow the user to subscribe to the SERVITORO newsletter and to manage the sending of the newsletter to the address indicated.

The basis of legitimacy of the processing of data for this purpose will be the execution of the contractual relationship between SERVITORO and the user.

Information provided to ensure compliance with the conditions set out in the Legal Notice and applicable legislation. This may include the development of tools and algorithms that help this Website to ensure the confidentiality of the personal data it collects.

The legal grounds for legitimising the processing of data for this purpose will be SERVITORO's compliance with the corresponding legal obligations.

Data provided through the use of the Website: the data provided through the use of the Website will be processed in order to carry out the maintenance, support and updating of the Website, as well as for the resolution of possible technical incidents or any other incidents that may arise in relation to it and to prepare anonymous statistical reports on access habits and the activity carried out by users on the Website.

The legal grounds for legitimising the processing of data for this purpose is SERVITORO's legitimate interest in the correct functioning of the Website. Similarly, SERVITORO has implemented technical security measures aimed at guaranteeing the privacy and confidentiality of the information processed. If you wish to obtain more information about this processing and to object to it, you can send a letter to the following e-mail address: servitoro@servitoro.com.

Data provided on SERVITORO's social networks: the data provided for this purpose will be processed to manage SERVITORO's social networks. If you are a follower on the Owner's social networks, the processing of your personal data will be governed by this section, as well as by those conditions of use, privacy policies and access regulations that belong to the social network that applies in each case and that you have previously accepted. SERVITORO will process your personal data in order to correctly manage its presence on the social network, inform you of its activities, products or services, as well as for any other purpose that the regulations of the social networks allow. Under no circumstances will SERVITORO use the profiles of followers on social networks to send advertising on an individual basis.

The legal grounds for data processing for this purpose is the consent of the user.

Personal data recipients

The user's data may be communicated to:

Public Administrations with competence in the matter.
Courts and Tribunals, in the event of specific requirements made in accordance with the applicable regulations.

· State Security Forces and Corps, in the event of specific requirements made in accordance with the applicable regulations.

Additionally, the data can be accessed by SERVITORO's suppliers, being this access necessary for the adequate provision of the services. These suppliers will not process your data for their own purposes that have not been previously informed by SERVITORO. In this sense, SERVITORO follows strict criteria for the selection of service providers in order to comply with its obligations in terms of data protection and undertakes to sign a data processing agreement, as established by law, by which it will impose on them, among others, the following obligations: to implement appropriate technical and organisational measures to ensure the security of personal data; to process personal data for the agreed purposes and only in accordance with the documented instructions of the data controller; and to delete and return the data to the data controller once the services have been completed.

Personal Data Retention

SERVITORO will keep the personal data of the users only for the time necessary to carry out the purposes for which they were collected, as long as the consents granted are not revoked. Subsequently, if necessary, SERVITORO will keep the information blocked until the prescription of the legal responsibilities that may have arisen as a consequence of the processing of the user's personal data, at which time the data will be irreversibly deleted.

Data provided for the purchase of tickets and/or bullfighting articles: the data processed for this purpose will be kept until the event is held and the product is delivered and, in any case, blocked for the period of limitation of the possible legal responsibilities that may arise, that is, five years.

Data provided for registration and login as a user: the data provided for this purpose will be kept until the user cancels their account and, in any case, blocked for the period of limitation of any legal liabilities that may arise, i.e. five years.

Data provided in the information request form: the data processed for this purpose will be kept until the user's request is fulfilled and, in any case, blocked for the period of limitation of possible legal liabilities that may arise, i.e. three years.

Data provided in contact methods: the data processed for this purpose will be kept until the user's request is answered and, in any case, blocked for the period of limitation of possible legal liabilities that may arise, i.e. three years.

Data provided for the sending of SERVITORO communications: the data processed for this purpose will be kept until the user revokes the consent given and, in any case, blocked for the period of limitation of any legal liabilities that may arise, i.e. three years.

Data provided for subscription to the newsletter: the data processed for this purpose will be kept until the user cancels their subscription and, in any case, blocked for the period of limitation of possible legal liabilities that may arise, i.e. three years.

Data provided to ensure compliance with the conditions set out in the Legal Notice and in the applicable law: the data processed for this purpose will be kept for the period of limitation of the legal liabilities that may arise from compliance with each legal obligation.

Data provided through the use of the Website: the data processed for this purpose will be kept for a period of one year. SERVITORO may keep the information in aggregate form, without identifying the users, for a longer period.
Data provided on SERVITORO's social networks: the data processed for this purpose will be kept until the user stops following SERVITORO's accounts or from the last contact they have with them and, in any case, blocked for the period of limitation of any possible legal liabilities that may arise, that is, three years.

Security of personal data

SERVITORO will treat the user's data at all times in an absolutely confidential manner and keeping the mandatory duty of secrecy regarding the same, in accordance with the provisions of the applicable regulations, adopting for this purpose the necessary technical and organisational measures that guarantee the security of your data and avoid its alteration, loss, treatment or unauthorised access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or from the physical or natural environment.

Your rights

SERVITORO informs you that you have the right to access your personal data:

· Request access to stored data.

· Request rectification or erasure.

· Request the restriction of processing.

· Oppose processing.

· Request data transfer.

· Withdraw the consent given, without prejudice to the lawfulness of the processing previously carried out.

The exercise of these rights is personal and therefore must be exercised directly by the interested party, requesting it directly to SERVITORO, which means that any customer, subscriber or collaborator who has provided their data at any time can contact SERVITORO and exercise this request.

To exercise your rights you have to send an email to servitoro@servitoro.com indicating the right requested.

You have the right to effective judicial protection and to lodge a complaint with the supervisory authority, in this case, the Spanish Data Protection Agency, if you consider that the processing of personal data concerning you violates your rights.

Accuracy and truthfulness of personal data

You undertake to ensure that the data provided to SERVITORO is correct, complete, accurate and up to date, as well as to keep it duly updated.

As a Website User, you are solely responsible for the truthfulness and accuracy of the data that you submit to the site, exonerating SERVITORO from any responsibility in this regard.

User responsibility

The user:

Guarantees that the data he/she provides to SERVITORO is true, accurate, complete and up to date. The user is responsible for the veracity of all the data that he/she provide and will keep the information provided suitably updated, in such a way that it corresponds to their real situation.
Guarantees that he/she has informed the third parties from whom he/she provides his/her data, if he/she does so, of the aspects contained in this document. Likewise, he/she guarantees that he/she has obtained their authorisation to provide their data to SERVITORO for the aforementioned purposes.
He/she shall be liable for any false or inaccurate information that he/she provides through the website and for any damages, direct or indirect, that this may cause to SERVITORO or to third parties.

Changes to the Privacy Policy

SERVITORO reserves the right to modify this Privacy Policy to adapt it to new legislation or case law, as well as to industry practices.

These policies will remain in force until they are modified by other duly published policies.