To update your personal data and settings, see the section “Access to personal data, update, removal of information and changing of privacy settings “. In accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (hereinafter GDPR), the Company undertakes to comply with rules and legislation of EU on data collection, processing and protection. For these purposes, the Company will take the necessary measures to provide security of the personal data received and guarantee its protection against unauthorized access.
Legal framework for data protection
The company comply with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR). The company makes every effort to handle all the personal data obtained from the member states of the European Union (EU) in accordance with the applicable principles of the “Legal framework for data protection “. For more information about the “Legal framework for data protection”, we recommend to familiarize yourself with the rules and regulations of the protection and safe storage of personal data and the maintaining confidentiality applicable within the EU and beyond: https://ec.europa.eu/info/law/law-topic/data-protection_en. The company is responsible for the processing of the personal data received from the users of the website in accordance with the GDPR and transfers the corresponding obligations to any third-party agent acting on its behalf. The company complies with the principles of protection of confidentiality with respect to any additional transfer of personal data from the EU, including with respect to the additional transfer of obligations. The subjects whose personal data is processed by the Company using or not automation means are:
users and subscribers of the Company’s website on the Internet;
Company employees or persons who had labor relations with the Company, as well as members of their families;
people who have contractual or pre-contractual relationship of the civil law nature with the Company as well as completed relationship with the Company of a similar nature.
partners and participants of the Company;
Company counterparts represented by individual entrepreneurs, their employees; founders, managers, representatives (persons acting in accordance with a power of attorney) and employees of legal entities that have or had contractual relationship with the Company, or wish to conclude contracts with the Controller;
persons that come to the Company offices;
other persons whose personal data the Company need to process to achieve the goals specified in this Policy.
When we say “you”, “your” or “to you”, we mean the personal data subject. In relation to personal data received or transmitted in accordance with the GDPR, the Company is subject to the law of the European Commission. In certain situations, the Company may be requested to disclose personal data as a result of a legitimate request received from public authorities, including to guarantee the requirements related to national security and law enforcement. If you have any questions associated with the confidentiality or use of data that we have not been able to answer in the present text, you can contact the authorized person of the company who is in charge of monitoring compliance with the Privacy and data protection policy. Information about this person you can find in the section “The authorized person of the company in charge of data processing”. When you have exhausted the dispute resolution procedure with above-mentioned authorized person of the Company, you have the ability to opt for binding arbitration or to the competent authorities in the area of protection of user data. The official information about the national data protection authorities of EU is available here: https://ec.europa.eu/commission/sites/beta-political/files/national-data-protection-authorities-jan_2018_en.pdf
Companies and organizations that collect personal data
The authorized person of the company who is in charge of data processing
Categories of personal data collection and processed information
You can perform certain operations on the Company’s website without providing personal data. But, when you register and leave your personal data to use the Company’s website and other products or services, or become a subscriber of the website in order to use our services, we may receive the following personal data:
contact information (your name, phone number, email address);
Depending on the operations performed, some of the required information is mandatory, whereas some part of information can be provided at your discretion. If you do not provide the required information, you will not be able to perform the appropriate operations and interact with the web as a whole. Like the most of organizations, the Company and independent auxiliary operators involved by the Company may, during your use of the website, receive certain technical and routing information on your computer to facilitate the use of the web and its services. For example, we can record environment variables such as browser type, operating system, processor speed and IP address of your computer. We use these environment variables to track your use of the website and its services, as well as to make them more convenient. The company also uses these environment variables to track web traffic. We may occasionally compare this data with your personal data to better understand the needs of visitors to the website.
To reduce the amount of errors in our database, verify the authenticity of users and avoid unauthorized use of the system, from time to time we can supplement the personal data you provide with information from third-party public sources. We can supplement the information received directly from you with information stored in third-party databases, such as data on demography or information about companies, in order to increase the likelihood that all the marketing messages we send to you are really useful and interesting for you. The full list of auxiliary third-party data processors whose services we might use you can find in this document.
When you download and use our mobile applications or services, we automatically receive information about the type of device you are using, as well as about operating system version. The Company may collect and use information about the geographic location of your computer or mobile device. The purpose of collecting this data is to provide information about the services in your area that might be of interest to you and improve the products and services we offer.
The purpose of obtaining and storing data
All personal data received by the Company is necessary for us to better understand your needs when you interact with our website, improve technical specifications and marketing activities for convenient use of the website.
We receive personal data and use environment variables to track your use of the website and its services, as well as to make them more convenient. The Company also uses these environment variables to track web traffic. We may occasionally compare this data with your personal data to better understand the needs of visitors to the website.
How we use your personal data?
response to inquiries from users when they interact with the website;
send you the requested information about products or services;
response to inquiries and complaints sent to support service;
inform you about special offers and services of the Company and selected third parties;
manage the promotional campaigns in which you participate by accepting this Agreement;
Investigate, prevent or take measures regarding illegal actions and / or violations of the conditions of service provision.
conduct researches and developments in the field of products / services to improve our website, as well as offers and services;
respond to your personal requests and prepare personalized services and offers.
We use the information collected through cookies, magazines, transparent image data and / or third-party resources to create a database of your preferences. We attach information that allows to identify you and / or history of your membership to the information in this database to prepare personalized promotional offers, improve the content of the website and determine your interests. In some cases, upon formal request of the authorities, the Company must disclose your personal information to comply with national security requirements or to ensure compliance with the law. In situations where it is required by law (for example, to execute a subpoena, court order, judgment or decision of the Court regarding the Company), and also when we consider that the disclosure of information is necessary to protect our rights, to avoid legal proceedings, to ensure your safety or the safety of others, to investigate fraud and / or upon the request of government authorities. We may also disclose information about you, if such disclosure is necessary in the interest of national security, to ensure compliance with the law or resolve other matters of national importance.
Exchange of personal information with other organizations, service providers and agents
The Company involve certain auxiliary data processors including organizations and third parties, as listed below, subcontractors and content delivery networks that help maintain the website and provide the services described in the Service Agreement.
About auxiliary data processors
The auxiliary data processor is a third-party organization (including EI Savateev Dmitry Vladimirovich and affiliated companies) contracted by the Company for data processing, which has or may have access to customer or user information (including that contains a personal data) or is able to process such information. The Company undertakes to apply a commercially reasonable legal due diligence to evaluate the methods related to data security and confidentiality used by the proposed auxiliary data processors, who will have or may have access to the Company’s data or are able to process them. The Company requires that the auxiliary data processors with whom it works accept certain conditions and regulations that regulate the use of the information and personal data of the subjects, which oblige it, among others, to comply with the following rules:
to process personal data in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data (GDPR);
to hire reliable employees who comply with contractual obligations in the field of data confidentiality and data protection in accordance with applicable data protection laws;
to provide regular training on data security and data protection for employees who may have access to personal data;
to implement and apply appropriate technical and organizational measures to ensure the security, integrity and confidentiality of customer information and personal data.
to provide an annual certification to verify compliance with the applicable data protection laws, or allow the Company perform an audit of such compliance;
to inform the Company immediately of any actual or possible incident related to data security or data leakage;
to provide assistance to the Company in handling of requests from the personal data processors, subjects or regulatory authorities to monitor compliance with personal data protection legislation.
Transfer of personal data to a foreign country (cross-border personal data transfer)
The company usually does not transmit personal data received from the users and customers to third countries. In the case if a transfer of personal data needs to be done for certain reasons, the Company must ensure that the receiving party provides adequate protection of the rights of personal data subjects before this personal data transfer begins. The cross-border personal data transfer to third countries that do not provides adequate protection of the rights of personal data subjects can be carried out in the following cases:
a written consent of the personal data subject (including using the hardware of the X company website on the Internet) to the cross-border transfer of his personal data;
execution of an agreement in which one of the parties is the subject of personal data.
When publishing data in countries that have not been approved by the EU authorities, the Company will take legal measures enshrined in the agreement.
Access to personal data, update, removal of information and changing of privacy settings
At your request, sent to an authorized person or to the Company email address, we will provide you with information about whether we store or process any personal information of yours in the interest of third parties. To request this information, contact us at email@example.com. You have the right to access your personal information and privacy settings at any time to change or delete them. You can also do it by sending us a request by email to firstname.lastname@example.org. We will respond to your request within a reasonable timeframe. We will change, update or delete your personal information within 30 days of receipt of your request. You can also request the transfer of your personal data to you or another organization by sending a request to our authorized specialist (DPO) to email@example.com. Our DPO will transfer your personal data to you and evaluate the technical feasibility of transferring the subject’s personal data to another organization.
Storage and protection of personal data
The personal information you provide when using our website is protected in several ways.
Your personal information is stored on secure servers, whose access with a password can only be obtained by a small circle employee of the Company and affiliated organizations.
At the time of the transfer of personal data through the website, the information is encrypted.
We do our best to protect your personal data that you send to us, both during transmission and after receipt. However, none of the methods of information transmission over the Internet, as well as electronic information storage, is absolutely reliable. And, although we twe fully understand the confidential nature of the personal information we receive, process and store, as well as the current state of technology to choose the appropriate measures to protect your personal information, we cannot guarantee its absolute security. If you have any questions regarding security on our website, contact us or our authorized specialist (DPO) at firstname.lastname@example.org.
Security of personal data
The security of personal data processed by the Company is guaranteed through the implementation of the necessary legal, organizational and technical measures to ensure compliance with the requirements of current federal legislation on personal data protection. To prevent unauthorized access to personal data, the Data controller applies following organizational and technical measures:
appointment of data protection officers responsible for organizing the processing and protection of personal data;
a limited number of officers authorized to process personal data;
familiarization of data subjects with the requirements of EU legislation and the Controller’s normative instruments for the processing and protection of personal data;
organization of registration, storage and circulation of storage media containing personal data;
identification of threats to the security of personal data during its treatment, the creation of the threat models based on this information;
development of a personal data protection system based on threat models;
verification of the availability and effectiveness of information security measures;
differentiation of user access to information resources and software and hardware tools for information processing;
registration and monitoring of activity of users of personal data information systems;
use of antivirus and system recovery software for personal data protection;
the use, if necessary, of firewall and intrusion detection systems, security analysis and cryptographic information protection means;
organization of access control to the territory of the Data Controller, as well as a security for the premises with the technical means for the processing of personal data.
Data retention period
We store your personal data for as long as your account is active, as long as this information is necessary to provide you with services or for as long as necessary to comply with our legal obligations. If you wish to delete your account or request that we no longer use your personal data to provide services, you can contact data protection officer (DPO) via email (email@example.com). We will respond to your request within 30 days. We will store and use your personal data as long as it is necessary to comply with our legal obligations, resolve disputes and comply with our agreements.
Refusal to participate in marketing activities, receive updates, information messages and \ or newsletters
You can refuse to receive updates by email as well as newsletters of the Company and / or emails of our partners by making the corresponding selection, or by contacting the authorized person responsible for compliance with the rules for storing and processing data (DPO) via email firstname.lastname@example.org. You can also refuse to receive such messages during the registration process. In this case, you will receive notifications from the Company in case of changes in the “Terms of Service” or the “Terms of providing information to web users”. In addition, in any case, we will send you messages about the provision of services, including an email with the registration data. Generally, you cannot refuse to receive not promotional messages. If you do not wish to receive them, you can delete the personal data and cancel the reception of such messages, or contact our DPO by sending a request to delete your personal data at email@example.com. If you do not agree to comply with all or certain provisions of this agreement, do not use this website and leave it immediately.
Cookies & Tracking Technologies Policy
Links to third party websites
Social Networks Widgets
Email addresses for the recommendation program
If you wish to use our recommendation program to tell your friend about our website or a certain page of our website, you must provide his name and email address to our authorized person (DPO). We will send him an invitation by email to visit our website. The company keeps this information for the sole purpose of sending such invitation and monitoring the effectiveness of our recommendation program. Your friend can contact our authorized person (DPO) at firstname.lastname@example.org request to delete this information from our database.
Reception and Processing of Children’s Personal Data (of any person under 21 years)
We do not set out the objective of requesting or obtaining personal information from any person under 18 years. If you are under 18, do not enter information on this website and do not use our services. If you’re thinking that your child under the age of 18 has entered personal data, inform the responsible person (DPO) at email@example.com so that we delete the data and the child’s account. If you suspect that a minor child uses our website, an employee of the Company that interacts with the subject as well as an authorized person (DPO) has the right to request the consent of the parent or guardian to process the personal data of the child.
Information about the Company
GEPTAHOR S.L. TIN: B54586763 Legal address: Torrevieja Str. Casa Abaneras 87 Email: Offers@alegria-realestate.com Tel .: 7 (499) 918 71 42