In compliance with the provisions of the General Data Protection Regulation 2016/679 (GDPR) and the Organic Law 3/2018 on Data Protection and Guarantee of Digital Rights (LOPDGDD) of December 5, 2018, we inform:
PERSON IN CHARGE OF THE PROCESSING
Identity: HITCHINGS & GONZÁLEZ CO, S.L.P. with CIF B22611719 hereinafter “the Owner”
Address: Calle Diego de León 22, 5º Izquierda; 28006 – Madrid
Contact email: administracion@hitchings-gonzalez.com
PURPOSE OF DATA PROCESSING
We hereby inform you that the personal data you provide will be processed for the following purposes:
of marketing our products, managing orders and purchases made through the website, and issuing invoices. This includes handling any incidents related to the order, responding to contact requests, inquiries, and/or questions received through the contact channels available on the website. It also includes facilitating, expediting, and fulfilling the commitments established between the Controller and the user, as well as maintaining the resulting relationship.
In accordance with the provisions of the GDPR, a record of processing activities is maintained, specifying, according to their purposes, the processing activities carried out and the other circumstances established by the Regulation.
Personal information will not be used for purposes other than those related to the contracted services or purchased products. No automated decisions will be made based on such profiles.
LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing is as follows:
PERSONAL DATA PROCESSED AND SOURCE
Depending on the user’s interaction with the website, the personal data we may process includes: identifying information, contact details. These data are provided by the user when contacting the Controller, filling out the relevant form(s), or using other functionalities offered on the website.
The use of contact sections, forms, and/or other website functionalities is voluntary. However, completing certain fields or providing data may be necessary to correctly manage your request. Therefore, refusal to provide the required information may prevent the Controller from properly handling and responding to it.
The user guarantees that the data provided is truthful, accurate, and complete. Data will be canceled, deleted, or blocked when inaccurate, incomplete, or no longer necessary or relevant for the purposes for which they were collected, in accordance with applicable law.
If the personal data provided belongs to a third party, the user guarantees that they have informed said third party about this Privacy Policy and obtained their authorization to provide the data for the purposes described. The user is also responsible for ensuring the data is accurate and up to date and shall be liable for any direct or indirect damages that may arise from non-compliance with this obligation.
DATA PROTECTION FOR MINORS
According to the GDPR and the LOPDGDD (Spanish Data Protection Law), only individuals over 14 years of age may legally consent to the processing of their personal data. For minors under 14, the consent of their parents or legal guardians is required.
LINK POLICY AND SOCIAL MEDIA
The website may include links to third-party websites, such as social media platforms where the Controller has a presence. These sites have not been reviewed and are not subject to control by the Controller. The Controller is not responsible for any content freely posted by the user. Users should be aware that their posts may be visible to others and, therefore, they are primarily responsible for their own privacy.
DATA RETENTION PERIOD
The personal data provided by the user will be retained while the user remains registered for the service, while the business relationship remains in effect, or until the user requests its deletion, or for the legally established period. Data may also be retained as necessary to comply with legal obligations or for the formulation, exercise, or defense of legal claims.
If the user withdraws consent or exercises their rights to object or request deletion, the data will be blocked and made available to the judicial authorities during the legally established periods to address any potential liabilities arising from the data processing. This will not condition the provision of the service and/or execution of contracts with the Controller.
The withdrawal of consent shall not affect the lawfulness of processing based on prior consent.
CONFIDENTIALITY AND SECURITY OF PERSONAL DATA
The Controller undertakes to adopt the necessary technical and organizational measures, appropriate to the level of risk, to ensure the security of personal data and to prevent its accidental or unlawful destruction, loss, alteration, or unauthorized access or disclosure.
Personal data will be treated as confidential, and the Controller will ensure, by legal or contractual obligation, that such confidentiality is respected by employees, collaborators, and any other individuals who may have access to the data.
DISCLOSURE AND RECIPIENTS OF PERSONAL DATA
Your personal data will only be disclosed when legally required to comply with obligations applicable to the Controller or when necessary to fulfill the purposes described above.
Data may also be disclosed to service providers contracted by the Controller, with whom the corresponding data processing agreements have been signed to ensure the security and confidentiality of the data.
USER RIGHTS
What are your rights when you provide us with your data?
The user has the right to obtain confirmation as to whether their personal data is being processed. They also have the right to access their data and request the rectification of inaccurate data, or request its deletion when it is no longer necessary for the purposes for which it was collected. In certain cases, the user may request the restriction of processing, in which case the data will only be retained for the exercise or defense of legal claims.
In specific circumstances, and for reasons related to their personal situation, the user may object to the processing of their data. In that case, the Controller will cease processing the data unless there are compelling legitimate grounds or for the exercise or defense of legal claims. Where legally applicable, the user has the right to data portability, allowing them to receive the personal data provided and transmit it to another controller.
Users may exercise their rights of access, rectification, deletion, objection, restriction of processing, data portability, and opposition to automated individual decision-making by sending a written request, including a copy of their ID for identification purposes, with the reference “GDPR Rights” to the following email address: janette@art-equus.com
Furthermore, users are informed that they may file a complaint with the Spanish Data Protection Agency (AEPD) via www.aepd.es, the competent supervisory authority in Spain.
PERSON IN CHARGE OF THE PROCESSING
Identity: HITCHINGS & GONZÁLEZ CO, S.L.P. with CIF B22611719 hereinafter “the Owner”
Address: Calle Diego de León 22, 5º Izquierda; 28006 – Madrid
Contact email: administracion@hitchings-gonzalez.com
PURPOSE OF DATA PROCESSING
We hereby inform you that the personal data you provide will be processed for the following purposes:
- To process and respond to contact requests, information inquiries, and/or communications submitted through the contact channels made available on the Website.
- To deliver commercial communications, including information, offers, and promotional materials concerning our products and services that may be of interest to the data subject.
- To administer and evaluate résumés/CVs submitted by candidates for the purpose of their participation in recruitment processes aimed at filling employment positions.
- To facilitate, expedite, and give effect to the obligations and commitments established between the Controller and the data subject, as well as to ensure the proper maintenance of the legal and/or contractual relationship that may be established.
of marketing our products, managing orders and purchases made through the website, and issuing invoices. This includes handling any incidents related to the order, responding to contact requests, inquiries, and/or questions received through the contact channels available on the website. It also includes facilitating, expediting, and fulfilling the commitments established between the Controller and the user, as well as maintaining the resulting relationship.
In accordance with the provisions of the GDPR, a record of processing activities is maintained, specifying, according to their purposes, the processing activities carried out and the other circumstances established by the Regulation.
Personal information will not be used for purposes other than those related to the contracted services or purchased products. No automated decisions will be made based on such profiles.
LEGAL BASIS FOR DATA PROCESSING
The legal basis for data processing is as follows:
- The consent given by the user by accepting this Policy and checking the corresponding box.
- The user has provided their personal data within the framework of a contractual or pre-contractual relationship for the purpose of responding to their request and/or inquiry, making the processing necessary to maintain that relationship.
- The legal obligations applicable to the Controller that require the processing of personal data, in accordance with the services provided or in relation to tax matters.
PERSONAL DATA PROCESSED AND SOURCE
Depending on the user’s interaction with the website, the personal data we may process includes: identifying information, contact details. These data are provided by the user when contacting the Controller, filling out the relevant form(s), or using other functionalities offered on the website.
The use of contact sections, forms, and/or other website functionalities is voluntary. However, completing certain fields or providing data may be necessary to correctly manage your request. Therefore, refusal to provide the required information may prevent the Controller from properly handling and responding to it.
The user guarantees that the data provided is truthful, accurate, and complete. Data will be canceled, deleted, or blocked when inaccurate, incomplete, or no longer necessary or relevant for the purposes for which they were collected, in accordance with applicable law.
If the personal data provided belongs to a third party, the user guarantees that they have informed said third party about this Privacy Policy and obtained their authorization to provide the data for the purposes described. The user is also responsible for ensuring the data is accurate and up to date and shall be liable for any direct or indirect damages that may arise from non-compliance with this obligation.
DATA PROTECTION FOR MINORS
According to the GDPR and the LOPDGDD (Spanish Data Protection Law), only individuals over 14 years of age may legally consent to the processing of their personal data. For minors under 14, the consent of their parents or legal guardians is required.
LINK POLICY AND SOCIAL MEDIA
The website may include links to third-party websites, such as social media platforms where the Controller has a presence. These sites have not been reviewed and are not subject to control by the Controller. The Controller is not responsible for any content freely posted by the user. Users should be aware that their posts may be visible to others and, therefore, they are primarily responsible for their own privacy.
DATA RETENTION PERIOD
The personal data provided by the user will be retained while the user remains registered for the service, while the business relationship remains in effect, or until the user requests its deletion, or for the legally established period. Data may also be retained as necessary to comply with legal obligations or for the formulation, exercise, or defense of legal claims.
If the user withdraws consent or exercises their rights to object or request deletion, the data will be blocked and made available to the judicial authorities during the legally established periods to address any potential liabilities arising from the data processing. This will not condition the provision of the service and/or execution of contracts with the Controller.
The withdrawal of consent shall not affect the lawfulness of processing based on prior consent.
CONFIDENTIALITY AND SECURITY OF PERSONAL DATA
The Controller undertakes to adopt the necessary technical and organizational measures, appropriate to the level of risk, to ensure the security of personal data and to prevent its accidental or unlawful destruction, loss, alteration, or unauthorized access or disclosure.
Personal data will be treated as confidential, and the Controller will ensure, by legal or contractual obligation, that such confidentiality is respected by employees, collaborators, and any other individuals who may have access to the data.
DISCLOSURE AND RECIPIENTS OF PERSONAL DATA
Your personal data will only be disclosed when legally required to comply with obligations applicable to the Controller or when necessary to fulfill the purposes described above.
Data may also be disclosed to service providers contracted by the Controller, with whom the corresponding data processing agreements have been signed to ensure the security and confidentiality of the data.
USER RIGHTS
What are your rights when you provide us with your data?
The user has the right to obtain confirmation as to whether their personal data is being processed. They also have the right to access their data and request the rectification of inaccurate data, or request its deletion when it is no longer necessary for the purposes for which it was collected. In certain cases, the user may request the restriction of processing, in which case the data will only be retained for the exercise or defense of legal claims.
In specific circumstances, and for reasons related to their personal situation, the user may object to the processing of their data. In that case, the Controller will cease processing the data unless there are compelling legitimate grounds or for the exercise or defense of legal claims. Where legally applicable, the user has the right to data portability, allowing them to receive the personal data provided and transmit it to another controller.
Users may exercise their rights of access, rectification, deletion, objection, restriction of processing, data portability, and opposition to automated individual decision-making by sending a written request, including a copy of their ID for identification purposes, with the reference “GDPR Rights” to the following email address: janette@art-equus.com
Furthermore, users are informed that they may file a complaint with the Spanish Data Protection Agency (AEPD) via www.aepd.es, the competent supervisory authority in Spain.