Legal Notice - Privacy Policy

www.ninasolproperties.es

Introduction

This Privacy Policy outlines the practices of Educational Services Carmango S.L. ("we", "our" or "the Company") concerning information collected from users who access our website at www.ninasolproperties.es ("Site") or otherwise share personal information with us (collectively: "Users").

Laws that incorporate this privacy policy:

This privacy policy complies with current Spanish and European personal data protection and digital rights regulations, specifically, with the following:
 
Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural persons concerning the processing of personal data and the free circulation of this data (RGPD).
 
Organic Law 3/2018, of December 5, Protection of Personal Data and guarantee of digital rights (LOPD-GDD)
 
Royal Decree 1720/2007, of December 21, which approves the Regulations for the development of Organic Law 15/1999, of December 13, on the Protection of Personal Data (RDLOPD).
 
Law 34/2002, of July 11, on Services of the Information Society and Electronic Commerce (LSSI-CE).

Identity of the person responsible for the processing of personal data:

The Site www.ninasolproperties.es is the property of Educational Services Carmango S.L. with NIF: B72290737. Registered address: Urbanización el Polo, Bloque 6, 1ºB, 11310 Sotogrande, Cádiz. The Company is registered in the Mercantil Registry of Cádiz with the following data: CA-48428 Volume 2165 Page 63. The Company’s Sole Administrator is: Carmelo Mancera González (Data Controller).

Data Protection Officer (DPO):

The Data Protection Officer is in charge of ensuring compliance with the data protection regulations to which www.ninasolproperties.es is subject to. The Users can contact the DPD designated by the Data Controller using the following contact information:
 
Address:
Paseo de Bolivia, 23 - Urb. Elviria - 29604
Tel: 605863107
Email: info@ninasolproperties.es

Principles applicable to the processing of personal data:

The processing of personal data is subject to the following principles contained in article 5 of the GDPR and Article 4 et seq. of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights:

Principle of Lawfulness, fairness, and transparency: Personal data shall be processed in a lawful, fair, and transparent manner. The purposes for which personal data are collected shall be clearly stated. 

Purpose limitation principle: personal data are to be collected for specific, explicit, and legitimate purposes.

Data minimization principle: involves limiting data collection to only what is required to fulfill a specific purpose.

Accuracy principle: ​​reasonable steps shall be taken to ensure the accuracy of personal data collected.

Storage limitation principle: Personal data shall be kept in a form that permits the identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

Principle of integrity and confidentiality: Personal data shall be processed in a manner that ensures appropriate security of the personal data and confidentiality. 

Principle of proactive responsibility: the Controller shall be responsible for ensuring that the above principles are complied with.

Purposes for data collection:

Processing personal information (i.e. any information which may potentially allow your identification through reasonable means; hereinafter "Personal Information") is necessary to (i) answer enquiries; (ii) facilitate, expedite and fulfill our contractual obligations with you; (iii) offer you our services; (iv) provide invoices for our services; (v) protect our legitimate interests, and (vi) comply with legal and financial regulatory obligations to which we are subject.
 
When you use the Site, you consent to the collection, storage, use, disclosure, and other uses of your Personal Information as described in this Privacy Policy.
 
We encourage our Users to carefully read the Privacy Policy and use it to make informed decisions. 

What information do we collect?

We collect two types of data and information from Users. 

 

The first type of information is unidentified and non-identifiable information pertaining to User(s), which may be made available or gathered via your use of the Site (“Non-personal Information”). We do not know the identity of a User from whom the Non-personal Information was collected. Non-personal information collected to enhance the functionality of our Site may include your aggregated usage information and technical information transmitted by your device, including specific software and hardware information (for example, the type of browser and operating system your device uses, language preference, access time, etc.) We may also collect information on your activity on the Site (for example, pages viewed, online browsing, clicks, actions, etc.).

 

The second type of information is Personal Information, which is individually identifiable information, namely information that identifies an individual or may, with reasonable effort, identify an individual. Such information includes:

  • Device Information: We collect Personal Information from your device. Such information includes geolocation data, IP address, unique identifiers (e.g. MAC address and UUID), and other information which relates to your activity through the Site.
  • Registration information: When you register with our Site you will be asked to provide us certain details such as full name; telephone; email or physical address, and other information.


How do we receive information about you?


We receive your Personal Information from various sources:

  • When you voluntarily provide us with your personal details in order to register on our Site;
  • When you use or access our Site in connection with your use of our services.
  • From third-party providers, services, and public registers (for example, traffic analytics vendors).



 How is the information used? With whom do we share the information?


We do not rent, sell or share Users’ information with third parties, except as described in this Privacy Policy.

We may use the information for the following:


  • To send you information related to our services and to respond to any customer service issue you may have;
  • To communicate with you and to keep you informed about our latest updates and services;
  • To invoice you for the services provided;
  • For statistical and analytical purposes, intended to improve the Site.


In addition to the different uses listed above, we may transfer or disclose Personal Information to our subsidiaries, affiliated companies, and subcontractors.

 

In addition to the purposes listed in this Privacy Policy, we may share Personal Information with our trusted third-party providers, who may be located in different jurisdictions across the world, for any of the following purposes: 


  • Hosting and operating our Site;
  • Providing you with our services, including providing a personalised display of our Site;
  • Storing and processing such information on our behalf; 
  • Performing research, technical diagnostics, or analytics;
  • We may also disclose the information if we have good reason to believe that disclosure of such information is helpful or reasonably necessary to (i) comply with any applicable law, regulation, legal process, or governmental request; (ii) enforce our policies (including our Agreement), including investigations of potential violations thereof; (iii) investigate, detect, prevent or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) to collaborate with law enforcement agencies and or in case we find it necessary to enforce intellectual property or other legal rights.


Retention

We will retain your personal information for as long as necessary to provide our services and to comply with our legal obligations, resolve disputes and enforce our policies. Retention periods will be determined taking into account the type of information collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable opportunity. We will keep records containing client personal data, account documents, communications, and anything else as required by applicable laws and regulations. 

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our discretion.


Security and confidentiality of personal data


We undertake to adopt the necessary technical and organizational measures to guarantee the security of personal data and prevent accidental destruction, loss, alteration, or unlawful transmission, retention, or processing of personal data or unauthorized communication or access to such data.

 

The Website has an SSL (Secure Socket Layer) certificate, which ensures that personal data is transmitted securely and confidentially, as the data transmission between the server and the User, and in feedback, is fully encrypted.

 

However, we cannot guarantee the impregnability of the Internet or the total absence of hackers or others who fraudulently access personal data. The Data Controller undertakes to notify the User without undue delay should a breach of privacy occur that could pose a high risk to the rights and freedoms of natural persons. Following the provisions of article 4 of the GDPR, a violation of the security of personal data is understood as any breach of security that causes the destruction, loss, or accidental or illegal alteration of personal data transmitted, stored, or processed in another way, or unauthorized communication or access to such data.

 

Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorised access or abuse our Site, and we make no warranty, express, implied, or otherwise, that we will prevent such access.


Rights derived from the processing of personal data:


The User has the following rights recognized in the GDPR and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights:


Right of access:  The User may request confirmation as to whether or not his or her personal information is being processed, and if so, to obtain details of the stored personal data, together with supplementary information.

 

Right of rectification: If the personal data is inaccurate, the User has the right to have the data rectified, by the controller, without undue delay. If the personal data is incomplete, the User has the right to have data completed, including by means of providing supplementary information.


Right to erasure (“the right to be forgotten”): The User may request the deletion of personal data (i) when they are no longer necessary for the purposes for which they were collected or processed; (ii) the User has withdrawn consent to the data being processed and this does not have another legal basis; (iii) the User opposes to the data being processed and there is no other legitimate reason to continue doing so; (iv) the personal data have been unlawfully processed; (v) the personal data must be deleted in compliance with a legal obligation, or (vi) the personal data have been obtained as a result of a direct offer of services of the information society of a minor under 14 years of age. 


Right to Restrict Processing: The User may exercise the right to restriction of processing when the accuracy of the data in question is contested; you don’t want the data to be erased; the data is no longer needed for the original purpose but may not be deleted yet because of legal grounds; the decision on your objection to processing is pending. 


Right to data portability: Allows Users to obtain data that a data controller holds on them and to reuse it for their own purposes. Individuals may either store the data for personal use or transmit it to another data controller. The data must be received “in a structured, commonly used and machine-readable format.”


Right to object to the process of personal data: Users have the right to object to the processing of personal data for specific reasons, such as for direct marketing purposes.


Rights related to automated decision making including profiling: The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.


If you wish to exercise any of the above rights or receive more information, please contact our Data Protection Officer (“DPO”) using the details provided below:

Address: Paseo de Bolivia, 23 - Urb. Elviria - 29604 Marbella, Málaga

Email: info@ninasolproperties.es


Claims before the control authority


If you consider that you have not obtained satisfaction in the exercise of your rights, you may file a claim with the national control authority by contacting the Spanish Agency for Data Protection:  C/ Jorge Juan, 6 – 28001 Madrid (http://www.agpd.es).

 Cookies


We and our trusted partners use cookies and other technologies in our related services, including when you visit our Site or access our services. 

 

A "cookie" is a small piece of information that a website assigns to your device while you are viewing a website. Cookies are helpful and can be used for different purposes. These purposes include allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences, and making the interaction between you and our Services quicker and easier. Cookies are also used to help make sure that the advertisements you see are relevant to you and your interests and to compile statistical data on your use of our Services. 

 

The Site uses the following types of cookies:

 

a. 'session cookies’ which are stored only temporarily during a browsing session in order to allow correct use of the system and are deleted from your device when the browser is closed; 

 

b. 'persistent cookies' which are read only by the Site, saved on your computer for a fixed period, and are not deleted when the browser is closed. Such cookies are used where we need to know who you are for repeat visits, for example, to allow us to store your preferences for the next sign-in; 

 

c. 'third-party cookies' which are set by other online services that run content on the page you are viewing, for example, by third-party analytics companies who monitor and analyse our web access.

 

Cookies do not contain any information that personally identifies you, but Personal Information that we store about you may be linked, by us, to the information stored in and obtained from cookies. You may remove the cookies by following the instructions of your device preferences; however, if you choose to disable cookies, some features of our Site may not operate properly, and your online experience may be limited.

 

We use a tool based on the Snowplow Analytics technology to collect information about your use of the Site. The tool collects information such as how often users access the Site, which pages they visit when they do so, etc. The tool does not collect any Personal Information and is only used by our Site hosting and operating service provider to improve the Site and services.


Use of script libraries (Google Web Fonts)


In order to present our contents correctly and make them graphically appealing across all browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts) on this website. Google Web Fonts are transferred to your browser's cache to avoid multiple loading. If your browser does not support Google Web Fonts or does not allow access, the content will be displayed in a default font. 


  • Calling script libraries or font libraries automatically triggers a connection to the library operator. In theory, it is possible – but currently also unclear whether and, if so, for what purposes – that operators of corresponding libraries collect data.

  • The privacy policy of the library operator Google is linked here: https://www.google.com/policies/privacy.


Third-party collection of information


Our policy only addresses the use and disclosure of information we collect from you.  Different rules may apply when you disclose information to other parties or sites throughout the internet. Accordingly, we encourage you to read the terms and conditions and privacy policy of each third party to whom you disclose information. 

This Privacy Policy does not apply to the practices of companies we do not own or control, nor to individuals whom we do not employ or manage, including any of the third parties to which we may disclose information, as set out in this Privacy Policy. 


Marketing


We may use your Personal Information such as your name, email address, telephone number, etc., ourselves or by using our third-party subcontractors, to provide you with promotional materials concerning the services that we believe may interest you. 

 

To respect your right to privacy, within such marketing material we provide you with the means to opt out of receiving further marketing offers from us. If you unsubscribe, we will remove your email address or telephone number from our marketing distribution lists. 

 

Please note that even if you have unsubscribed from receiving marketing emails from us, we may send you other types of important email communications without offering you the opportunity to opt-out of receiving them. These may include customer service announcements or administrative notices.


Minors


We understand the importance of protecting children’s privacy, especially in an online environment. The Site is not designed for or directed at children. Under no circumstances shall we allow the use of our services by minors without prior consent or authorisation by a parent or legal guardian. We do not knowingly collect Personal Information from minors. If a parent or guardian becomes aware their child has provided us with Personal Information without their consent, they should contact us at info@ninasolproperties.es.


Acceptance and Changes to this Privacy Policy



It is necessary for the User to read and agree with the conditions on the protection of personal data contained in this Privacy and Cookies Policy, as well as that they accept the processing of their personal data so that the Data Controller can proceed to the same in the form, during the terms, and for the purposes indicated. The use of the Website will imply the acceptance of its Privacy and Cookies Policy.


We reserve the right to periodically amend or revise this Privacy Policy according to our criteria, or motivated by a legislative, jurisprudential, or doctrinal change of the Spanish Agency for Data Protection. Material changes will be effective immediately upon the display of the revised Privacy policy. Changes or updates to this Privacy and Cookies Policy will not be explicitly notified to the User. We recommend The User consults this page periodically to be aware of the latest changes or updates. The date of the last revision will be reflected in the "Last modified" section


Last Modified


10th January 2023