WEBSITE PRIVACY POLICY

Respecting the provisions of current legislation, Brandao Iberia SL (hereinafter also Website) undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected.

Laws that incorporate this privacy policy

This privacy policy is adapted to current Spanish and European regulations on the protection of personal data on the internet. Specific, it respects the following standards:

– Organic law 3/2018, from 5 from December, Protection of Personal Data and guarantee of digital rights.
– The rules (EU) 2016/679 European Parliament and Council 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (RGPD)
– Royal decree 1720/ 2007 from 21 from December, by which the development regulations of the organic law are tightened 15/1999, from 13 December Protection of Personal Data.(RDLOPD).
– Law 34/2002 of 11 July Services Information Society and Electronic Commerce (LSSI-CE).

Identity of the person responsible for the treatment of personal data

The person responsible for the treatment of personal data at Brandao Iberia SL is Amelia Gómez López with DNI 77590267C ( hereinafter responsible for the treatment) and their contact details are as follows:
Direction:Calle José Luís de Casso 54-41005-Seville
Phone: 955603318
E-mail: brandao@brandao.biz

Data protection officer

The data protection officer (DPD or DPO, for its acronym in English)is responsible for ensuring compliance with data protection regulations to which Brandao Iberia SL is subject.. The User can contact the DPD designated by the Data Controller, using the following contact information: brandao@brandao.biz.

Registration of personal data

The personal data collected by Brandao Iberia SL, using the forms extended on its pages, will be entered into an automated file under the responsibility of the Data Controller, and duly declared and registered in the general registry of the Data Protection Agency that can be found on the website of the Spanish Data Protection Agency ( http:www.agpd.es), in order to facilitate, expedite and fulfill the commitments established between Brandao Iberia SL and the User or the maintenance of the relationship established in the forms that it fills in, or to attend to a request or query.

Principles applicable to the processing of personal data

The treatment of the User's personal data will be subject to the principles contained in the article 5 of the RGPD and in the article 4 and following of the Organic Law 3/2018 from 5 December Personal Data Protection and guarantee of digital rights.

– Principle of legality, loyalty and transparency: The user's consent will be required at all times prior to completely transparent information on the purposes for which the personal data is collected..
– Principle of purpose limitation: personal data will be collected for specific purposes, explicit and legitimate.
– Principle of data minimization: the personal data collected will only be strictly necessary in relation to the purposes for which they are processed.
– Principle of accuracy: personal data must be exact and always updated.
– Principle of limitation of the conservation period: personal data will only be kept in such a way that User identification is allowed for the time necessary for its treatment.
– Principle of integrity and confidentiality: personal data will be treated in a way that guarantees your security and confidentiality.
– Proactive liability principle: the controller will be responsible for ensuring that the above principles are met.

Category of personal data

The data categories that are processed in Brandao Iberia SL are only identifying data. In no case, these are special categories of personal data within the meaning of the article 9 of the RGPD.

Legal basis for the treatment of personal data
The legal basis for the processing of personal data is consent. Brandao Iberia SL undertakes to obtain the express and verifiable consent of the User for the treatment of their personal data for one or more specific purposes.

The User will have the right to withdraw their consent at any time. It will be as easy to withdraw consent as it is to give it. As a general rule, withdrawal of consent will not condition the use of the website.

On the occasions when the User must or can provide their data through forms to make inquiries, request information or for reasons related to the content of the website, You will be informed in the event that the completion of any of them is mandatory because they are essential for the proper development of the operation carried out..

Retention periods of personal data
Personal data will only be retained for the minimum time necessary for the purposes of its treatment and, in any case only during the following period: 18 months or until the User requests its deletion.

At the time the personal data is obtained, The user will be informed about the period during which personal data will be kept or, when this is not possible, the criteria used to determine that period.

Recipients of personal data.

The User's personal data will be shared by the following recipients or categories of recipients:

Brandao Iberia SL sales team and Branao Iberia SL production team.
In case the Data Controller intends to transfer the personal data to a third country or organization at the time the personal data is obtained, The User will be informed about the third country or international organization to which it is intended to transfer the data., as well as the existence or absence of an adequacy decision of the Commission.

Personal data of minors

Respecting the provisions of the articles 8 of the RGPD and 7 of the Organic Law 3/2018, from 5 from December, Protection of Personal Data and guarantee of digital rights, only the older than 14 years may grant their consent to the processing of their personal data lawfully by Brandao Iberia SL.

Secret and security of personal data

Brandao Iberia SL undertakes to adopt the necessary technical and organizational measures, according to the level of security appropriate to the risk of the data collected, so that the security of personal data is guaranteed and destruction is avoided, accidental or unlawful loss or destruction of transmitted personal data, preserved or otherwise treated, or unauthorized communication or access to such data.

Nevertheless, because Brandao Iberia SL cannot guarantee the impregnability of the internet or the total absence of hackers or others who fraudulently access personal data, The data controller undertakes to inform the User without undue delay when a violation of the security of personal data occurs that is likely to entail a high risk for the rights and freedoms of natural persons.. Continuing with the provisions of the article 4 of the RGPD, a breach of the security of personal data is understood to be any breach of security that causes destruction, accidental or unlawful loss or alteration of transmitted personal data, stored or otherwise processed or unauthorized communication or access to such data.
Personal data will be treated as confidential by the Data Controller, who undertakes to inform and guarantee by means of a legal or contractual obligation that said confidentiality is respected by their employees, associates, and any person to whom the information is made accessible.

Rights derived from the processing of personal data.
The User has on Brandao Iberia SL, and you can, so, exercise in front of the Data Controller the following rights recognized in the RGPD and in the Organic Law 3/2018, from 5 from December , Protection of personal data and guarantee of digital rights.

– Right of access:It is the User's right to obtain confirmation of whether or not Brandao Iberia SL is treating their personal data and, if so, obtain information about your personal data and the treatment that Brandao Iberia SL has carried out or is going to carry out, So, how, among other, of the information available on the origin of said data and the recipients of the communications made or planned for them
– Right of rectification: It is the user's right to modify their personal data that is inaccurate, or taking into account the purposes of the treatment, imcompletos.

– Right of withdrawal ("The right to be forgotten": is the User's right, provided that the current legislation does not establish otherwise, to obtain the deletion of your personal data when they are no longer necessary for the purposes for which they were collected; the User has withdrawn his consent to the treatment and this does not have any other legal basis, the User opposes the treatment and there is no other legitimate reason to continue with it; personal data has been unlawfully processed; personal data must be deleted in fulfillment of a legal obligation; or the personal data has been obtained as a result of a direct offer of information society services to a minor of 14 years. In addition to deleting data, the controller, taking into account the available technology and the cost of its application, You must adopt reasonable measures to inform those responsible who are treating the personal data of the interested party's request to delete any link to that personal data..
– Right to limitation of treatment: It is the User's right to limit the processing of their personal data. The user has the right to obtain the limitation of the treatment when they challenge the accuracy of their personal data; the treatment is unlawful; the Data Controller no longer needs the personal data, but the User needs it to make claims; and when the User has opposed the treatment.
– Right to data portability: in case the treatment is carried out by automated means, the User will have the right to receive from the controller the personal data in a structured format, commonly used and machine readable, to transmit them to another controller. Whenever technically possible, the Data Controller will directly transmit the data to that other data controller.
– Right of opposition:It is the right of the User to not carry out the processing of their personal data or to stop processing them by Brandao Iberia SL.
– Right not to be subject to a decision based solely on automated processing, including profiling. It is the User's right not to be subject to an individualized decision based solely on the automated treatment of their personal data, including profiling, existing unless the current legislation says otherwise.

So that, the User may exercise their rights by means of a written communication addressed to the Data Controller with the reference “RGPF-www.brandao.biz”, specifying:
– Name, Surname of the User and copy of the DNI. In cases where representation is admitted, identification by the same means of the person representing the user will also be necessary, as well as the document accrediting the representation. The photocopy of the DNI may be replaced, by any other valid means in law that proves the identity.
– Request for the specific reasons for the request or information to be accessed.
– Domicile for the purpose of notifications.
– Applicant's date and signature.
– Any document that accredits the request you make.

This request and any other attached document may be sent to the following address and / or email:
Mailing address: With José Luís de Casso 54 – 41005 – Sevilla
Email: brandao@brandao.biz.

Links to third party websites.

The website may include hyperlinks or links that allow access to pages of third parties other than Brandao Iberia SL, and that, so, are not operated by Brandao Iberia SL.

Claims before the supervisory authority
In the event that the User considers that there is a problem or violation of current regulations in the way in which their personal data is being processed, You will have the right to effective judicial protection and to file a claim with a supervisory authority, in particular, in the State where you have your habitual residence, workplace or place of the alleged infringement. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency ( http://www.agpd.es).

II. COOKIE POLICY

Access to this website may involve the use of cookies. Cookies are small amounts of information that are stored in the browser used by each user- on the various devices that can be used to navigate- so that the server remembers certain information that later and only the server that implemented it will read. Cookies make browsing easier, make it friendlier and, do not damage the navigation device.

The information collected through cookies may include the date and time of visit to the web, the pages viewed, the time you have been on the website and the sites visited just before and after it. Nevertheless, No cookie allows it to connect to the User's phone number or any other means of personal contact. No cookie can extract information from the User's hard drive or steal personal information.. The only way for the User's private information to be part of the Cookie file is for the user to personally give that information to the service..

Cookies that identify a person are considered personal data. So, They will be subject to the Privacy Policy described above. In this sense, For the use of the same, the consent of the User will be necessary. This consent will be communicated, based on an authentic choice, offered by affirmative and positive decision, before initial treatment, removable and documented.

Own cookies.

Are those cookies that are sent to the user's computer or device and managed exclusively by Brandao Iberia SL for the best operation of the website.. The information collected is used to improve the quality of its Website and its content and user experience.. These cookies allow the User to be recognized as a recurring visitor to the Website and adapt the content to offer content that meets their preferences..

The(s) entity(is) manager(s) the supply of cookies may(n) transfer this information to third parties, as long as the law requires it or a third party is the one that processes the information of said entities.

Social media cookies.

Brandao Iberia SL incorporates social media plugins, that allow access to them from the Website. For this reason, social network cokies can be stored in the User's browser. The owners of these social networks have their own data protection and cookie policies, being themselves, in each case, responsible for their own files and their own privacy practices. The User must refer to them to find out about said cookies and, where appropriate, of the treatment of your personal data. Only for information purposes are the links below where you can consult these privacy and cookie policies:

Facebook: http://facebook.com/polices/cookies/
Twitter: http://twitter.com/es/privacy
Instagram: http://help.instagram.com/1896641480634370?ref=ig
Youtube: http://policies.google.com/privacy?hl=es-419&gl=mx
Google+: http://policies.google.com/technologies/cookies?hl=es
Pinterest: http://policy.pinterest.com/es/privacy-policy
Linkedin: http://www.linkedin.com/legal/cookie-policy?trk=hp-cookies

To disable, reject and delete cookies

The User can disable, reject and delete cookies - totally or partially-installed on your device by configuring your browser (among which are, for example, Chrome, Firefox, Safari, Explorer). In this sense, the procedures for rejecting and deleting cookies may differ from one browser to another. In consecuense, the user must go to the instructions provided by the internet browser that is using. In the event that you reject the use of cookies -totally or partially- you can continue using the Website, although the use of some of its benefits may be limited.

Acceptance and changes of this privacy policy.

It is necessary that the User has read and agrees with the conditions on the protection of personal data contained in this privacy and cookie policy, as well as accepting the treatment of your personal data so that the person responsible for the treatment can proceed to it in the manner, during the terms and for the purposes indicated. The use of the Website will imply the acceptance of the Privacy Policy and Cookies of the same.

Brandao Iberia SL reserves the right to modify its Privacy and Cookies Policy,according to their own criteria, or motivated by a legislative change, jurisprudential or doctrinal of the Spanish Agency for Data Protection. Changes and updates to this Privacy and Cookies Policy will be explicitly informed to the User.

This Privacy and Cookies Policy was updated the day 16 of January of 2018 to adapt to the regulation (EU)2016/679 European Parliament and Council, from 27 April 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (RGPD)and to the organic Law 3/2018, from 5 from December , Protection of Personal data and Guarantee of digital rights.