Toloriu Investment SL informs website users about its policy regarding the processing and protection of personal data of users and customers.
And it guarantees at all times the full and complete compliance with the obligations set forth by the regulations on data protection and information society services: Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the free circulation of these data (RGPD), the regulations Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD) and Law 34/2002, of July 11, on Information Society Services and Electronic Commerce (LSSIce).
DATA CONTROLLER
Toloriu Investment SL
C.I.F.: B25513391
Address: Comtes D’Urgell, 32, 1, 25004 Lleida, Spain
Telephone: +34 648 098 702
Email: conta@dasaelfer.com
PURPOSES OF DATA PROCESSING
The data will be used to maintain a business relationship with the User. The planned processing operations are:
- Sending commercial advertising communications by email, fax, SMS, MMS, social media, or any other electronic or physical means, present or future, that enables commercial communications. These communications will be made by the Controller and related to its products and services, or those of its collaborators or suppliers with whom it has reached a promotional agreement. In this case, third parties will never have access to personal data.
- Process orders, requests, or any other type of request made by the user through any of the contact methods made available.
- Forward the website newsletter.
DATA RETENTION PERIOD
The personal data provided will be retained until the interested party requests its suspension, exercising their rights over the data, and in any case in compliance with applicable legal statutes of limitations.
LEGITIMATION
The legal basis for the processing of personal data is the express consent of the data subject or, where appropriate, the execution of a contract and/or service. The right to withdraw consent may be exercised at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.
DATA RECIPIENTS
The data will be used by the Controller. It may also legitimately share personal data with data processors for the execution of a contract or the provision of a service to the Controller, thereby following their instructions at all times and ensuring the same levels of security.
USER RIGHTS
The user has the right to:
The User may exercise the aforementioned rights by sending an email or sending an e-mail to the Controller's postal address, proving their identity with a scanned copy of their ID or equivalent document and specifying the right they wish to exercise.
ORIGIN OF THE DATA
Personal data will be provided by the interested party on an entirely voluntary basis. Failure to provide certain data or answer questions that may arise during the registration process or in the various electronic forms presented to the User may result in the inability to access certain services for which the provision of personal data is essential. In such cases, the Controller will inform the User of the mandatory and/or necessary nature of the provision of personal data for the operation of the service.
The Controller ensures the confidentiality of your personal data and guarantees its security, adopting the necessary measures to prevent its alteration, loss, processing, or unauthorized access.
INFORMATION PROVIDED BY THE USER
Minors under the age of 14 may not share their personal data without the prior consent of their parent(s) and/or legal guardian(s).
By entering their data in the contact forms or submitting them in download forms, Users expressly, freely, and unequivocally accept that their data is necessary for the Controller to process their request. The inclusion of data in the remaining fields is voluntary.
The User guarantees that the personal data provided is true and is responsible for communicating any changes to it.
All data requested through the website is necessary to provide the User with an optimal service. If not all data is provided, there is no guarantee that the information and services provided by the Controller will be fully tailored to their needs.
SECURITY MEASURES
That in accordance with the provisions of current regulations on personal data protection, the Controller is complying with all provisions of the GDPR and LOPDGDD regulations for the processing of personal data under its responsibility, which are processed lawfully, fairly, and transparently in relation to the data subject and are adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
The Controller guarantees that it has implemented appropriate technical and organizational policies to apply the security measures established by the GDPR and the LOPDGDD (General Data Protection Act) to protect the rights and freedoms of Users and has provided them with the appropriate information so they can exercise them.
SECURITY BREACHES
The Controller will notify any security breach affecting the database used by this website, or any of our third-party services, to each and every person whose data may have been affected, and to the authorities, within 72 hours of detecting the breach.
APPLICABLE LEGISLATION AND JURISDICTION
For the resolution of all disputes or issues related to this website or the activities carried out therein, Spanish law will apply, to which the parties expressly submit. The Courts and Tribunals of Lleida shall have jurisdiction to resolve all conflicts arising from or related to its use.