Data Protection Policy
In accordance with Regulation (EU) 2016/679 of the Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and Organic Law 3/2018, of 5 December, on the Protection of Personal Data and guarantee of digital rights, the Management informs its clients, users, and the public of the following aspects:
Introduction
This document constitutes the privacy policy of Test4less regarding the processing of personal data of its clients.
For any matter related to this subject, the client may contact the Data Protection Officer at the postal address Thames Centre zamora S.L
Avda. Portugal,24 bajo 49015 – Zamora
Similarly, you can contact the Data Protection Officer by email sent to the following address: info@test4less.es
Who is responsible for the processing of your data?
A) In the case of being a user of Test4less, the responsible party for the processing of your data is:
|
Data Controller |
SEDE |
|
Thames Centre zamora S.L
|
Thames Centre zamora S.L |
B) In the event that we have your data for having requested information about any of the services and/or products offered through the Test4less websites, the responsible party for the processing of your data is Test4less, located at Thames Centre zamora S.L
Avda. Portugal,24 bajo 49015 – Zamora
What personal data do we process and where do they come from?
In the course of your relationship with us, the following categories of personal data may be processed:
Identification data, contact information of clients (including signature, image); Personal characteristics, social circumstances; Transactional data (payments, income, transfers, debits)
The data come from the interested party.
For what purpose do we process your personal data?
Personal data may be processed by the data controllers for the following purposes:
1.- Service provision: your personal data are processed in order to provide the required service, for example:
Address any communication with Test4less; Manage any incident or complaint filed by the client; Conduct surveys with the aim of knowing your opinion about the attention received and that will be used only to improve and develop our services;
2.- Attention to requests for information, complaint, suggestion, claim, exercise of data protection rights, etc.: in these cases, your data will be processed with the purpose of managing and processing the request, by any means, including telephone and/or electronic communications.
3.- Compliance with legal obligations: it may be necessary to process personal data in order to comply with the corresponding legal requirements. Specifically, to comply with data protection, tax, labor, etc. legislation.
4.- Formalization and execution of the contract: the patient’s personal data are processed with the purpose of managing the contractual relationship with the client.
5.- Sending commercial communications by any means in case of additional consent: if you explicitly consent, your data may be transferred with the purpose of informing you by any means for promotional and advertising purposes about the restaurants, services, products, or events related to Test4less (in no case will your data be used to send you advertising content unrelated to Test4less.
The collected data will be processed for the specified purposes and in no case in a manner incompatible with those purposes.
In any case, we process your data to serve you always with the same level of quality, regardless of the channel you use to communicate with us (website, mobile applications, either in person, by phone, or telematically).
What is the legal basis for processing your data?
|
Purpose |
Basis for Processing |
|
Provision of the Service |
Processing necessary for the execution of a service in which the data subject is a party; processing based on the consent of the data subject. |
|
Handling of requests |
Processing based on the consent of the data subject and/or the legitimate interest of the data controller |
|
Compliance with legal obligations |
Processing necessary for compliance with a legal obligation to which the data controller is subject |
|
Formalization and execution of the contract |
Processing necessary for the performance of a contract to which the data subject is party |
|
Sending of commercial communications |
Processing based on the consent of the data subject |
How long will we keep your data?
As a general rule, your data will only be kept for the time strictly necessary for the purpose for which they were collected.
The personal data provided, as well as those derived from the commercial relationship, will be retained for the appropriate time for each case, and at least, five years from the date of service provision, unless regional and/or specific regulations establish a minimum retention period longer than mentioned, in which case the applicable regulations will be complied with.
Once the aforementioned minimum period has passed, and having ended the commercial and contractual relationship, the responsible party will keep your data duly blocked and pseudonymized, for the term of the corresponding legal prescription periods.
The personal data provided for the purpose of managing any request for information, complaint, suggestion, claim, exercise of data protection rights, etc., will be kept for the time necessary to process the request, and in any case for the legally established time, as well as for the period necessary for the formulation, exercise, or defense of claims.
Data processed for compliance with legal obligations will be kept for the time established in the applicable legislation.
Data collected for the formalization and execution of the contract will be retained for the duration of the contractual relationship, as well as for the period necessary for the formulation, exercise, or defense of claims, at least five years.
Data processed for sending commercial communications will be kept until the interested party revokes consent and/or exercises their rights of opposition and/or deletion.
To whom will your data be communicated?
To ensure proper service provision, it is necessary for certain service providers and/or group entities that process data on behalf of the responsible party and as data processors to access your personal data. These entities can be, for example, auditing, physical security, archiving, storage or digitization of information, document destruction, legal advisory services, computer services, etc.
Your personal data will not be communicated to third parties except under legal obligation, vital interest, or prior consent of the interested party.
All information provided to us will be treated confidentially and with strict compliance with the necessary security obligations to prevent unauthorized third-party access.
What are your rights when you provide us with your data?
You may exercise your rights of access; rectification of inaccurate data; request deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected; under certain circumstances, you may also request the limitation of the processing of your data, in which case we will only keep them for the exercise or defense of claims; finally, and for reasons related to your particular situation, you may also exercise the right to object and portability. Likewise, you may revoke, at any time, the consent given for the processing of your data.
The exercise of these rights and the revocation of consent for the processing of your data are free of charge, except in the cases provided for in Article 12.5 of Regulation (EU) 679/2016.
If you are a Test4less client, you can exercise your rights in person at the customer service, by postal mail addressed to the “Customer Service” of Test4less, with the reference “data protection rights,” providing a photocopy of your ID or equivalent document and indicating the right you wish to exercise.
Furthermore, you are informed of the possibility of filing a complaint with the competent control authority, according to the procedure that corresponds to the specific case.