Who is the controller of your personal data?
Centre de Difusió Tecnològica Fusta i Moble de Catalunya, Fundació Privada (CENFIM) is the CONTROLLER of the USER’s personal data and informs him/her that these data shall be processed in accordance with the provisions of Regulation (EU) 2016/679 of 27 April (GDPR) and the Organic Law 3/2018 of 5 December (LOPDGDD).
Why do process your personal data?
To maintain a commercial relationship with the user. The planned processing operations are:
- Sending commercial advertising communications by email, fax, SMS, MMS, social networks or by any other electronic or physical means, present or future, that make it possible to carry out commercial communications. These communications will be made by the CONTROLLER and will be related to their products and services, or those of their partners or suppliers with whom they have reached a promotion agreement. In this case, the third parties will never have access to personal data.
- Conduct market research and statistical analysis.
- Processing orders, requests, respond to queries or any type of request made by the USER through any of the contact methods available at the CONTROLLER’s website.
- Send the online newsletter on news, offers and promotions in our activity.
Why can we process your personal data?
Because the processing is legitimised by article 6 of the GDPR as follows:
- With the USER’s consent: sending commercial communications and the newsletter.
- In the legitimate interest of the CONTROLLER: conduct market research, statistical analysis, etc. and process orders, requests, etc. at the request of the USER.
For how long will we keep your personal data?
Data shall be stored for no longer than is necessary to maintain the purpose of the processing or for as long as there are legal prescriptions dictating their custody, and when such purpose is no longer necessary the data shall be erased with appropriate security measures to ensure the anonymization of the data or their complete destruction.
To whom do we disclose your personal data?
No communication of personal data to third parties is foreseen except, if necessary for the development and execution of the purposes of the processing, to our suppliers of services related to communications, with which the CONTROLLER has signed the confidentiality and data processor contracts required by current privacy regulations.
What are your rights?
- Right to withdraw consent at any time.
- Right of access, rectification, portability and erasure of your data and the restriction or objection to their processing.
- You have the right to file a complaint with the Spanish Supervisory Authority (www.aepd.es) if you consider that the processing does not comply with current legislation.
2. COMPULSORY OR OPTIONAL NATURE OF THE INFORMATION PROVIDED BY THE USER
The USERS, by marking the corresponding boxes and entering data in the fields, marked with an asterisk (*) in the contact form or download forms, accept expressly and in a free and unequivocal way that their data are necessary for the supplier to meet their request, voluntarily providing their data in the remaining fields. The USER ensures that the personal data provided to the CONTROLLER are true and is responsible for communicating any changes to them.
The CONTROLLER informs that all data requested through the website are mandatory, as they are necessary for the provision of an optimal service to the USER. In the event that not all of the data is provided, there is no guarantee that the information and services provided will be completely adapted to the User’s needs.
3. SECURITY MEASURES
That in accordance with the provisions of the current regulations on the protection of personal data, the CONTROLLER is complying with all the provisions of the GDPR and LOPDGDD regulations for processing the personal data for which they are responsible, and is manifestly complying with the principles described in Article 5 of the GDPR, by which they are processed in a lawful, fair and transparent manner in relation to the data subject and appropriate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
The CONTROLLER guarantees that all appropriate technical and organisational policies have been implemented to apply the security measures established by the GDPR and LOPDGDD in order to protect the rights and freedoms of USERS and has communicated the appropriate information for them to be able to exercise them.