Contact

Privacy Policy

YANA GORBACHOVA SHASHELYEVA informs users of the website of its policy regarding the processing and protection of the personal data of users and customers, ensuring at all times strict compliance with the obligations laid down by data protection and information society services legislation: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR), Organic Law 3/2018 of 5 December on the Protection of Personal Data and the Guarantee of Digital Rights (LOPDGDD), and Act 34/2002 of 11 July on Information Society Services and Electronic Commerce (LSSIce).

 

DATA CONTROLLER

Company name: GORBACHOVA SHASHELYEVA, YANA

Tax Registration Number: 42368990T

Registered office: 5 C/ HORTENSIA, 9th floor, flat 3 – 17250 – PLATJA D’ARO (GIRONA)

Telephone: 672169854

Email: info@rental-costabrava.com

 

PURPOSES OF DATA PROCESSING AND LEGAL BASIS

Purpose of the processing

Legal basis for processing

To handle enquiries or any other requests made via the website’s contact forms

The data controller’s legitimate interest in responding to requests for information; express consent given via the online form

 

Sending newsletters, marketing communications and promotions

 

Explicit consent given via the online form

Managing website issues and maintenance

 

Legitimate interest of the data controller

 

DATA RETENTION PERIOD

Purpose of the processing

Retention period

Handle enquiries or requests

Until the request has been fully dealt with

 

Sending newsletters, marketing communications and promotions

 

Until the user cancels their subscription

Managing website issues and maintenance

During the applicable statutory limitation periods

 

 

RECIPIENTS OF THE DATA

In order to fulfil the purposes set out in this policy, the Data Controller may provide personal data to third parties acting as data processors. These third parties must follow the Data Controller’s instructions and ensure the same levels of security as those established by current legislation. Furthermore, where necessary, the Data Controller may provide data to the State’s law enforcement agencies in order to comply with its legal obligations.

COOKIES

For information on the use of cookies and other tracking technologies, please see the Cookie Policy from the website. The legal basis for data processing in this case is the user’s express consent.

 

USERS’ RIGHTS

The user has the right to:

  • Request access to your personal data and receive the information in writing via the method requested.
  • Request the rectification of inaccurate data or its erasure when it is no longer necessary.
  • Request that the processing of your data be restricted.
  • To object to the processing of data, unless there are legitimate grounds justifying the continuation of such processing.
  • To exercise the right to data portability, where the processing is based on consent or a contract and is carried out by automated means.
  • Withdraw the consent given.
  • Lodge a complaint with the Spanish Data Protection Agency.

 

These rights may be exercised by post or email to the Data Controller, providing proper identification and specifying the right you wish to exercise.

 

SOURCE OF THE DATA

Data must be provided voluntarily by the data subject, as must any data collected whilst browsing the website. Failure to provide certain data may prevent access to specific services. The Data Controller guarantees the confidentiality and security of personal and browsing data, adopting the necessary technical and organisational measures to prevent its alteration, loss, unauthorised processing or access.

 

Children under the age of 18 may not provide their personal data without the consent of their parents or legal guardians. The data subject guarantees that the information provided is accurate and is responsible for notifying us of any changes.

 

SAFETY MEASURES

The Data Controller complies with the GDPR and the LOPDGDD, implementing appropriate technical and organisational policies to protect the rights and freedoms of data subjects, processing data lawfully, fairly and transparently, and limiting such processing to what is strictly necessary for the stated purposes.

 

SECURITY BREACHES

In the event of a data breach affecting personal data, the Data Controller shall, where appropriate, notify the individuals concerned and the competent authorities within a maximum of 72 hours of its detection.

 

APPLICABLE LAW AND JURISDICTION

The relationship between the user and the Data Controller shall be governed by current Spanish legislation. In the event of a dispute, the parties shall submit to the ordinary courts and to the competent judges and tribunals in accordance with the law. The Data Controller reserves the right to bring civil or criminal proceedings in the event of misuse of the website and its content.