Book Now

WEBSITE PRIVACY POLICY

https://www.cdc360.com/

I. PRIVACY POLICY AND DATA PROTECTION

In compliance with current legislation, CDC360 Barcelona (hereinafter also referred to as the “Website”) is committed to adopting the necessary technical and organizational measures according to the appropriate level of security for the collected data.

Laws Incorporated into This Privacy Policy

This privacy policy is adapted to the current Spanish and European regulations on personal data protection on the Internet. Specifically, it complies with the following laws:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons concerning the processing of personal data and the free movement of such data (GDPR).
  • Organic Law 3/2018 of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD-GDD).
  • Royal Decree 1720/2007 of December 21, approving the Regulation for the development of Organic Law 15/1999 of December 13, on the Protection of Personal Data (RDLOPD).
  • Law 34/2002 of July 11, on Information Society Services and Electronic Commerce (LSSI-CE).

Identity of the Data Controller

The entity responsible for processing the personal data collected on CDC360 Barcelona is SONMELES BCN SL, with NIF/CIF: B66862996, registered in the Mercantile Registry of Barcelona, with the following registration details: Volume: 45579, Page: 77, Section: 8, Sheet: B 492499, Entry: 1, and represented by Simon Lopez (hereinafter, the “Data Controller”).

Contact Information:

  • Address: Rambla de Catalunya, No. 124, 08008, Barcelona.
  • Phone Number: +34 935958750
  • Email: simon@cdc360.com

Registration of Personal Data

In compliance with the GDPR and the LOPD-GDD, we inform you that personal data collected by CDC360 Barcelona through the forms available on its pages will be incorporated into our database and processed to facilitate, manage, and fulfill the commitments established between CDC360 Barcelona and the user, or to maintain the relationship established in the forms completed by the user. The processing of these data will also serve to respond to inquiries or requests.

Unless exempt under Article 30.5 of the GDPR, a record of processing activities is maintained, specifying the purpose of the processing and other relevant details as required by the GDPR.

Principles Applicable to the Processing of Personal Data

The processing of users’ personal data will be subject to the following principles outlined in Article 5 of the GDPR and Article 4 and subsequent articles of Organic Law 3/2018:

  • Lawfulness, fairness, and transparency: Users will be required to provide explicit consent after being informed transparently about the purposes of data collection.
  • Purpose limitation: Personal data will be collected for specific, explicit, and legitimate purposes.
  • Data minimization: Only strictly necessary data will be collected.
  • Accuracy: Personal data must be accurate and kept up to date.
  • Storage limitation: Personal data will be retained only for as long as necessary for their intended purposes.
  • Integrity and confidentiality: Data will be processed securely and confidentially.
  • Accountability: The Data Controller will ensure compliance with all the principles above.

Categories of Personal Data

The categories of data processed by CDC360 Barcelona are limited to identification data only. No special categories of personal data, as defined in Article 9 of the GDPR, are processed.

Legal Basis for Processing Personal Data

The legal basis for processing personal data is user consent. CDC360 Barcelona commits to obtaining clear, explicit, and verifiable consent from users before processing their data for specific purposes.

Users may withdraw their consent at any time. Withdrawal of consent will not affect the lawful processing carried out before withdrawal.

If users provide their data via forms for inquiries, information requests, or any other purpose, they will be informed whether providing such data is mandatory for the successful completion of the request.

Purposes of Data Processing

Personal data are collected and managed by CDC360 Barcelona to facilitate, expedite, and fulfill the commitments established between the Website and the user, or to maintain the relationship formed through the forms the user completes.

Additionally, data may be used for commercial purposes, including personalization, operational and statistical analyses, and marketing activities aimed at improving content, website functionality, and user experience.

Users will be informed of the specific purposes of data processing at the time of data collection.

Data Retention Periods

Personal data will only be retained for the minimum time necessary for processing purposes and, in any case, for a maximum period of 3 years, unless the user requests deletion.

Users will be informed about data retention periods at the time of data collection.

Recipients of Personal Data

Personal data will be shared with the following recipients or categories of recipients:

  • Web hosting services
  • Google
  • Google Analytics
  • Clarity
  • Marketing platforms

If data are transferred to a third country or international organization, users will be informed about such transfers and any existing adequacy decisions.

Children’s Personal Data

In accordance with Articles 8 of the GDPR and 7 of Organic Law 3/2018, only individuals aged 14 and above may provide valid consent for processing their personal data. For children under 14, parental or guardian consent is required.

Data Security and Confidentiality

CDC360 Barcelona is committed to implementing necessary security measures to protect personal data and prevent unauthorized access, destruction, loss, or alteration.

The Website uses an SSL certificate (Secure Socket Layer) to ensure that personal data is securely transmitted in encrypted form.

In case of a data breach posing a high risk to users’ rights and freedoms, the Data Controller will promptly notify affected users.

Personal data will be treated confidentially, and all employees and third parties with access to such data are required to respect this confidentiality.

User Rights

Users have the following rights under the GDPR and Organic Law 3/2018:

  • Right of access: Obtain confirmation of whether their personal data is being processed and access such data.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure (“Right to be forgotten”): Request deletion of personal data under certain circumstances.
  • Right to restriction of processing: Limit processing under specific conditions.
  • Right to data portability: Receive personal data in a structured, machine-readable format and transfer it to another data controller.
  • Right to object: Object to data processing.
  • Right not to be subject to automated decision-making: Avoid decisions made solely by automated processes.

To exercise these rights, users may send a written request, including a copy of their ID, to:

  • Postal Address: Rambla de Catalunya, No. 124, 08008, Barcelona.
  • Email: simon@cdc360.com

Links to Third-Party Websites

The Website may contain links to third-party websites. CDC360 Barcelona is not responsible for the data protection policies of these external sites.

Complaints to the Supervisory Authority

If users believe their data protection rights have been violated, they have the right to file a complaint with the Spanish Data Protection Agency (AEPD) (https://www.aepd.es/).

II. ACCEPTANCE AND CHANGES TO THIS PRIVACY POLICY

By using this Website, users accept this Privacy Policy. CDC360 Barcelona reserves the right to modify it without prior notice. Users are encouraged to review this page regularly.

This policy was last updated to comply with Regulation (EU) 2016/679 (GDPR) and Organic Law 3/2018.

EXPLORE

Follow us

Instagram

CONTACT US

Carrer Consell de Cent, 360

08009 Barcelona, Spain

+34 935958750

simon@cdc360.com

ALL RIGHTS RESERVED ©2024 CDC360