Legal notice
CUSTOMER DATA PROCESSING
Data controller information:
Identity: María Teresa Pariente - NIF: 12730223E
Postal address: Calle Mayor Principal, 21 F, 34001 Palencia
Phone: 979741688 - Email: mulier.modaycomplementos@gmail.com
At María Teresa Pariente, we process the information you provide in order to deliver the requested service and carry out your billing. The data provided will be kept as long as the commercial relationship is maintained or for the time necessary to comply with legal obligations and address any responsibilities that may arise from fulfilling the purpose for which the data was collected. The data will not be transferred to third parties except in cases where there is a legal obligation. You have the right to obtain information about whether María Teresa Pariente is processing your personal data, so you can exercise your rights of access, rectification, deletion, data portability, opposition, and limitation of processing before María Teresa Pariente, Calle Mayor Principal, 21 F, 34001 Palencia or at the email address mulier.modaycomplementos@gmail.com, attaching a copy of your ID or equivalent document. Likewise, especially if you consider that you have not been fully satisfied in exercising your rights, you may file a complaint with the national supervisory authority by addressing it to the Spanish Data Protection Agency, C/ Jorge Juan, 6 – 28001 Madrid.
Likewise, we request your authorization to offer you products and services related to those contracted and to retain you as a client."
.
PROCESSING OF POTENTIAL CLIENT DATA
Responsible: Identity: Mulier (María Teresa Pariente) - NIF: 12730223E Postal address: Street Main Major, 21 F, Palencia 34001 Phone: 979741688 Email: mulier.modaycomplementos@gmail.com
"On behalf of the company, we process the information you provide us in order to send you advertising related to our products and services by any means (postal, email, or phone) and to invite you to events organized by the company. The data provided will be kept as long as you do not request the cessation of the activity. The data will not be transferred to third parties except in cases where there is a legal obligation. You have the right to obtain confirmation about whether Mulier (María Teresa Pariente) is processing your personal data; therefore, you have the right to access your personal data, rectify inaccurate data, or request its deletion when the data is no longer necessary for the purposes for which it was collected."
ANNEX SECURITY MEASURES
Article 5.1.f of the General Data Protection Regulation (GDPR) establishes the need to implement appropriate security guarantees against unauthorized or unlawful processing, loss of personal data, accidental destruction, or damage. This implies the establishment of technical and organizational measures aimed at ensuring the integrity and confidentiality of personal data and the ability (article 5.2) to demonstrate that these measures have been implemented (proactive responsibility).
According to the type of processing you have indicated when completing this form, the minimum security measures you should consider are the following:
ORGANIZATIONAL MEASURES
INFORMATION THAT MUST BE KNOWN BY ALL PERSONNEL WITH ACCESS TO PERSONAL DATA
All personnel with access to personal data must be aware of their obligations regarding the processing of personal data and will be informed about these obligations. The minimum information that all personnel should know is the following:
DUTY OF CONFIDENTIALITY AND SECRECY
or Access by unauthorized persons to personal data must be avoided; to this end, the following will be avoided: leaving personal data exposed to third parties (unattended electronic screens, paper documents in public access areas, media with personal data, etc.). This consideration includes screens used for displaying images from the video surveillance system. When leaving the workstation, the screen must be locked or the session closed.
or Paper documents and electronic media will be stored in a secure place (cabinets or rooms with restricted access) 24 hours a day.
or Documents or electronic media (CDs, pen drives, hard drives, etc.) containing personal data will not be discarded without ensuring their destruction.
or Personal data or any personal information will not be communicated to third parties; special care will be taken not to disclose protected personal data during telephone inquiries, emails, etc.
or The duty of secrecy and confidentiality persists even when the worker's employment relationship with the company ends.
RIGHTS OF THE DATA HOLDERS
All employees will be informed about the procedure to address the rights of the data subjects, clearly defining the mechanisms by which the rights can be exercised (electronic means, reference to the Data Protection Officer if any, postal address, etc.) taking into account the following:
or Upon presentation of their national identity document or passport, the holders of personal data (data subjects) may exercise their rights of access, rectification, erasure, objection, and portability. The data controller must respond to the data subjects without undue delay.
For the right of access the data subjects will be provided with the list of personal data held along with the purpose for which they were collected, the identity of the data recipients, the retention periods, and the identity of the controller before whom they can request rectification, erasure, and objection to data processing.
For the right to rectification the data of the data subjects that are inaccurate or incomplete will be modified according to the purposes of the processing.
For the right to erasure the data of the data subjects will be deleted when the data subjects express their refusal or opposition to the consent for the processing of their data and there is no legal obligation preventing it.
For the right to data portability the data subjects must communicate their decision and inform the controller, if applicable, about the identity of the new controller to whom their personal data will be provided.
The data controller must inform all persons with access to personal data about the compliance terms to address the rights of the data subjects, the manner and procedure in which these rights will be attended to.