Effective date: 12th of November 2023
This text gathers the terms and conditions in which the owner of vitamina3d.com manages and protects the information given by the user when using the website, ensuring compliance with the Spanish regulation: Ley Orgánica 3/2018, de 5 de diciembre, de Protección de Datos Personales y Garantía de los Derechos Digitales (LOPDGDD) and the rest of the applicable law in every moment that ensures the correct personal data processing.
Furthermore, this website also complies with the General Data Protection Regulation of the EU (GDPR EU 679) released on May 24th, 2016, and applicable since May 25th 2018, having taken all the measures needed for that purpose.
1. Our duties
When we gather user’s personal data, the owner of the website is committed to the following principles:
- Lawfulness, loyalty and transparency in all of our actions. We will never borrow, sell or do any kind of business with the users personal data.
- Personal data are only used for the specific, legitimate and explicit purpose for what they have been collected, always under the user consent.
- The collected personal data are adequate, relevant and limited to the strictly necessary.
- The personal data we have will be exact and updated at any time, according with what the users specify.
- We only keep the personal data for a limited period of time, enough to perform the tasks that need them.
In case of security violation, we will warn the authorities as soon as possible. We will also present a report, fulfilling the requirements of the GDPR.
We are obliged to transfer personal data only under exceptional circumstances, such as a law requirement. We may also do it, always under the user’s explicit consent, to third parties interested in them.
The responsible for de data processing is the owner of the website, who will prove the actions taken to ensure compliance with the GDPR to the corresponding authority when needed.
Security
To protect the users’ personal data, the owner takes all the reasonable precautions and follows the best practices within the industry to avoid data loss, misuse, illicit access, disclosure, alteration or destruction.
Personal data are processed, ensuring security. For that, our hosting company, Raiola Networks, offers safe servers, and ensures their correct functioning. Moreover, the website vitamina3d.com uses https protocols to improve security during data transfer.
2. Users’ obligations
Users are responsible for the accuracy of the data transferred to the owner. They must be currently complete, correct, truthful and accurate. The user must also keep them updated. The owner is not responsible for any of these matters.
When the user gives his/her personal data and navigates through the website vitamina3d.com, he/she confirms that he/she has read, understood and accepted this privacy policy and consents the data processing under the terms and conditions explained in this policy.
3. Users’ rights
Every registered user, those who have left comments or those who have just visited our website, can exercise any of the following rights at any time:
- Right of access. Obtain confirmation from the controller if he stores personal data or information concerning the user and, if it is the case, get access to that information.
- Right to rectification. Correct or modify wrong, inaccurate or incomplete personal data.
- Right to object. Oppose to the use of personal data for a purpose different from the one agreed or booked.
- Right to restriction of usage. The users can ask us not to use their data for a limited period of time or until further notice. Those data can be kept, modified or erased if the user asks for.
- Right to erasure (Right to oblivion). The users can ask us to erase from our database all the information they have provided us, or those data they consider inadequate or excessive (except those data we are obliged to keep for administrative, legal or security reasons, in compliance with the LOPDGDD and the GDPR).
- Right to data portability. The user can ask the controller for his/her personal data in a structured, commonly used and machine-readable format and transmit them to a third party.
- Automated individual decision-making, including profiling. The user has the right not to be objected to a decision based only on automated processing, including profiling, in order to make a decision that can concern him/her.
How to exercise your rights
The users can exercise their rights at any time by means of the contact form available in the Contact page indicating in the subject «Privacy and data management».
The user must use the email address he/she used to register in our website and identify himself/herself by means of his/her DNI, NIE, passport or a legal identification document not expired.
The user will tell us which actions we must take according to his/her rights, and we will proceed as soon as possible. According to the GDPR, we must answer within a month since the user sends the request.
Complaints
If we do not answer in less than a month, the answer is unsatisfactory, or we are just not showing compliance with the regulations, the user can make a claim to the Spanish Data Protection Agency (Agencia Española de Protección de Datos).
We also inform that, in case of complex rights request or if we are somehow overwhelmed by the amount of requests to be dealt, we have the right to an extension of 3 months of the limit. If it is the case, we will inform the applicant we need more time to answer accurately.
4. Data collection and processing
If we need any personal data concerning the user, we will ask for his/her consent, checking a field enabled for that purpose in order to store the data. We always get user personal data from direct channels, never from third parties. Those channels are:
- By means of our contact forms or emailing us to any of our addresses. In those cases, we generally ask for name, surname and an email address to be in touch in order to answer the doubts or requests.
- When the user leaves a comment in one of our web pages, we can use his/her data to prevent spam, identifying the user for security reasons. The content of the comment will be visible in our website. According to the law, people under 14 years old cannot leave any comment. If the underage user insists, he/she would be breaking the law and therefore assuming the legal consequences.
- Through Google ReCaptcha. It is a system used by Google to analyze the user behavior in order to check if it is a person or an automatic system, preventing our website from spam. This system is used when sending a contact form or when leaving a comment. It is run in second plane and it can check the user’s cookies.
- Use of cookies. Cookies are used to ensure the correct functioning of the website and for the user’s navigation habits to get a better understanding of their behavior and improve our site. They would not be identifying data. For further details, read our Cookies policy.
- Other webs content. The articles of this site may contain embedded content from other sites, such as videos, pictures, other articles… In practice, to click on any of this content means to visit that website. These can collect personal data, use cookies, track the user and survey his/her interaction with that website when clicking on that content.
- Social networks management. When the user follows a Vitamina 3D profile in one of the different social networks, the data processing of each user’s profile will be ruled by the privacy policy of each one of those social networks:
- Facebook.
- Tik Tok.
- Instagram.
- LinkedIn.
- Bills. If the user asks us for a bill, we may need some personal data to make it and the user’s consent to store these data. We will keep them for 6 years, which is the legal period.
Third party links
In our website, there are links to other sites operated by third parties. These are not under our control. If the user follows one of those links and transfers his/her personal data or any other information to the third party, our website and its controller are not responsible for the data processing of those data. Our privacy policy only applies to our domain: vitamina3d.com. The user should read the privacy polices of each visited site.
Sensitive data
The data we collect will not be considered, according to the GDPR (article 9) and to the LOPDGDD, as sensitive data, since we never ask for information about health, racial or ethnic origin, religious or philosophical beliefs, political opinions, union membership, sexual life, sexual orientation, genetic data, biometric data or information about any administrative or criminal offense. Furthermore, we explicitly warn the users in our privacy policy not to include any of this information in any contact form or channel. If it was the case, due to a mistake, the user must get in touch immediately with us to allow us to erase that information from our database by means of the contact form available in the Contact page, indicating in the subject «Privacy and data management».
Where the data are sent?
In compliance with the LOPDGDD and the UE GDPR, we inform the users that the data transferred to use via a contact form or email, will be stored in a digital file owned by the responsible of this website.
The collection and processing of the user’s data are meant to resolve all the requests about the content of this site. The fields marked with an asterisk are mandatory. Otherwise, the request cannot be completed.
In order to use the contact form, the user must mark the box in which he/she accepts the use of those data, which means that the user gives his/her consent to store the data in the digital file. We urge the users not to include sensitive data (described in the previous point) in the contact form or any other contact channel, as they are not needed for any purpose in this website.
Spam detection system
This site uses Google ReCaptcha, a system that can analyse the user’s behaviour in order to determine if there is a person or a bot behind. With this system, we prevent our site from spam attacks and automatic spyware, legitimately according to GDPR – article 6; point 1-f.
This system may check some cookies in the user’s browser in order to determine his/her condition. Since it is a Google’s system, we redirect the users to Google’s privacy policy, as well as all the information that could be useful regarding this system following this link.
5. How long do we keep your data?
The data needed to make a bill or check will be preserved for 6 years after the ending of an annual audit. If the user asks for their erasure, we will make those data anonymous or we will proceed to erase the information from sites of public access.
Remember that we may have to store some data for administrative, legal or security reasons, according to the restrictions in GDPR Article 23 and the applicable law.
6. Changes in our Privacy Policy
The controller of the site has the right to make changes in the privacy policy to adapt it to the new regulations and laws, as well as to the industry trends. The current policies will have effect until they are modified and exchanged by the new ones, properly published, and warning the users about the changes performed, according to the current laws.
7. Contact
For any matter about the Privacy policy of vitamina3d.com, please fill the contact form available in the Contact page indicating in the subject «Privacy and data management».