PRIVACY POLICY

www.yeguadaindalo.com.es

I. PRIVACY AND DATA PROTECTION POLICY

Respecting the provisions of current legislation, Yeguada Indalo (from now on also comprehended as Website) undertakes to adopt all necessary technical and organisational measures, according to the level of security appropriate to the risk of the data collected.

Laws that this privacy policy incorporates

This privacy policy is adapted to current Spanish and European regulations regarding the protection of personal data on the Internet.  This policy complies with the following regulations:

- European Parliament and Council Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals about the processing of personal data and on the free movement of such data (GDPR).

- Organic Law 3/2018, of 5 December, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).

- Royal Decree 1720/2007, of 21 December, which approved the Regulation implementing Organic Law 15/1999, of 13 December, on the Protection of Personal Data (RDLOPD).

- Law 34/2002, of 11 July, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the person responsible for the processing of personal data

The party responsible for the processing of personal data collected at Yeguada Indalo is LOGARMA SL, with NIF: B29030111 (from now on, Data Controller). Their contact information is as follows:

Address: Malaga

Contact telephone number: 630046162

Contact email: yeguadaindalo@gmail.com

Registration of Personal Data

In compliance with the provisions of the RGPD and the LOPD-GDD, we hereby state that personal data gathered by Yeguada Indalo, using the forms on its pages shall be stored and processed in a database to enable, speed up and comply with all the formal commitments established between Yeguada Indalo and the User as well as to maintain the relationship established in the forms filled in by the User, or to attend to a request or query made by the User. Furthermore, in compliance with the terms established in the RGPD and the LOPD-GDD, unless the exception established in article 30.5 of the RGPD is applicable, a register of processing activities shall be held that specifies, under its purpose, the data processing activities carried out and the other criteria established in the RGPD.

Applicable principles for the processing of personal data

The processing of the User's data will be subject to the following principles included in Article 5 of the RGPD and in Article 4 and following Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of the digital rights:

- Principle of legality, loyalty and transparency: The User's consent will be required at all times following completely transparent information about the purposes for which personal data is collected. 

- Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes.

- Principle of data minimization: the personal data collected will only be strictly necessary about the purposes for which it is processed.

- Principle of accuracy: personal data must be exact and always updated.

- Storage time limitation Principle: personal data will only be kept in a form that allows the identification of the User for the time necessary to achieve the purposes for which it is processed.

- Principle of integrity and confidentiality: personal data will be treated in a way that guarantees its security and confidentiality.

- Principle of proactive responsibility: the Data Controller will be responsible for ensuring that the above principles are met.

Personal data categories: 

The categories of data processed by Yeguada Indalo are solely for personal identification purposes. Under no circumstances are any special categories of personal data processed within the meaning of Article 9 of the RGPD.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is consent. Yeguada Indalo undertakes to obtain the express and verifiable consent of the User for the processing of their data for one or more specific purposes.

The User will have the right to withdraw their consent at any time. It will be as easy to withdraw consent as it is to give it. As a general rule, withdrawal of consent will not condition the use of the Website.

On occasions in which the User must or can provide their data through forms to make queries, request information or for reasons related to the content of the Website, they will be informed if the completion of any of them is mandatory. because they are essential for the correct development of the operation carried out.

Intended purposes of the processing of personal data

All personal data is collected and processed by Yeguada Indalo to enable, speed up and fulfill the undertakings established between the Website and the User or the maintenance of the relationship established in the forms filled in by the User as well as to respond to a request or inquiry.

In addition, the data may also be used for commercial, operational and statistical customisation purposes, as well as for the extraction and storage of data and marketing research purposes to tailor the Content provided to the User, and to improve the quality, functioning and browsing of the Website.

Retention periods of personal data

Personal data will only be stored for no longer than the time required to achieve the purposes for which it is processed and only for 2 years, or until the User requests its deletion.

At the time the personal data is obtained, the User will be informed of the period for which the personal data will be retained or, where this is not possible, the criteria used to determine this period.

Recipients of personal data

The User's data will not be shared with third parties.

In any case, at the time the personal data is obtained, the User will be informed about the recipients or categories of recipients of the personal data.

Personal data of underage users

In accordance with the provisions of Article 8 of the RGPD and Article 7 of the Organic Law 3/2018, of 5 December, regarding the Protection of Personal Data and guarantee of digital rights, only those over 14 years of age may give their consent for the processing of their data by Yeguada Indalo in a lawful manner. If the data subject is under 14 years of age, the consent of the parents or guardians will be required to process the data, and this will only be considered lawful to the extent that the parents or guardians have authorised it.

Secrecy and security of personal data

Yeguada Indalo undertakes to adopt the necessary technical and organisational measures, according to the level of security that is appropriate to the risk of the data collected so that the security of personal data is guaranteed and accidental or accidental destruction, loss, or alteration is avoided. unlawful use of personal data transmitted, stored or otherwise processed, or unauthorised communication or access to such data.

Yeguada Indalo pledges to adopt all necessary technical and organisational measures, according to the level of security that is appropriate concerning the risk of the collected data, to guarantee the security of personal information and avoid any accidental or illicit loss, destruction or alteration of the personal data that has been forwarded, stored, or otherwise processed, or the unauthorised communication of or access to such data.

However, because Yeguada Indalo cannot guarantee the impregnability of the Internet or the total absence of hackers or others who fraudulently access personal data, the Data Controller undertakes to inform the User without undue delay when a violation occurs. of the security of personal data that is likely to entail a high risk to the rights and freedoms of natural persons. Following the provisions of Article 4 of the GDPR, a breach of personal data security is understood to be any breach of security that causes the accidental or unlawful destruction, loss or alteration of personal data transmitted, preserved or otherwise processed, or unauthorised communication or access to said data.

However, since Yeguada Indalo cannot guarantee the impregnability of the Internet or the total absence of hackers or third parties who fraudulently access personal data, the Data Controller agrees to notify the User without undue delay of any possible breach of security involving personal data deemed likely to entail a significant risk to the personal rights and freedom of the individual. As outlined in Article 4 of the GDPR, a breach of security of personal data means any breach of security resulting in the accidental or unlawful destruction, loss or alteration of personal data transmitted, stored or otherwise processed, or the unauthorised disclosure of or access to such data.

All personal data will be processed as confidential by the Data Controller, who agrees to inform and to ensure through a legal or contractual obligation that such confidentiality is maintained by its employees, partners, and any other person to whom it makes the information accessible.

Derivative rights regarding the processing of personal data

The User may hold against Yeguada Indalo as well as the Data Controller the following rights recognised in the RGPD and the Organic Law 3/2018, of 5 December, on the Protection of Personal Data and the guarantee of digital rights:

- Right of access: this is the User's right to obtain confirmation of whether or not Yeguada Indalo is processing their data and, if so, to obtain information about their specific personal data and the processing that Yeguada Indalo has carried out or is carrying out, as well as, among others, the information available on the origin of the aforementioned data and the recipients of the communications made or planned for such data.

- Right to rectification: It is the User's right to have his/ her data modified if it turns out to be inaccurate or, taking into account the purposes of the treatment, incomplete.

- Right of deletion ("the right to be forgotten"): It is the right of the User, provided that current legislation does not establish otherwise, to obtain the deletion of their personal data when they no longer wish for it to be in the Yeguada de Indalo database. If the User has withdrawn his or her consent to the treatment and this does not have another legal basis; the User opposes the treatment and there is no other legitimate reason to continue with it (personal data being processed unlawfully, etc.) the; personal data must be deleted in compliance with a legal obligation; personal data shall also be deleted if it has been gathered from an underage user with no consent from his parents. In addition to deleting the data, the Controller, taking into account the available technology and the cost of its application, must take reasonable measures to inform those who are responsible for the processing of the personal data of the interested parties, to delete any link to the aforementioned personal data. 

- Right to limitation of processing: It is the User's right to limit the processing of his/ her data. The User has the right to limit the processing of his information if he challenges the accuracy of his data; the treatment and consideration of such information will, therefore, be illicit; The Data Controller will no longer need the personal data, but the User will need it to make claims; particularly so when the User is opposed to its usage.

- Right to data portability: If the processing is carried out by automated means, the User will have the right to receive from the Data Controller their data in a structured, user-friendly format. common and mechanical reading, and transmit them to another person responsible for the treatment. Whenever technically possible, the Data Controller will directly transmit the data to that other controller. 

- Right to object: It is the User's right not to have their data processed or to cease the processing of the data by the Yeguada Indalo. 

- Right not to be subject to a decision based solely on automated processing, including profiling: It is the User's right not to be subject to an individualised decision solely based on the automated processing of any existing personal data, (including profiling), unless current legislation establishes otherwise.

Thus, the User may exercise his/ her rights through a written communication addressed to the Data Controller with the reference "RGPD-www.yeguadaindalo.com.es". Such communication must specify:

- Name and surname of the User. copy of the ID (DNI). In those cases in which representation is admitted, identification of the person representing the User will also be necessary, as well as the document accrediting the representation. The photocopy of the DNI may be replaced by any other legally valid means that proves identity. 

- Request that specifies the specific reasons for the inquiry or information to which you want to access. 

- Address (for notification purposes). 

- Date and signature of the applicant.

- All and any document that certifies the request you make.

This application and any other attached document may be sent to the following address and/or email:

Postal address: Malaga

Email: yeguadaindalo@gmail.com

Links to third-party websites

The Website may include hyperlinks or links that allow access to web pages of third parties other than Yeguada Indalo, and which are therefore not operated by Yeguada Indalo. The owners of these websites will have their own data protection policies, being themselves the responsible parties for their files and privacy practices.

Claims before the supervisory authority

If the User considers that there is a problem or violation of current regulations in the way in which his/ her data is being processed, he/ she will have the right to conduct judicial protection and to file a claim with a supervisory authority, in particular, in the State in which he/ she has its regular residence, place of work or place of the alleged infringement. In the case of Spain, the control authority is the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

It is essential that the User reads and agrees with the conditions on the protection of personal data contained in this Privacy PolicyIt is also required that he/ she accepts the processing of his/ her data so that the Data Controller can proceed with it in the form, during the deadlines and for the purposes indicated. The use of the Website will imply acceptance of its Privacy Policy.

Yeguada Indalo reserves the right to modify its Privacy Policy, according to its criteria, or motivated by a legislative, jurisprudential or doctrinal change of the Spanish Data Protection Agency. Changes or updates to this Privacy Policy will not be explicitly notified to the User. The User is advised to consult the terms periodically to be aware of the latest changes or updates.

This Privacy Policy has been updated to adapt to Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, regarding the protection of natural parties about the processing of personal data and the free circulation of these data (RGPD) and Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights.

This website’s Privacy Policy document was created using the free online web privacy policy template generator on 10/20/2023.