WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?
MIRU, with CIF B-72977408 registered office at Once de Septiembre 19, 08860 Castelldefels, Barcelona, Spain, is the Data Controller of the data provided by the user and also guarantees its confidential treatment and security, in accordance with the provisions of the European Data Protection Regulation (“GDPR”).
The user may contact the Data Protection Delegate for any questions or needs regarding data protection through administracion@mirugastrofusion.com.
FOR WHAT PURPOSES DO WE PROCESS YOUR PERSONAL DATA?
The user is hereby informed that MIRU will process the personal data provided by the user for the following purposes:
To guarantee the user access to and use of the various contents located on the website.
Inform the user by any means, including sending commercial communications to the email address provided by the user, of MIRU products and services.
To carry out promotional activities about MIRU’s services, including sending commercial communications to the e-mail address provided by the user.
Likewise, navigation data and user cookies may be processed in order to improve your accessibility as a user, personalize and analyze your navigation, as well as to display advertising and ads based on your interests according to our cookies policy, which must be accepted prior to browsing our website.
Additionally, MIRU may use the user’s dissociated data, always preserving their anonymity, even after the end of the relationship, in order to use them within its decision support and business management systems.
WHAT IS THE LEGITIMACY FOR THE PROCESSING OF YOUR DATA?
The legitimacy for the treatment of your data are the consents obtained from the user, the one derived from the use of the web, the contracting of products or services, and any other that could be applicable, at any time.
Users’ consents are obtained both at the time of user registration and in the different requests made within the website, and may be modified at any time by the user by exercising their rights. The treatment may also be based in the case of customers with contracts in force, in the legitimate interests of MIRU for the offer of products and related services, loyalty actions, profiling to offer products or services similar to the contracted and to communicate these data to third party companies to carry out administrative procedures for the admission of customers, fraud prevention, claims and debt collection.
Legitimate interest includes the processing of user data for the management of security and access control of the supporting information systems.
WHO HAS ACCESS TO YOUR PERSONAL DATA?
The provision of the services that MIRU offers through its website may require other third party service providers to access the user’s personal data as data processors. The aforementioned service providers are located in Spain and, in any case, in the European Economic Area.
In addition to the above, MIRU may transfer or communicate personal data in order to fulfill its obligations to the Public Administrations in those cases that are required in accordance with the legislation in force at any given time and, where appropriate, also to other bodies such as State Security Forces and Bodies and the Judiciary.
WHAT ARE THE USER’S RIGHTS?
The data provided by the user for the contracting of services or products are necessary for the maintenance of the contractual relationship, and failure to provide them would mean the impossibility of being able to manage such relationship.
The user is responsible for the veracity of the data communicated and must request their modification whenever necessary to ensure their correct treatment, the correct provision of the contracted services and the performance of communications.
The user may exercise the rights of access, rectification or, where appropriate, request the deletion of their data when they are no longer necessary for the purposes for which they were collected, among other reasons.
The user may request the limitation of the processing of their data in the circumstances established in art. 18 of the RGPD, in which case they will only be kept for the exercise or defense of possible claims.
The user may withdraw the consent given at any time, opposing the processing of their data for a particular purpose, without affecting the lawfulness of the processing based on the consent prior to its withdrawal or oppose it, in which case their personal data will only be retained for the exercise or defense of possible claims.
The user may request to MIRU the portability of his personal data, obtaining an electronic copy.
All these rights may be exercised by writing to the following email address: administracion@mirugastrofusion.com Att. Data Protection Delegate, or by ordinary mail to the following address: Once de Septiembre 19, 08860 Castelldefels, Barcelona, Spain, indicating the identification data, address or email contact, reasons for the request and supporting documentation, for which you must provide a document proving your identity.
In the event that the user does not obtain the desired response or satisfaction, MIRU, informs you of your right to file a complaint with the Spanish Data Protection Agency, located at C/ Jorge Juan nº6, 28001 Madrid or via the Internet at the address: http://www.agpd.es/portalwebAGPD/CanalDelCiudadano
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
MIRU will keep the user’s data for the duration of their contractual relationship and after the contractual relationship, if they have consented to it, the data will be kept for promotional activities for a period of two years. For the rest of the users the data will be kept, likewise, for a period of two years, without prejudice to the data retention obligations required by the applicable legislation in each case.
In short, the data will not be kept longer than necessary for the purposes described above, without prejudice to the conservation that may be necessary for the formulation, exercise or defense of potential claims and/or as long as permitted by applicable law.
WHAT SECURITY MEASURES DO WE HAVE IN PLACE?
MIRU undertakes to comply with its obligation of secrecy of personal data and its duty to protect them, and will take the necessary measures to prevent alteration, loss, treatment or unauthorized access, in accordance with the provisions of applicable regulations.
MIRU has implemented the necessary technical and organizational security measures to ensure the security of your personal data and avoid its alteration, loss and treatment and/or unauthorized access, taking into account the state of technology, the nature of the data stored and the risks to which they are exposed, whether from human action or the physical or natural environment, in accordance with the provisions of the applicable regulations.
Likewise, we continuously supervise, control and evaluate our processes to ensure respect for privacy and information security, in accordance with international standards.
MIRU stores all information collected from cookies in a non-personally identifiable format. It is not possible to access this type of information obtained through cookies outside of MIRU or authorized third parties. It will not be used for unsolicited communications.
Cookies do not contain a name but an IP address. After the user’s session has been terminated, the information contained in the cookies is no longer available to MIRU.
The user should check whether the computer settings reflect whether or not to accept cookies. The user can set the browser to warn before accepting cookies, or the user can simply set the browser to always refuse cookies, although in that case the full functionality of this website may not be accessible.
CAN MIRU CHANGE THE TERMS OF THIS PRIVACY STATEMENT?
From time to time, MIRU may make changes and corrections to the Privacy Policy. Please check back regularly to see what changes may have been made and how they may affect you.