We are the data controller responsible for processing your personal data. Therefore, we expressly, clearly and unequivocally inform both data subjects and the competent authorities of the following details relating to the data controller:
Regulatory Council of the Utiel-Requena Designation of Origin
Q4621001I
C/ Sevilla 12, Utiel β Valencia (46300), Spain
registro.ana@utielrequena.org
We are legally entitled to process your personal data for the following reasons:
Your unequivocal, informed and express consent, where legally required. Withdrawal of consent shall not affect the execution of other processing activities based on different legal grounds, nor shall it affect the lawfulness of processing carried out prior to its withdrawal.
A legal obligation of the data controller.
The performance of a service contract and/or sales contract entered into by you.
The existence of a legitimate interest of the data controller. This legitimate interest is based on a prior proportionality assessment balancing the controllerβs legitimate interest against the rights and freedoms of data subjects. This assessment involved evaluating the interest pursued, the impact of processing on data subjects, balancing both elements and implementing additional safeguards. As the final assessment favoured the controller, processing may be carried out in accordance with applicable data protection regulations.
For any questions or clarification, you may contact us via the email address provided in the data controller section.
Within this organisation, we may process your personal data exclusively for the following purposes:
Verifying that all necessary technical measures are implemented for the proper management of personal data within the applied software.
Sending commercial and/or advertising information via email.
Managing information requests received regarding our products or services.
Managing internal incidents related to compliance with GDPR requirements.
Conducting advertising campaigns to promote our services and/or products.
Collecting the opinions of data subjects.
Recruiting personnel to fill job vacancies.
Complying with Occupational Risk Prevention regulations.
Managing shipping and correspondence.
Handling legal matters affecting the organisation.
Managing, maintaining and repairing IT storage systems.
Carrying out internal labour management.
Carrying out internal tax and accounting management.
Complying with the data retention limitation principle.
Administrative management of individual clients.
Providing the contracted service or completing the agreed sale.
A commercial or user profile may be created based on the information provided or obtained. We expressly inform you that under no circumstances will profiles be created using data relating to minors.
Your personal data will be retained for the duration of the contractual relationship or, where applicable, until you exercise your right to object or withdraw your consent. To do so, you may visit the relevant section on our website or send an email to the address provided in the data controller section.
Your personal data may be disclosed to the following organisations:
Spanish Tax Agency
State Public Employment Service
General Treasury of Social Security
Banks and savings institutions
Your personal data will not be transferred to any third country or international organisation.
In compliance with Regulation (EU) 2016/679 and the applicable Organic Law on Data Protection, we inform you that your personal data may be subject to the following processing activities:
TR04 β Advertising campaigns (Legal basis: Law 34/1988, General Advertising Law)
TR08 β Collecting opinions of data subjects (Legal basis: Regulation (EU) 2016/679 and Spanish Data Protection Law)
TR03 β Staff recruitment (Legal basis: Legislative Royal Decree 3/2015, Employment Law)
TG01 β Internal accounting management (Legal basis: Royal Decree 1514/2007, General Accounting Plan)
TG25 β Data collection for internal tax management (Legal basis: General Tax Law 58/2003)
TG12 β Internal labour management: data collection (Legal basis: Social Security Law)
TR09 β Technical and organisational security measures in applied software (Legal basis: Regulation (EU) 2016/679)
TE02 β Occupational risk prevention (Legal basis: Law 31/1995)
TE07 β Document destruction (Legal basis: Regulation (EU) 2016/679)
TV01 β Sales / Provision of Services (Legal basis: Commercial and Tax legislation)
TE03 β Transport and shipment services (Legal basis: Commercial Code)
TR05 β Emails (Legal basis: Commercial Code and applicable legislation)
TR01 β Information requests received (Legal basis: Commercial Code and related legislation)
TR07 β Incident and/or security breach management (Legal basis: Regulation (EU) 2016/679)
TE04 β Legal matters management (Legal basis: Commercial and Labour legislation)
TE01 β IT systems maintenance (Legal basis: Commercial Code)
Your personal data will be incorporated into the following files owned by the organisation:
FG01 Internal accounting management
FG02 Internal labour management
FG15 Internal tax management
FE01 IT maintenance
FE02 Occupational risk prevention
FE03 Transport and shipping
FE04 Legal matters
FR01 Information requests received
FR03 Staff recruitment
FR04 Advertising campaigns
FR05 Emails
FR07 Incident and/or security breach management
FR08 Opinion collection
FR09 Software and hardware security
FE07 Document destruction
FP01 Clients
The personal data we process originate from:
The data subject
We guarantee the exercise of your rights regarding the processing of your personal data. In particular, you have the right to:
Obtain confirmation as to whether your data are being processed.
Exercise your right of access, obtaining information about processing purposes, categories of data, recipients, retention period, data origin and, where applicable, profiling or automated decision-making.
Exercise your right to rectification. Personal data must always reflect reality; therefore, you should notify us of any changes or inaccuracies. You guarantee that the data provided are true and accurate and undertake to notify any changes.
Object to processing based on your particular situation. In such cases, processing will cease unless there are compelling legitimate grounds.
Request erasure of your data when they are no longer necessary or when there is no longer a legal basis for processing.
Request data portability when processing is carried out by automated means and is based on a contract or consent. You will receive your data in a structured, commonly used, machine-readable format or have them transmitted directly to another controller where technically feasible.
Request restriction of processing in certain circumstances.
Object to automated decision-making, including profiling.
These rights may be exercised free of charge, except where legally provided otherwise, by submitting a written and signed request to the data controller at the addresses indicated above or physically at any of our offices.
You also have the right to lodge a complaint with the Spanish Data Protection Agency (https://www.aepd.es/) or with the relevant supervisory authority.
Likewise, you may seek compensation before the Courts of Justice.
You have the right to withdraw your consent as easily as it was given. You may do so via our website or by sending an email to the address indicated in the data controller section.
We also inform you that for each processing activity, potential risks and impacts are assessed, and appropriate security measures are applied and periodically reviewed to ensure their effectiveness. Our control system ensures compliance with the principles of purpose limitation, storage limitation, data minimisation, integrity and confidentiality.
Finally, you may periodically receive surveys to gather your opinion regarding any suggestions related to the processing of your personal data, thereby ensuring transparency and data accuracy.
For any questions or clarification, you may contact us via the email address provided in the first section.
Yours sincerely,
The Data Controller.